Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Pricechopper Chrome erweiterung entfernen!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 12.07.2014, 19:12   #1
HRMN092
 
Pricechopper Chrome erweiterung entfernen! - Ausrufezeichen

Pricechopper Chrome erweiterung entfernen!



Pricechopper oder pericechop bzw. peRIIceChoppeR hat sich durch Dummheit auf meinem Laptop eingenistet.
Es hat keinen festen Namen aber es will auf Daten, Websites und Designs zugreifen.
Könnte eine Werbesoftware sein aber ich kriege sie nicht deinstalliert ich lies schon FRST mehrmals laufen aber ich weiß nicht wie man richtig damit umgeht.
Habe mehrmals die Malwarebytes Software laufen lassen und auch adware remover und JRT.
Es hilft nichts, bei jedem neustart taucht es in meinem Browser auf und ich stoße an die Grenzen meiner Recherche Skills.
Bitte helft mir, Ich würde nochmal von vorn anfangen wollen, bin bereit fast alles über meinen Rechner ergehen zu lassen .
Großes im Vorraus.

Alt 12.07.2014, 20:16   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Pricechopper Chrome erweiterung entfernen! - Standard

Pricechopper Chrome erweiterung entfernen!



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 12.07.2014, 20:25   #3
HRMN092
 
Pricechopper Chrome erweiterung entfernen! - Standard

Pricechopper Chrome erweiterung entfernen!



Hier die Logs. Danke für die schnelle Hilfe!

FRST.txt

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014
Ran by HRMN (administrator) on HRMN-PC on 12-07-2014 21:21:19
Running from C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Users\HRMN\Downloads\Core Temp.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [179272 2012-04-26] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-27] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung)
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [Google Update] => "C:\Users\HRMN\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [icq] => C:\Users\HRMN\AppData\Roaming\ICQM\icq.exe [34848264 2014-07-02] (ICQ)
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\MountPoints2: {62dd10d8-85f4-11e3-a31a-dc0ea11665ca} - G:\Startme.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-06-13] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-06-13] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-06-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\HRMN\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\HRMN\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-08-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-07-27]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: hxxp://google.de/
CHR Plugin: (Shockwave Flash) - C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\HRMN\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Drive) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-26]
CHR Extension: (YouTube) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-26]
CHR Extension: (Adblock Plus) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-08-26]
CHR Extension: (Google-Suche) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-26]
CHR Extension: (avast! Ad Blocker) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2013-08-26]
CHR Extension: (pericechopp) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa [2014-07-12]
CHR Extension: (hxxp://9gag.com/trending) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\klgnfepolpfipkcicinkhdfcdiajijje [2013-08-26]
CHR Extension: (BugMeNot Lite) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb [2014-07-12]
CHR Extension: (AntiGameOrigin) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldbahlcmhmlpomdepooifmhnalokdhgm [2014-06-04]
CHR Extension: (Google Wallet) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (hxxp://www.play3.de/) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\oinecfhojgbcmkkhmaoppipckbocfcgj [2013-08-26]
CHR Extension: (pericechopp) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9 [2014-07-12]
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx [2013-07-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-27]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-27] (AVAST Software)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-17] (WildTangent)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5132656 2013-11-25] (INCA Internet Co., Ltd.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2014-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-27] ()
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 hipeer20; C:\Windows\System32\DRIVERS\remobo64.sys [30720 2010-08-01] (Windows (R) Codename Longhorn DDK provider)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 ALSysIO; \??\C:\Users\HRMN\AppData\Local\Temp\ALSysIO64.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-12 21:20 - 2014-07-12 21:21 - 02084864 _____ (Farbar) C:\Users\HRMN\Downloads\FRST64.exe
2014-07-12 20:27 - 2014-07-12 20:27 - 00369758 _____ () C:\Users\HRMN\Downloads\Mineshafter-launcher.jar
2014-07-12 19:20 - 2014-07-12 19:21 - 01285120 _____ () C:\Users\HRMN\Downloads\zoek.exe
2014-07-12 19:19 - 2014-07-12 19:19 - 05218570 _____ (Swearware) C:\Users\HRMN\Downloads\ComboFix.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\HRMN\Downloads\revosetup95.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 00001272 _____ () C:\Users\HRMN\Desktop\Revo Uninstaller.lnk
2014-07-12 19:12 - 2014-07-12 19:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-12 19:06 - 2014-07-12 19:06 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215 (1).exe
2014-07-12 19:03 - 2014-07-12 19:05 - 00464381 ____N () C:\Users\HRMN\Downloads\SpyHunterKiller.exe
2014-07-12 18:53 - 2014-07-12 18:53 - 00000000 _____ () C:\autoexec.bat
2014-07-12 18:50 - 2014-07-12 18:52 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-12 18:34 - 2014-07-12 18:34 - 00000624 _____ () C:\Users\HRMN\Desktop\JRT.txt
2014-07-12 17:55 - 2014-07-12 17:55 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\NVIDIA
2014-07-12 17:39 - 2014-07-12 17:39 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215.exe
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\system32\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-12 17:34 - 2014-06-13 04:11 - 06783960 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 03523360 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 01083736 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 00933208 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-07-12 17:34 - 2014-06-13 04:11 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 00067072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-07-12 17:34 - 2014-06-06 19:40 - 03802247 _____ () C:\Windows\system32\nvcoproc.bin
2014-07-12 17:33 - 2014-06-13 04:48 - 00075040 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-07-12 17:33 - 2014-06-13 04:48 - 00062920 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-07-12 17:20 - 2014-06-13 04:59 - 01890264 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434043.dll
2014-07-12 17:20 - 2014-06-13 04:59 - 01542088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434043.dll
2014-07-12 17:20 - 2014-06-13 04:59 - 00026353 _____ () C:\Windows\system32\nvinfo.pb
2014-07-12 17:20 - 2014-06-13 04:48 - 13911928 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 13824408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 11272544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 11211224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 04248520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 03989464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00946120 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00909256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00902616 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00869336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 31512352 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 24198616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 18625768 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 17553032 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 14497528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 12860888 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-07-12 17:20 - 2014-06-13 04:47 - 00033736 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-07-12 17:20 - 2014-06-13 04:46 - 22994392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 02814120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00965312 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-07-12 17:20 - 2014-06-13 04:45 - 03196304 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-07-12 17:04 - 2014-07-12 17:49 - 00000000 ____D () C:\ProgramData\pReIIcEChop
2014-07-12 17:04 - 2014-07-12 17:04 - 00000000 ____D () C:\Program Files (x86)\pReIIcEChop
2014-07-12 17:03 - 2014-07-12 19:32 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-12 17:03 - 2014-07-12 17:48 - 00000000 ____D () C:\ProgramData\e7e16098dd3a039c
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\ProgramData\InstallMate
2014-07-12 15:58 - 2014-07-12 15:58 - 00067727 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-DOF.zip
2014-07-12 15:53 - 2014-07-12 15:53 - 00067725 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-Motion-Blur.zip
2014-07-06 18:02 - 2014-07-06 18:02 - 00003462 _____ () C:\Users\HRMN\Desktop\bewerbung fh .txt
2014-07-06 13:31 - 2014-07-06 13:31 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A (1).zip
2014-07-06 13:31 - 2014-07-06 13:31 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1) (1).bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116.bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1).bin
2014-07-06 13:27 - 2014-07-06 13:27 - 05592309 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 05591937 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A
2014-07-06 13:22 - 2014-07-06 13:22 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A
2014-07-06 13:19 - 2014-07-06 13:19 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A.zip
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Intel
2014-07-06 13:16 - 2014-07-06 13:16 - 07077595 _____ () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A.zip
2014-07-06 13:16 - 2014-07-06 13:16 - 04059518 _____ () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A.zip
2014-07-03 23:06 - 2014-07-03 23:06 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-02 23:58 - 2014-07-02 23:58 - 00854367 _____ () C:\Users\HRMN\Downloads\SecurityCheck.exe
2014-07-02 22:07 - 2014-07-02 23:14 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\TeamViewer
2014-07-02 22:07 - 2014-07-02 22:07 - 06253160 _____ (TeamViewer GmbH) C:\Users\HRMN\Downloads\TeamViewer_Setup_de-ckc.exe
2014-07-02 22:02 - 2014-07-02 22:02 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-02 21:37 - 2014-07-02 21:45 - 00009442 _____ () C:\Users\HRMN\Downloads\SystemLook.txt
2014-07-02 21:36 - 2014-07-02 21:36 - 00165376 _____ () C:\Users\HRMN\Downloads\SystemLook_x64.exe
2014-07-02 21:34 - 2014-07-02 21:36 - 00045912 _____ () C:\Users\HRMN\Downloads\Addition.txt
2014-07-02 21:33 - 2014-07-12 21:21 - 00000000 ____D () C:\FRST
2014-07-02 21:33 - 2014-07-02 21:36 - 00048799 _____ () C:\Users\HRMN\Downloads\FRST.txt
2014-07-02 21:11 - 2014-07-12 19:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 21:11 - 2014-07-02 21:11 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-02 21:11 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-02 21:11 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-02 21:11 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-02 21:01 - 2014-07-02 21:01 - 00000000 ____D () C:\Windows\ERUNT
2014-07-02 20:59 - 2014-07-12 19:32 - 00003360 _____ () C:\Windows\setupact.log
2014-07-02 20:59 - 2014-07-02 20:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-02 20:58 - 2014-07-12 19:31 - 00004380 _____ () C:\Windows\PFRO.log
2014-07-02 20:58 - 2014-07-02 20:59 - 00459168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-02 20:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-02 20:54 - 2014-07-12 21:21 - 00000000 ____D () C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
2014-07-02 20:44 - 2014-07-02 20:44 - 00102738 _____ () C:\Users\HRMN\Documents\2014_07_02.reg
2014-07-02 20:44 - 2014-07-02 20:44 - 00003924 _____ () C:\Users\HRMN\Documents\2014_07_03.reg
2014-07-02 18:21 - 2014-07-02 18:23 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQ-Profile
2014-07-02 18:21 - 2014-07-02 18:21 - 00001802 _____ () C:\Users\HRMN\Desktop\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00001660 _____ () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQM
2014-06-27 19:38 - 2014-06-27 19:38 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-19 19:55 - 2014-06-27 19:38 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-18 16:13 - 2014-06-18 16:13 - 00000000 ____D () C:\Users\HRMN\Documents\eq_presets
2014-06-18 16:12 - 2014-06-18 16:12 - 00003526 _____ () C:\Users\HRMN\Downloads\eq_presets.zip
2014-06-15 19:46 - 2014-06-15 19:46 - 00013870 _____ () C:\Users\HRMN\Documents\Kündigung_Rikarda.odt
2014-06-12 22:55 - 2014-06-12 22:55 - 00001074 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-12 22:54 - 2014-07-12 21:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-12 22:54 - 2014-06-12 22:54 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-12 22:53 - 2014-06-12 22:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-06-12 22:53 - 2014-06-12 22:53 - 00000000 ____D () C:\Program Files\7-Zip

==================== One Month Modified Files and Folders =======

2014-07-12 21:21 - 2014-07-12 21:20 - 02084864 _____ (Farbar) C:\Users\HRMN\Downloads\FRST64.exe
2014-07-12 21:21 - 2014-07-02 21:33 - 00000000 ____D () C:\FRST
2014-07-12 21:21 - 2014-07-02 20:54 - 00000000 ____D () C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
2014-07-12 21:06 - 2014-06-12 22:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-12 20:57 - 2012-09-23 10:57 - 02066267 _____ () C:\Windows\WindowsUpdate.log
2014-07-12 20:41 - 2012-06-07 01:25 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\.minecraft
2014-07-12 20:27 - 2014-07-12 20:27 - 00369758 _____ () C:\Users\HRMN\Downloads\Mineshafter-launcher.jar
2014-07-12 20:24 - 2012-06-06 20:13 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2792858974-2978467211-3077806040-1002UA.job
2014-07-12 20:23 - 2012-12-07 18:10 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Skype
2014-07-12 19:39 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-12 19:39 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-12 19:34 - 2014-07-02 21:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-12 19:32 - 2014-07-12 17:03 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-12 19:32 - 2014-07-02 20:59 - 00003360 _____ () C:\Windows\setupact.log
2014-07-12 19:32 - 2012-06-07 19:39 - 00000000 ____D () C:\ProgramData\clear.fi
2014-07-12 19:32 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-12 19:31 - 2014-07-02 20:58 - 00004380 _____ () C:\Windows\PFRO.log
2014-07-12 19:31 - 2013-08-26 21:17 - 00000000 ____D () C:\AdwCleaner
2014-07-12 19:21 - 2014-07-12 19:20 - 01285120 _____ () C:\Users\HRMN\Downloads\zoek.exe
2014-07-12 19:19 - 2014-07-12 19:19 - 05218570 _____ (Swearware) C:\Users\HRMN\Downloads\ComboFix.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\HRMN\Downloads\revosetup95.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 00001272 _____ () C:\Users\HRMN\Desktop\Revo Uninstaller.lnk
2014-07-12 19:12 - 2014-07-12 19:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-12 19:06 - 2014-07-12 19:06 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215 (1).exe
2014-07-12 19:05 - 2014-07-12 19:03 - 00464381 ____N () C:\Users\HRMN\Downloads\SpyHunterKiller.exe
2014-07-12 18:53 - 2014-07-12 18:53 - 00000000 _____ () C:\autoexec.bat
2014-07-12 18:52 - 2014-07-12 18:50 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-12 18:34 - 2014-07-12 18:34 - 00000624 _____ () C:\Users\HRMN\Desktop\JRT.txt
2014-07-12 18:15 - 2011-12-03 12:08 - 00703230 _____ () C:\Windows\system32\perfh007.dat
2014-07-12 18:15 - 2011-12-03 12:08 - 00150838 _____ () C:\Windows\system32\perfc007.dat
2014-07-12 18:15 - 2009-07-14 07:13 - 01629508 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-12 18:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-07-12 18:03 - 2012-08-22 20:27 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\foobar2000
2014-07-12 17:55 - 2014-07-12 17:55 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\NVIDIA
2014-07-12 17:49 - 2014-07-12 17:04 - 00000000 ____D () C:\ProgramData\pReIIcEChop
2014-07-12 17:48 - 2014-07-12 17:03 - 00000000 ____D () C:\ProgramData\e7e16098dd3a039c
2014-07-12 17:39 - 2014-07-12 17:39 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215.exe
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\system32\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-12 17:34 - 2011-12-03 03:20 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-12 17:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-07-12 17:33 - 2011-12-03 03:20 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-07-12 17:33 - 2011-12-03 03:20 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-12 17:26 - 2013-07-27 15:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-12 17:04 - 2014-07-12 17:04 - 00000000 ____D () C:\Program Files (x86)\pReIIcEChop
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\ProgramData\InstallMate
2014-07-12 17:03 - 2012-06-06 20:13 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Google
2014-07-12 17:03 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-12 17:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-12 16:02 - 2012-12-07 20:10 - 00000000 ____D () C:\Users\HRMN\Desktop\Mincraft sachen
2014-07-12 15:58 - 2014-07-12 15:58 - 00067727 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-DOF.zip
2014-07-12 15:53 - 2014-07-12 15:53 - 00067725 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-Motion-Blur.zip
2014-07-12 14:45 - 2012-06-07 11:40 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Adobe
2014-07-08 18:23 - 2014-05-23 22:01 - 00000000 ____D () C:\Program Files (x86)\CABAL Online (NA - Global)
2014-07-08 17:20 - 2012-06-06 20:13 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2792858974-2978467211-3077806040-1002Core.job
2014-07-06 18:02 - 2014-07-06 18:02 - 00003462 _____ () C:\Users\HRMN\Desktop\bewerbung fh .txt
2014-07-06 16:42 - 2013-09-08 21:58 - 00118872 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-07-06 13:31 - 2014-07-06 13:31 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A (1).zip
2014-07-06 13:31 - 2014-07-06 13:31 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1) (1).bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116.bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1).bin
2014-07-06 13:27 - 2014-07-06 13:27 - 05592309 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 05591937 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A
2014-07-06 13:22 - 2014-07-06 13:22 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A
2014-07-06 13:19 - 2014-07-06 13:19 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A.zip
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-07-06 13:19 - 2011-10-14 05:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Intel
2014-07-06 13:16 - 2014-07-06 13:16 - 07077595 _____ () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A.zip
2014-07-06 13:16 - 2014-07-06 13:16 - 04059518 _____ () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A.zip
2014-07-05 21:10 - 2013-07-27 15:20 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-03 23:06 - 2014-07-03 23:06 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-03 23:06 - 2013-09-02 20:45 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-03 00:33 - 2013-07-26 21:21 - 00000000 ____D () C:\Users\HRMN\Desktop\X-GamingdotWS
2014-07-02 23:58 - 2014-07-02 23:58 - 00854367 _____ () C:\Users\HRMN\Downloads\SecurityCheck.exe
2014-07-02 23:14 - 2014-07-02 22:07 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\TeamViewer
2014-07-02 22:07 - 2014-07-02 22:07 - 06253160 _____ (TeamViewer GmbH) C:\Users\HRMN\Downloads\TeamViewer_Setup_de-ckc.exe
2014-07-02 22:02 - 2014-07-02 22:02 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-02 21:45 - 2014-07-02 21:37 - 00009442 _____ () C:\Users\HRMN\Downloads\SystemLook.txt
2014-07-02 21:36 - 2014-07-02 21:36 - 00165376 _____ () C:\Users\HRMN\Downloads\SystemLook_x64.exe
2014-07-02 21:36 - 2014-07-02 21:34 - 00045912 _____ () C:\Users\HRMN\Downloads\Addition.txt
2014-07-02 21:36 - 2014-07-02 21:33 - 00048799 _____ () C:\Users\HRMN\Downloads\FRST.txt
2014-07-02 21:11 - 2014-07-02 21:11 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-02 21:01 - 2014-07-02 21:01 - 00000000 ____D () C:\Windows\ERUNT
2014-07-02 20:59 - 2014-07-02 20:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-02 20:59 - 2014-07-02 20:58 - 00459168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-02 20:59 - 2012-09-24 17:34 - 00118872 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2014-07-02 20:49 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-02 20:45 - 2012-06-22 11:52 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Dev-Cpp
2014-07-02 20:45 - 2012-06-22 11:52 - 00000000 ____D () C:\Dev-Cpp
2014-07-02 20:44 - 2014-07-02 20:44 - 00102738 _____ () C:\Users\HRMN\Documents\2014_07_02.reg
2014-07-02 20:44 - 2014-07-02 20:44 - 00003924 _____ () C:\Users\HRMN\Documents\2014_07_03.reg
2014-07-02 20:31 - 2012-06-07 10:23 - 00001164 _____ () C:\Users\HRMN\Downloads\CoreTemp.ini
2014-07-02 18:23 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQ-Profile
2014-07-02 18:21 - 2014-07-02 18:21 - 00001802 _____ () C:\Users\HRMN\Desktop\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00001660 _____ () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQM
2014-06-30 18:49 - 2014-04-29 22:13 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-30 18:49 - 2011-10-14 05:30 - 00000000 ____D () C:\ProgramData\Skype
2014-06-27 19:38 - 2014-06-27 19:38 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-27 19:38 - 2014-06-19 19:55 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-27 19:38 - 2014-03-15 13:27 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-27 19:38 - 2013-07-27 15:19 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-27 19:38 - 2013-07-27 15:19 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-24 19:33 - 2012-11-07 20:30 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\vlc
2014-06-18 16:13 - 2014-06-18 16:13 - 00000000 ____D () C:\Users\HRMN\Documents\eq_presets
2014-06-18 16:12 - 2014-06-18 16:12 - 00003526 _____ () C:\Users\HRMN\Downloads\eq_presets.zip
2014-06-18 13:19 - 2012-06-06 20:13 - 00004088 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2792858974-2978467211-3077806040-1002UA
2014-06-18 13:19 - 2012-06-06 20:13 - 00003692 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2792858974-2978467211-3077806040-1002Core
2014-06-15 19:46 - 2014-06-15 19:46 - 00013870 _____ () C:\Users\HRMN\Documents\Kündigung_Rikarda.odt
2014-06-13 04:59 - 2014-07-12 17:20 - 01890264 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434043.dll
2014-06-13 04:59 - 2014-07-12 17:20 - 01542088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434043.dll
2014-06-13 04:59 - 2014-07-12 17:20 - 00026353 _____ () C:\Windows\system32\nvinfo.pb
2014-06-13 04:48 - 2014-07-12 17:33 - 00075040 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-06-13 04:48 - 2014-07-12 17:33 - 00062920 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-06-13 04:48 - 2014-07-12 17:20 - 13911928 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-13 04:48 - 2014-07-12 17:20 - 13824408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-13 04:48 - 2014-07-12 17:20 - 11272544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-13 04:48 - 2014-07-12 17:20 - 11211224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-13 04:48 - 2014-07-12 17:20 - 04248520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-13 04:48 - 2014-07-12 17:20 - 03989464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-13 04:48 - 2014-07-12 17:20 - 00946120 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-13 04:48 - 2014-07-12 17:20 - 00909256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-13 04:48 - 2014-07-12 17:20 - 00902616 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-13 04:48 - 2014-07-12 17:20 - 00869336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-13 04:47 - 2014-07-12 17:20 - 31512352 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-06-13 04:47 - 2014-07-12 17:20 - 24198616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-06-13 04:47 - 2014-07-12 17:20 - 18625768 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-06-13 04:47 - 2014-07-12 17:20 - 17553032 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-13 04:47 - 2014-07-12 17:20 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-06-13 04:47 - 2014-07-12 17:20 - 14497528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-06-13 04:47 - 2014-07-12 17:20 - 12860888 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-13 04:47 - 2014-07-12 17:20 - 00033736 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-06-13 04:46 - 2014-07-12 17:20 - 22994392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-13 04:46 - 2014-07-12 17:20 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-13 04:46 - 2014-07-12 17:20 - 02814120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-06-13 04:46 - 2014-07-12 17:20 - 00965312 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-06-13 04:46 - 2014-07-12 17:20 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-06-13 04:46 - 2014-07-12 17:20 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-06-13 04:46 - 2014-07-12 17:20 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-06-13 04:46 - 2014-07-12 17:20 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-06-13 04:46 - 2014-07-12 17:20 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-06-13 04:45 - 2014-07-12 17:20 - 03196304 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-06-13 04:11 - 2014-07-12 17:34 - 06783960 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-06-13 04:11 - 2014-07-12 17:34 - 03523360 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-06-13 04:11 - 2014-07-12 17:34 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-06-13 04:11 - 2014-07-12 17:34 - 01083736 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2014-06-13 04:11 - 2014-07-12 17:34 - 00933208 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-06-13 04:11 - 2014-07-12 17:34 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-06-13 04:11 - 2014-07-12 17:34 - 00067072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2014-06-13 04:11 - 2014-07-12 17:34 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-06-12 22:58 - 2014-04-11 20:42 - 00000000 ____D () C:\Program Files (x86)\TERA
2014-06-12 22:55 - 2014-06-12 22:55 - 00001074 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-12 22:55 - 2012-11-07 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-12 22:54 - 2014-06-12 22:54 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-12 22:54 - 2014-01-10 00:40 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-12 22:54 - 2011-10-14 05:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-12 22:53 - 2014-06-12 22:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-06-12 22:53 - 2014-06-12 22:53 - 00000000 ____D () C:\Program Files\7-Zip
2014-06-12 04:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-12 03:05 - 2013-09-19 06:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 03:02 - 2012-09-24 17:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 03:02 - 2012-06-08 00:20 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 03:01 - 2014-05-10 14:41 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 02:05 - 2012-06-07 01:29 - 00002358 _____ () C:\Users\HRMN\Desktop\Google Chrome.lnk

ZeroAccess:
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}\@
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}\L\00000004.@

Files to move or delete:
====================
C:\Users\HRMN\IP_Log_Data.js
C:\Users\HRMN\Network_Meter_Data.js


Some content of TEMP:
====================
C:\Users\HRMN\AppData\Local\Temp\bi_cleaner.exe
C:\Users\HRMN\AppData\Local\Temp\NVI2_29.DLL
C:\Users\HRMN\AppData\Local\Temp\Quarantine.exe
C:\Users\HRMN\AppData\Local\Temp\SHSetup.exe
C:\Users\HRMN\AppData\Local\Temp\Tsu9C511EEC.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe 2F46C1760C531EB2B181F9076E552E8A ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-08 00:19

==================== End Of Log ============================
         
--- --- ---

--- --- ---
Addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-07-2014
Ran by HRMN at 2014-07-12 21:22:08
Running from C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky PURE (Enabled - Up to date) {56547CC9-C9B2-849D-8FEF-A496150D6A06}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky PURE (Enabled - Up to date) {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
FW: Kaspersky PURE (Enabled) {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}

==================== Installed Programs ======================

4500_G510gm_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2904.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.2904.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0913.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Professional CC (HKLM-x32\...\{B56B95BF-7161-4166-8288-DB1BA9F6C9B8}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Cabal Episode 8 (HKLM-x32\...\Cabal Episode 8) (Version: Episode 8 - EliteKingdoms)
CABAL Online (NA - Global) (HKCU\...\CabalOnline(NA - Global)) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.22 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.3318.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.2921_44380 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.3318.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.9023 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESI Prüfwerte (HKLM-x32\...\ESI Prüfwerte) (Version:  - )
ESI[tronic] DEMO_4 (HKLM-x32\...\ESI[tronic] DEMO_4) (Version:  - )
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
foobar2000 v1.1.14a (HKLM-x32\...\foobar2000) (Version: 1.1.14a - Peter Pawlowski)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.2.75.126 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)
Free M4a to MP3 Converter 7.2 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ghost Recon Phantoms - EU (HKCU\...\d8be6c3f847d7d92) (Version: 1.35.5979.1 - Ubisoft)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version:  - Arobas Music)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
ICQ 8.2 (build 7067) (HKCU\...\ICQ) (Version: 8.2.7067.0 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel Processor Diagnostic Tool 64bit (HKLM\...\{B1E50355-2437-40B0-A016-67B7490FC93E}) (Version: 2.10.0.0 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KTS (x32 Version: 4.0.0 - Robert Bosch GmbH) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
Logon Screen (HKLM\...\{1730D13B-7517-4321-A88B-64627CF67CDC}_is1) (Version:  - Daniel Rebelo)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 1.1.500.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 1.1.500.0 - Microsoft Corporation) Hidden
MotioninJoy ds3 driver version 0.6.0003 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.5.0001 - www.motioninjoy.com)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
Network64 (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.43 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.43 (Version: 340.43 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version:  - )
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlanetSide 2 (HKCU\...\SOE-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version:  - Atari)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 6.1.0.5 - WildTangent, Inc.)
SpyHunter (HKLM\...\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

06-07-2014 11:18:21 Installiert Renesas Electronics USB 3.0 Host Controller Driver
12-07-2014 15:32:14 Gerätetreiber-Paketinstallation: NVIDIA Grafikkarte
12-07-2014 16:50:37 Installed SpyHunter
12-07-2014 18:58:09 Revo Uninstaller's restore point - System Requirements Lab for Intel

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-07-17 21:14 - 00000793 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {28D6FD2F-65C2-42AD-B0B0-AB3D49A1BC43} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2792858974-2978467211-3077806040-1002UA => C:\Users\HRMN\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {31E97D56-8130-48C0-9252-E8943EDCEBD0} - System32\Tasks\Google Updater and Installer => C:\Users\HRMN\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {357EDA91-E566-4E47-A04A-1369530D2E51} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Device Center\itype.exe [2012-06-26] (Microsoft Corporation)
Task: {38B0A7AF-CE44-467A-B2A0-059A3FD5AFB5} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2012-09-18] (Acer Incorporated)
Task: {411A750E-0185-46E2-9AAD-58FFA39E8F98} - System32\Tasks\Core Temp Autostart HRMN => C:\Users\HRMN\Downloads\Core Temp.exe [2010-10-03] ()
Task: {4FE97A35-6AAD-41C0-A407-039155AC1DF1} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)
Task: {54E8AD34-E652-4858-87D5-4538AA512F8A} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2012-09-18] (CyberLink)
Task: {6432CD2F-FBA1-494C-8D6C-8AC4BF5AA950} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {6644E828-80F1-46A1-9826-3126274CBF3D} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe [2012-06-26] (Microsoft)
Task: {7954D079-4FAF-40FF-B2D6-FA620B5AF9AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-12] (Adobe Systems Incorporated)
Task: {85A67C6E-1130-4134-94FF-507EB4779A1F} - \SpyHunter4Startup No Task File <==== ATTENTION
Task: {888AB199-79A5-4152-9003-8401C61B3F79} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-08-22] (Piriform Ltd)
Task: {8DF38EBB-0033-459F-BD5E-7940838156E6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Device Center\ipoint.exe [2012-06-26] (Microsoft Corporation)
Task: {8E7A26D6-6F72-47F5-84E5-D4551D7E8195} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2792858974-2978467211-3077806040-1002Core => C:\Users\HRMN\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {91AB107B-D3A1-4351-BCF4-E415036664AC} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {9C7AFC46-7146-4DA0-908A-3556157B1A61} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-27] (AVAST Software)
Task: {C40EF80F-886E-48E7-BC45-55DFF42E71CF} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {C5C63F6B-E2A3-400E-8A24-99E79FD5DB4E} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
Task: {DC2F4D6B-DA61-403D-BAAC-D251129E11D4} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2012-09-18] (CyberLink Corp.)
Task: {E0B44B36-1032-43AA-A073-4689C9F69736} - System32\Tasks\AdobeAAMUpdater-1.0-HRMN-PC-HRMN => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2792858974-2978467211-3077806040-1002Core.job => C:\Users\HRMN\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2792858974-2978467211-3077806040-1002UA.job => C:\Users\HRMN\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-12 17:20 - 2014-06-13 04:47 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 00118728 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-20 11:24 - 2014-03-20 11:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-06-07 10:23 - 2010-10-03 02:14 - 00563728 _____ () C:\Users\HRMN\Downloads\Core Temp.exe
2011-10-14 05:57 - 2011-06-10 19:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-06-07 02:03 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2014-03-20 11:24 - 2014-03-20 11:24 - 05288608 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-06-27 19:37 - 2014-06-27 19:37 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-12 14:47 - 2014-07-12 14:47 - 02792960 _____ () C:\Program Files\AVAST Software\Avast\defs\14071200\algo.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-06-07 02:03 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2012-09-18 14:24 - 2012-09-18 14:24 - 00208080 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-03-18 23:22 - 2014-03-18 23:22 - 32733088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2014-06-27 19:37 - 2014-06-27 19:37 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-24 19:54 - 2014-02-24 19:54 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ae685719bd599604bdf031cdad0ba38a\IsdiInterop.ni.dll
2011-10-14 05:15 - 2011-04-30 09:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-06-12 02:05 - 2014-06-05 15:58 - 00716616 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-12 02:05 - 2014-06-05 15:58 - 00126280 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-12 02:05 - 2014-06-05 15:58 - 04217672 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-12 02:05 - 2014-06-05 15:58 - 00414536 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-12 02:05 - 2014-06-05 15:58 - 01732424 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-07-12 14:52 - 2014-07-08 08:18 - 14663856 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/12/2014 08:29:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 7.0.600.19 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 167c

Startzeit: 01cf9dfefb485655

Endzeit: 4

Anwendungspfad: C:\Program Files (x86)\Java\jre7\bin\javaw.exe

Berichts-ID:

Error: (07/12/2014 07:32:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/12/2014 07:09:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/12/2014 06:42:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/12/2014 06:42:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/12/2014 06:42:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/12/2014 06:36:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/12/2014 08:57:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2147024891

Error: (07/12/2014 08:57:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%-2147024891

Error: (07/12/2014 07:32:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2147024891

Error: (07/12/2014 07:32:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%-2147024891

Error: (07/12/2014 07:32:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: 
%%1060

Error: (07/12/2014 07:32:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%-2147024891

Error: (07/12/2014 07:32:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LibUsb-Win32 - Daemon, Version 0.1.10.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/12/2014 07:09:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2147024891

Error: (07/12/2014 07:09:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%-2147024891

Error: (07/12/2014 07:08:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: 
%%1060


Microsoft Office Sessions:
=========================
Error: (07/12/2014 08:29:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe7.0.600.19167c01cf9dfefb4856554C:\Program Files (x86)\Java\jre7\bin\javaw.exe

Error: (07/12/2014 07:32:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/12/2014 07:09:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/12/2014 06:42:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\HRMN\Downloads\Virus-Exterminationsprogramme\esetsmartinstaller_deu.exe

Error: (07/12/2014 06:42:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\HRMN\Downloads\Virus-Exterminationsprogramme\esetsmartinstaller_deu.exe

Error: (07/12/2014 06:42:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\HRMN\Downloads\Virus-Exterminationsprogramme\esetsmartinstaller_deu.exe

Error: (07/12/2014 06:36:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-07-27 03:20:48.704
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-27 03:20:48.704
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-27 03:20:48.704
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-27 03:20:48.688
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-27 03:20:48.688
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-27 03:20:48.688
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-26 22:46:32.155
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-26 22:46:32.153
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-26 22:46:32.151
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-26 22:46:32.130
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 32%
Total physical RAM: 8043.86 MB
Available physical RAM: 5392.05 MB
Total Pagefile: 16085.9 MB
Available Pagefile: 13055.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:913.41 GB) (Free:651.29 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 2F560472)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=913 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________

Alt 13.07.2014, 15:03   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Pricechopper Chrome erweiterung entfernen! - Standard

Pricechopper Chrome erweiterung entfernen!



hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.07.2014, 00:06   #5
HRMN092
 
Pricechopper Chrome erweiterung entfernen! - Standard

Pricechopper Chrome erweiterung entfernen!



Hi, tut mir leid, dass es so lange gedauert hat aberr WM Finale und so
Vielen Dank nochmal.
Hier der Report.
PS Rocketdock ist eig mein Desktop Dock. Deswegen versteh ich das jetzt nicht o0.
Code:
ATTFilter
01:02:36.0219 0x1660  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
01:02:38.0773 0x1660  ============================================================
01:02:38.0773 0x1660  Current date / time: 2014/07/14 01:02:38.0773
01:02:38.0773 0x1660  SystemInfo:
01:02:38.0773 0x1660  
01:02:38.0773 0x1660  OS Version: 6.1.7601 ServicePack: 1.0
01:02:38.0773 0x1660  Product type: Workstation
01:02:38.0773 0x1660  ComputerName: HRMN-PC
01:02:38.0773 0x1660  UserName: HRMN
01:02:38.0773 0x1660  Windows directory: C:\Windows
01:02:38.0773 0x1660  System windows directory: C:\Windows
01:02:38.0773 0x1660  Running under WOW64
01:02:38.0773 0x1660  Processor architecture: Intel x64
01:02:38.0773 0x1660  Number of processors: 4
01:02:38.0773 0x1660  Page size: 0x1000
01:02:38.0773 0x1660  Boot type: Normal boot
01:02:38.0773 0x1660  ============================================================
01:02:39.0576 0x1660  KLMD registered as C:\Windows\system32\drivers\81182798.sys
01:02:40.0158 0x1660  System UUID: {F3C9F6DE-3B65-CB86-7868-8FF661F3FEA1}
01:02:40.0801 0x1660  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:02:40.0805 0x1660  ============================================================
01:02:40.0805 0x1660  \Device\Harddisk0\DR0:
01:02:40.0805 0x1660  MBR partitions:
01:02:40.0805 0x1660  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2400800, BlocksNum 0x32000
01:02:40.0805 0x1660  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2432800, BlocksNum 0x722D3800
01:02:40.0805 0x1660  ============================================================
01:02:40.0845 0x1660  C: <-> \Device\Harddisk0\DR0\Partition2
01:02:40.0845 0x1660  ============================================================
01:02:40.0845 0x1660  Initialize success
01:02:40.0845 0x1660  ============================================================
01:02:46.0697 0x07cc  ============================================================
01:02:46.0697 0x07cc  Scan started
01:02:46.0697 0x07cc  Mode: Manual; SigCheck; TDLFS; 
01:02:46.0697 0x07cc  ============================================================
01:02:46.0697 0x07cc  KSN ping started
01:03:00.0334 0x07cc  KSN ping finished: true
01:03:00.0965 0x07cc  ================ Scan system memory ========================
01:03:00.0965 0x07cc  System memory - ok
01:03:00.0965 0x07cc  ================ Scan services =============================
01:03:01.0151 0x07cc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
01:03:01.0214 0x07cc  1394ohci - ok
01:03:01.0238 0x07cc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
01:03:01.0255 0x07cc  ACPI - ok
01:03:01.0274 0x07cc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
01:03:01.0304 0x07cc  AcpiPmi - ok
01:03:01.0404 0x07cc  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:03:01.0419 0x07cc  AdobeARMservice - ok
01:03:01.0571 0x07cc  [ B5D8DE922237CEDDC7992297654A4BE4, 88EF0B5EBFB383C9069A29AEA8D76EDBE1E70DD6F7C18970EE01ECAE9F408B38 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:03:01.0584 0x07cc  AdobeFlashPlayerUpdateSvc - ok
01:03:01.0614 0x07cc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
01:03:01.0633 0x07cc  adp94xx - ok
01:03:01.0669 0x07cc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
01:03:01.0685 0x07cc  adpahci - ok
01:03:01.0711 0x07cc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
01:03:01.0724 0x07cc  adpu320 - ok
01:03:01.0749 0x07cc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
01:03:01.0799 0x07cc  AeLookupSvc - ok
01:03:01.0858 0x07cc  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
01:03:01.0896 0x07cc  AFD - ok
01:03:01.0925 0x07cc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
01:03:01.0935 0x07cc  agp440 - ok
01:03:01.0954 0x07cc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
01:03:01.0990 0x07cc  ALG - ok
01:03:02.0018 0x07cc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
01:03:02.0026 0x07cc  aliide - ok
01:03:02.0096 0x07cc  ALSysIO - ok
01:03:02.0119 0x07cc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
01:03:02.0128 0x07cc  amdide - ok
01:03:02.0148 0x07cc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
01:03:02.0181 0x07cc  AmdK8 - ok
01:03:02.0193 0x07cc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
01:03:02.0214 0x07cc  AmdPPM - ok
01:03:02.0229 0x07cc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
01:03:02.0242 0x07cc  amdsata - ok
01:03:02.0256 0x07cc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
01:03:02.0269 0x07cc  amdsbs - ok
01:03:02.0290 0x07cc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
01:03:02.0298 0x07cc  amdxata - ok
01:03:02.0317 0x07cc  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
01:03:02.0360 0x07cc  AppID - ok
01:03:02.0376 0x07cc  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
01:03:02.0433 0x07cc  AppIDSvc - ok
01:03:02.0464 0x07cc  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
01:03:02.0493 0x07cc  Appinfo - ok
01:03:02.0518 0x07cc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
01:03:02.0529 0x07cc  arc - ok
01:03:02.0539 0x07cc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
01:03:02.0549 0x07cc  arcsas - ok
01:03:02.0635 0x07cc  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:03:02.0647 0x07cc  aspnet_state - ok
01:03:02.0714 0x07cc  [ D95E64416A4A3ED6986E0F474DA934BD, DBB4A0DED0DABE1F8FF0DB8C0E9EC4EC906A85A45DC0AEC013A8744F9BF5D40E ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
01:03:02.0727 0x07cc  aswHwid - ok
01:03:02.0770 0x07cc  [ FF1E537A3632CBB9A0BF72B9FD0878D5, B26E6A1F6E6FA5280A12861EFAD44D8F49353F47B21843EBA73E149CF613DCBC ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
01:03:02.0803 0x07cc  aswMonFlt - ok
01:03:02.0830 0x07cc  [ A5757DE5F9C83AB40667A53D5126EA40, 58B72B1B126CF641188703CE82E26BEB0C41AD7587CFFCCCE9E3C64CC7AACC90 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
01:03:02.0840 0x07cc  aswRdr - ok
01:03:02.0917 0x07cc  [ 645D97385F3F284FB5604F9B970F4D24, 15A9D7F0F4C1062210E4E744A9069B8645177D19F35B8740D74022639DC05F2E ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
01:03:02.0930 0x07cc  aswRvrt - ok
01:03:03.0026 0x07cc  [ B8FDEDE963B82CFD23B3A53A3084666D, 3537E5B684FB6F0AA589A5FA7CD111E1744DF384AB1A266D4114100F104ED11B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
01:03:03.0055 0x07cc  aswSnx - ok
01:03:03.0102 0x07cc  [ 0DEDC041DF594AEC2C3BD00417CFAF60, 0D3A8924503986546EE256D185225C0B080FDB6B0C8B0BED7516B07A7334371B ] aswSP           C:\Windows\system32\drivers\aswSP.sys
01:03:03.0118 0x07cc  aswSP - ok
01:03:03.0166 0x07cc  [ 48DED912CDE54FC0923B9858512366E1, 9B216B934408A7CB3CE2B41240B7EF01EAA3BC066211B784064FF8AC97A29B4E ] aswStm          C:\Windows\system32\drivers\aswStm.sys
01:03:03.0175 0x07cc  aswStm - ok
01:03:03.0214 0x07cc  [ 367CF04C38DFF33368FCDBBF71C96297, B533833A9592FCE2B665B7E98AACC8D699845B14B7473710A333FC1E0AC0BB2F ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
01:03:03.0224 0x07cc  aswTdi - ok
01:03:03.0259 0x07cc  [ 471A311745848B80339436688A8286E6, E51C57236CEC19AC38E85D115DB97875517D837811188AD2E53FA49055B53890 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
01:03:03.0272 0x07cc  aswVmm - ok
01:03:03.0290 0x07cc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
01:03:03.0343 0x07cc  AsyncMac - ok
01:03:03.0367 0x07cc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
01:03:03.0376 0x07cc  atapi - ok
01:03:03.0419 0x07cc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:03:03.0475 0x07cc  AudioEndpointBuilder - ok
01:03:03.0492 0x07cc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
01:03:03.0534 0x07cc  AudioSrv - ok
01:03:03.0608 0x07cc  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
01:03:03.0617 0x07cc  avast! Antivirus - ok
01:03:03.0639 0x07cc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
01:03:03.0674 0x07cc  AxInstSV - ok
01:03:03.0718 0x07cc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
01:03:03.0751 0x07cc  b06bdrv - ok
01:03:03.0768 0x07cc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
01:03:03.0805 0x07cc  b57nd60a - ok
01:03:03.0827 0x07cc  [ A424CB46A145E5AABF15621550976DF2, B6CA183FD5ED72237D2DC1F599FD04A066C06A717A2CF63AF08D3AA0A227D7BA ] b57xdbd         C:\Windows\system32\DRIVERS\b57xdbd.sys
01:03:03.0836 0x07cc  b57xdbd - ok
01:03:03.0848 0x07cc  [ BE4E6FD5A898812B85D5817AD9754A9F, 46A7C80283BE53F43A0D73DA3338461024DD002A7CF43660F9C7D640E0C72876 ] b57xdmp         C:\Windows\system32\DRIVERS\b57xdmp.sys
01:03:03.0856 0x07cc  b57xdmp - ok
01:03:04.0006 0x07cc  [ 11F844B46B631337395651ABE9C4167B, 98771B4D9DABEE4C485D718E3BB7D4EF365CA1D7CF043BE12431BC08F6D16EFD ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
01:03:04.0108 0x07cc  BCM43XX - ok
01:03:04.0173 0x07cc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
01:03:04.0193 0x07cc  BDESVC - ok
01:03:04.0210 0x07cc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
01:03:04.0266 0x07cc  Beep - ok
01:03:04.0309 0x07cc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
01:03:04.0370 0x07cc  BITS - ok
01:03:04.0396 0x07cc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
01:03:04.0421 0x07cc  blbdrive - ok
01:03:04.0435 0x07cc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
01:03:04.0475 0x07cc  bowser - ok
01:03:04.0489 0x07cc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
01:03:04.0510 0x07cc  BrFiltLo - ok
01:03:04.0533 0x07cc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
01:03:04.0549 0x07cc  BrFiltUp - ok
01:03:04.0579 0x07cc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
01:03:04.0593 0x07cc  Browser - ok
01:03:04.0616 0x07cc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
01:03:04.0646 0x07cc  Brserid - ok
01:03:04.0663 0x07cc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
01:03:04.0690 0x07cc  BrSerWdm - ok
01:03:04.0707 0x07cc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
01:03:04.0732 0x07cc  BrUsbMdm - ok
01:03:04.0735 0x07cc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
01:03:04.0753 0x07cc  BrUsbSer - ok
01:03:04.0772 0x07cc  [ 0970D8B7151E9113BF8D44CE2E954DF7, D467DFFA1668F3BE29620154A13867568C25211ED823BE6A220D2DEE7E3A1278 ] bScsiMSa        C:\Windows\system32\DRIVERS\bScsiMSa.sys
01:03:04.0780 0x07cc  bScsiMSa - ok
01:03:04.0797 0x07cc  [ 0C1EEE5AF32402D306874B110DE237EC, B0FE0F3B6A1E2C003E6F4B6330601C43126881262B328D7DD93AC2C0B714DC86 ] bScsiSDa        C:\Windows\system32\DRIVERS\bScsiSDa.sys
01:03:04.0805 0x07cc  bScsiSDa - ok
01:03:04.0818 0x07cc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
01:03:04.0838 0x07cc  BTHMODEM - ok
01:03:04.0858 0x07cc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
01:03:04.0887 0x07cc  bthserv - ok
01:03:04.0920 0x07cc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
01:03:04.0968 0x07cc  cdfs - ok
01:03:04.0983 0x07cc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
01:03:05.0006 0x07cc  cdrom - ok
01:03:05.0026 0x07cc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
01:03:05.0063 0x07cc  CertPropSvc - ok
01:03:05.0097 0x07cc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
01:03:05.0124 0x07cc  circlass - ok
01:03:05.0146 0x07cc  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
01:03:05.0164 0x07cc  CLFS - ok
01:03:05.0200 0x07cc  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:03:05.0210 0x07cc  clr_optimization_v2.0.50727_32 - ok
01:03:05.0248 0x07cc  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:03:05.0257 0x07cc  clr_optimization_v2.0.50727_64 - ok
01:03:05.0321 0x07cc  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:03:05.0333 0x07cc  clr_optimization_v4.0.30319_32 - ok
01:03:05.0350 0x07cc  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:03:05.0361 0x07cc  clr_optimization_v4.0.30319_64 - ok
01:03:05.0383 0x07cc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
01:03:05.0411 0x07cc  CmBatt - ok
01:03:05.0427 0x07cc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
01:03:05.0436 0x07cc  cmdide - ok
01:03:05.0484 0x07cc  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
01:03:05.0507 0x07cc  CNG - ok
01:03:05.0532 0x07cc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
01:03:05.0542 0x07cc  Compbatt - ok
01:03:05.0557 0x07cc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
01:03:05.0594 0x07cc  CompositeBus - ok
01:03:05.0597 0x07cc  COMSysApp - ok
01:03:05.0669 0x07cc  [ 3CA734CE373E5675FBC15CA2C45228E5, A6C6E9FABDE5EA18D266DB71C0CC6B51D682116D1898CCB4E9BA730F15C44B32 ] cpudrv64        C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
01:03:05.0678 0x07cc  cpudrv64 - ok
01:03:05.0700 0x07cc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
01:03:05.0710 0x07cc  crcdisk - ok
01:03:05.0741 0x07cc  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
01:03:05.0766 0x07cc  CryptSvc - ok
01:03:05.0800 0x07cc  [ E6CE7188CC47AE5DAFDAF552D370C52F, D68E48F137BF8C6CD0BE4248F9F9D7C68F273C34304641756A76364E915BF428 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
01:03:05.0810 0x07cc  dc3d - ok
01:03:05.0850 0x07cc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
01:03:05.0901 0x07cc  DcomLaunch - ok
01:03:05.0937 0x07cc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
01:03:05.0987 0x07cc  defragsvc - ok
01:03:06.0011 0x07cc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
01:03:06.0049 0x07cc  DfsC - ok
01:03:06.0096 0x07cc  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
01:03:06.0108 0x07cc  dg_ssudbus - ok
01:03:06.0149 0x07cc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
01:03:06.0180 0x07cc  Dhcp - ok
01:03:06.0189 0x07cc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
01:03:06.0218 0x07cc  discache - ok
01:03:06.0247 0x07cc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
01:03:06.0259 0x07cc  Disk - ok
01:03:06.0292 0x07cc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
01:03:06.0327 0x07cc  Dnscache - ok
01:03:06.0354 0x07cc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
01:03:06.0404 0x07cc  dot3svc - ok
01:03:06.0445 0x07cc  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
01:03:06.0469 0x07cc  Dot4 - ok
01:03:06.0478 0x07cc  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
01:03:06.0498 0x07cc  Dot4Print - ok
01:03:06.0514 0x07cc  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
01:03:06.0542 0x07cc  dot4usb - ok
01:03:06.0572 0x07cc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
01:03:06.0628 0x07cc  DPS - ok
01:03:06.0686 0x07cc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
01:03:06.0720 0x07cc  drmkaud - ok
01:03:06.0782 0x07cc  [ 9DD3A22F804697606C2B7FF9E912FF6B, BBE2FC0D554030BA9E3A96CC4A360D61DBCCAA1D81BD7547809F29A3AF0B3A25 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
01:03:06.0801 0x07cc  DsiWMIService - ok
01:03:06.0860 0x07cc  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
01:03:06.0887 0x07cc  DXGKrnl - ok
01:03:06.0936 0x07cc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
01:03:06.0981 0x07cc  EapHost - ok
01:03:07.0090 0x07cc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
01:03:07.0203 0x07cc  ebdrv - ok
01:03:07.0239 0x07cc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
01:03:07.0263 0x07cc  EFS - ok
01:03:07.0339 0x07cc  [ 5332EC2BA1C112BD4BB1F38127848FEF, 156585CE4011546B20EDD20D04E639A0788B1DE6455B23B94E2CD31BA725FE3C ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
01:03:07.0355 0x07cc  EgisTec Ticket Service - ok
01:03:07.0404 0x07cc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
01:03:07.0445 0x07cc  ehRecvr - ok
01:03:07.0465 0x07cc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
01:03:07.0494 0x07cc  ehSched - ok
01:03:07.0532 0x07cc  [ A05FC7ECA0966EBB70E4D17B855A853B, 16A0C8138A3BBD8BE2658261131F9777940CFB1431018A10710E5C1A88AB70EA ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
01:03:07.0540 0x07cc  ElbyCDIO - ok
01:03:07.0584 0x07cc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
01:03:07.0605 0x07cc  elxstor - ok
01:03:07.0689 0x07cc  [ 48425C93B6F36529707206E4FA680CF3, 328BD59DEDFAD359EF79CCFBC2AD3E9C95657EC616AE0611F5EFEB34B810692A ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
01:03:07.0713 0x07cc  ePowerSvc - ok
01:03:07.0724 0x07cc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
01:03:07.0751 0x07cc  ErrDev - ok
01:03:07.0776 0x07cc  [ DBAA0C650C9549DC5C599D1E81DEDAAD, C8DF68CDACEF27C91CFD1FE8032A8DAF830D9E77C573C25DE5D41FC3DB824ABA ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
01:03:07.0789 0x07cc  ETD - ok
01:03:07.0840 0x07cc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
01:03:07.0883 0x07cc  EventSystem - ok
01:03:07.0907 0x07cc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
01:03:07.0940 0x07cc  exfat - ok
01:03:07.0964 0x07cc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
01:03:08.0012 0x07cc  fastfat - ok
01:03:08.0047 0x07cc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
01:03:08.0087 0x07cc  Fax - ok
01:03:08.0102 0x07cc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
01:03:08.0122 0x07cc  fdc - ok
01:03:08.0130 0x07cc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
01:03:08.0162 0x07cc  fdPHost - ok
01:03:08.0183 0x07cc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
01:03:08.0227 0x07cc  FDResPub - ok
01:03:08.0252 0x07cc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
01:03:08.0262 0x07cc  FileInfo - ok
01:03:08.0273 0x07cc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
01:03:08.0312 0x07cc  Filetrace - ok
01:03:08.0362 0x07cc  [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
01:03:08.0383 0x07cc  FLEXnet Licensing Service - ok
01:03:08.0400 0x07cc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
01:03:08.0410 0x07cc  flpydisk - ok
01:03:08.0446 0x07cc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
01:03:08.0461 0x07cc  FltMgr - ok
01:03:08.0536 0x07cc  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
01:03:08.0580 0x07cc  FontCache - ok
01:03:08.0640 0x07cc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:03:08.0650 0x07cc  FontCache3.0.0.0 - ok
01:03:08.0750 0x07cc  [ D316BB764E63289DEE509F05C31C2956, 3685CD50504725CD7FA65EE27BD450DE5D7058201FF870FF8D833AA81B415C4D ] FoxitCloudUpdateService C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
01:03:08.0761 0x07cc  FoxitCloudUpdateService - ok
01:03:08.0778 0x07cc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
01:03:08.0788 0x07cc  FsDepends - ok
01:03:08.0813 0x07cc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
01:03:08.0821 0x07cc  Fs_Rec - ok
01:03:08.0858 0x07cc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
01:03:08.0874 0x07cc  fvevol - ok
01:03:08.0902 0x07cc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
01:03:08.0915 0x07cc  gagp30kx - ok
01:03:08.0968 0x07cc  [ A6FD278E3D22A2E9CCEC65F3E81E2818, 668A33AA61F12C44BD29E8A2493B996AF90F7B3DED74EF17BD1BEB4E2143952D ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
01:03:08.0982 0x07cc  GamesAppIntegrationService - ok
01:03:09.0004 0x07cc  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
01:03:09.0016 0x07cc  GamesAppService - ok
01:03:09.0057 0x07cc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
01:03:09.0106 0x07cc  gpsvc - ok
01:03:09.0158 0x07cc  [ C9B2D1D3F86FD3673EF847DEF73B6F9E, 9D3822A6464F685F770F8D02A8AE623A676888F135E8425C3BAF1CC077429A7F ] GREGService     C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
01:03:09.0165 0x07cc  GREGService - ok
01:03:09.0210 0x07cc  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
01:03:09.0222 0x07cc  gusvc - ok
01:03:09.0243 0x07cc  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
01:03:09.0252 0x07cc  hamachi - ok
01:03:09.0269 0x07cc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
01:03:09.0291 0x07cc  hcw85cir - ok
01:03:09.0313 0x07cc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:03:09.0350 0x07cc  HdAudAddService - ok
01:03:09.0362 0x07cc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
01:03:09.0387 0x07cc  HDAudBus - ok
01:03:09.0399 0x07cc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
01:03:09.0422 0x07cc  HidBatt - ok
01:03:09.0448 0x07cc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
01:03:09.0469 0x07cc  HidBth - ok
01:03:09.0489 0x07cc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
01:03:09.0504 0x07cc  HidIr - ok
01:03:09.0520 0x07cc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
01:03:09.0558 0x07cc  hidserv - ok
01:03:09.0585 0x07cc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
01:03:09.0597 0x07cc  HidUsb - ok
01:03:09.0617 0x07cc  [ 105C4376B682DF3FE6C9B45252BE9DB7, 751C7248CCEC10FF632D976423F6B4C0611F8C643EE4E1040106B23B68549B44 ] hipeer20        C:\Windows\system32\DRIVERS\remobo64.sys
01:03:09.0636 0x07cc  hipeer20 - detected UnsignedFile.Multi.Generic ( 1 )
01:03:15.0900 0x07cc  Detect skipped due to KSN trusted
01:03:15.0900 0x07cc  hipeer20 - ok
01:03:15.0955 0x07cc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
01:03:15.0998 0x07cc  hkmsvc - ok
01:03:16.0019 0x07cc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:03:16.0047 0x07cc  HomeGroupListener - ok
01:03:16.0078 0x07cc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:03:16.0108 0x07cc  HomeGroupProvider - ok
01:03:16.0202 0x07cc  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
01:03:16.0224 0x07cc  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
01:03:18.0968 0x07cc  Detect skipped due to KSN trusted
01:03:18.0968 0x07cc  hpqcxs08 - ok
01:03:19.0025 0x07cc  [ F3F72A2A86C22610BCA5439FA789DD52, DA5A8F09DCC512AA1558863AD4FAC12F72DD83CA8FB4D8D9831E4AFBB6B3C616 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
01:03:19.0047 0x07cc  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
01:03:25.0390 0x07cc  Detect skipped due to KSN trusted
01:03:25.0390 0x07cc  hpqddsvc - ok
01:03:25.0438 0x07cc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
01:03:25.0449 0x07cc  HpSAMD - ok
01:03:25.0504 0x07cc  [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
01:03:25.0541 0x07cc  HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
01:03:28.0207 0x07cc  Detect skipped due to KSN trusted
01:03:28.0208 0x07cc  HPSLPSVC - ok
01:03:28.0253 0x07cc  [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
01:03:28.0273 0x07cc  HTCAND64 - detected UnsignedFile.Multi.Generic ( 1 )
01:03:31.0024 0x07cc  Detect skipped due to KSN trusted
01:03:31.0024 0x07cc  HTCAND64 - ok
01:03:31.0081 0x07cc  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
01:03:31.0139 0x07cc  HTTP - ok
01:03:31.0155 0x07cc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
01:03:31.0163 0x07cc  hwpolicy - ok
01:03:31.0183 0x07cc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
01:03:31.0197 0x07cc  i8042prt - ok
01:03:31.0223 0x07cc  [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
01:03:31.0240 0x07cc  iaStor - ok
01:03:31.0289 0x07cc  [ E79A8E33BD136D14BAE1FA20EB2EF124, 54AD784570282FEF21021BE76C57EE878EC6FF6423CE2FFC3A4372AF6C3112D4 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
01:03:31.0299 0x07cc  IAStorDataMgrSvc - ok
01:03:31.0330 0x07cc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
01:03:31.0348 0x07cc  iaStorV - ok
01:03:31.0415 0x07cc  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:03:31.0444 0x07cc  idsvc - ok
01:03:31.0458 0x07cc  IEEtwCollectorService - ok
01:03:31.0819 0x07cc  [ 9937600A1584FF00565D5379EB4C9EDB, CF03333E9E7BD940B27194A9CF21ED8A6A10B698B545A898291976F650FC2675 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
01:03:32.0312 0x07cc  igfx - ok
01:03:32.0352 0x07cc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
01:03:32.0362 0x07cc  iirsp - ok
01:03:32.0406 0x07cc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
01:03:32.0449 0x07cc  IKEEXT - ok
01:03:32.0543 0x07cc  [ CB7DADEF3D83FE2C12655A0BDCBA99F2, AD55A578986F008ED01635D3BB26414D71F418640099BFA92D9CABAB6A88E01D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
01:03:32.0613 0x07cc  IntcAzAudAddService - ok
01:03:32.0640 0x07cc  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
01:03:32.0658 0x07cc  IntcDAud - ok
01:03:32.0689 0x07cc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
01:03:32.0698 0x07cc  intelide - ok
01:03:32.0732 0x07cc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
01:03:32.0762 0x07cc  intelppm - ok
01:03:32.0790 0x07cc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
01:03:32.0851 0x07cc  IPBusEnum - ok
01:03:32.0866 0x07cc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:03:32.0895 0x07cc  IpFilterDriver - ok
01:03:32.0907 0x07cc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
01:03:32.0920 0x07cc  IPMIDRV - ok
01:03:32.0927 0x07cc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
01:03:32.0972 0x07cc  IPNAT - ok
01:03:32.0988 0x07cc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
01:03:33.0004 0x07cc  IRENUM - ok
01:03:33.0008 0x07cc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
01:03:33.0017 0x07cc  isapnp - ok
01:03:33.0055 0x07cc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
01:03:33.0071 0x07cc  iScsiPrt - ok
01:03:33.0115 0x07cc  [ 455B75C19BF3F1F2EE3AC10E1169826C, C8CE6DE48E0B4621F2851A994261FA787556A27F9868A8859E5E8A8354028257 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
01:03:33.0132 0x07cc  k57nd60a - ok
01:03:33.0154 0x07cc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
01:03:33.0163 0x07cc  kbdclass - ok
01:03:33.0179 0x07cc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
01:03:33.0200 0x07cc  kbdhid - ok
01:03:33.0219 0x07cc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
01:03:33.0230 0x07cc  KeyIso - ok
01:03:33.0233 0x07cc  KMService - ok
01:03:33.0269 0x07cc  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
01:03:33.0280 0x07cc  KSecDD - ok
01:03:33.0290 0x07cc  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
01:03:33.0301 0x07cc  KSecPkg - ok
01:03:33.0323 0x07cc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
01:03:33.0365 0x07cc  ksthunk - ok
01:03:33.0401 0x07cc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
01:03:33.0455 0x07cc  KtmRm - ok
01:03:33.0494 0x07cc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
01:03:33.0543 0x07cc  LanmanServer - ok
01:03:33.0558 0x07cc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:03:33.0606 0x07cc  LanmanWorkstation - ok
01:03:33.0625 0x07cc  libusb0 - ok
01:03:33.0635 0x07cc  libusbd - ok
01:03:33.0677 0x07cc  [ 93B73DED2BC688F140C6AE2FBAD45789, B6859BC5D309B99BCCDC3717108B714497AAE9C5B26CE5B201344A41FC4CFF9D ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
01:03:33.0689 0x07cc  Live Updater Service - ok
01:03:33.0709 0x07cc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
01:03:33.0752 0x07cc  lltdio - ok
01:03:33.0777 0x07cc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
01:03:33.0835 0x07cc  lltdsvc - ok
01:03:33.0854 0x07cc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
01:03:33.0893 0x07cc  lmhosts - ok
01:03:33.0939 0x07cc  [ D7E0BED3EA21D7BDDD410ADE51708D90, 417A9A765E50ACCAE030B37F317217C9DB366BB1503A328D064A41ACDD00AFD8 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
01:03:33.0953 0x07cc  LMS - ok
01:03:33.0991 0x07cc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
01:03:34.0002 0x07cc  LSI_FC - ok
01:03:34.0007 0x07cc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
01:03:34.0019 0x07cc  LSI_SAS - ok
01:03:34.0023 0x07cc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
01:03:34.0034 0x07cc  LSI_SAS2 - ok
01:03:34.0040 0x07cc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
01:03:34.0053 0x07cc  LSI_SCSI - ok
01:03:34.0065 0x07cc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
01:03:34.0103 0x07cc  luafv - ok
01:03:34.0133 0x07cc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
01:03:34.0154 0x07cc  Mcx2Svc - ok
01:03:34.0158 0x07cc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
01:03:34.0168 0x07cc  megasas - ok
01:03:34.0208 0x07cc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
01:03:34.0222 0x07cc  MegaSR - ok
01:03:34.0252 0x07cc  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
01:03:34.0260 0x07cc  MEIx64 - ok
01:03:34.0305 0x07cc  Microsoft SharePoint Workspace Audit Service - ok
01:03:34.0340 0x07cc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
01:03:34.0380 0x07cc  MMCSS - ok
01:03:34.0390 0x07cc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
01:03:34.0427 0x07cc  Modem - ok
01:03:34.0445 0x07cc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
01:03:34.0470 0x07cc  monitor - ok
01:03:34.0522 0x07cc  [ FC44AD48746FFA5FD640EF1260AB5EC2, 95F7CCFC0BC782F3462A1C012E8122AB8D77BFB42E22A7B537475B9B266A6A1E ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
01:03:34.0532 0x07cc  MotioninJoyXFilter - ok
01:03:34.0561 0x07cc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
01:03:34.0571 0x07cc  mouclass - ok
01:03:34.0599 0x07cc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
01:03:34.0629 0x07cc  mouhid - ok
01:03:34.0650 0x07cc  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
01:03:34.0661 0x07cc  mountmgr - ok
01:03:34.0682 0x07cc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
01:03:34.0693 0x07cc  mpio - ok
01:03:34.0717 0x07cc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
01:03:34.0747 0x07cc  mpsdrv - ok
01:03:34.0781 0x07cc  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
01:03:34.0796 0x07cc  MRxDAV - ok
01:03:34.0835 0x07cc  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
01:03:34.0862 0x07cc  mrxsmb - ok
01:03:34.0889 0x07cc  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:03:34.0907 0x07cc  mrxsmb10 - ok
01:03:34.0918 0x07cc  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:03:34.0932 0x07cc  mrxsmb20 - ok
01:03:34.0956 0x07cc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
01:03:34.0969 0x07cc  msahci - ok
01:03:35.0005 0x07cc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
01:03:35.0017 0x07cc  msdsm - ok
01:03:35.0057 0x07cc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
01:03:35.0073 0x07cc  MSDTC - ok
01:03:35.0090 0x07cc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
01:03:35.0121 0x07cc  Msfs - ok
01:03:35.0135 0x07cc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
01:03:35.0171 0x07cc  mshidkmdf - ok
01:03:35.0192 0x07cc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
01:03:35.0200 0x07cc  msisadrv - ok
01:03:35.0228 0x07cc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
01:03:35.0270 0x07cc  MSiSCSI - ok
01:03:35.0273 0x07cc  msiserver - ok
01:03:35.0300 0x07cc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
01:03:35.0339 0x07cc  MSKSSRV - ok
01:03:35.0352 0x07cc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
01:03:35.0395 0x07cc  MSPCLOCK - ok
01:03:35.0409 0x07cc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
01:03:35.0456 0x07cc  MSPQM - ok
01:03:35.0478 0x07cc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
01:03:35.0495 0x07cc  MsRPC - ok
01:03:35.0513 0x07cc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
01:03:35.0522 0x07cc  mssmbios - ok
01:03:35.0531 0x07cc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
01:03:35.0575 0x07cc  MSTEE - ok
01:03:35.0578 0x07cc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
01:03:35.0592 0x07cc  MTConfig - ok
01:03:35.0636 0x07cc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
01:03:35.0645 0x07cc  Mup - ok
01:03:35.0671 0x07cc  [ C009123B206C56854F4E88596035231D, 670403A40B425F77C90ECB048A0C8BC11FB19E40A8CECC2C3DCF79175B745863 ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
01:03:35.0679 0x07cc  mwlPSDFilter - ok
01:03:35.0694 0x07cc  [ BF3739EEB9F008B1DEBAC115089A53F8, 8546AB69087656259BBE17D6F80F4AB164B04171673CE2BF9FFD1B5C9584E9A4 ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
01:03:35.0702 0x07cc  mwlPSDNServ - ok
01:03:35.0718 0x07cc  [ 38DD143D95E7A01B86F219DDA9C28779, 5FA8C0595CCF835DBCE1CC5322E8FD4BFB6DFB6CF869BB7CB73F919445D469AA ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
01:03:35.0726 0x07cc  mwlPSDVDisk - ok
01:03:35.0787 0x07cc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
01:03:35.0849 0x07cc  napagent - ok
01:03:35.0884 0x07cc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
01:03:35.0919 0x07cc  NativeWifiP - ok
01:03:35.0976 0x07cc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
01:03:36.0007 0x07cc  NDIS - ok
01:03:36.0019 0x07cc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
01:03:36.0047 0x07cc  NdisCap - ok
01:03:36.0076 0x07cc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
01:03:36.0104 0x07cc  NdisTapi - ok
01:03:36.0116 0x07cc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
01:03:36.0154 0x07cc  Ndisuio - ok
01:03:36.0174 0x07cc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
01:03:36.0211 0x07cc  NdisWan - ok
01:03:36.0224 0x07cc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
01:03:36.0263 0x07cc  NDProxy - ok
01:03:36.0297 0x07cc  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
01:03:36.0310 0x07cc  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
01:03:38.0974 0x07cc  Detect skipped due to KSN trusted
01:03:38.0974 0x07cc  Net Driver HPZ12 - ok
01:03:39.0019 0x07cc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
01:03:39.0053 0x07cc  NetBIOS - ok
01:03:39.0078 0x07cc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
01:03:39.0112 0x07cc  NetBT - ok
01:03:39.0130 0x07cc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
01:03:39.0141 0x07cc  Netlogon - ok
01:03:39.0170 0x07cc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
01:03:39.0221 0x07cc  Netman - ok
01:03:39.0274 0x07cc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:03:39.0286 0x07cc  NetMsmqActivator - ok
01:03:39.0313 0x07cc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:03:39.0324 0x07cc  NetPipeActivator - ok
01:03:39.0349 0x07cc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
01:03:39.0399 0x07cc  netprofm - ok
01:03:39.0430 0x07cc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:03:39.0441 0x07cc  NetTcpActivator - ok
01:03:39.0447 0x07cc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:03:39.0458 0x07cc  NetTcpPortSharing - ok
01:03:39.0485 0x07cc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
01:03:39.0495 0x07cc  nfrd960 - ok
01:03:39.0527 0x07cc  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
01:03:39.0557 0x07cc  NlaSvc - ok
01:03:39.0677 0x07cc  [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
01:03:39.0737 0x07cc  NOBU - ok
01:03:39.0765 0x07cc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
01:03:39.0796 0x07cc  Npfs - ok
01:03:39.0799 0x07cc  npggsvc - ok
01:03:39.0826 0x07cc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
01:03:39.0860 0x07cc  nsi - ok
01:03:39.0875 0x07cc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
01:03:39.0912 0x07cc  nsiproxy - ok
01:03:39.0994 0x07cc  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
01:03:40.0042 0x07cc  Ntfs - ok
01:03:40.0105 0x07cc  [ 1873214666F6F0A883742DF91FBC48C9, DCF5382CE338D4B5B0C3A3B722A19B6C7BAB59EB7B266FEF04698B79070E2C4B ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
01:03:40.0119 0x07cc  NTI IScheduleSvc - ok
01:03:40.0141 0x07cc  [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
01:03:40.0152 0x07cc  NTIDrvr - ok
01:03:40.0179 0x07cc  [ A2F750E416D1C628BDCDC2075AC33BC6, 84F63524803A29DC1B416829B81B80AE0BB2C7CC178B8AF0561E9FC40E66424A ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
01:03:40.0187 0x07cc  NuidFltr - ok
01:03:40.0206 0x07cc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
01:03:40.0236 0x07cc  Null - ok
01:03:40.0625 0x07cc  [ E6FCC772353DB9D18DEA0171A667626B, D2351F115F259456871E47C15D13BD8E5ED2FA7FA5E6CA7BA0CD4768D9339082 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:03:40.0883 0x07cc  nvlddmkm - ok
01:03:41.0027 0x07cc  [ 048C6FACA905A7DF0A86D3CC31D7E6AE, 7222B301DBBDFF15B038E13FEA076759D8AC392F5145ECD60A640BDA6CFABE8C ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
01:03:41.0066 0x07cc  NvNetworkService - ok
01:03:41.0093 0x07cc  [ CA09A21E2F0776C48C21BB045DAAEA94, AACC61048A2210ECABF4665B2B21C8232E26EC898EE65C49DA0481B0B266D740 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
01:03:41.0102 0x07cc  nvpciflt - ok
01:03:41.0115 0x07cc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
01:03:41.0126 0x07cc  nvraid - ok
01:03:41.0133 0x07cc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
01:03:41.0145 0x07cc  nvstor - ok
01:03:41.0248 0x07cc  [ 3ABCD8F8853FEB12B961E9A48FC12133, 58255D53E810EE0D89FA2F1DC9D6208BF44F3C0FDE74A9264FB740024F1EDD44 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
01:03:41.0257 0x07cc  NvStreamKms - ok
01:03:41.0293 0x07cc  NvStreamSvc - ok
01:03:41.0364 0x07cc  [ 5C929C787A45E00BE7F4A99221D66787, 24BFBB0E1E39C6816C66AEFF3509062A829AAE105B4C493C9F78F664FA6FD402 ] nvsvc           C:\Windows\system32\nvvsvc.exe
01:03:41.0390 0x07cc  nvsvc - ok
01:03:41.0417 0x07cc  [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
01:03:41.0426 0x07cc  nvvad_WaveExtensible - ok
01:03:41.0443 0x07cc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
01:03:41.0455 0x07cc  nv_agp - ok
01:03:41.0466 0x07cc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
01:03:41.0488 0x07cc  ohci1394 - ok
01:03:41.0541 0x07cc  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:03:41.0554 0x07cc  ose - ok
01:03:41.0773 0x07cc  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:03:41.0959 0x07cc  osppsvc - ok
01:03:42.0013 0x07cc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
01:03:42.0050 0x07cc  p2pimsvc - ok
01:03:42.0087 0x07cc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
01:03:42.0112 0x07cc  p2psvc - ok
01:03:42.0140 0x07cc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
01:03:42.0154 0x07cc  Parport - ok
01:03:42.0187 0x07cc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
01:03:42.0197 0x07cc  partmgr - ok
01:03:42.0223 0x07cc  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
01:03:42.0252 0x07cc  PcaSvc - ok
01:03:42.0274 0x07cc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
01:03:42.0291 0x07cc  pci - ok
01:03:42.0327 0x07cc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
01:03:42.0336 0x07cc  pciide - ok
01:03:42.0365 0x07cc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
01:03:42.0378 0x07cc  pcmcia - ok
01:03:42.0394 0x07cc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
01:03:42.0404 0x07cc  pcw - ok
01:03:42.0437 0x07cc  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
01:03:42.0490 0x07cc  PEAUTH - ok
01:03:42.0560 0x07cc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
01:03:42.0586 0x07cc  PerfHost - ok
01:03:42.0658 0x07cc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
01:03:42.0730 0x07cc  pla - ok
01:03:42.0776 0x07cc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
01:03:42.0813 0x07cc  PlugPlay - ok
01:03:42.0845 0x07cc  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
01:03:42.0861 0x07cc  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
01:03:45.0531 0x07cc  Detect skipped due to KSN trusted
01:03:45.0532 0x07cc  Pml Driver HPZ12 - ok
01:03:45.0584 0x07cc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
01:03:45.0611 0x07cc  PNRPAutoReg - ok
01:03:45.0635 0x07cc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
01:03:45.0655 0x07cc  PNRPsvc - ok
01:03:45.0666 0x07cc  [ 32D374C60778253B81FA76C2FE19E155, 6BD6B360EAC4F9988921281B52B4B1A29DDD287C6DB18688B4CEA5B1B4F22106 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
01:03:45.0675 0x07cc  Point64 - ok
01:03:45.0720 0x07cc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
01:03:45.0774 0x07cc  PolicyAgent - ok
01:03:45.0805 0x07cc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
01:03:45.0852 0x07cc  Power - ok
01:03:45.0873 0x07cc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
01:03:45.0918 0x07cc  PptpMiniport - ok
01:03:45.0932 0x07cc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
01:03:45.0949 0x07cc  Processor - ok
01:03:45.0987 0x07cc  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
01:03:46.0005 0x07cc  ProfSvc - ok
01:03:46.0019 0x07cc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:03:46.0031 0x07cc  ProtectedStorage - ok
01:03:46.0049 0x07cc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
01:03:46.0092 0x07cc  Psched - ok
01:03:46.0170 0x07cc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
01:03:46.0213 0x07cc  ql2300 - ok
01:03:46.0222 0x07cc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
01:03:46.0233 0x07cc  ql40xx - ok
01:03:46.0263 0x07cc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
01:03:46.0287 0x07cc  QWAVE - ok
01:03:46.0300 0x07cc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
01:03:46.0333 0x07cc  QWAVEdrv - ok
01:03:46.0343 0x07cc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
01:03:46.0383 0x07cc  RasAcd - ok
01:03:46.0406 0x07cc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
01:03:46.0435 0x07cc  RasAgileVpn - ok
01:03:46.0461 0x07cc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
01:03:46.0512 0x07cc  RasAuto - ok
01:03:46.0527 0x07cc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
01:03:46.0568 0x07cc  Rasl2tp - ok
01:03:46.0596 0x07cc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
01:03:46.0644 0x07cc  RasMan - ok
01:03:46.0655 0x07cc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
01:03:46.0700 0x07cc  RasPppoe - ok
01:03:46.0718 0x07cc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
01:03:46.0760 0x07cc  RasSstp - ok
01:03:46.0786 0x07cc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
01:03:46.0833 0x07cc  rdbss - ok
01:03:46.0848 0x07cc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
01:03:46.0875 0x07cc  rdpbus - ok
01:03:46.0888 0x07cc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
01:03:46.0915 0x07cc  RDPCDD - ok
01:03:46.0927 0x07cc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
01:03:46.0969 0x07cc  RDPENCDD - ok
01:03:46.0990 0x07cc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
01:03:47.0017 0x07cc  RDPREFMP - ok
01:03:47.0049 0x07cc  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
01:03:47.0064 0x07cc  RDPWD - ok
01:03:47.0100 0x07cc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
01:03:47.0114 0x07cc  rdyboost - ok
01:03:47.0145 0x07cc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
01:03:47.0191 0x07cc  RemoteAccess - ok
01:03:47.0214 0x07cc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
01:03:47.0258 0x07cc  RemoteRegistry - ok
01:03:47.0276 0x07cc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
01:03:47.0316 0x07cc  RpcEptMapper - ok
01:03:47.0336 0x07cc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
01:03:47.0360 0x07cc  RpcLocator - ok
01:03:47.0415 0x07cc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
01:03:47.0454 0x07cc  RpcSs - ok
01:03:47.0479 0x07cc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
01:03:47.0524 0x07cc  rspndr - ok
01:03:47.0541 0x07cc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
01:03:47.0553 0x07cc  SamSs - ok
01:03:47.0583 0x07cc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
01:03:47.0594 0x07cc  sbp2port - ok
01:03:47.0619 0x07cc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
01:03:47.0653 0x07cc  SCardSvr - ok
01:03:47.0673 0x07cc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
01:03:47.0708 0x07cc  scfilter - ok
01:03:47.0754 0x07cc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
01:03:47.0828 0x07cc  Schedule - ok
01:03:47.0851 0x07cc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
01:03:47.0879 0x07cc  SCPolicySvc - ok
01:03:47.0901 0x07cc  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
01:03:47.0922 0x07cc  sdbus - ok
01:03:47.0953 0x07cc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
01:03:47.0981 0x07cc  SDRSVC - ok
01:03:47.0993 0x07cc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
01:03:48.0034 0x07cc  secdrv - ok
01:03:48.0047 0x07cc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
01:03:48.0093 0x07cc  seclogon - ok
01:03:48.0120 0x07cc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
01:03:48.0159 0x07cc  SENS - ok
01:03:48.0174 0x07cc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
01:03:48.0197 0x07cc  SensrSvc - ok
01:03:48.0212 0x07cc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
01:03:48.0238 0x07cc  Serenum - ok
01:03:48.0256 0x07cc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
01:03:48.0274 0x07cc  Serial - ok
01:03:48.0279 0x07cc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
01:03:48.0300 0x07cc  sermouse - ok
01:03:48.0339 0x07cc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
01:03:48.0385 0x07cc  SessionEnv - ok
01:03:48.0403 0x07cc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
01:03:48.0416 0x07cc  sffdisk - ok
01:03:48.0422 0x07cc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
01:03:48.0450 0x07cc  sffp_mmc - ok
01:03:48.0465 0x07cc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
01:03:48.0487 0x07cc  sffp_sd - ok
01:03:48.0492 0x07cc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
01:03:48.0513 0x07cc  sfloppy - ok
01:03:48.0541 0x07cc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:03:48.0588 0x07cc  ShellHWDetection - ok
01:03:48.0605 0x07cc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
01:03:48.0616 0x07cc  SiSRaid2 - ok
01:03:48.0621 0x07cc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
01:03:48.0632 0x07cc  SiSRaid4 - ok
01:03:48.0677 0x07cc  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
01:03:48.0692 0x07cc  SkypeUpdate - ok
01:03:48.0712 0x07cc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
01:03:48.0741 0x07cc  Smb - ok
01:03:48.0769 0x07cc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
01:03:48.0806 0x07cc  SNMPTRAP - ok
01:03:48.0835 0x07cc  [ 12583AF6CBE0050651EAF2723B3AD7B3, 965D4F981B54669A96C5AB02D09BF0A9850D13862425B8981F1A9271350F28BB ] speedfan        C:\Windows\syswow64\speedfan.sys
01:03:48.0847 0x07cc  speedfan - ok
01:03:48.0864 0x07cc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
01:03:48.0872 0x07cc  spldr - ok
01:03:48.0909 0x07cc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
01:03:48.0935 0x07cc  Spooler - ok
01:03:49.0059 0x07cc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
01:03:49.0198 0x07cc  sppsvc - ok
01:03:49.0222 0x07cc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
01:03:49.0256 0x07cc  sppuinotify - ok
01:03:49.0281 0x07cc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
01:03:49.0318 0x07cc  srv - ok
01:03:49.0353 0x07cc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
01:03:49.0389 0x07cc  srv2 - ok
01:03:49.0414 0x07cc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
01:03:49.0428 0x07cc  srvnet - ok
01:03:49.0472 0x07cc  [ 52D6F40B50ECFC051979FEC68E74F0F8, 9C8C65AC69BA5C9885CF2A4BD72B869754948377AA3FED2680E7BF8C5639F2A2 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
01:03:49.0485 0x07cc  ssadbus - ok
01:03:49.0517 0x07cc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
01:03:49.0567 0x07cc  SSDPSRV - ok
01:03:49.0584 0x07cc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
01:03:49.0616 0x07cc  SstpSvc - ok
01:03:49.0673 0x07cc  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
01:03:49.0686 0x07cc  ssudmdm - ok
01:03:49.0708 0x07cc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
01:03:49.0718 0x07cc  stexstor - ok
01:03:49.0757 0x07cc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
01:03:49.0804 0x07cc  stisvc - ok
01:03:49.0835 0x07cc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
01:03:49.0845 0x07cc  swenum - ok
01:03:49.0888 0x07cc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
01:03:49.0943 0x07cc  swprv - ok
01:03:50.0012 0x07cc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
01:03:50.0080 0x07cc  SysMain - ok
01:03:50.0111 0x07cc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:03:50.0140 0x07cc  TabletInputService - ok
01:03:50.0167 0x07cc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
01:03:50.0203 0x07cc  TapiSrv - ok
01:03:50.0220 0x07cc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
01:03:50.0258 0x07cc  TBS - ok
01:03:50.0344 0x07cc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
01:03:50.0395 0x07cc  Tcpip - ok
01:03:50.0441 0x07cc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
01:03:50.0486 0x07cc  TCPIP6 - ok
01:03:50.0525 0x07cc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
01:03:50.0537 0x07cc  tcpipreg - ok
01:03:50.0565 0x07cc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
01:03:50.0592 0x07cc  TDPIPE - ok
01:03:50.0617 0x07cc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
01:03:50.0627 0x07cc  TDTCP - ok
01:03:50.0651 0x07cc  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
01:03:50.0697 0x07cc  tdx - ok
01:03:50.0718 0x07cc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
01:03:50.0727 0x07cc  TermDD - ok
01:03:50.0773 0x07cc  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
01:03:50.0831 0x07cc  TermService - ok
01:03:50.0848 0x07cc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
01:03:50.0865 0x07cc  Themes - ok
01:03:50.0877 0x07cc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
01:03:50.0908 0x07cc  THREADORDER - ok
01:03:50.0928 0x07cc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
01:03:50.0978 0x07cc  TrkWks - ok
01:03:51.0022 0x07cc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:03:51.0065 0x07cc  TrustedInstaller - ok
01:03:51.0101 0x07cc  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
01:03:51.0133 0x07cc  tssecsrv - ok
01:03:51.0171 0x07cc  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
01:03:51.0196 0x07cc  TsUsbFlt - ok
01:03:51.0232 0x07cc  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
01:03:51.0272 0x07cc  TsUsbGD - ok
01:03:51.0303 0x07cc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
01:03:51.0356 0x07cc  tunnel - ok
01:03:51.0375 0x07cc  [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
01:03:51.0383 0x07cc  TurboB - ok
01:03:51.0428 0x07cc  [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
01:03:51.0440 0x07cc  TurboBoost - ok
01:03:51.0463 0x07cc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
01:03:51.0474 0x07cc  uagp35 - ok
01:03:51.0478 0x07cc  [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
01:03:51.0486 0x07cc  UBHelper - ok
01:03:51.0513 0x07cc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
01:03:51.0561 0x07cc  udfs - ok
01:03:51.0601 0x07cc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
01:03:51.0623 0x07cc  UI0Detect - ok
01:03:51.0639 0x07cc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
01:03:51.0651 0x07cc  uliagpkx - ok
01:03:51.0675 0x07cc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
01:03:51.0695 0x07cc  umbus - ok
01:03:51.0699 0x07cc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
01:03:51.0718 0x07cc  UmPass - ok
01:03:51.0848 0x07cc  [ A678E5DDD974903DD71F503BDCACA218, E8ECF79B78CF777066FF31847959A70773665ED2DAAF942B8A1C54BA56F330BA ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
01:03:51.0910 0x07cc  UNS - ok
01:03:51.0936 0x07cc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
01:03:51.0991 0x07cc  upnphost - ok
01:03:52.0027 0x07cc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
01:03:52.0048 0x07cc  usbccgp - ok
01:03:52.0077 0x07cc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
01:03:52.0098 0x07cc  usbcir - ok
01:03:52.0114 0x07cc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
01:03:52.0133 0x07cc  usbehci - ok
01:03:52.0166 0x07cc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
01:03:52.0202 0x07cc  usbhub - ok
01:03:52.0236 0x07cc  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
01:03:52.0248 0x07cc  usbohci - ok
01:03:52.0279 0x07cc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
01:03:52.0299 0x07cc  usbprint - ok
01:03:52.0350 0x07cc  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
01:03:52.0373 0x07cc  usbscan - ok
01:03:52.0399 0x07cc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:03:52.0420 0x07cc  USBSTOR - ok
01:03:52.0445 0x07cc  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
01:03:52.0471 0x07cc  usbuhci - ok
01:03:52.0512 0x07cc  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
01:03:52.0537 0x07cc  usbvideo - ok
01:03:52.0570 0x07cc  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
01:03:52.0595 0x07cc  usb_rndisx - ok
01:03:52.0621 0x07cc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
01:03:52.0663 0x07cc  UxSms - ok
01:03:52.0675 0x07cc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
01:03:52.0687 0x07cc  VaultSvc - ok
01:03:52.0717 0x07cc  [ FD911873C0BB6945FA38C16E9A2B58F9, EF8C833321449A6E8B671890F2EBC82ABC276B890D274AADDB626D763EE98964 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
01:03:52.0740 0x07cc  VClone - ok
01:03:52.0763 0x07cc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
01:03:52.0773 0x07cc  vdrvroot - ok
01:03:52.0814 0x07cc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
01:03:52.0863 0x07cc  vds - ok
01:03:52.0885 0x07cc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
01:03:52.0899 0x07cc  vga - ok
01:03:52.0912 0x07cc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
01:03:52.0949 0x07cc  VgaSave - ok
01:03:52.0971 0x07cc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
01:03:52.0985 0x07cc  vhdmp - ok
01:03:53.0017 0x07cc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
01:03:53.0027 0x07cc  viaide - ok
01:03:53.0043 0x07cc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
01:03:53.0053 0x07cc  volmgr - ok
01:03:53.0077 0x07cc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
01:03:53.0093 0x07cc  volmgrx - ok
01:03:53.0114 0x07cc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
01:03:53.0129 0x07cc  volsnap - ok
01:03:53.0163 0x07cc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
01:03:53.0175 0x07cc  vsmraid - ok
01:03:53.0242 0x07cc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
01:03:53.0326 0x07cc  VSS - ok
01:03:53.0348 0x07cc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
01:03:53.0371 0x07cc  vwifibus - ok
01:03:53.0392 0x07cc  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
01:03:53.0424 0x07cc  vwififlt - ok
01:03:53.0455 0x07cc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
01:03:53.0495 0x07cc  W32Time - ok
01:03:53.0518 0x07cc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
01:03:53.0539 0x07cc  WacomPen - ok
01:03:53.0554 0x07cc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
01:03:53.0596 0x07cc  WANARP - ok
01:03:53.0602 0x07cc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
01:03:53.0630 0x07cc  Wanarpv6 - ok
01:03:53.0689 0x07cc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
01:03:53.0752 0x07cc  wbengine - ok
01:03:53.0776 0x07cc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
01:03:53.0797 0x07cc  WbioSrvc - ok
01:03:53.0823 0x07cc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
01:03:53.0857 0x07cc  wcncsvc - ok
01:03:53.0893 0x07cc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:03:53.0918 0x07cc  WcsPlugInService - ok
01:03:53.0943 0x07cc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
01:03:53.0952 0x07cc  Wd - ok
01:03:54.0002 0x07cc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
01:03:54.0029 0x07cc  Wdf01000 - ok
01:03:54.0048 0x07cc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
01:03:54.0075 0x07cc  WdiServiceHost - ok
01:03:54.0081 0x07cc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
01:03:54.0099 0x07cc  WdiSystemHost - ok
01:03:54.0139 0x07cc  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
01:03:54.0161 0x07cc  WebClient - ok
01:03:54.0194 0x07cc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
01:03:54.0243 0x07cc  Wecsvc - ok
01:03:54.0263 0x07cc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
01:03:54.0296 0x07cc  wercplsupport - ok
01:03:54.0314 0x07cc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
01:03:54.0346 0x07cc  WerSvc - ok
01:03:54.0360 0x07cc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
01:03:54.0388 0x07cc  WfpLwf - ok
01:03:54.0407 0x07cc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
01:03:54.0416 0x07cc  WIMMount - ok
01:03:54.0445 0x07cc  WinHttpAutoProxySvc - ok
01:03:54.0485 0x07cc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
01:03:54.0517 0x07cc  Winmgmt - ok
01:03:54.0606 0x07cc  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
01:03:54.0694 0x07cc  WinRM - ok
01:03:54.0732 0x07cc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
01:03:54.0758 0x07cc  WinUsb - ok
01:03:54.0818 0x07cc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
01:03:54.0870 0x07cc  Wlansvc - ok
01:03:54.0910 0x07cc  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
01:03:54.0919 0x07cc  wlcrasvc - ok
01:03:55.0031 0x07cc  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:03:55.0091 0x07cc  wlidsvc - ok
01:03:55.0118 0x07cc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
01:03:55.0145 0x07cc  WmiAcpi - ok
01:03:55.0173 0x07cc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
01:03:55.0203 0x07cc  wmiApSrv - ok
01:03:55.0226 0x07cc  WMPNetworkSvc - ok
01:03:55.0259 0x07cc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
01:03:55.0276 0x07cc  WPCSvc - ok
01:03:55.0299 0x07cc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
01:03:55.0316 0x07cc  WPDBusEnum - ok
01:03:55.0351 0x07cc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
01:03:55.0393 0x07cc  ws2ifsl - ok
01:03:55.0398 0x07cc  WSearch - ok
01:03:55.0500 0x07cc  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
01:03:55.0566 0x07cc  wuauserv - ok
01:03:55.0596 0x07cc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
01:03:55.0620 0x07cc  WudfPf - ok
01:03:55.0639 0x07cc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
01:03:55.0665 0x07cc  WUDFRd - ok
01:03:55.0694 0x07cc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
01:03:55.0723 0x07cc  wudfsvc - ok
01:03:55.0758 0x07cc  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
01:03:55.0792 0x07cc  WwanSvc - ok
01:03:55.0833 0x07cc  X6va012 - ok
01:03:55.0852 0x07cc  X6va015 - ok
01:03:55.0893 0x07cc  [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
01:03:55.0902 0x07cc  xusb21 - ok
01:03:55.0934 0x07cc  ================ Scan global ===============================
01:03:55.0984 0x07cc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
01:03:56.0022 0x07cc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
01:03:56.0035 0x07cc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
01:03:56.0069 0x07cc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
01:03:56.0107 0x07cc  [ 2F46C1760C531EB2B181F9076E552E8A, C437A66DFD059F5123A3FC226FD1DE6D7A1BFCD7F110CFE8F36F4854D82DA929 ] C:\Windows\system32\services.exe
01:03:56.0116 0x07cc  [ Global ] - ok
01:03:56.0116 0x07cc  ================ Scan MBR ==================================
01:03:56.0140 0x07cc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:03:57.0116 0x07cc  \Device\Harddisk0\DR0 - ok
01:03:57.0116 0x07cc  ================ Scan VBR ==================================
01:03:57.0139 0x07cc  [ 80D8324591D13F1E5EDDAF73DA617825 ] \Device\Harddisk0\DR0\Partition1
01:03:57.0175 0x07cc  \Device\Harddisk0\DR0\Partition1 - ok
01:03:57.0187 0x07cc  [ 5E40EA54CBADB0E2D93DDEFACFB633EC ] \Device\Harddisk0\DR0\Partition2
01:03:57.0220 0x07cc  \Device\Harddisk0\DR0\Partition2 - ok
01:03:57.0220 0x07cc  ================ Scan generic autorun ======================
01:03:57.0260 0x07cc  [ BA9E8BF3E91C14DE99FDB1FA946D07AF, 9C3F5F52EE5B8D02B15EE18AA492FB110547A8DCDA3F8284A614F4E1A30F9BB1 ] C:\Windows\system32\igfxtray.exe
01:03:57.0275 0x07cc  IgfxTray - ok
01:03:57.0303 0x07cc  [ B20857C91A3E992A5AC93D8625C53CAE, ECB89856B267E2F4930CB7B404B51425C6375A47F864577C1A7B8B255278EC12 ] C:\Windows\system32\hkcmd.exe
01:03:57.0321 0x07cc  HotKeysCmds - ok
01:03:57.0359 0x07cc  [ 29E120E36791B2E620CC398847C28E12, 7C2904FEDD50F49447FD091D33BB3BFA5A2A684101ADB123BC2C08699320B912 ] C:\Windows\system32\igfxpers.exe
01:03:57.0376 0x07cc  Persistence - ok
01:03:57.0378 0x07cc  IntelTBRunOnce - ok
01:03:57.0378 0x07cc  ETDCtrl - ok
01:03:57.0816 0x07cc  [ 5DADA908E14051D65DB1991CB0B1F58D, DC02EDA032CEC2241F302995BF010B0376D5421A3E97583CB8A13A80993290B4 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
01:03:58.0065 0x07cc  RtHDVCpl - ok
01:03:58.0178 0x07cc  [ E897F9B62E611D59FDFAB82FC829B93A, E11E1A488D461105104E7FFD9F8219BDD231807FE33600233BEF11A432E138FD ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
01:03:58.0228 0x07cc  RtHDVBg_Dolby - ok
01:03:58.0354 0x07cc  [ F0474296AC4E0E6BDE733C1B8513E41A, 2E54894FC1B422F0C520D11166204926D3994A3440037D655C73D66D7118859C ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
01:03:58.0395 0x07cc  Power Management - ok
01:03:58.0474 0x07cc  [ 9843083FA1E4A655195DF4D7A687C576, 83BFC1F2C594C8BE2D775022ACDF2047A73DC7DE03E1207D90062EC7A3F38FEE ] c:\Program Files\Microsoft Device Center\itype.exe
01:03:58.0514 0x07cc  IntelliType Pro - ok
01:03:58.0585 0x07cc  [ 770FF1850E70B98777F5978FC8FD5D57, 98DF428740363EB61199798CBA88C9472C429AE97E05E1ACC7D920BF81D19BE3 ] c:\Program Files\Microsoft Device Center\ipoint.exe
01:03:58.0637 0x07cc  IntelliPoint - ok
01:03:58.0761 0x07cc  [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
01:03:58.0782 0x07cc  AdobeAAMUpdater-1.0 - ok
01:03:58.0906 0x07cc  [ 436A83E5555A8449B9BFBE1AAB314654, DE956310B2EF80B43399E63E309E659018879942EBBA5063B9A366C2314E8158 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
01:03:58.0959 0x07cc  NvBackend - ok
01:03:58.0978 0x07cc  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
01:03:59.0005 0x07cc  ShadowPlay - ok
01:03:59.0054 0x07cc  [ 0D360F06B168A6F37ACA9D9F958245DA, 0F37D510AE0A31503A359F65D5C04CD798B178A3A3E2601DFBAB6534B3C7C23C ] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
01:03:59.0066 0x07cc  BackupManagerTray - ok
01:03:59.0126 0x07cc  [ 9ABC4E3B00CFA3A47D5569F5B49FE42F, 5D33CCE770BC9BC3AFA544A21F100A7F1E5A36577FDB30884160AC4BFE6A1838 ] C:\Program Files (x86)\Launch Manager\LManager.exe
01:03:59.0154 0x07cc  LManager - ok
01:03:59.0206 0x07cc  [ E6CC0FA3C1040C791EB3F4BA6C789411, 095D5965FEE00ACB6D8713B2E2772A409A84F42D85383AEAF5FC3E2E393DC07D ] C:\Dolby PCEE4\pcee4.exe
01:03:59.0221 0x07cc  Dolby Advanced Audio v2 - ok
01:03:59.0263 0x07cc  [ D35187E38B0BD6E116C2CE582CAC4273, B3C652E0875D4354ACE6F475BC84B4BCA41A1AD8AF5FBE9DE9A9B66B7FCC2756 ] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
01:03:59.0276 0x07cc  SuiteTray - ok
01:03:59.0355 0x07cc  [ 4EA2353A8DE4F486F1DF9EBD1FCDD5AD, 5D6F48DDD8B0C859A4D92B53B184AEF17531486C70E5D1C38FE92724BCACE911 ] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
01:03:59.0366 0x07cc  ArcadeMovieService - ok
01:03:59.0456 0x07cc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:03:59.0497 0x07cc  Sidebar - ok
01:03:59.0526 0x07cc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:03:59.0551 0x07cc  mctadmin - ok
01:03:59.0553 0x07cc  IsMyWinLockerReboot - ok
01:03:59.0581 0x07cc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:03:59.0617 0x07cc  Sidebar - ok
01:03:59.0622 0x07cc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:03:59.0639 0x07cc  mctadmin - ok
01:03:59.0641 0x07cc  IsMyWinLockerReboot - ok
01:03:59.0669 0x07cc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:03:59.0705 0x07cc  Sidebar - ok
01:03:59.0710 0x07cc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:03:59.0727 0x07cc  mctadmin - ok
01:03:59.0729 0x07cc  IsMyWinLockerReboot - ok
01:03:59.0773 0x07cc  [ 7DFCCC67990B6DE7F30F553A4E4612A4, 9FF98D6FD2539CEFC9F42103A7F72388BED6EE590400559B92BC7430228DA36A ] C:\Program Files (x86)\RocketDock\RocketDock.exe
01:03:59.0801 0x07cc  RocketDock - detected UnsignedFile.Multi.Generic ( 1 )
01:04:09.0852 0x07cc  RocketDock ( UnsignedFile.Multi.Generic ) - warning
01:04:14.0602 0x07cc  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
01:04:14.0668 0x07cc  Sidebar - ok
01:04:14.0770 0x07cc  [ DF552350CDC2AA39C01CE40612DF82A8, 17B90AFC0837712EBC781FAC912B288125A900370B09B32320EB874704CACCE2 ] C:\Program Files (x86)\Samsung\Kies\Kies.exe
01:04:14.0806 0x07cc  KiesPreload - ok
01:04:14.0808 0x07cc  Waiting for KSN requests completion. In queue: 2
01:04:15.0808 0x07cc  Waiting for KSN requests completion. In queue: 2
01:04:16.0808 0x07cc  Waiting for KSN requests completion. In queue: 2
01:04:17.0823 0x07cc  AV detected via SS2: Kaspersky PURE, C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\wmiav.exe (  ), 0x41000 ( enabled : updated )
01:04:17.0824 0x07cc  FW detected via SS2: Kaspersky PURE, C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\wmifw.exe (  ), 0x41010 ( enabled )
01:04:20.0496 0x07cc  ============================================================
01:04:20.0496 0x07cc  Scan finished
01:04:20.0496 0x07cc  ============================================================
01:04:20.0502 0x12e4  Detected object count: 1
01:04:20.0502 0x12e4  Actual detected object count: 1
01:05:21.0513 0x12e4  RocketDock ( UnsignedFile.Multi.Generic ) - skipped by user
01:05:21.0513 0x12e4  RocketDock ( UnsignedFile.Multi.Generic ) - User select action: Skip 
01:05:27.0058 0x0cdc  Deinitialize success
         


Alt 14.07.2014, 17:48   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Pricechopper Chrome erweiterung entfernen! - Standard

Pricechopper Chrome erweiterung entfernen!



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> Pricechopper Chrome erweiterung entfernen!

Alt 14.07.2014, 18:54   #7
HRMN092
 
Pricechopper Chrome erweiterung entfernen! - Standard

Pricechopper Chrome erweiterung entfernen!



Ich Glaube es ist weg, es taucht zumindest NICHT im Chrome auf.
Danke. Kann ich das vllt noch irgendwie checken?!

Code:
ATTFilter
ComboFix 14-07-14.01 - HRMN 14.07.2014  19:30:29.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8044.6018 [GMT 2:00]
ausgeführt von:: c:\users\HRMN\Downloads\ComboFix.exe
AV: Kaspersky PURE *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky PURE *Enabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky PURE *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\HRMN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\HRMN\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\background.html
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\content.js
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\lsdb.js
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\manifest.json
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdchjbjmpdajgbmlmckclklbdeiimkaa\3.9\sIJJVWbP7.js
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\background.html
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\content.js
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\lsdb.js
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\manifest.json
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\180\wn4DF.js
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ghikpiaflmacdkmbocpbdgjhigiclfli_0.localstorage-journal
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ghikpiaflmacdkmbocpbdgjhigiclfli_0.localstorage
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lackfehpdclhclidcbbfcemcpolgdgnb_0.localstorage-journal
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lackfehpdclhclidcbbfcemcpolgdgnb_0.localstorage
c:\users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\windows\IsUn0407.exe
.
Infizierte Kopie von c:\windows\system32\Services.exe wurde gefunden und desinfiziert 
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe wurde wiederhergestellt 
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-06-14 bis 2014-07-14  ))))))))))))))))))))))))))))))
.
.
2014-07-12 17:12 . 2014-07-12 17:12	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-07-12 16:52 . 2014-07-12 16:52	110080	----a-r-	c:\users\HRMN\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\IconD7F16134.exe
2014-07-12 16:52 . 2014-07-12 16:52	110080	----a-r-	c:\users\HRMN\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\Icon1226A4C5.exe
2014-07-12 16:52 . 2014-07-12 16:52	110080	----a-r-	c:\users\HRMN\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\IconF7A21AF7.exe
2014-07-12 16:50 . 2014-07-12 16:52	--------	d-----w-	c:\windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-12 16:50 . 2014-07-12 16:50	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2014-07-12 15:55 . 2014-07-12 15:55	--------	d-----w-	c:\users\HRMN\AppData\Roaming\NVIDIA
2014-07-12 15:35 . 2014-07-12 15:35	--------	d-----w-	c:\windows\SysWow64\NV
2014-07-12 15:35 . 2014-07-12 15:35	--------	d-----w-	c:\windows\system32\NV
2014-07-12 15:35 . 2014-07-12 15:35	--------	d-----w-	c:\programdata\NVIDIA
2014-07-12 15:34 . 2014-06-13 02:11	6783960	----a-w-	c:\windows\system32\nvcpl.dll
2014-07-12 15:34 . 2014-06-13 02:11	3523360	----a-w-	c:\windows\system32\nvsvc64.dll
2014-07-12 15:34 . 2014-06-13 02:11	933208	----a-w-	c:\windows\system32\nvvsvc.exe
2014-07-12 15:34 . 2014-06-13 02:11	67072	----a-w-	c:\windows\system32\nv3dappshextr.dll
2014-07-12 15:34 . 2014-06-13 02:11	62808	----a-w-	c:\windows\system32\nvshext.dll
2014-07-12 15:34 . 2014-06-13 02:11	387528	----a-w-	c:\windows\system32\nvmctray.dll
2014-07-12 15:34 . 2014-06-13 02:11	2560968	----a-w-	c:\windows\system32\nvsvcr.dll
2014-07-12 15:34 . 2014-06-13 02:11	1083736	----a-w-	c:\windows\system32\nv3dappshext.dll
2014-07-12 15:34 . 2014-06-06 17:40	3802247	----a-w-	c:\windows\system32\nvcoproc.bin
2014-07-12 15:33 . 2014-06-13 02:48	75040	----a-w-	c:\windows\system32\OpenCL.dll
2014-07-12 15:33 . 2014-06-13 02:48	62920	----a-w-	c:\windows\SysWow64\OpenCL.dll
2014-07-12 15:04 . 2014-07-12 15:49	--------	d-----w-	c:\programdata\pReIIcEChop
2014-07-12 15:04 . 2014-07-12 15:04	--------	d-----w-	c:\program files (x86)\pReIIcEChop
2014-07-12 15:03 . 2014-07-12 15:48	--------	d-----w-	c:\programdata\e7e16098dd3a039c
2014-07-12 15:03 . 2014-07-12 15:03	--------	d-----w-	c:\users\HRMN\AppData\Local\Comodo
2014-07-12 15:03 . 2014-07-12 15:03	--------	d-----w-	c:\users\HomeGroupUser$
2014-07-12 15:03 . 2014-07-12 15:03	--------	d-----w-	c:\users\Gast
2014-07-12 15:03 . 2014-07-12 15:03	--------	d-----w-	c:\users\Administrator
2014-07-12 15:03 . 2014-07-12 15:03	--------	d-----w-	c:\programdata\InstallMate
2014-07-12 12:58 . 2014-06-05 14:45	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-07-12 12:58 . 2014-06-05 14:26	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-07-12 12:58 . 2014-06-05 14:25	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2014-07-06 11:19 . 2014-07-06 11:19	--------	d-----w-	c:\program files (x86)\Renesas Electronics
2014-07-06 11:17 . 2014-07-06 11:17	--------	d-----w-	C:\Intel
2014-07-03 21:07 . 2014-07-03 21:07	--------	d-----w-	c:\program files (x86)\Common Files\Java
2014-07-03 21:06 . 2014-07-03 21:06	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-02 20:07 . 2014-07-02 21:14	--------	d-----w-	c:\users\HRMN\AppData\Roaming\TeamViewer
2014-07-02 20:02 . 2014-07-02 20:02	--------	d-----w-	c:\program files (x86)\ESET
2014-07-02 19:33 . 2014-07-12 19:22	--------	d-----w-	C:\FRST
2014-07-02 19:11 . 2014-07-12 17:34	122584	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-02 19:11 . 2014-05-12 05:26	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-07-02 19:11 . 2014-05-12 05:26	91352	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-07-02 19:11 . 2014-05-12 05:25	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-07-02 19:11 . 2014-07-02 19:11	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2014-07-02 19:11 . 2014-07-02 19:11	--------	d-----w-	c:\programdata\Malwarebytes
2014-07-02 19:01 . 2014-07-02 19:01	--------	d-----w-	c:\windows\ERUNT
2014-07-02 18:57 . 2010-08-30 06:34	536576	----a-w-	c:\windows\SysWow64\sqlite3.dll
2014-07-02 16:21 . 2014-07-02 16:23	--------	d-----w-	c:\users\HRMN\AppData\Roaming\ICQ-Profile
2014-07-02 16:21 . 2014-07-02 16:21	--------	d-----w-	c:\users\HRMN\AppData\Roaming\ICQM
2014-06-30 16:49 . 2014-06-30 16:49	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2014-06-27 17:38 . 2014-06-27 17:38	43152	----a-w-	c:\windows\avastSS.scr
2014-06-19 17:55 . 2014-06-27 17:38	29208	----a-w-	c:\windows\system32\drivers\aswHwid.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-13 22:23 . 2012-06-07 22:20	96441528	----a-w-	c:\windows\system32\MRT.exe
2014-07-05 19:10 . 2013-07-27 13:20	427360	----a-w-	c:\windows\system32\drivers\aswsp.sys
2014-06-27 17:38 . 2014-03-15 11:27	92008	----a-w-	c:\windows\system32\drivers\aswstm.sys
2014-06-27 17:38 . 2013-07-27 13:20	224896	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2014-06-27 17:38 . 2013-07-27 13:20	1041168	----a-w-	c:\windows\system32\drivers\aswsnx.sys
2014-06-27 17:38 . 2013-07-27 13:20	65776	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2014-06-27 17:38 . 2013-07-27 13:20	93568	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2014-06-27 17:38 . 2013-07-27 13:19	79184	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2014-06-27 17:38 . 2013-07-27 13:19	307344	----a-w-	c:\windows\system32\aswBoot.exe
2014-06-12 20:54 . 2014-01-09 22:40	699056	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-12 20:54 . 2011-10-14 03:49	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-29 23:07 . 2014-06-02 16:47	1291232	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2014-05-29 23:07 . 2014-05-23 21:09	1122312	----a-w-	c:\windows\SysWow64\nvspcap.dll
2014-05-29 23:07 . 2014-06-02 16:47	1715176	----a-w-	c:\windows\system32\nvspbridge64.dll
2014-05-29 23:07 . 2014-05-23 21:09	1279480	----a-w-	c:\windows\system32\nvspcap64.dll
2014-05-17 18:59 . 2014-05-17 19:00	108968	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2014-05-17 18:59 . 2014-05-17 19:00	313256	----a-w-	c:\windows\system32\javaws.exe
2014-05-17 18:59 . 2014-05-17 19:00	189352	----a-w-	c:\windows\system32\javaw.exe
2014-05-17 18:59 . 2014-05-17 19:00	189352	----a-w-	c:\windows\system32\java.exe
2014-04-25 02:34 . 2014-06-11 17:25	801280	----a-w-	c:\windows\system32\usp10.dll
2014-04-25 02:06 . 2014-06-11 17:25	626688	----a-w-	c:\windows\SysWow64\usp10.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-12-11 1564528]
"icq"="c:\users\HRMN\AppData\Roaming\ICQM\icq.exe" [2014-07-02 34848264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-24 297280]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-07-01 1103440]
"Dolby Advanced Audio v2"="c:\dolby pcee4\pcee4.exe" [2011-06-01 506712]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-09-20 341360]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2012-04-26 179272]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-12-11 311152]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2014-03-21 2691480]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-27 4086432]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"Norton Online Backup"=c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]
R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;c:\windows\system32\libusbd-nt.exe;c:\windows\SYSNATIVE\libusbd-nt.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
R3 dc3d;Microsoft-Hardware – Geräteerkennungstreiber;c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 hipeer20;Remobo Instant Private Network;c:\windows\system32\DRIVERS\remobo64.sys;c:\windows\SYSNATIVE\DRIVERS\remobo64.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys;c:\windows\SYSNATIVE\drivers\libusb0.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R3 X6va015;X6va015;c:\windows\SysWOW64\Drivers\X6va015;c:\windows\SysWOW64\Drivers\X6va015 [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ALSysIO;ALSysIO;c:\users\HRMN\AppData\Local\Temp\ALSysIO64.sys;c:\users\HRMN\AppData\Local\Temp\ALSysIO64.sys [x]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - ALSYSIO
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-09 20:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-03-20 09:24	667808	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-03-20 09:24	667808	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-03-20 09:24	667808	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-06-27 17:38	634872	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-21 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-21 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-21 416024]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-16 12673128]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-16 2277480]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-08-02 1831016]
"IntelliType Pro"="c:\program files\Microsoft Device Center\itype.exe" [2012-06-26 1464928]
"IntelliPoint"="c:\program files\Microsoft Device Center\ipoint.exe" [2012-06-26 2004584]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-05-29 2352072]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-05-29 1279480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.0.1 192.168.0.2
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-ESI Prüfwerte - c:\windows\IsUn0407.exe
AddRemove-{1B41F45E-4BFA-AC68-ACE3-0E3C306BE41F} - c:\progra~3\INSTAL~1\{EBF76~1\Setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va015]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va015"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_125_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_125_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_125_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_125_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Launch Manager\LMworker.exe
c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
c:\program files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-07-14  19:48:56 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-07-14 17:48
.
Vor Suchlauf: 15 Verzeichnis(se), 697.580.093.440 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 698.035.671.040 Bytes frei
.
- - End Of File - - 01E217FAD4EB245464C672934A1E4A7C
         

Alt 15.07.2014, 19:13   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Pricechopper Chrome erweiterung entfernen! - Standard

Pricechopper Chrome erweiterung entfernen!



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.07.2014, 21:55   #9
HRMN092
 
Pricechopper Chrome erweiterung entfernen! - Standard

Pricechopper Chrome erweiterung entfernen!



Hi, hier die Logfiles.
MBAM Log
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 15.07.2014
Suchlauf-Zeit: 21:34:25
Logdatei: MBAM.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.07.15.12
Rootkit Datenbank: v2014.07.14.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: HRMN

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 379558
Verstrichene Zeit: 12 Min, 18 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
         
ADWCleaner Log
Code:
ATTFilter
# AdwCleaner v3.215 - Bericht erstellt am 15/07/2014 um 22:32:50
# Aktualisiert 09/07/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : HRMN - HRMN-PC
# Gestartet von : C:\Users\HRMN\Downloads\adwcleaner_3.215.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Mozilla Firefox v

-\\ Google Chrome v

[ Datei : C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [9973 octets] - [26/08/2013 21:18:14]
AdwCleaner[R1].txt - [11531 octets] - [02/07/2014 20:56:51]
AdwCleaner[R2].txt - [1908 octets] - [12/07/2014 17:40:15]
AdwCleaner[R3].txt - [1179 octets] - [12/07/2014 19:06:43]
AdwCleaner[R4].txt - [1295 octets] - [12/07/2014 19:30:27]
AdwCleaner[R5].txt - [1415 octets] - [15/07/2014 22:29:50]
AdwCleaner[S0].txt - [9711 octets] - [26/08/2013 21:18:43]
AdwCleaner[S1].txt - [10792 octets] - [02/07/2014 20:57:46]
AdwCleaner[S2].txt - [1902 octets] - [12/07/2014 17:42:04]
AdwCleaner[S3].txt - [1241 octets] - [12/07/2014 19:07:56]
AdwCleaner[S4].txt - [1357 octets] - [12/07/2014 19:31:19]
AdwCleaner[S5].txt - [1337 octets] - [15/07/2014 22:32:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1397 octets] ##########
         
JRT Log
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by HRMN on 15.07.2014 at 22:37:34,61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.07.2014 at 22:48:06,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST Log

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01
Ran by HRMN (administrator) on HRMN-PC on 15-07-2014 22:52:15
Running from C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Users\HRMN\Downloads\Core Temp.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [179272 2012-04-26] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-27] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [icq] => C:\Users\HRMN\AppData\Roaming\ICQM\icq.exe [34848264 2014-07-02] (ICQ)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-06-13] (NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-06-13] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [146480 2014-06-13] (NVIDIA Corporation)
AppInit_DLLs-x32:  C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-06-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\HRMN\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\HRMN\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-08-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-07-27]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Docs) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-14]
CHR Extension: (Google Drive) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-26]
CHR Extension: (YouTube) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-26]
CHR Extension: (Adblock Plus) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-14]
CHR Extension: (Google-Suche) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-26]
CHR Extension: (avast! Ad Blocker) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2013-08-26]
CHR Extension: (avast! Online Security) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-14]
CHR Extension: (Google Wallet) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Google Mail) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx [2013-07-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-27]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-27] (AVAST Software)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-17] (WildTangent)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5132656 2013-11-25] (INCA Internet Co., Ltd.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2014-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-27] ()
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 hipeer20; C:\Windows\System32\DRIVERS\remobo64.sys [30720 2010-08-01] (Windows (R) Codename Longhorn DDK provider)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 ALSysIO; \??\C:\Users\HRMN\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-15 22:48 - 2014-07-15 22:48 - 00000624 _____ () C:\Users\HRMN\Desktop\JRT.txt
2014-07-15 22:32 - 2014-07-15 22:50 - 00003392 _____ () C:\Users\HRMN\Desktop\Virenboard.txt
2014-07-15 22:28 - 2014-07-15 22:28 - 00001158 _____ () C:\MBAM.txt
2014-07-14 19:48 - 2014-07-14 19:48 - 00050223 _____ () C:\ComboFix.txt
2014-07-14 19:28 - 2014-07-14 19:49 - 00000000 ____D () C:\Qoobox
2014-07-14 19:28 - 2014-07-14 19:49 - 00000000 ____D () C:\ComboFix
2014-07-14 19:28 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-14 19:28 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-14 19:28 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-14 19:28 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-14 19:28 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-14 19:28 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-14 19:28 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-14 19:28 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-14 19:27 - 2014-07-14 19:47 - 00000000 ____D () C:\Windows\erdnt
2014-07-14 00:15 - 2014-07-14 00:15 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\HRMN\Downloads\tdsskiller.exe
2014-07-12 21:20 - 2014-07-12 21:21 - 02084864 _____ (Farbar) C:\Users\HRMN\Downloads\FRST64.exe
2014-07-12 20:27 - 2014-07-12 20:27 - 00369758 _____ () C:\Users\HRMN\Downloads\Mineshafter-launcher.jar
2014-07-12 19:20 - 2014-07-12 19:21 - 01285120 _____ () C:\Users\HRMN\Downloads\zoek.exe
2014-07-12 19:19 - 2014-07-14 19:27 - 05219590 ____R (Swearware) C:\Users\HRMN\Downloads\ComboFix.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\HRMN\Downloads\revosetup95.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 00001272 _____ () C:\Users\HRMN\Desktop\Revo Uninstaller.lnk
2014-07-12 19:12 - 2014-07-12 19:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-12 19:06 - 2014-07-12 19:06 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215 (1).exe
2014-07-12 19:03 - 2014-07-12 19:05 - 00464381 ____N () C:\Users\HRMN\Downloads\SpyHunterKiller.exe
2014-07-12 18:53 - 2014-07-12 18:53 - 00000000 _____ () C:\autoexec.bat
2014-07-12 18:50 - 2014-07-12 18:52 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-12 17:55 - 2014-07-12 17:55 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\NVIDIA
2014-07-12 17:39 - 2014-07-12 17:39 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215.exe
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\system32\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-12 17:34 - 2014-06-13 04:11 - 06783960 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 03523360 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 01083736 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 00933208 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-07-12 17:34 - 2014-06-13 04:11 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 00067072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-07-12 17:34 - 2014-06-06 19:40 - 03802247 _____ () C:\Windows\system32\nvcoproc.bin
2014-07-12 17:33 - 2014-06-13 04:48 - 00075040 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-07-12 17:33 - 2014-06-13 04:48 - 00062920 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-07-12 17:20 - 2014-06-13 04:59 - 01890264 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434043.dll
2014-07-12 17:20 - 2014-06-13 04:59 - 01542088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434043.dll
2014-07-12 17:20 - 2014-06-13 04:59 - 00026353 _____ () C:\Windows\system32\nvinfo.pb
2014-07-12 17:20 - 2014-06-13 04:48 - 13911928 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 13824408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 11272544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 11211224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 04248520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 03989464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00946120 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00909256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00902616 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00869336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 31512352 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 24198616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 18625768 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 17553032 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 14497528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 12860888 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-07-12 17:20 - 2014-06-13 04:47 - 00033736 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-07-12 17:20 - 2014-06-13 04:46 - 22994392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 02814120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00965312 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-07-12 17:20 - 2014-06-13 04:45 - 03196304 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-07-12 17:04 - 2014-07-12 17:49 - 00000000 ____D () C:\ProgramData\pReIIcEChop
2014-07-12 17:03 - 2014-07-14 19:41 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-12 17:03 - 2014-07-12 17:48 - 00000000 ____D () C:\ProgramData\e7e16098dd3a039c
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\ProgramData\InstallMate
2014-07-12 15:58 - 2014-07-12 15:58 - 00067727 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-DOF.zip
2014-07-12 15:53 - 2014-07-12 15:53 - 00067725 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-Motion-Blur.zip
2014-07-12 14:59 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-12 14:59 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-12 14:59 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-12 14:59 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-12 14:59 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-12 14:59 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-12 14:59 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-12 14:59 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-12 14:59 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-12 14:59 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-12 14:59 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-12 14:59 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-12 14:59 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-12 14:59 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-12 14:59 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-12 14:59 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-12 14:59 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-12 14:59 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-12 14:59 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-12 14:59 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-12 14:59 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-12 14:59 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-12 14:59 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-12 14:59 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-12 14:59 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-12 14:59 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-12 14:59 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-12 14:59 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-12 14:59 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-12 14:59 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-12 14:59 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-12 14:59 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-12 14:59 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-12 14:59 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-12 14:59 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-12 14:59 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-12 14:59 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-12 14:59 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-12 14:59 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-12 14:59 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-12 14:59 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-12 14:59 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-12 14:59 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-12 14:59 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-12 14:59 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-12 14:59 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-12 14:59 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-12 14:59 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-12 14:59 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-12 14:59 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-12 14:59 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-12 14:59 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-12 14:59 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-12 14:59 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-12 14:59 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-12 14:59 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-12 14:59 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-12 14:59 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-12 14:59 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-12 14:59 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-12 14:59 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-12 14:59 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-12 14:59 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-12 14:59 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-12 14:58 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-12 14:58 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-12 14:58 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-06 18:02 - 2014-07-06 18:02 - 00003462 _____ () C:\Users\HRMN\Desktop\bewerbung fh .txt
2014-07-06 13:31 - 2014-07-06 13:31 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A (1).zip
2014-07-06 13:31 - 2014-07-06 13:31 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1) (1).bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116.bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1).bin
2014-07-06 13:27 - 2014-07-06 13:27 - 05592309 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 05591937 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A
2014-07-06 13:22 - 2014-07-06 13:22 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A
2014-07-06 13:19 - 2014-07-06 13:19 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A.zip
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Intel
2014-07-06 13:16 - 2014-07-06 13:16 - 07077595 _____ () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A.zip
2014-07-06 13:16 - 2014-07-06 13:16 - 04059518 _____ () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A.zip
2014-07-03 23:06 - 2014-07-03 23:06 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-02 23:58 - 2014-07-02 23:58 - 00854367 _____ () C:\Users\HRMN\Downloads\SecurityCheck.exe
2014-07-02 22:07 - 2014-07-02 23:14 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\TeamViewer
2014-07-02 22:07 - 2014-07-02 22:07 - 06253160 _____ (TeamViewer GmbH) C:\Users\HRMN\Downloads\TeamViewer_Setup_de-ckc.exe
2014-07-02 22:02 - 2014-07-02 22:02 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-02 21:37 - 2014-07-02 21:45 - 00009442 _____ () C:\Users\HRMN\Downloads\SystemLook.txt
2014-07-02 21:36 - 2014-07-02 21:36 - 00165376 _____ () C:\Users\HRMN\Downloads\SystemLook_x64.exe
2014-07-02 21:34 - 2014-07-02 21:36 - 00045912 _____ () C:\Users\HRMN\Downloads\Addition.txt
2014-07-02 21:33 - 2014-07-15 22:52 - 00000000 ____D () C:\FRST
2014-07-02 21:33 - 2014-07-02 21:36 - 00048799 _____ () C:\Users\HRMN\Downloads\FRST.txt
2014-07-02 21:11 - 2014-07-15 21:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 21:11 - 2014-07-02 21:11 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-02 21:11 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-02 21:11 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-02 21:11 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-02 21:01 - 2014-07-02 21:01 - 00000000 ____D () C:\Windows\ERUNT
2014-07-02 20:59 - 2014-07-15 22:34 - 00003864 _____ () C:\Windows\setupact.log
2014-07-02 20:59 - 2014-07-02 20:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-02 20:58 - 2014-07-15 22:33 - 00005426 _____ () C:\Windows\PFRO.log
2014-07-02 20:58 - 2014-07-14 00:31 - 00459168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-02 20:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-02 20:54 - 2014-07-15 22:52 - 00000000 ____D () C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
2014-07-02 20:44 - 2014-07-02 20:44 - 00102738 _____ () C:\Users\HRMN\Documents\2014_07_02.reg
2014-07-02 20:44 - 2014-07-02 20:44 - 00003924 _____ () C:\Users\HRMN\Documents\2014_07_03.reg
2014-07-02 18:21 - 2014-07-02 18:23 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQ-Profile
2014-07-02 18:21 - 2014-07-02 18:21 - 00001802 _____ () C:\Users\HRMN\Desktop\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00001660 _____ () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQM
2014-06-27 19:38 - 2014-06-27 19:38 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-19 19:55 - 2014-06-27 19:38 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-18 16:13 - 2014-06-18 16:13 - 00000000 ____D () C:\Users\HRMN\Documents\eq_presets
2014-06-18 16:12 - 2014-06-18 16:12 - 00003526 _____ () C:\Users\HRMN\Downloads\eq_presets.zip
2014-06-15 19:46 - 2014-06-15 19:46 - 00013870 _____ () C:\Users\HRMN\Documents\Kündigung_Rikarda.odt

==================== One Month Modified Files and Folders =======

2014-07-15 22:52 - 2014-07-02 21:33 - 00000000 ____D () C:\FRST
2014-07-15 22:52 - 2014-07-02 20:54 - 00000000 ____D () C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
2014-07-15 22:50 - 2014-07-15 22:32 - 00003392 _____ () C:\Users\HRMN\Desktop\Virenboard.txt
2014-07-15 22:48 - 2014-07-15 22:48 - 00000624 _____ () C:\Users\HRMN\Desktop\JRT.txt
2014-07-15 22:43 - 2012-09-23 10:57 - 01570867 _____ () C:\Windows\WindowsUpdate.log
2014-07-15 22:41 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-15 22:41 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-15 22:35 - 2012-06-07 19:39 - 00000000 ____D () C:\ProgramData\clear.fi
2014-07-15 22:35 - 2012-06-07 11:40 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Adobe
2014-07-15 22:34 - 2014-07-02 20:59 - 00003864 _____ () C:\Windows\setupact.log
2014-07-15 22:33 - 2014-07-02 20:58 - 00005426 _____ () C:\Windows\PFRO.log
2014-07-15 22:33 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-15 22:32 - 2013-08-26 21:17 - 00000000 ____D () C:\AdwCleaner
2014-07-15 22:28 - 2014-07-15 22:28 - 00001158 _____ () C:\MBAM.txt
2014-07-15 22:06 - 2014-06-12 22:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-15 21:34 - 2014-07-02 21:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-15 21:19 - 2013-07-27 15:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-14 20:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-14 19:49 - 2014-07-14 19:28 - 00000000 ____D () C:\Qoobox
2014-07-14 19:49 - 2014-07-14 19:28 - 00000000 ____D () C:\ComboFix
2014-07-14 19:49 - 2013-02-18 22:43 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Apps\2.0
2014-07-14 19:49 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-07-14 19:48 - 2014-07-14 19:48 - 00050223 _____ () C:\ComboFix.txt
2014-07-14 19:47 - 2014-07-14 19:27 - 00000000 ____D () C:\Windows\erdnt
2014-07-14 19:42 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-14 19:41 - 2014-07-12 17:03 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-14 19:27 - 2014-07-12 19:19 - 05219590 ____R (Swearware) C:\Users\HRMN\Downloads\ComboFix.exe
2014-07-14 01:30 - 2012-11-07 20:30 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\vlc
2014-07-14 00:31 - 2014-07-02 20:58 - 00459168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-14 00:29 - 2014-05-10 14:41 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-14 00:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-14 00:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-14 00:28 - 2012-09-24 17:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-14 00:26 - 2013-09-19 06:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-14 00:23 - 2012-06-08 00:20 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-14 00:15 - 2014-07-14 00:15 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\HRMN\Downloads\tdsskiller.exe
2014-07-12 21:21 - 2014-07-12 21:20 - 02084864 _____ (Farbar) C:\Users\HRMN\Downloads\FRST64.exe
2014-07-12 20:41 - 2012-06-07 01:25 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\.minecraft
2014-07-12 20:27 - 2014-07-12 20:27 - 00369758 _____ () C:\Users\HRMN\Downloads\Mineshafter-launcher.jar
2014-07-12 20:23 - 2012-12-07 18:10 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Skype
2014-07-12 19:21 - 2014-07-12 19:20 - 01285120 _____ () C:\Users\HRMN\Downloads\zoek.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\HRMN\Downloads\revosetup95.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 00001272 _____ () C:\Users\HRMN\Desktop\Revo Uninstaller.lnk
2014-07-12 19:12 - 2014-07-12 19:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-12 19:06 - 2014-07-12 19:06 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215 (1).exe
2014-07-12 19:05 - 2014-07-12 19:03 - 00464381 ____N () C:\Users\HRMN\Downloads\SpyHunterKiller.exe
2014-07-12 18:53 - 2014-07-12 18:53 - 00000000 _____ () C:\autoexec.bat
2014-07-12 18:52 - 2014-07-12 18:50 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-12 18:15 - 2011-12-03 12:08 - 00703230 _____ () C:\Windows\system32\perfh007.dat
2014-07-12 18:15 - 2011-12-03 12:08 - 00150838 _____ () C:\Windows\system32\perfc007.dat
2014-07-12 18:15 - 2009-07-14 07:13 - 01629508 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-12 18:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-07-12 18:03 - 2012-08-22 20:27 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\foobar2000
2014-07-12 17:55 - 2014-07-12 17:55 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\NVIDIA
2014-07-12 17:49 - 2014-07-12 17:04 - 00000000 ____D () C:\ProgramData\pReIIcEChop
2014-07-12 17:48 - 2014-07-12 17:03 - 00000000 ____D () C:\ProgramData\e7e16098dd3a039c
2014-07-12 17:39 - 2014-07-12 17:39 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215.exe
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\system32\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-12 17:34 - 2011-12-03 03:20 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-12 17:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-07-12 17:33 - 2011-12-03 03:20 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-07-12 17:33 - 2011-12-03 03:20 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\ProgramData\InstallMate
2014-07-12 17:03 - 2012-06-06 20:13 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Google
2014-07-12 17:03 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-12 17:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-12 16:02 - 2012-12-07 20:10 - 00000000 ____D () C:\Users\HRMN\Desktop\Mincraft sachen
2014-07-12 15:58 - 2014-07-12 15:58 - 00067727 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-DOF.zip
2014-07-12 15:53 - 2014-07-12 15:53 - 00067725 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-Motion-Blur.zip
2014-07-08 18:23 - 2014-05-23 22:01 - 00000000 ____D () C:\Program Files (x86)\CABAL Online (NA - Global)
2014-07-06 18:02 - 2014-07-06 18:02 - 00003462 _____ () C:\Users\HRMN\Desktop\bewerbung fh .txt
2014-07-06 16:42 - 2013-09-08 21:58 - 00118872 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-07-06 13:31 - 2014-07-06 13:31 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A (1).zip
2014-07-06 13:31 - 2014-07-06 13:31 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1) (1).bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116.bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1).bin
2014-07-06 13:27 - 2014-07-06 13:27 - 05592309 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 05591937 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A
2014-07-06 13:22 - 2014-07-06 13:22 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A
2014-07-06 13:19 - 2014-07-06 13:19 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A.zip
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-07-06 13:19 - 2011-10-14 05:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Intel
2014-07-06 13:16 - 2014-07-06 13:16 - 07077595 _____ () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A.zip
2014-07-06 13:16 - 2014-07-06 13:16 - 04059518 _____ () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A.zip
2014-07-05 21:10 - 2013-07-27 15:20 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-03 23:06 - 2014-07-03 23:06 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-03 23:06 - 2013-09-02 20:45 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-03 00:33 - 2013-07-26 21:21 - 00000000 ____D () C:\Users\HRMN\Desktop\X-GamingdotWS
2014-07-02 23:58 - 2014-07-02 23:58 - 00854367 _____ () C:\Users\HRMN\Downloads\SecurityCheck.exe
2014-07-02 23:14 - 2014-07-02 22:07 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\TeamViewer
2014-07-02 22:07 - 2014-07-02 22:07 - 06253160 _____ (TeamViewer GmbH) C:\Users\HRMN\Downloads\TeamViewer_Setup_de-ckc.exe
2014-07-02 22:02 - 2014-07-02 22:02 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-02 21:45 - 2014-07-02 21:37 - 00009442 _____ () C:\Users\HRMN\Downloads\SystemLook.txt
2014-07-02 21:36 - 2014-07-02 21:36 - 00165376 _____ () C:\Users\HRMN\Downloads\SystemLook_x64.exe
2014-07-02 21:36 - 2014-07-02 21:34 - 00045912 _____ () C:\Users\HRMN\Downloads\Addition.txt
2014-07-02 21:36 - 2014-07-02 21:33 - 00048799 _____ () C:\Users\HRMN\Downloads\FRST.txt
2014-07-02 21:11 - 2014-07-02 21:11 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-02 21:01 - 2014-07-02 21:01 - 00000000 ____D () C:\Windows\ERUNT
2014-07-02 20:59 - 2014-07-02 20:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-02 20:59 - 2012-09-24 17:34 - 00118872 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2014-07-02 20:49 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-02 20:45 - 2012-06-22 11:52 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Dev-Cpp
2014-07-02 20:45 - 2012-06-22 11:52 - 00000000 ____D () C:\Dev-Cpp
2014-07-02 20:44 - 2014-07-02 20:44 - 00102738 _____ () C:\Users\HRMN\Documents\2014_07_02.reg
2014-07-02 20:44 - 2014-07-02 20:44 - 00003924 _____ () C:\Users\HRMN\Documents\2014_07_03.reg
2014-07-02 20:31 - 2012-06-07 10:23 - 00001164 _____ () C:\Users\HRMN\Downloads\CoreTemp.ini
2014-07-02 18:23 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQ-Profile
2014-07-02 18:21 - 2014-07-02 18:21 - 00001802 _____ () C:\Users\HRMN\Desktop\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00001660 _____ () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQM
2014-06-30 18:49 - 2014-04-29 22:13 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-30 18:49 - 2011-10-14 05:30 - 00000000 ____D () C:\ProgramData\Skype
2014-06-30 04:09 - 2014-07-12 14:59 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-12 14:59 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-27 19:38 - 2014-06-27 19:38 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-27 19:38 - 2014-06-19 19:55 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-27 19:38 - 2014-03-15 13:27 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-27 19:38 - 2013-07-27 15:19 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-27 19:38 - 2013-07-27 15:19 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-20 22:14 - 2014-07-12 14:59 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 21:39 - 2014-07-12 14:59 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-19 03:39 - 2014-07-12 14:59 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 03:06 - 2014-07-12 14:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 03:06 - 2014-07-12 14:59 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 02:48 - 2014-07-12 14:59 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 02:42 - 2014-07-12 14:59 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 02:42 - 2014-07-12 14:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 02:41 - 2014-07-12 14:59 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 02:41 - 2014-07-12 14:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 02:32 - 2014-07-12 14:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 02:31 - 2014-07-12 14:59 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 02:26 - 2014-07-12 14:59 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 02:24 - 2014-07-12 14:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 02:24 - 2014-07-12 14:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 02:23 - 2014-07-12 14:59 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 02:16 - 2014-07-12 14:59 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:14 - 2014-07-12 14:59 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 02:09 - 2014-07-12 14:59 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:59 - 2014-07-12 14:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:56 - 2014-07-12 14:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 01:53 - 2014-07-12 14:59 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 01:51 - 2014-07-12 14:59 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-12 14:59 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-12 14:59 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 01:39 - 2014-07-12 14:59 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 01:38 - 2014-07-12 14:59 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 01:37 - 2014-07-12 14:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 01:36 - 2014-07-12 14:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-12 14:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-19 01:33 - 2014-07-12 14:59 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-12 14:59 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 01:28 - 2014-07-12 14:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 01:28 - 2014-07-12 14:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 01:27 - 2014-07-12 14:59 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 01:27 - 2014-07-12 14:59 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 01:25 - 2014-07-12 14:59 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 01:23 - 2014-07-12 14:59 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 01:22 - 2014-07-12 14:59 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 01:12 - 2014-07-12 14:59 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 01:06 - 2014-07-12 14:59 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-12 14:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 00:59 - 2014-07-12 14:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-12 14:59 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:58 - 2014-07-12 14:59 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 00:52 - 2014-07-12 14:59 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-12 14:59 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-12 14:59 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 00:46 - 2014-07-12 14:59 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-12 14:59 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-12 14:59 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-12 14:59 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-12 14:59 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-12 14:59 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-12 14:59 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-12 14:59 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-18 16:13 - 2014-06-18 16:13 - 00000000 ____D () C:\Users\HRMN\Documents\eq_presets
2014-06-18 16:12 - 2014-06-18 16:12 - 00003526 _____ () C:\Users\HRMN\Downloads\eq_presets.zip
2014-06-18 04:18 - 2014-07-12 14:59 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-12 14:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-12 14:59 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-15 19:46 - 2014-06-15 19:46 - 00013870 _____ () C:\Users\HRMN\Documents\Kündigung_Rikarda.odt

ZeroAccess:
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}\@
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}\L\00000004.@

Files to move or delete:
====================
C:\Users\HRMN\IP_Log_Data.js
C:\Users\HRMN\Network_Meter_Data.js


Some content of TEMP:
====================
C:\Users\HRMN\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-08 00:19

==================== End Of Log ============================
         
--- --- ---


FRST Addition Log
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2014 01
Ran by HRMN at 2014-07-15 22:53:05
Running from C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

4500_G510gm_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2904.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.2904.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0913.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Professional CC (HKLM-x32\...\{B56B95BF-7161-4166-8288-DB1BA9F6C9B8}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Cabal Episode 8 (HKLM-x32\...\Cabal Episode 8) (Version: Episode 8 - EliteKingdoms)
CABAL Online (NA - Global) (HKCU\...\CabalOnline(NA - Global)) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.22 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.3318.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.2921_44380 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.3318.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.9023 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESI Prüfwerte (HKLM-x32\...\ESI Prüfwerte) (Version:  - )
ESI[tronic] DEMO_4 (HKLM-x32\...\ESI[tronic] DEMO_4) (Version:  - )
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
foobar2000 v1.1.14a (HKLM-x32\...\foobar2000) (Version: 1.1.14a - Peter Pawlowski)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.2.75.126 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)
Free M4a to MP3 Converter 7.2 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ghost Recon Phantoms - EU (HKCU\...\d8be6c3f847d7d92) (Version: 1.35.5979.1 - Ubisoft)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version:  - Arobas Music)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
ICQ 8.2 (build 7067) (HKCU\...\ICQ) (Version: 8.2.7067.0 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel Processor Diagnostic Tool 64bit (HKLM\...\{B1E50355-2437-40B0-A016-67B7490FC93E}) (Version: 2.10.0.0 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KTS (x32 Version: 4.0.0 - Robert Bosch GmbH) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
Logon Screen (HKLM\...\{1730D13B-7517-4321-A88B-64627CF67CDC}_is1) (Version:  - Daniel Rebelo)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 1.1.500.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 1.1.500.0 - Microsoft Corporation) Hidden
MotioninJoy ds3 driver version 0.6.0003 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.5.0001 - www.motioninjoy.com)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
Network64 (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.43 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.43 (Version: 340.43 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version:  - )
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlanetSide 2 (HKCU\...\SOE-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version:  - Atari)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 6.1.0.5 - WildTangent, Inc.)
SpyHunter (HKLM\...\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

06-07-2014 11:18:21 Installiert Renesas Electronics USB 3.0 Host Controller Driver
12-07-2014 15:32:14 Gerätetreiber-Paketinstallation: NVIDIA Grafikkarte
12-07-2014 16:50:37 Installed SpyHunter
12-07-2014 18:58:09 Revo Uninstaller's restore point - System Requirements Lab for Intel
13-07-2014 22:16:46 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-07-14 19:42 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {31E97D56-8130-48C0-9252-E8943EDCEBD0} - System32\Tasks\Google Updater and Installer => C:\Users\HRMN\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {357EDA91-E566-4E47-A04A-1369530D2E51} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Device Center\itype.exe [2012-06-26] (Microsoft Corporation)
Task: {38B0A7AF-CE44-467A-B2A0-059A3FD5AFB5} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2012-09-18] (Acer Incorporated)
Task: {411A750E-0185-46E2-9AAD-58FFA39E8F98} - System32\Tasks\Core Temp Autostart HRMN => C:\Users\HRMN\Downloads\Core Temp.exe [2010-10-03] ()
Task: {4FE97A35-6AAD-41C0-A407-039155AC1DF1} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)
Task: {54E8AD34-E652-4858-87D5-4538AA512F8A} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2012-09-18] (CyberLink)
Task: {6432CD2F-FBA1-494C-8D6C-8AC4BF5AA950} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {6644E828-80F1-46A1-9826-3126274CBF3D} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe [2012-06-26] (Microsoft)
Task: {7954D079-4FAF-40FF-B2D6-FA620B5AF9AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-12] (Adobe Systems Incorporated)
Task: {85A67C6E-1130-4134-94FF-507EB4779A1F} - \SpyHunter4Startup No Task File <==== ATTENTION
Task: {888AB199-79A5-4152-9003-8401C61B3F79} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-08-22] (Piriform Ltd)
Task: {8DF38EBB-0033-459F-BD5E-7940838156E6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Device Center\ipoint.exe [2012-06-26] (Microsoft Corporation)
Task: {91AB107B-D3A1-4351-BCF4-E415036664AC} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {9C7AFC46-7146-4DA0-908A-3556157B1A61} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-27] (AVAST Software)
Task: {C40EF80F-886E-48E7-BC45-55DFF42E71CF} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {C5C63F6B-E2A3-400E-8A24-99E79FD5DB4E} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
Task: {DC2F4D6B-DA61-403D-BAAC-D251129E11D4} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2012-09-18] (CyberLink Corp.)
Task: {E0B44B36-1032-43AA-A073-4689C9F69736} - System32\Tasks\AdobeAAMUpdater-1.0-HRMN-PC-HRMN => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-07-12 17:34 - 2014-06-13 04:11 - 00118728 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-06-07 10:23 - 2010-10-03 02:14 - 00563728 _____ () C:\Users\HRMN\Downloads\Core Temp.exe
2014-03-20 11:24 - 2014-03-20 11:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-10-14 05:57 - 2011-06-10 19:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-06-07 02:03 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2014-03-20 11:24 - 2014-03-20 11:24 - 05288608 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-06-27 19:37 - 2014-06-27 19:37 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-15 21:19 - 2014-07-15 21:19 - 02793472 _____ () C:\Program Files\AVAST Software\Avast\defs\14071501\algo.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-06-07 02:03 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2012-09-18 14:24 - 2012-09-18 14:24 - 00208080 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-03-18 23:22 - 2014-03-18 23:22 - 32733088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2014-06-27 19:37 - 2014-06-27 19:37 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-24 19:54 - 2014-02-24 19:54 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ae685719bd599604bdf031cdad0ba38a\IsdiInterop.ni.dll
2011-10-14 05:15 - 2011-04-30 09:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-07-14 19:39:06.626
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-14 19:39:06.548
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-27 03:20:48.704
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-27 03:20:48.704
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-27 03:20:48.704
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-27 03:20:48.688
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-27 03:20:48.688
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-27 03:20:48.688
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-26 22:46:32.155
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-26 22:46:32.153
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 26%
Total physical RAM: 8043.86 MB
Available physical RAM: 5887.57 MB
Total Pagefile: 16085.9 MB
Available Pagefile: 13849.4 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:913.41 GB) (Free:649.35 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 2F560472)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=913 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 16.07.2014, 19:04   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Pricechopper Chrome erweiterung entfernen! - Standard

Pricechopper Chrome erweiterung entfernen!




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 17.07.2014, 22:10   #11
HRMN092
 
Pricechopper Chrome erweiterung entfernen! - Standard

Pricechopper Chrome erweiterung entfernen!



Hi!
Nein, keine Probleme soweit es zeigt sich nicht mehr, allerdings scheinen die Programme noch ein paar andere Dinge gefunden zu haben.

Vielen, Vielen Dank nochmals!

Geändert von HRMN092 (17.07.2014 um 22:11 Uhr) Grund: Anhang nicht hochgeladen

Alt 18.07.2014, 18:36   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Pricechopper Chrome erweiterung entfernen! - Standard

Pricechopper Chrome erweiterung entfernen!



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.07.2014, 12:23   #13
HRMN092
 
Pricechopper Chrome erweiterung entfernen! - Standard

Pricechopper Chrome erweiterung entfernen!



oh, okay, sorry, wusste ich nciht, die Website bat mich das in ein Archiv zu packen, dann korrigiere ich das mal, sorry.

FRST

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01
Ran by HRMN (administrator) on HRMN-PC on 17-07-2014 20:54:49
Running from C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Users\HRMN\Downloads\Core Temp.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Users\HRMN\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [179272 2012-04-26] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-27] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-2792858974-2978467211-3077806040-1002\...\Run: [icq] => C:\Users\HRMN\AppData\Roaming\ICQM\icq.exe [34848264 2014-07-02] (ICQ)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-06-13] (NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-06-13] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [146480 2014-06-13] (NVIDIA Corporation)
AppInit_DLLs-x32:  C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-06-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\HRMN\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\HRMN\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-08-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-07-27]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Docs) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-14]
CHR Extension: (Google Drive) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-26]
CHR Extension: (YouTube) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-26]
CHR Extension: (Adblock Plus) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-14]
CHR Extension: (Google-Suche) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-26]
CHR Extension: (avast! Ad Blocker) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2013-08-26]
CHR Extension: (avast! Online Security) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-14]
CHR Extension: (Google Wallet) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Google Mail) - C:\Users\HRMN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx [2013-07-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-27]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-27] (AVAST Software)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-17] (WildTangent)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5132656 2013-11-25] (INCA Internet Co., Ltd.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2014-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-27] ()
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 hipeer20; C:\Windows\System32\DRIVERS\remobo64.sys [30720 2010-08-01] (Windows (R) Codename Longhorn DDK provider)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 ALSysIO; \??\C:\Users\HRMN\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-15 22:48 - 2014-07-15 22:48 - 00000624 _____ () C:\Users\HRMN\Desktop\JRT.txt
2014-07-15 22:32 - 2014-07-15 22:58 - 00117746 _____ () C:\Users\HRMN\Desktop\Virenboard.txt
2014-07-15 22:28 - 2014-07-15 22:28 - 00001158 _____ () C:\MBAM.txt
2014-07-14 19:48 - 2014-07-14 19:48 - 00050223 _____ () C:\ComboFix.txt
2014-07-14 19:28 - 2014-07-14 19:49 - 00000000 ____D () C:\Qoobox
2014-07-14 19:28 - 2014-07-14 19:49 - 00000000 ____D () C:\ComboFix
2014-07-14 19:28 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-14 19:28 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-14 19:28 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-14 19:28 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-14 19:28 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-14 19:28 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-14 19:28 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-14 19:28 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-14 19:27 - 2014-07-14 19:47 - 00000000 ____D () C:\Windows\erdnt
2014-07-14 00:15 - 2014-07-14 00:15 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\HRMN\Downloads\tdsskiller.exe
2014-07-12 21:20 - 2014-07-12 21:21 - 02084864 _____ (Farbar) C:\Users\HRMN\Downloads\FRST64.exe
2014-07-12 20:27 - 2014-07-12 20:27 - 00369758 _____ () C:\Users\HRMN\Downloads\Mineshafter-launcher.jar
2014-07-12 19:20 - 2014-07-12 19:21 - 01285120 _____ () C:\Users\HRMN\Downloads\zoek.exe
2014-07-12 19:19 - 2014-07-14 19:27 - 05219590 ____R (Swearware) C:\Users\HRMN\Downloads\ComboFix.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\HRMN\Downloads\revosetup95.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 00001272 _____ () C:\Users\HRMN\Desktop\Revo Uninstaller.lnk
2014-07-12 19:12 - 2014-07-12 19:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-12 19:06 - 2014-07-12 19:06 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215 (1).exe
2014-07-12 18:53 - 2014-07-12 18:53 - 00000000 _____ () C:\autoexec.bat
2014-07-12 18:50 - 2014-07-12 18:52 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-12 17:55 - 2014-07-12 17:55 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\NVIDIA
2014-07-12 17:39 - 2014-07-12 17:39 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215.exe
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\system32\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-12 17:34 - 2014-06-13 04:11 - 06783960 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 03523360 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 01083736 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 00933208 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-07-12 17:34 - 2014-06-13 04:11 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 00067072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2014-07-12 17:34 - 2014-06-13 04:11 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-07-12 17:34 - 2014-06-06 19:40 - 03802247 _____ () C:\Windows\system32\nvcoproc.bin
2014-07-12 17:33 - 2014-06-13 04:48 - 00075040 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-07-12 17:33 - 2014-06-13 04:48 - 00062920 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-07-12 17:20 - 2014-06-13 04:59 - 01890264 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434043.dll
2014-07-12 17:20 - 2014-06-13 04:59 - 01542088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434043.dll
2014-07-12 17:20 - 2014-06-13 04:59 - 00026353 _____ () C:\Windows\system32\nvinfo.pb
2014-07-12 17:20 - 2014-06-13 04:48 - 13911928 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 13824408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 11272544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 11211224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 04248520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 03989464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00946120 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00909256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00902616 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-07-12 17:20 - 2014-06-13 04:48 - 00869336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 31512352 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 24198616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 18625768 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 17553032 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 14497528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 12860888 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-07-12 17:20 - 2014-06-13 04:47 - 00033736 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-07-12 17:20 - 2014-06-13 04:46 - 22994392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 02814120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00965312 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-07-12 17:20 - 2014-06-13 04:46 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-07-12 17:20 - 2014-06-13 04:45 - 03196304 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-07-12 17:04 - 2014-07-12 17:49 - 00000000 ____D () C:\ProgramData\pReIIcEChop
2014-07-12 17:03 - 2014-07-14 19:41 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-12 17:03 - 2014-07-12 17:48 - 00000000 ____D () C:\ProgramData\e7e16098dd3a039c
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\ProgramData\InstallMate
2014-07-12 15:58 - 2014-07-12 15:58 - 00067727 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-DOF.zip
2014-07-12 15:53 - 2014-07-12 15:53 - 00067725 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-Motion-Blur.zip
2014-07-12 14:59 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-12 14:59 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-12 14:59 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-12 14:59 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-12 14:59 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-12 14:59 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-12 14:59 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-12 14:59 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-12 14:59 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-12 14:59 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-12 14:59 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-12 14:59 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-12 14:59 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-12 14:59 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-12 14:59 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-12 14:59 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-12 14:59 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-12 14:59 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-12 14:59 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-12 14:59 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-12 14:59 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-12 14:59 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-12 14:59 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-12 14:59 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-12 14:59 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-12 14:59 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-12 14:59 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-12 14:59 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-12 14:59 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-12 14:59 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-12 14:59 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-12 14:59 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-12 14:59 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-12 14:59 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-12 14:59 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-12 14:59 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-12 14:59 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-12 14:59 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-12 14:59 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-12 14:59 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-12 14:59 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-12 14:59 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-12 14:59 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-12 14:59 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-12 14:59 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-12 14:59 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-12 14:59 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-12 14:59 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-12 14:59 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-12 14:59 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-12 14:59 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-12 14:59 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-12 14:59 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-12 14:59 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-12 14:59 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-12 14:59 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-12 14:59 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-12 14:59 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-12 14:59 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-12 14:59 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-12 14:59 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-12 14:59 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-12 14:59 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-12 14:59 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-12 14:59 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-12 14:59 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-12 14:58 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-12 14:58 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-12 14:58 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-06 18:02 - 2014-07-06 18:02 - 00003462 _____ () C:\Users\HRMN\Desktop\bewerbung fh .txt
2014-07-06 13:31 - 2014-07-06 13:31 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A (1).zip
2014-07-06 13:31 - 2014-07-06 13:31 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1) (1).bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116.bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1).bin
2014-07-06 13:27 - 2014-07-06 13:27 - 05592309 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 05591937 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A
2014-07-06 13:22 - 2014-07-06 13:22 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A
2014-07-06 13:19 - 2014-07-06 13:19 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A.zip
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Intel
2014-07-06 13:16 - 2014-07-06 13:16 - 07077595 _____ () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A.zip
2014-07-06 13:16 - 2014-07-06 13:16 - 04059518 _____ () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A.zip
2014-07-03 23:06 - 2014-07-03 23:06 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-02 23:58 - 2014-07-02 23:58 - 00854367 _____ () C:\Users\HRMN\Downloads\SecurityCheck.exe
2014-07-02 22:07 - 2014-07-02 23:14 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\TeamViewer
2014-07-02 22:07 - 2014-07-02 22:07 - 06253160 _____ (TeamViewer GmbH) C:\Users\HRMN\Downloads\TeamViewer_Setup_de-ckc.exe
2014-07-02 22:02 - 2014-07-02 22:02 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-02 21:37 - 2014-07-02 21:45 - 00009442 _____ () C:\Users\HRMN\Downloads\SystemLook.txt
2014-07-02 21:36 - 2014-07-02 21:36 - 00165376 _____ () C:\Users\HRMN\Downloads\SystemLook_x64.exe
2014-07-02 21:34 - 2014-07-02 21:36 - 00045912 _____ () C:\Users\HRMN\Downloads\Addition.txt
2014-07-02 21:33 - 2014-07-17 20:54 - 00000000 ____D () C:\FRST
2014-07-02 21:33 - 2014-07-02 21:36 - 00048799 _____ () C:\Users\HRMN\Downloads\FRST.txt
2014-07-02 21:11 - 2014-07-15 21:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 21:11 - 2014-07-02 21:11 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-02 21:11 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-02 21:11 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-02 21:11 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-02 21:01 - 2014-07-02 21:01 - 00000000 ____D () C:\Windows\ERUNT
2014-07-02 20:59 - 2014-07-17 17:10 - 00004032 _____ () C:\Windows\setupact.log
2014-07-02 20:59 - 2014-07-02 20:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-02 20:58 - 2014-07-15 22:33 - 00005426 _____ () C:\Windows\PFRO.log
2014-07-02 20:58 - 2014-07-14 00:31 - 00459168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-02 20:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-02 20:54 - 2014-07-17 20:54 - 00000000 ____D () C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
2014-07-02 20:44 - 2014-07-02 20:44 - 00102738 _____ () C:\Users\HRMN\Documents\2014_07_02.reg
2014-07-02 20:44 - 2014-07-02 20:44 - 00003924 _____ () C:\Users\HRMN\Documents\2014_07_03.reg
2014-07-02 18:21 - 2014-07-02 18:23 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQ-Profile
2014-07-02 18:21 - 2014-07-02 18:21 - 00001802 _____ () C:\Users\HRMN\Desktop\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00001660 _____ () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQM
2014-06-27 19:38 - 2014-06-27 19:38 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-19 19:55 - 2014-06-27 19:38 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-18 16:13 - 2014-06-18 16:13 - 00000000 ____D () C:\Users\HRMN\Documents\eq_presets
2014-06-18 16:12 - 2014-06-18 16:12 - 00003526 _____ () C:\Users\HRMN\Downloads\eq_presets.zip

==================== One Month Modified Files and Folders =======

2014-07-17 20:54 - 2014-07-02 21:33 - 00000000 ____D () C:\FRST
2014-07-17 20:54 - 2014-07-02 20:54 - 00000000 ____D () C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
2014-07-17 20:12 - 2012-09-23 10:57 - 01616797 _____ () C:\Windows\WindowsUpdate.log
2014-07-17 20:06 - 2014-06-12 22:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-17 17:18 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-17 17:18 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-17 17:11 - 2012-06-07 19:39 - 00000000 ____D () C:\ProgramData\clear.fi
2014-07-17 17:10 - 2014-07-02 20:59 - 00004032 _____ () C:\Windows\setupact.log
2014-07-17 17:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-17 03:00 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-17 02:00 - 2012-06-07 11:40 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Adobe
2014-07-15 22:58 - 2014-07-15 22:32 - 00117746 _____ () C:\Users\HRMN\Desktop\Virenboard.txt
2014-07-15 22:48 - 2014-07-15 22:48 - 00000624 _____ () C:\Users\HRMN\Desktop\JRT.txt
2014-07-15 22:33 - 2014-07-02 20:58 - 00005426 _____ () C:\Windows\PFRO.log
2014-07-15 22:32 - 2013-08-26 21:17 - 00000000 ____D () C:\AdwCleaner
2014-07-15 22:28 - 2014-07-15 22:28 - 00001158 _____ () C:\MBAM.txt
2014-07-15 21:34 - 2014-07-02 21:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-15 21:19 - 2013-07-27 15:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-14 20:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-14 19:49 - 2014-07-14 19:28 - 00000000 ____D () C:\Qoobox
2014-07-14 19:49 - 2014-07-14 19:28 - 00000000 ____D () C:\ComboFix
2014-07-14 19:49 - 2013-02-18 22:43 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Apps\2.0
2014-07-14 19:49 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-07-14 19:48 - 2014-07-14 19:48 - 00050223 _____ () C:\ComboFix.txt
2014-07-14 19:47 - 2014-07-14 19:27 - 00000000 ____D () C:\Windows\erdnt
2014-07-14 19:42 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-14 19:41 - 2014-07-12 17:03 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-14 19:27 - 2014-07-12 19:19 - 05219590 ____R (Swearware) C:\Users\HRMN\Downloads\ComboFix.exe
2014-07-14 01:30 - 2012-11-07 20:30 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\vlc
2014-07-14 00:31 - 2014-07-02 20:58 - 00459168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-14 00:29 - 2014-05-10 14:41 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-14 00:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-14 00:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-14 00:28 - 2012-09-24 17:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-14 00:26 - 2013-09-19 06:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-14 00:23 - 2012-06-08 00:20 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-14 00:15 - 2014-07-14 00:15 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\HRMN\Downloads\tdsskiller.exe
2014-07-12 21:21 - 2014-07-12 21:20 - 02084864 _____ (Farbar) C:\Users\HRMN\Downloads\FRST64.exe
2014-07-12 20:41 - 2012-06-07 01:25 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\.minecraft
2014-07-12 20:27 - 2014-07-12 20:27 - 00369758 _____ () C:\Users\HRMN\Downloads\Mineshafter-launcher.jar
2014-07-12 20:23 - 2012-12-07 18:10 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Skype
2014-07-12 19:21 - 2014-07-12 19:20 - 01285120 _____ () C:\Users\HRMN\Downloads\zoek.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\HRMN\Downloads\revosetup95.exe
2014-07-12 19:12 - 2014-07-12 19:12 - 00001272 _____ () C:\Users\HRMN\Desktop\Revo Uninstaller.lnk
2014-07-12 19:12 - 2014-07-12 19:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-12 19:06 - 2014-07-12 19:06 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215 (1).exe
2014-07-12 18:53 - 2014-07-12 18:53 - 00000000 _____ () C:\autoexec.bat
2014-07-12 18:52 - 2014-07-12 18:50 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-12 18:15 - 2011-12-03 12:08 - 00703230 _____ () C:\Windows\system32\perfh007.dat
2014-07-12 18:15 - 2011-12-03 12:08 - 00150838 _____ () C:\Windows\system32\perfc007.dat
2014-07-12 18:15 - 2009-07-14 07:13 - 01629508 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-12 18:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-07-12 18:03 - 2012-08-22 20:27 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\foobar2000
2014-07-12 17:55 - 2014-07-12 17:55 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\NVIDIA
2014-07-12 17:49 - 2014-07-12 17:04 - 00000000 ____D () C:\ProgramData\pReIIcEChop
2014-07-12 17:48 - 2014-07-12 17:03 - 00000000 ____D () C:\ProgramData\e7e16098dd3a039c
2014-07-12 17:39 - 2014-07-12 17:39 - 01348263 _____ () C:\Users\HRMN\Downloads\adwcleaner_3.215.exe
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\Windows\system32\NV
2014-07-12 17:35 - 2014-07-12 17:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-12 17:34 - 2011-12-03 03:20 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-12 17:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-07-12 17:33 - 2011-12-03 03:20 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-07-12 17:33 - 2011-12-03 03:20 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Gast
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\Users\Administrator
2014-07-12 17:03 - 2014-07-12 17:03 - 00000000 ____D () C:\ProgramData\InstallMate
2014-07-12 17:03 - 2012-06-06 20:13 - 00000000 ____D () C:\Users\HRMN\AppData\Local\Google
2014-07-12 17:03 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-12 17:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-12 16:02 - 2012-12-07 20:10 - 00000000 ____D () C:\Users\HRMN\Desktop\Mincraft sachen
2014-07-12 15:58 - 2014-07-12 15:58 - 00067727 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-DOF.zip
2014-07-12 15:53 - 2014-07-12 15:53 - 00067725 _____ () C:\Users\HRMN\Downloads\SEUS-v10.1-Ultra-Motion-Blur.zip
2014-07-08 18:23 - 2014-05-23 22:01 - 00000000 ____D () C:\Program Files (x86)\CABAL Online (NA - Global)
2014-07-06 18:02 - 2014-07-06 18:02 - 00003462 _____ () C:\Users\HRMN\Desktop\bewerbung fh .txt
2014-07-06 16:42 - 2013-09-08 21:58 - 00118872 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-07-06 13:31 - 2014-07-06 13:31 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A (1).zip
2014-07-06 13:31 - 2014-07-06 13:31 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1) (1).bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116.bin
2014-07-06 13:30 - 2014-07-06 13:30 - 04194304 _____ () C:\Users\HRMN\Downloads\P5WE0116 (1).bin
2014-07-06 13:27 - 2014-07-06 13:27 - 05592309 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 05591937 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A.zip
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.17_A_A
2014-07-06 13:27 - 2014-07-06 13:27 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.16_A_A
2014-07-06 13:22 - 2014-07-06 13:22 - 00000000 ____D () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A
2014-07-06 13:19 - 2014-07-06 13:19 - 05641981 _____ () C:\Users\HRMN\Downloads\BIOS_Acer_1.21_A_A.zip
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-07-06 13:19 - 2014-07-06 13:19 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-07-06 13:19 - 2011-10-14 05:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A
2014-07-06 13:17 - 2014-07-06 13:17 - 00000000 ____D () C:\Intel
2014-07-06 13:16 - 2014-07-06 13:16 - 07077595 _____ () C:\Users\HRMN\Downloads\USB 3.0_NEC_2.0.34.0_W7x64_A.zip
2014-07-06 13:16 - 2014-07-06 13:16 - 04059518 _____ () C:\Users\HRMN\Downloads\MgmtEngine_Intel_7.0.0.1144_W7x64_A.zip
2014-07-05 21:10 - 2013-07-27 15:20 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-03 23:06 - 2014-07-03 23:06 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-03 23:06 - 2014-07-03 23:06 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-03 23:06 - 2013-09-02 20:45 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-03 00:33 - 2013-07-26 21:21 - 00000000 ____D () C:\Users\HRMN\Desktop\X-GamingdotWS
2014-07-02 23:58 - 2014-07-02 23:58 - 00854367 _____ () C:\Users\HRMN\Downloads\SecurityCheck.exe
2014-07-02 23:14 - 2014-07-02 22:07 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\TeamViewer
2014-07-02 22:07 - 2014-07-02 22:07 - 06253160 _____ (TeamViewer GmbH) C:\Users\HRMN\Downloads\TeamViewer_Setup_de-ckc.exe
2014-07-02 22:02 - 2014-07-02 22:02 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-02 21:45 - 2014-07-02 21:37 - 00009442 _____ () C:\Users\HRMN\Downloads\SystemLook.txt
2014-07-02 21:36 - 2014-07-02 21:36 - 00165376 _____ () C:\Users\HRMN\Downloads\SystemLook_x64.exe
2014-07-02 21:36 - 2014-07-02 21:34 - 00045912 _____ () C:\Users\HRMN\Downloads\Addition.txt
2014-07-02 21:36 - 2014-07-02 21:33 - 00048799 _____ () C:\Users\HRMN\Downloads\FRST.txt
2014-07-02 21:11 - 2014-07-02 21:11 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 21:11 - 2014-07-02 21:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-02 21:01 - 2014-07-02 21:01 - 00000000 ____D () C:\Windows\ERUNT
2014-07-02 20:59 - 2014-07-02 20:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-02 20:59 - 2012-09-24 17:34 - 00118872 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2014-07-02 20:49 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-02 20:45 - 2012-06-22 11:52 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Dev-Cpp
2014-07-02 20:45 - 2012-06-22 11:52 - 00000000 ____D () C:\Dev-Cpp
2014-07-02 20:44 - 2014-07-02 20:44 - 00102738 _____ () C:\Users\HRMN\Documents\2014_07_02.reg
2014-07-02 20:44 - 2014-07-02 20:44 - 00003924 _____ () C:\Users\HRMN\Documents\2014_07_03.reg
2014-07-02 20:31 - 2012-06-07 10:23 - 00001164 _____ () C:\Users\HRMN\Downloads\CoreTemp.ini
2014-07-02 18:23 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQ-Profile
2014-07-02 18:21 - 2014-07-02 18:21 - 00001802 _____ () C:\Users\HRMN\Desktop\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00001660 _____ () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-07-02 18:21 - 2014-07-02 18:21 - 00000000 ____D () C:\Users\HRMN\AppData\Roaming\ICQM
2014-06-30 18:49 - 2014-04-29 22:13 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-30 18:49 - 2011-10-14 05:30 - 00000000 ____D () C:\ProgramData\Skype
2014-06-30 04:09 - 2014-07-12 14:59 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-12 14:59 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-27 19:38 - 2014-06-27 19:38 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-27 19:38 - 2014-06-19 19:55 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-27 19:38 - 2014-03-15 13:27 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-27 19:38 - 2013-07-27 15:20 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-27 19:38 - 2013-07-27 15:19 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-27 19:38 - 2013-07-27 15:19 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-20 22:14 - 2014-07-12 14:59 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 21:39 - 2014-07-12 14:59 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-19 03:39 - 2014-07-12 14:59 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 03:06 - 2014-07-12 14:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 03:06 - 2014-07-12 14:59 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 02:48 - 2014-07-12 14:59 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 02:42 - 2014-07-12 14:59 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 02:42 - 2014-07-12 14:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 02:41 - 2014-07-12 14:59 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 02:41 - 2014-07-12 14:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 02:32 - 2014-07-12 14:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 02:31 - 2014-07-12 14:59 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 02:26 - 2014-07-12 14:59 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 02:24 - 2014-07-12 14:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 02:24 - 2014-07-12 14:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 02:23 - 2014-07-12 14:59 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 02:16 - 2014-07-12 14:59 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:14 - 2014-07-12 14:59 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 02:09 - 2014-07-12 14:59 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:59 - 2014-07-12 14:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:56 - 2014-07-12 14:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 01:53 - 2014-07-12 14:59 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 01:51 - 2014-07-12 14:59 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-12 14:59 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-12 14:59 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 01:39 - 2014-07-12 14:59 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 01:38 - 2014-07-12 14:59 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 01:37 - 2014-07-12 14:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 01:36 - 2014-07-12 14:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-12 14:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-19 01:33 - 2014-07-12 14:59 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-12 14:59 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 01:28 - 2014-07-12 14:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 01:28 - 2014-07-12 14:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 01:27 - 2014-07-12 14:59 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 01:27 - 2014-07-12 14:59 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 01:25 - 2014-07-12 14:59 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 01:23 - 2014-07-12 14:59 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 01:22 - 2014-07-12 14:59 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 01:12 - 2014-07-12 14:59 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 01:06 - 2014-07-12 14:59 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-12 14:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 00:59 - 2014-07-12 14:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-12 14:59 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:58 - 2014-07-12 14:59 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 00:52 - 2014-07-12 14:59 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-12 14:59 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-12 14:59 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 00:46 - 2014-07-12 14:59 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-12 14:59 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-12 14:59 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-12 14:59 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-12 14:59 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-12 14:59 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-12 14:59 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-12 14:59 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-18 16:13 - 2014-06-18 16:13 - 00000000 ____D () C:\Users\HRMN\Documents\eq_presets
2014-06-18 16:12 - 2014-06-18 16:12 - 00003526 _____ () C:\Users\HRMN\Downloads\eq_presets.zip
2014-06-18 04:18 - 2014-07-12 14:59 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-12 14:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-12 14:59 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

ZeroAccess:
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}\@
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}\L\00000004.@

Files to move or delete:
====================
C:\Users\HRMN\IP_Log_Data.js
C:\Users\HRMN\Network_Meter_Data.js


Some content of TEMP:
====================
C:\Users\HRMN\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-08 00:19

==================== End Of Log ============================
         
--- --- ---

Alt 21.07.2014, 12:24   #14
HRMN092
 
Pricechopper Chrome erweiterung entfernen! - Standard

Pricechopper Chrome erweiterung entfernen!



Addition
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2014 01
Ran by HRMN at 2014-07-17 20:55:14
Running from C:\Users\HRMN\Downloads\Virus-Exterminationsprogramme
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

4500_G510gm_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2904.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.2904.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0913.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Professional CC (HKLM-x32\...\{B56B95BF-7161-4166-8288-DB1BA9F6C9B8}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Cabal Episode 8 (HKLM-x32\...\Cabal Episode 8) (Version: Episode 8 - EliteKingdoms)
CABAL Online (NA - Global) (HKCU\...\CabalOnline(NA - Global)) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.22 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.3318.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.2921_44380 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.3318.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.9023 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESI Prüfwerte (HKLM-x32\...\ESI Prüfwerte) (Version:  - )
ESI[tronic] DEMO_4 (HKLM-x32\...\ESI[tronic] DEMO_4) (Version:  - )
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
foobar2000 v1.1.14a (HKLM-x32\...\foobar2000) (Version: 1.1.14a - Peter Pawlowski)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.2.75.126 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)
Free M4a to MP3 Converter 7.2 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ghost Recon Phantoms - EU (HKCU\...\d8be6c3f847d7d92) (Version: 1.35.5979.1 - Ubisoft)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version:  - Arobas Music)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
ICQ 8.2 (build 7067) (HKCU\...\ICQ) (Version: 8.2.7067.0 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel Processor Diagnostic Tool 64bit (HKLM\...\{B1E50355-2437-40B0-A016-67B7490FC93E}) (Version: 2.10.0.0 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KTS (x32 Version: 4.0.0 - Robert Bosch GmbH) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
Logon Screen (HKLM\...\{1730D13B-7517-4321-A88B-64627CF67CDC}_is1) (Version:  - Daniel Rebelo)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 1.1.500.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 1.1.500.0 - Microsoft Corporation) Hidden
MotioninJoy ds3 driver version 0.6.0003 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.5.0001 - www.motioninjoy.com)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
Network64 (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.43 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.43 (Version: 340.43 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version:  - )
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlanetSide 2 (HKCU\...\SOE-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version:  - Atari)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 6.1.0.5 - WildTangent, Inc.)
SpyHunter (HKLM\...\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

12-07-2014 15:32:14 Gerätetreiber-Paketinstallation: NVIDIA Grafikkarte
12-07-2014 16:50:37 Installed SpyHunter
12-07-2014 18:58:09 Revo Uninstaller's restore point - System Requirements Lab for Intel
13-07-2014 22:16:46 Windows Update
17-07-2014 01:00:12 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-07-14 19:42 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {31E97D56-8130-48C0-9252-E8943EDCEBD0} - System32\Tasks\Google Updater and Installer => C:\Users\HRMN\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {357EDA91-E566-4E47-A04A-1369530D2E51} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Device Center\itype.exe [2012-06-26] (Microsoft Corporation)
Task: {38B0A7AF-CE44-467A-B2A0-059A3FD5AFB5} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2012-09-18] (Acer Incorporated)
Task: {411A750E-0185-46E2-9AAD-58FFA39E8F98} - System32\Tasks\Core Temp Autostart HRMN => C:\Users\HRMN\Downloads\Core Temp.exe [2010-10-03] ()
Task: {4FE97A35-6AAD-41C0-A407-039155AC1DF1} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)
Task: {54E8AD34-E652-4858-87D5-4538AA512F8A} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2012-09-18] (CyberLink)
Task: {6432CD2F-FBA1-494C-8D6C-8AC4BF5AA950} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {6644E828-80F1-46A1-9826-3126274CBF3D} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe [2012-06-26] (Microsoft)
Task: {7954D079-4FAF-40FF-B2D6-FA620B5AF9AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-12] (Adobe Systems Incorporated)
Task: {85A67C6E-1130-4134-94FF-507EB4779A1F} - \SpyHunter4Startup No Task File <==== ATTENTION
Task: {888AB199-79A5-4152-9003-8401C61B3F79} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-08-22] (Piriform Ltd)
Task: {8DF38EBB-0033-459F-BD5E-7940838156E6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Device Center\ipoint.exe [2012-06-26] (Microsoft Corporation)
Task: {91AB107B-D3A1-4351-BCF4-E415036664AC} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {9C7AFC46-7146-4DA0-908A-3556157B1A61} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-27] (AVAST Software)
Task: {C40EF80F-886E-48E7-BC45-55DFF42E71CF} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {C5C63F6B-E2A3-400E-8A24-99E79FD5DB4E} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
Task: {DC2F4D6B-DA61-403D-BAAC-D251129E11D4} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2012-09-18] (CyberLink Corp.)
Task: {E0B44B36-1032-43AA-A073-4689C9F69736} - System32\Tasks\AdobeAAMUpdater-1.0-HRMN-PC-HRMN => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-07-12 17:34 - 2014-06-13 04:11 - 00118728 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-20 11:24 - 2014-03-20 11:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-06-07 10:23 - 2010-10-03 02:14 - 00563728 _____ () C:\Users\HRMN\Downloads\Core Temp.exe
2011-10-14 05:57 - 2011-06-10 19:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-06-07 02:03 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2014-03-20 11:24 - 2014-03-20 11:24 - 05288608 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-06-27 19:37 - 2014-06-27 19:37 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-17 17:11 - 2014-07-17 17:11 - 02793472 _____ () C:\Program Files\AVAST Software\Avast\defs\14071700\algo.dll
2014-07-12 17:20 - 2014-06-13 04:47 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-09-18 14:24 - 2012-09-18 14:24 - 00208080 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2012-06-07 02:03 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-03-18 23:22 - 2014-03-18 23:22 - 32733088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2014-06-27 19:37 - 2014-06-27 19:37 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-12 02:05 - 2014-06-05 15:58 - 00716616 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-12 02:05 - 2014-06-05 15:58 - 00126280 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-12 02:05 - 2014-06-05 15:58 - 04217672 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-12 02:05 - 2014-06-05 15:58 - 00414536 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-12 02:05 - 2014-06-05 15:58 - 01732424 _____ () C:\Users\HRMN\AppData\Local\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-02-24 19:54 - 2014-02-24 19:54 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ae685719bd599604bdf031cdad0ba38a\IsdiInterop.ni.dll
2011-10-14 05:15 - 2011-04-30 09:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/17/2014 08:47:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/17/2014 05:34:16 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/17/2014 05:34:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/17/2014 05:11:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2014 00:33:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/17/2014 00:33:00 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/17/2014 00:31:40 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (07/17/2014 05:10:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LibUsb-Win32 - Daemon, Version 0.1.10.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (07/17/2014 08:47:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (07/17/2014 05:34:16 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\HRMN\Downloads\Virus-Exterminationsprogramme\esetsmartinstaller_deu.exe

Error: (07/17/2014 05:34:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\HRMN\Downloads\Virus-Exterminationsprogramme\esetsmartinstaller_deu.exe

Error: (07/17/2014 05:11:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2014 00:33:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\HRMN\downloads\virus-exterminationsprogramme\esetsmartinstaller_deu.exe

Error: (07/17/2014 00:33:00 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\HRMN\downloads\virus-exterminationsprogramme\esetsmartinstaller_deu.exe

Error: (07/17/2014 00:31:40 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe


CodeIntegrity Errors:
===================================
  Date: 2014-07-14 19:39:06.626
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-14 19:39:06.548
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-27 03:20:48.704
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-27 03:20:48.704
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-27 03:20:48.704
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-27 03:20:48.688
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-27 03:20:48.688
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-27 03:20:48.688
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-26 22:46:32.155
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-26 22:46:32.153
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 39%
Total physical RAM: 8043.86 MB
Available physical RAM: 4869.45 MB
Total Pagefile: 16085.9 MB
Available Pagefile: 12596.1 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:913.41 GB) (Free:651.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 2F560472)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=913 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
ESET
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=621a3d6d487b5741b5b10fba481a2bf6
# engine=18992
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-02 10:34:31
# local_time=2014-07-03 12:34:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 97 107837 168760961 0 0
# scanned=401185
# found=6
# cleaned=6
# scan_time=9012
sh=078FB2A3E5DE54C3737A4541242A4725C02C6B9C ft=1 fh=d760d12103e04038 vn="Variante von Win32/Adware.MultiPlug.I Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\ssafEy ssavye\5209f5844775b.dll.vir"
sh=442EF96B3A2E43AC23FB80C430A5E7852116351F ft=1 fh=4840fc8f5e290c6c vn="MSIL/Riskware.HackAV.Q Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\HRMN\Desktop\STICK!\Kaspersky PURE v9.1.0.124 German\Trial Reset GANJiN v1.1d\gjn_ktr2012\ganjin_ktr_2012.exe"
sh=258BA7A3547788C6BB6731363A8FD0D0A37BF20B ft=1 fh=455dd9d4df261fcf vn="Variante von Win32/Packed.VMProtect.ABD Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\HRMN\Desktop\X-GamingdotWS\PL4Y.exe"
sh=C23E6F17270F5CF9C344E0F7C02B532785B79811 ft=1 fh=ed80e38be07da9d3 vn="Variante von Win32/Packed.VMProtect.ABD Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\HRMN\Desktop\X-GamingdotWS\PL4Y.m0n"
sh=4F82FF5A006C25121922BF8ECCD87C3C1AF2208D ft=1 fh=ed0a46d23ae0e80c vn="Variante von Win32/Packed.VMProtect.ABD Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\HRMN\Desktop\X-GamingdotWS\x.dll"
sh=46C1319EE38510C365A4226621DE30BDF7E462FF ft=1 fh=662930a683ab766b vn="Win64/Conedex.C Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}\U\00000004.@"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=621a3d6d487b5741b5b10fba481a2bf6
# engine=19145
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-12 04:54:35
# local_time=2014-07-12 06:54:35 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 97 951441 169604565 0 0
# scanned=22834
# found=1
# cleaned=0
# scan_time=689
sh=163130A1B97B720366E5D9D96D8D0D0EF436C28B ft=1 fh=c71c0011ae3f1ea4 vn="Variante von Win32/AdWare.MultiPlug.AG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Adblocker\ym.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=621a3d6d487b5741b5b10fba481a2bf6
# engine=19223
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-17 06:44:48
# local_time=2014-07-17 08:44:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 97 1390054 170043178 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 51045 157252538 0 0
# scanned=407676
# found=28
# cleaned=0
# scan_time=11343
sh=1165909E97E3802BFD5D5D21CB39776BBAF522D7 ft=1 fh=23c3fd0ad8d4dd85 vn="Variante von Win32/Toolbar.CrossRider.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-bg.exe.vir"
sh=FFC6B3D896A7502563A31C298394B539691209A9 ft=1 fh=c71c001146429c75 vn="Variante von Win32/Toolbar.CrossRider.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-bho.dll.vir"
sh=46DE4270FA3776179CAB6A586778A247276129A6 ft=1 fh=c71c00116f2f2486 vn="möglicherweise Variante von Win32/Toolbar.CrossRider.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-buttonutil.dll.vir"
sh=6AB94DEF9D392431283906E7EFBF0C205821FD05 ft=1 fh=92af9ac40a407d38 vn="Variante von Win32/Toolbar.CrossRider.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-buttonutil.exe.vir"
sh=E4EFF7EAAEC20B41B6B4B091FA3B8FDB2672B68F ft=1 fh=711bf31f462ed090 vn="Variante von Win64/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-buttonutil64.dll.vir"
sh=30DC51631B7E52C00B4FAD42051F893D7D863154 ft=1 fh=92af9ac428b3513d vn="Variante von Win64/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-buttonutil64.exe.vir"
sh=87E1B4153D7D8157615852B550191526BFCD976A ft=1 fh=9ba1eca12ec55543 vn="Variante von Win32/Toolbar.CrossRider.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-helper.exe.vir"
sh=C761F63FE114F471F50BEA4DEB2B03C464DCEC82 ft=1 fh=37598171c3800b46 vn="Win32/Packed.ScrambleWrapper.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvidCodec.com\HDvidCodecIE.exe.vir"
sh=98DFDE80F704942E1F411022727EADCD0291AB5E ft=1 fh=85c205627a968519 vn="Win32/Packed.ScrambleWrapper.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvidCodec.com\hdvidextsetup.exe.vir"
sh=163130A1B97B720366E5D9D96D8D0D0EF436C28B ft=1 fh=c71c0011ae3f1ea4 vn="Variante von Win32/AdWare.MultiPlug.AG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Adblocker\ym.exe.vir"
sh=246DDBC3A2C223A6B9072637D93DC2A2832D097A ft=1 fh=c71c0011b04f613a vn="Win32/Toolbar.Babylon.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\DSearchLink\DSearchLink.exe.vir"
sh=E7CF4AEAAD0373AD0C421F7767F428D78D826DD7 ft=1 fh=37eb20297dc7762d vn="Variante von Win32/ELEX.S evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\eSafe\eGdpSvc.exe.vir"
sh=520841CD210A4F3628D2624707A258D32E7FC663 ft=1 fh=4aebe0be2acebedd vn="Variante von Win32/ELEX.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HRMN\AppData\Local\Temp\eIntaller\B722329818DE4ce4B410BAD1FD885884\eXQ.exe.vir"
sh=73FFB342D4EA5BF56D263C86D6851ADCD20AE77F ft=1 fh=f634f44630457a34 vn="Variante von Win32/ELEX.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HRMN\AppData\Roaming\eIntaller\68CD2297FD9F49ac94C189F889E1BC4F\Desk365.exe.vir"
sh=E57A50583700651988E3659C5C608B191FFE1DBE ft=1 fh=9fe93a3180c81fb0 vn="Win32/ELEX.M evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HRMN\AppData\Roaming\eIntaller\68CD2297FD9F49ac94C189F889E1BC4F\eGdpSvc.exe.vir"
sh=D92C57559952B5609CFD4AE448FCC4F8C5FBBAD0 ft=1 fh=918726450a13feff vn="Win32/ELEX.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\HRMN\AppData\Roaming\eIntaller\68CD2297FD9F49ac94C189F889E1BC4F\eXQ.exe.vir"
sh=B41AE3CA2FB72C4323C736543BF63F68A13C9E5C ft=1 fh=8cb1d5bd107b133f vn="Variante von Win32/AdWare.MultiPlug.AG Anwendung" ac=I fn="C:\Users\HRMN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9EF3HL32\4O8PIT[1].exe"
sh=6D04D56668E67E0D634A6914E54F503EC43CAC8D ft=1 fh=c71c001194990d1f vn="Variante von Win32/SProtector.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\HRMN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9EF3HL32\tpq[1].exe"
sh=3DBE664E687503FA414D9B7279EBE41E17ADA6FD ft=1 fh=daaff12f6dab16a0 vn="Variante von Win32/AdWare.MultiPlug.AG Anwendung" ac=I fn="C:\Users\HRMN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XD74DZ4B\8z6nR3o[1].exe"
sh=120D0FDBD721218B51359D5B274DDA35E9FDE586 ft=1 fh=bc12d8266613e48e vn="Variante von Win32/AdWare.MultiPlug.AG Anwendung" ac=I fn="C:\Users\HRMN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XD74DZ4B\F[1].exe"
sh=4A32B8AF84269D6CCE38DC0C8E6A7F8B92809DC2 ft=1 fh=02473355ee4d68cf vn="Variante von Win32/AdWare.MultiPlug.AG Anwendung" ac=I fn="C:\Users\HRMN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XD74DZ4B\V2r[1].exe"
sh=30A5824011FDAA63197B43C04990A1A191724D68 ft=1 fh=64b15240f1925fc5 vn="Win32/ReflexiveArcade evtl. unerwünschte Anwendung" ac=I fn="C:\Users\HRMN\Desktop\Farm Frenzy 2\farm2.exe.bak"
sh=794E65F4E93CF65E121D46364B6AA923F5FA1057 ft=1 fh=e962592decd1da35 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\HRMN\Desktop\Spiele\Farm Frenzy 3 v0.5.0.0\FarmFrenzy3_1660_Softgozar.com.exe"
sh=AA4243E6FD099E7F92B340D67B14E1439E9B739C ft=0 fh=0000000000000000 vn="MSIL/Riskware.HackAV.Q Anwendung" ac=I fn="C:\Users\HRMN\Desktop\STICK!\Kaspersky PURE v9.1.0.124 German\Trial Reset GANJiN v1.1d\gjn_ktr2012.zip"
sh=709D0B68EBAA79E2909ADA8D39B7A0005BA4313D ft=1 fh=e602743e8780b8c5 vn="Win32/DownWare.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\HRMN\Downloads\Logon_Screen_2.56.exe"
sh=97B0D5599B4C06C2E3A98C005E3E24B623EBEB47 ft=1 fh=9401e01afa918ebf vn="Win32/TopMedia.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\HRMN\Downloads\Microsoft_Office_2010_Activator_-_Any_version_[VerifiedFiles]_secure.exe"
sh=C0AE99EEC2B64733ACBB98E4DE59BB359B37C715 ft=1 fh=d1f975ec0e2cbc12 vn="Variante von Win32/OpenInstall evtl. unerwünschte Anwendung" ac=I fn="C:\Users\HRMN\Downloads\NetworkMeterVersion96.exe"
sh=7E6D046F3B65C17A1B1D9DBB4223EA1C7DCC926D ft=1 fh=8ab56661bf1cd324 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\HRMN\Downloads\Windows 7 Die 50 besten Gadgets - CHIP-Downloader.exe"
         
Checkup
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.83  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 TuneUp Utilities Language Pack (de-DE) 
 JavaFX 2.1.1    
 Java 7 Update 60  
 Java version out of Date! 
 Adobe Flash Player 14.0.0.125  
 Adobe Reader 10.1.7 Adobe Reader out of Date!  
 Google Chrome 35.0.1916.114  
 Google Chrome 35.0.1916.153  
````````Process Check: objlist.exe by Laurent````````  
 Symantec Norton Online Backup NOBuAgent.exe  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

Alt 21.07.2014, 14:03   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Pricechopper Chrome erweiterung entfernen! - Standard

Pricechopper Chrome erweiterung entfernen!



Java und Adobe updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ZeroAccess:
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}\@
C:\Windows\Installer\{9c0559ee-654a-5c64-df40-86d725681a93}\L\00000004.@
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Pricechopper Chrome erweiterung entfernen!
bereit, msil/riskware.hackav.q, spyhunter, spyhunter entfernen, win32/adware.multiplug.ag, win32/adware.multiplug.i, win32/downloadsponsor.a, win32/downware.w, win32/elex.d, win32/elex.m, win32/elex.q, win32/elex.s, win32/packed.scramblewrapper.c, win32/packed.vmprotect.abd, win32/sprotector.h, win32/toolbar.babylon.y, win32/toolbar.conduit.b, win32/toolbar.crossrider.h, win32/toolbar.crossrider.i, win32/topmedia.b, win64/conedex.c, win64/toolbar.crossrider.a



Ähnliche Themen: Pricechopper Chrome erweiterung entfernen!


  1. Chrome Erweiterung nicht löschbar
    Plagegeister aller Art und deren Bekämpfung - 25.09.2015 (32)
  2. Anti-Phishing-Erweiterung für Chrome mehrfach unterwandert
    Nachrichten - 04.05.2015 (0)
  3. "UniDealsi" Erweiterung in Google Chrome lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 13.02.2015 (11)
  4. Windows 7 x64, Avast blockiert im sekundentakt werbung, Google chrome erweiterung "Unisiallees" unbekannt nicht löschbar
    Log-Analyse und Auswertung - 22.01.2015 (17)
  5. Chrome Erweiterung "Download Protect 2.2.5" lässt sich nicht entfernen
    Log-Analyse und Auswertung - 03.09.2014 (14)
  6. Windows 8.1 | Download Protector 2.2.5 | Chrome Erweiterung | Lässt sich nicht löschen
    Log-Analyse und Auswertung - 22.08.2014 (6)
  7. Download protect 2.2.5 lässt sich als Erweiterung in Chrome nicht entfernen
    Log-Analyse und Auswertung - 06.08.2014 (15)
  8. Erweiterung "Download Protect 2.2.0" im Firefox läßt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 13.04.2014 (7)
  9. Unerwünschte Chrome-Erweiterung: BloccKTheeAdiAApp
    Plagegeister aller Art und deren Bekämpfung - 21.03.2014 (13)
  10. Sauber dank schrauber! (Chrome-Erweiterung entfernt)
    Lob, Kritik und Wünsche - 20.03.2014 (0)
  11. WatcheItAdBLocke 2.91 als Chrome Erweiterung
    Plagegeister aller Art und deren Bekämpfung - 21.02.2014 (39)
  12. Chrome Erweiterung Hoverzoom ist malewareverseucht?
    Plagegeister aller Art und deren Bekämpfung - 18.12.2013 (1)
  13. Chrome Erweiterung Plus-Hd-2.4 Adware
    Plagegeister aller Art und deren Bekämpfung - 23.07.2013 (8)
  14. click&clean brwoser addon chrome , ist das eine erweiterung vom CCleaner?
    Antiviren-, Firewall- und andere Schutzprogramme - 12.01.2013 (4)
  15. Chrome-Erweiterung zeigt unsauberen JavaScript-Code auf
    Nachrichten - 23.06.2011 (0)
  16. Empire Earth II + Erweiterung vollständig entfernen
    Alles rund um Windows - 13.07.2010 (0)
  17. Erweiterung.exe & Co
    Log-Analyse und Auswertung - 18.11.2008 (0)

Zum Thema Pricechopper Chrome erweiterung entfernen! - Pricechopper oder pericechop bzw. peRIIceChoppeR hat sich durch Dummheit auf meinem Laptop eingenistet. Es hat keinen festen Namen aber es will auf Daten, Websites und Designs zugreifen. Könnte eine Werbesoftware - Pricechopper Chrome erweiterung entfernen!...
Archiv
Du betrachtest: Pricechopper Chrome erweiterung entfernen! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.