Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.

Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.


Log-Analyse und Auswertung: Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 1 von 2 1 2
Alt 17.02.2015, 01:53   #1
Mr. Dela
 
Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr. - Unglücklich

Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.


Hallo,

ich habe seit einem Monat ein Problem. Wie im Titel geschrieben habe ich eine Menge an Trojaner, Malware und Adware. Ich habe versucht das Problem zu lösen, normalerweise erledige ich das selbst, doch dieses mal ging das leider nicht. Wie gesagt habe ich mich informiert und folgende Programme heruntergeladen und versucht den Virus zu bekämpfen.

- Malwarebyte
- AdwCleaner
- (Java Update)

Nichts hat geholfen. Doch glücklicherweise habe ich trojaner-board.de entdeckt .
Also. Neue Tabs (Google Chrome) öffnen sich automatisch, überall Werbung die ich ständig wegschalten muss um etwas von der Website zu erkennen. Da ich Malwarebyte heruntergeladen habe und ihm scannen lies entdeckte ich Trojan.BitcoinMiner, der meine PC Leistung frisst. Ich habe mithilfe des Pfads versucht die Datei zu löschen, ging nicht überall, und hat sein Anwendungsnamen geändert z. B. beim verlauf von Malwarebyte steht m1.exe wenn ich den Ordner gehe heißt es c1.exe. Beim starten des PC wird gleich ein GoogleChrome Fenster und IE (Beim IE öffnet sich "cmd" Fenster mit einem Befehl) mit Werbung geöffnet. Deutsch ist nicht meine Muttersprache, möchte mich für die Fehler entschuldigen. Ich hoffe, dass ich mich klar genug ausgedrückt habe. Danke im voraus.

MfG Mr. Dela
Geändert von Mr. Dela (17.02.2015 um 02:08 Uhr)

Alt 17.02.2015, 05:59   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr. - Standard

Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.


Hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 17.02.2015, 14:14   #3
Mr. Dela
 
Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr. - Standard

Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.


Danke für deine rasche Antwort Schrauber. . Ich verstehe leider nicht wie das funktioniert, habe damit nie gearbeitet. Ich meine das Einfügen von den Dateien auf die Webseite.

MfG Mr. Dela
__________________
Alt 17.02.2015, 20:23   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr. - Standard

Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.02.2015, 17:34   #5
Mr. Dela
 
Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr. - Icon17

FRST


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-02-2015
Ran by Fm. Medved (administrator) on FMMEDVED-PC on 18-02-2015 17:08:34
Running from C:\Users\Fm. Medved\Desktop
Loaded Profiles: Fm. Medved (Available profiles: Fm. Medved & UpdatusUser & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHJE.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft) C:\Users\Fm. Medved\AppData\Local\Temp\puzkwqhd.5ro\dcore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-08-30] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Flash Player SU] => C:\Windows\System32\cmd.exe /k if %date:~6,4%%date:~3,2%%date:~0,2% LEQ 20130606 (exit) else (start hxxp://liketour.org/ && exit)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Run: [Google Update] => C:\Users\Fm. Medved\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-14] (Google Inc.)
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Run: [7bb57c0fd12a2022cd4bb9ea] => iexplore.exe
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2014-10-14] (Microsoft Corporation)
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Run: [mliznprdtc] => cmd /c start hxxp://foretuned.com/
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Run: [*LABAL*] => [X]
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Run: [Vkmusicdownloader] => "C:\Users\Fm. Medved\AppData\Local\Microsoft\Windows\Vkmusicdownloader.exe"
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Run: [MaxDownload] => C:\Users\Fm. Medved\AppData\Roaming\MaxDownload\Updater.exe [308224 2014-10-13] ()
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\MountPoints2: I - I:\AutoRun.exe
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\MountPoints2: {0e7101d3-4754-11e2-aac0-dc0ea11d8c14} - E:\AutoRun.exe
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\MountPoints2: {23808b78-4fe7-11e1-942d-64273717bee5} - F:\AutoRun.exe
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\MountPoints2: {23808b91-4fe7-11e1-942d-64273717bee5} - E:\AutoRun.exe
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\MountPoints2: {335b43e8-a732-11e1-bbdb-dc0ea11d8c14} - E:\Autorun.exe
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\MountPoints2: {335b4700-a732-11e1-bbdb-dc0ea11d8c14} - H:\aoesetup.exe /autorun
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\MountPoints2: {5dabe9fa-52e7-11e4-82de-dc0ea11d8c14} - E:\AutoRun.exe
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\MountPoints2: {9ac46c4e-4f66-11e1-b95b-64273717bee5} - E:\Setup\Setup-7.bin
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\MountPoints2: {a11e6a70-f9f2-11e1-aa8a-dc0ea11d8c14} - I:\Autorun.exe
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\MountPoints2: {a11e6a84-f9f2-11e1-aa8a-dc0ea11d8c14} - E:\AutoRun.exe
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\MountPoints2: {a6445b03-71cf-11e1-94f4-64273717bee5} - E:\AutoRun.exe
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\MountPoints2: {b3d1727d-5304-11e1-bfac-64273717bee5} - G:\AutoRun.exe
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\MountPoints2: {e17f8cea-17aa-11e2-9aa4-64273717bee5} - E:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation)
GroupPolicyUsers\S-1-5-21-347752443-2393636236-3195270278-1009\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = 
SearchScopes: HKLM-x32 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-347752443-2393636236-3195270278-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.134.0.cab
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.1.15602.22612\npSkypeWebPlugin64.dll (Skype)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.1.15602.22612\npSkypeWebPlugin.dll (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-347752443-2393636236-3195270278-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Fm. Medved\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-347752443-2393636236-3195270278-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Fm. Medved\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-347752443-2393636236-3195270278-1001: @talk.google.com/O1DPlugin -> C:\Users\Fm. Medved\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-347752443-2393636236-3195270278-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Fm. Medved\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-347752443-2393636236-3195270278-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Fm. Medved\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-347752443-2393636236-3195270278-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Fm. Medved\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-347752443-2393636236-3195270278-1001: ubisoft.com/uplaypc -> C:\Spiele\The.Settlers7.PtaK.Multi9-RU.Repack\INstall\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Users\Fm. Medved\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Fm. Medved\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Firefox\Extensions: [{8c9ee4c1-6fb6-4773-afd6-23f4398777ac}] - C:\Program Files (x86)\LyricsPal\130.xpi

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://2inf.net/?utm_source=startpage12
CHR StartupUrls: Default -> "https://www.google.ru/webhp?tab=ww&ei=sUHSVKe9OIG1U5b7gLgN&ved=0CAYQ1S4"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-02]
CHR Extension: (Design Something) - C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgeclailpjmobncndjbahebjhboblhno [2014-11-01]
CHR Extension: (AdBlock) - C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-06]
CHR Extension: (Learn Hebrew - Ma Kore) - C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiphfaggmjkobfelhkaddcoagngjogeg [2014-11-01]
CHR Extension: (Google Wallet) - C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Adblock Plus Chrome) - C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\Default\Extensions\omihghdlmaedmkipdikamnejbeecjcim [2014-11-01]
CHR HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - No Path
CHR HKLM-x32\...\Chrome\Extension: [cifhijkiiikloafabeloklapclpjgpom] - C:\Users\Fm. Medved\AppData\Roaming\VkVideo\chrome.crx [2012-10-24]
CHR HKLM-x32\...\Chrome\Extension: [gdknicmnhbaajdglbinpahhapghpakch] - No Path
CHR HKLM-x32\...\Chrome\Extension: [jedelkhanefmcnpappfhachbpnlhomai] - No Path
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [mfhobjnbhogmcagcbgjlileeghfbbodm] - C:\ProgramData\ADDICT-THING\mfhobjnbhogmcagcbgjlileeghfbbodm.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pganlglbhgfjfgopijbhemcpbehjnpia] - No Path
CHR HKLM-x32\...\Chrome\Extension: [phfiheafjohhojemkgljhlhfpgdlpppa] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha6627\ch\TrustMediaViewerV1alpha6627.crx [Not Found]
StartMenuInternet: Google Chrome - C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-02-14] (BitRaider, LLC)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174624 2015-02-02] (EasyAntiCheat Ltd)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-31] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-01-24] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WinHttpAutoProxySvc; winhttp.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2015-02-05] ()
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-02-14] (BitRaider)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
U0 dftij; C:\Windows\System32\drivers\sfhae.sys [79064 2015-02-18] (Malwarebytes Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2015-02-05] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [111808 2004-05-13] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed]
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-02-04] () [File not signed]
U3 aay5pfet; C:\Windows\System32\Drivers\aay5pfet.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-18 17:08 - 2015-02-18 17:09 - 00028995 _____ () C:\Users\Fm. Medved\Desktop\FRST.txt
2015-02-18 15:00 - 2015-02-18 15:00 - 00001119 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-02-18 15:00 - 2015-02-18 15:00 - 00001069 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-02-18 15:00 - 2015-02-18 15:00 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Canneverbe Limited
2015-02-18 15:00 - 2015-02-18 15:00 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2015-02-18 15:00 - 2015-02-18 15:00 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2015-02-18 14:58 - 2015-02-18 14:58 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\sfhae.sys
2015-02-18 14:54 - 2015-02-18 14:54 - 05409016 _____ (Canneverbe Limited ) C:\Users\Fm. Medved\Downloads\cdbxp_setup_4.5.4.5306_minimal (1).exe
2015-02-18 14:53 - 2015-02-18 14:54 - 05409016 _____ (Canneverbe Limited ) C:\Users\Fm. Medved\Downloads\cdbxp_setup_4.5.4.5306_minimal.exe
2015-02-17 13:56 - 2015-02-18 17:08 - 00000000 ____D () C:\FRST
2015-02-17 13:55 - 2015-02-17 13:55 - 02085888 _____ (Farbar) C:\Users\Fm. Medved\Desktop\FRST64.exe
2015-02-15 13:07 - 2015-02-15 13:11 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\.technic
2015-02-14 20:00 - 2015-02-14 20:00 - 00000000 ____D () C:\Users\Fm. Medved\Desktop\Das Lied von Eis & Feuer
2015-02-14 19:56 - 2015-02-14 20:00 - 28961041 _____ () C:\Users\Fm. Medved\Downloads\DLvEuF.rar
2015-02-14 19:48 - 2015-02-14 20:02 - 00000000 ____D () C:\Users\Fm. Medved\Desktop\Knigy
2015-02-14 19:48 - 2015-02-14 19:48 - 00096768 _____ () C:\Users\Fm. Medved\Downloads\Буньян Джон. Путешествие пилигрима - royallib.com.fb2.zip
2015-02-14 19:26 - 2015-02-14 19:26 - 02693706 _____ () C:\Users\Fm. Medved\Downloads\Bible_RST_FB2.zip
2015-02-14 14:06 - 2015-02-14 14:06 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\{8C76C21E-6914-4D9A-A0D2-3F91A5F12226}
2015-02-14 13:37 - 2015-02-14 13:37 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\SWTOR
2015-02-14 12:43 - 2015-02-14 12:43 - 00000000 ____D () C:\Users\Public\Documents\BitRaider
2015-02-14 12:43 - 2015-02-14 12:43 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\SWTORPerf
2015-02-14 12:43 - 2015-02-14 12:43 - 00000000 ____D () C:\ProgramData\BitRaider
2015-02-14 12:40 - 2015-02-14 12:40 - 00015881 _____ () C:\Users\Fm. Medved\Documents\Install STAR WARS The Old Republic.log
2015-02-14 12:40 - 2015-02-14 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2015-02-14 12:40 - 2015-02-14 12:40 - 00000000 _____ () C:\end
2015-02-14 12:39 - 2015-02-14 12:39 - 29720272 _____ () C:\Users\Fm. Medved\Downloads\SWTOR_setup.exe
2015-02-14 12:04 - 2015-02-14 12:05 - 00003582 _____ () C:\Windows\System32\Tasks\WdfHG
2015-02-14 11:54 - 2015-02-14 12:05 - 00000000 ____D () C:\Program Files (x86)\Plants vs. Zombies Garden Warfare
2015-02-14 11:18 - 2015-02-14 11:18 - 00021045 _____ () C:\Users\Fm. Medved\Downloads\lego-marvel-super-heroes-2013.torrent
2015-02-14 11:16 - 2015-02-14 11:16 - 00020332 _____ () C:\Users\Fm. Medved\Downloads\Windows_8.1_PRO._Activated_[by_TorW]_[Isohunt.to].torrent
2015-02-14 10:54 - 2015-02-14 10:54 - 00000097 _____ () C:\Users\Fm. Medved\Documents\Plants v.s Zombies Garden Warfare.rar
2015-02-14 10:10 - 2015-02-14 10:10 - 00000000 ____D () C:\Users\Fm. Medved\Downloads\The.Amazing.Spider-Man.2.Proper-RELOADED
2015-02-14 10:09 - 2015-02-14 10:09 - 00022476 _____ () C:\Users\Fm. Medved\Downloads\the-amazing-spider-man-2-2014.torrent
2015-02-14 10:07 - 2015-02-14 10:07 - 01559032 _____ () C:\Users\Fm. Medved\Downloads\maxload.exe
2015-02-14 10:07 - 2015-02-14 10:07 - 00001951 _____ () C:\Users\UpdatusUser.FmMedved-PC\Desktop\MaxDownload.lnk
2015-02-14 10:07 - 2015-02-14 10:07 - 00001951 _____ () C:\Users\Gast.FmMedved-PC\Desktop\MaxDownload.lnk
2015-02-14 10:07 - 2015-02-14 10:07 - 00000000 ____D () C:\Users\Fm. Medved\Downloads\maxload
2015-02-14 10:07 - 2015-02-14 10:07 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MaxDownload
2015-02-14 10:07 - 2015-02-14 10:07 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\MaxDownload
2015-02-14 10:07 - 2015-02-14 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MaxDownload
2015-02-14 00:18 - 2015-02-14 00:18 - 00839110 _____ () C:\Users\Fm. Medved\Downloads\Толстой Лев. Анна Каренина - royallib.com.fb2.zip
2015-02-14 00:12 - 2015-02-14 00:12 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\calibre-cache
2015-02-14 00:10 - 2015-02-14 20:16 - 00000000 ____D () C:\Users\Fm. Medved\Documents\Calibre-Bibliothek
2015-02-14 00:10 - 2015-02-14 20:05 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\calibre
2015-02-14 00:09 - 2015-02-14 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2015-02-14 00:09 - 2015-02-14 00:10 - 00000000 ____D () C:\Program Files\Calibre2
2015-02-14 00:07 - 2015-02-14 00:08 - 69468160 _____ () C:\Users\Fm. Medved\Downloads\calibre-64bit-2.19.0.msi
2015-02-12 17:00 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 17:00 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 17:00 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 17:00 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 14:45 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 14:45 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 14:45 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 14:45 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 14:45 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 14:45 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 14:45 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 14:45 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 14:45 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 14:45 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 14:45 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 14:45 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 14:45 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 14:45 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 14:45 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 14:45 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 14:45 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 14:45 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:45 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 14:45 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:45 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:45 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 14:45 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 14:45 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 14:45 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 14:45 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:45 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 14:45 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 14:45 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 14:45 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 14:45 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 14:45 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 14:45 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 14:45 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 14:45 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 14:45 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 14:45 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 14:45 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 14:45 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 14:45 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 14:45 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 14:45 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 14:45 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 14:45 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 14:45 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 14:45 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 14:45 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 14:44 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:44 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 14:44 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 14:44 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 14:44 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 14:44 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 14:44 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 14:44 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 14:44 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 14:44 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 14:44 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 14:44 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 14:44 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 14:44 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 14:44 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 14:44 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 14:44 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 14:44 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 14:44 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:44 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:44 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 14:44 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 14:44 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 14:44 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 14:44 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:44 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 14:44 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 14:44 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 14:44 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:44 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 14:44 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 14:44 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 14:44 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 14:44 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 14:44 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 14:44 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 14:44 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 14:44 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 14:44 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 14:44 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 14:44 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 14:44 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 14:44 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 14:44 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:44 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 14:44 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 14:44 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 14:44 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 14:44 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 14:44 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 14:44 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 14:43 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:43 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 14:43 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 14:43 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 14:43 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:43 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:43 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 14:43 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 14:43 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 14:43 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-10 01:53 - 2015-02-18 14:24 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-10 01:53 - 2015-02-10 01:53 - 00001066 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-10 01:53 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-10 01:53 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-10 01:52 - 2015-02-10 01:53 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-10 01:52 - 2015-02-10 01:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-10 01:52 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-10 01:51 - 2015-02-10 01:51 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Fm. Medved\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-10 01:29 - 2015-02-13 13:23 - 00000000 ____D () C:\Windows\pss
2015-02-10 01:02 - 2015-02-13 14:24 - 00000000 ____D () C:\AdwCleaner
2015-02-10 01:02 - 2015-02-10 01:02 - 02112512 _____ () C:\Users\Fm. Medved\Downloads\adwcleaner_4.110.exe
2015-02-09 22:02 - 2015-02-09 22:02 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\{985CB6C7-1747-4961-AE2B-3CF9B33AAE91}
2015-02-09 11:49 - 2015-02-09 11:49 - 00000687 _____ () C:\awh3BE7.tmp
2015-02-09 09:32 - 2015-02-09 09:32 - 00000687 _____ () C:\awh777F.tmp
2015-02-08 23:33 - 2015-02-09 01:28 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\ArmA 2 OA
2015-02-08 23:33 - 2015-02-08 23:35 - 00000000 ____D () C:\Users\Fm. Medved\Documents\ArmA 2
2015-02-08 18:12 - 2015-02-08 18:13 - 00000000 ____D () C:\Program Files (x86)\Team Liquid Streams
2015-02-08 15:34 - 2015-02-08 15:34 - 00030899 _____ () C:\Users\Fm. Medved\Downloads\Windows_7._Activated._x64._Home_Premium._[TorW][IsoHunt.to].torrent
2015-02-08 14:13 - 2015-02-08 14:13 - 00000000 ____D () C:\Program Files (x86)\Click free Browsing
2015-02-08 13:43 - 2015-02-08 13:43 - 00398002 _____ () C:\Users\Fm. Medved\Downloads\(скачано с sims3pack.ru) c580_sentate-triggerboots.package
2015-02-08 13:41 - 2015-02-08 13:41 - 00137681 _____ () C:\Users\Fm. Medved\Downloads\(скачано с sims3pack.ru) d1a6_tyeshighcutshoes.package
2015-02-08 13:40 - 2015-02-08 13:40 - 00299815 _____ () C:\Users\Fm. Medved\Downloads\(скачано с sims3pack.ru) bcb7_a3ru_yuacc_double_facial_piercings.package
2015-02-08 13:34 - 2015-02-08 13:34 - 04066818 _____ () C:\Users\Fm. Medved\Downloads\(скачано с sims3pack.ru) 8118_skysims-hair256.package
2015-02-08 13:32 - 2015-02-08 13:32 - 05961095 _____ () C:\Users\Fm. Medved\Downloads\(скачано с sims3pack.ru) cbdd_theyoungenzoallworkssofar.package
2015-02-08 13:28 - 2015-02-08 13:28 - 00235409 _____ () C:\Users\Fm. Medved\Downloads\(скачано с sims3pack.ru) 8a61_dnc-townhouse-design.zip
2015-02-08 13:15 - 2015-02-08 13:16 - 19816801 _____ () C:\Users\Fm. Medved\Downloads\(скачано с sims3pack.ru) 4db1_elsa-by-heartbeat.rar
2015-02-08 13:12 - 2015-02-08 13:12 - 04017150 _____ () C:\Users\Fm. Medved\Downloads\(скачано с sims3pack.ru) 7c00_sakura_yfbodyelsa-dress.package
2015-02-08 12:59 - 2015-02-08 13:00 - 24898232 _____ () C:\Users\Fm. Medved\Downloads\(скачано с sims3pack.ru) b46b_stealthic-sleepwalking-hair.package
2015-02-08 12:08 - 2015-02-08 12:09 - 00393662 _____ () C:\Users\Fm. Medved\Downloads\(скачано с sims3pack.ru) Madlen-Suza-Shoes.sims3pack
2015-02-08 12:05 - 2015-02-08 12:05 - 00387188 _____ () C:\Users\Fm. Medved\Downloads\(скачано с sims3pack.ru) 0b5f_1yulyasha-daf-booty.rar
2015-02-08 10:39 - 2015-02-08 10:40 - 02630721 _____ () C:\Users\Fm. Medved\Downloads\Alesso.rar
2015-02-08 10:05 - 2015-02-08 10:31 - 96997336 _____ () C:\Users\Fm. Medved\Downloads\Coralinca.rar
2015-02-08 09:56 - 2015-02-08 09:56 - 00000687 _____ () C:\awh8729.tmp
2015-02-08 09:47 - 2015-02-08 15:14 - 00000000 ____D () C:\Users\Fm. Medved\Downloads\Plants vs. Zombies Garden Warfare
2015-02-08 09:17 - 2015-02-08 09:17 - 00000687 _____ () C:\awh862F.tmp
2015-02-08 00:31 - 2015-02-08 00:31 - 00013862 _____ () C:\Users\Fm. Medved\Downloads\[SEAGAMES.RU]_Train_Simulator_2015.torrent
2015-02-08 00:25 - 2015-02-08 00:25 - 00028508 _____ () C:\Users\Fm. Medved\Downloads\[SEAGAMES.RU]_ArmA_2_Operation_Arrowhead.torrent
2015-02-07 22:16 - 2015-02-07 22:16 - 00000687 _____ () C:\awhA85F.tmp
2015-02-07 12:13 - 2015-02-07 12:14 - 23252776 _____ () C:\Users\Fm. Medved\Downloads\WD0154 (1).wmv
2015-02-07 11:26 - 2015-02-07 12:05 - 00000000 ____D () C:\Program Files (x86)\The Sims 3 Designer Edition
2015-02-07 10:17 - 2015-02-07 10:17 - 10016907 _____ () C:\Users\Fm. Medved\Downloads\WD0115.wmv
2015-02-07 10:13 - 2015-02-07 10:13 - 00000687 _____ () C:\awh52E.tmp
2015-02-07 10:09 - 2015-02-07 10:09 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\{BD12F857-F22C-451F-9FB3-D2B1861360CD}
2015-02-06 18:50 - 2015-02-06 19:00 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\CyberGhost
2015-02-06 18:50 - 2015-02-06 18:50 - 00000000 ____D () C:\Program Files\TAP-Windows
2015-02-06 18:49 - 2015-02-07 12:24 - 00001897 _____ () C:\Users\Fm. Medved\Desktop\CyberGhost 5.lnk
2015-02-06 18:49 - 2015-02-06 18:50 - 00000000 ____D () C:\Program Files\CyberGhost 5
2015-02-06 18:49 - 2015-02-06 18:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
2015-02-06 18:44 - 2015-02-06 18:44 - 09629976 _____ (CyberGhost S.R.L. ) C:\Users\Fm. Medved\Downloads\CG_5.0.14.7.exe
2015-02-06 16:20 - 2015-02-06 16:20 - 00002655 _____ () C:\Users\Public\Desktop\Assassin's Creed 4 - Черный Флаг.lnk
2015-02-06 16:20 - 2015-02-06 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed 4 - Черный Флаг
2015-02-06 15:55 - 2015-02-06 15:55 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\Setup Integrity Check
2015-02-06 12:58 - 2015-02-06 12:58 - 00000687 _____ () C:\awh1BE9.tmp
2015-02-05 20:47 - 2015-02-05 20:47 - 00000687 _____ () C:\awh7722.tmp
2015-02-05 20:37 - 2015-02-06 16:58 - 00000000 ____D () C:\Users\Fm. Medved\Documents\Assassin's Creed IV Black Flag
2015-02-05 14:17 - 2015-02-05 14:17 - 00001375 _____ () C:\Users\Fm. Medved\Desktop\Play Settlers 6 - Verknüpfung.lnk
2015-02-05 14:10 - 2015-02-05 14:10 - 00310984 _____ () C:\Windows\system32\Drivers\atksgt.sys
2015-02-05 14:10 - 2015-02-05 14:10 - 00042696 _____ () C:\Windows\system32\Drivers\lirsgt.sys
2015-02-05 11:17 - 2015-02-06 13:04 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\VoipConnect
2015-02-05 11:17 - 2015-02-05 11:17 - 00001191 _____ () C:\Users\Fm. Medved\Desktop\VoipConnect.lnk
2015-02-05 11:17 - 2015-02-05 11:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VoipConnect
2015-02-05 11:17 - 2015-02-05 11:17 - 00000000 ____D () C:\Program Files (x86)\VoipConnect.com
2015-02-05 11:15 - 2015-02-05 11:15 - 06610032 _____ (Finarea S.A. Switzerland ) C:\Users\Fm. Medved\Downloads\SetupVoipConnect-internetcalls.exe
2015-02-05 11:13 - 2015-02-05 11:13 - 00000687 _____ () C:\awhB9FB.tmp
2015-02-05 04:54 - 2015-02-17 13:51 - 00000020 _____ () C:\Users\Fm. Medved\AppData\Roaming\appdataFr3.bin
2015-02-04 18:20 - 2015-02-04 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-02-04 18:17 - 2015-02-04 18:17 - 00000687 _____ () C:\awh32B3.tmp
2015-02-04 16:10 - 2015-02-04 16:10 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\VK Downloader
2015-02-04 15:44 - 2015-02-04 15:44 - 00000687 _____ () C:\awhEF4D.tmp
2015-02-04 15:34 - 2015-02-04 15:34 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\Вoйти в Интeрнет 2inf.net
2015-02-04 15:33 - 2015-02-13 14:21 - 00000000 ____D () C:\Program Files (x86)\VK Downloader
2015-02-04 15:26 - 2015-02-04 15:26 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\Поиcк в Интeрнете
2015-02-04 15:24 - 2015-02-18 15:29 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\SystemDir
2015-02-04 15:24 - 2015-02-04 15:29 - 00003516 _____ () C:\Windows\System32\Tasks\nethost task
2015-02-04 15:15 - 2015-02-04 15:15 - 23252776 _____ () C:\Users\Fm. Medved\Downloads\WD0154.wmv
2015-02-04 14:51 - 2015-02-04 14:51 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\{0B744994-5DEE-4150-B77C-BE221B67E243}
2015-02-04 14:46 - 2015-02-04 14:46 - 00000000 ____D () C:\Users\Fm. Medved\Documents\LEGO Creations
2015-02-04 14:46 - 2015-02-04 14:46 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\LEGO Company
2015-02-04 14:45 - 2015-02-04 15:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Company
2015-02-04 14:37 - 2015-02-04 14:43 - 225918672 _____ () C:\Users\Fm. Medved\Downloads\setupLDD-PC-4_3_8.exe
2015-02-04 14:37 - 2015-02-04 14:37 - 00000687 _____ () C:\awh74C1.tmp
2015-02-03 20:03 - 2015-02-03 20:03 - 00000000 ____D () C:\Users\Fm. Medved\Documents\DIE SIEDLER - Aufstieg eines Königreichs
2015-02-03 10:40 - 2015-02-03 10:40 - 00000687 _____ () C:\awhF056.tmp
2015-02-03 10:30 - 2015-02-03 10:30 - 00000687 _____ () C:\awhDC4A.tmp
2015-02-02 23:31 - 2015-02-02 23:31 - 00000687 _____ () C:\awhF9F7.tmp
2015-02-02 19:03 - 2015-02-02 19:03 - 00000222 _____ () C:\Users\Fm. Medved\Desktop\Rust.url
2015-02-02 13:57 - 2015-02-02 13:57 - 00000687 _____ () C:\awh5955.tmp
2015-02-02 01:19 - 2015-02-02 01:19 - 00000687 _____ () C:\awh8A83.tmp
2015-02-01 16:03 - 2015-02-06 16:58 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\Game Updater
2015-02-01 13:52 - 2015-02-01 13:52 - 00000687 _____ () C:\awh312D.tmp
2015-02-01 11:38 - 2015-02-01 11:38 - 00000687 _____ () C:\awh7B27.tmp
2015-01-31 21:08 - 2015-02-10 02:49 - 00000000 ____D () C:\Program Files (x86)\e8b81c09-4582-4567-aca3-7b6a8bedd113
2015-01-31 14:00 - 2015-01-31 14:00 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\QuickScan
2015-01-31 13:52 - 2015-02-01 13:52 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Seznam.cz
2015-01-30 19:38 - 2015-01-30 19:53 - 00000000 ____D () C:\Users\TEMP
2015-01-30 19:38 - 2013-01-31 09:00 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\TuneUp Software
2015-01-30 19:38 - 2012-05-28 11:07 - 00000000 ____D () C:\Users\TEMP\Documents\Visual Studio 2008
2015-01-30 19:38 - 2012-05-28 11:07 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Microsoft Help
2015-01-30 19:38 - 2011-10-14 04:54 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Macromedia
2015-01-30 19:38 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-30 19:38 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-30 18:03 - 2015-01-30 18:03 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\{44EA6603-16EA-4169-B065-94470D98B51E}
2015-01-30 08:45 - 2015-01-30 08:45 - 00000687 _____ () C:\awh5705.tmp
2015-01-29 14:20 - 2015-01-29 14:20 - 00000687 _____ () C:\awh3FFC.tmp
2015-01-28 10:00 - 2015-01-28 10:00 - 00000687 _____ () C:\awh6306.tmp
2015-01-27 09:19 - 2015-01-27 09:19 - 00000687 _____ () C:\awhD6AA.tmp
2015-01-26 23:55 - 2015-01-26 23:55 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Promotion Software GmbH
2015-01-26 23:03 - 2015-01-26 23:03 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\11bitstudios
2015-01-26 19:47 - 2015-01-26 19:47 - 00001395 _____ () C:\Users\Fm. Medved\Desktop\Construction Simulator 2015.lnk
2015-01-25 16:14 - 2015-01-25 16:14 - 00000687 _____ () C:\awh3526.tmp
2015-01-25 15:09 - 2015-01-25 15:09 - 00000000 ____D () C:\Users\Fm. Medved\Documents\Paradox Interactive
2015-01-25 09:33 - 2015-01-25 09:33 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\PremiumCraft_slave
2015-01-24 18:41 - 2014-05-09 23:20 - 00820224 _____ () C:\Users\Fm. Medved\Desktop\pbsetup.exe
2015-01-24 17:09 - 2015-01-24 17:09 - 00000222 _____ () C:\Users\Fm. Medved\Desktop\Starbound.url
2015-01-21 10:29 - 2015-01-21 10:29 - 00000687 _____ () C:\awh2206.tmp
2015-01-20 20:27 - 2015-01-20 20:27 - 00000687 _____ () C:\awh29E.tmp
2015-01-20 11:55 - 2015-02-17 12:09 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\.minecraft
2015-01-20 09:35 - 2015-01-20 09:35 - 00000687 _____ () C:\awhF314.tmp
2015-01-19 23:30 - 2015-01-19 23:30 - 00000687 _____ () C:\awhE0BD.tmp
2015-01-19 07:00 - 2015-01-19 07:00 - 00000687 _____ () C:\awh85D1.tmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-18 16:55 - 2012-08-08 18:50 - 00000948 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001UA.job
2015-02-18 16:45 - 2013-04-16 09:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-18 16:28 - 2012-07-03 19:17 - 00001140 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001UA.job
2015-02-18 16:18 - 2012-06-14 13:11 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-18 16:01 - 2011-12-15 11:47 - 01300240 _____ () C:\Windows\WindowsUpdate.log
2015-02-18 15:18 - 2012-03-19 11:07 - 00293201 _____ () C:\Windows\setupact.log
2015-02-18 14:30 - 2011-10-14 04:48 - 00000000 ____D () C:\ProgramData\Adobe
2015-02-18 14:25 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-18 14:25 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-18 14:23 - 2013-12-11 20:41 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3A8A8C6A-E170-415F-84EB-4159B6166112}
2015-02-18 14:19 - 2012-02-04 20:13 - 00000000 ____D () C:\ProgramData\clear.fi
2015-02-18 14:18 - 2012-06-14 13:11 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-18 14:17 - 2012-04-28 20:44 - 00387642 _____ () C:\Windows\PFRO.log
2015-02-18 14:17 - 2012-02-23 00:13 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-02-18 14:17 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-17 23:12 - 2012-08-08 18:50 - 00000926 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001Core.job
2015-02-17 16:31 - 2012-02-04 20:39 - 00000000 ___RD () C:\Spiele
2015-02-17 15:41 - 2012-02-06 19:52 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\uTorrent
2015-02-17 12:20 - 2012-02-05 12:35 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Skype
2015-02-17 01:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\schemas
2015-02-17 01:58 - 2012-07-03 19:17 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001Core.job
2015-02-17 01:02 - 2014-06-20 10:08 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-17 01:02 - 2013-10-19 22:15 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-17 00:59 - 2014-07-19 12:51 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-02-17 00:59 - 2014-07-19 12:51 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-02-17 00:59 - 2014-07-19 12:51 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-02-17 00:59 - 2014-07-19 12:51 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-17 00:16 - 2012-02-04 19:54 - 00000000 ____D () C:\Users\Fm. Medved
2015-02-16 22:12 - 2012-08-31 19:04 - 778444645 _____ () C:\Windows\MEMORY.DMP
2015-02-16 22:12 - 2012-08-31 19:04 - 00000000 ____D () C:\Windows\Minidump
2015-02-16 06:49 - 2012-10-28 16:29 - 00000000 ____D () C:\Users\Fm. Medved\Desktop\Alles
2015-02-16 03:58 - 2014-11-01 12:25 - 00000631 _____ () C:\Users\Fm. Medved\Desktop\Serialy.txt
2015-02-16 03:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-02-15 10:58 - 2014-10-25 01:42 - 00000000 ____D () C:\Users\Fm. Medved\Documents\Outlook-Dateien
2015-02-15 02:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-14 19:30 - 2011-12-15 20:39 - 00703214 _____ () C:\Windows\system32\perfh007.dat
2015-02-14 19:30 - 2011-12-15 20:39 - 00150822 _____ () C:\Windows\system32\perfc007.dat
2015-02-14 19:30 - 2009-07-14 06:13 - 01629436 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-14 12:45 - 2013-01-02 15:09 - 00000000 ____D () C:\ProgramData\Origin
2015-02-14 12:42 - 2013-01-02 15:08 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-14 12:40 - 2012-03-12 18:39 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2015-02-14 12:40 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-14 12:33 - 2013-01-02 15:35 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Origin
2015-02-13 14:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2015-02-12 20:57 - 2013-08-26 18:18 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\TS3Client
2015-02-12 16:49 - 2009-07-14 05:45 - 03056376 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 16:47 - 2014-12-17 13:33 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 16:47 - 2014-05-07 03:46 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 02:35 - 2013-04-23 22:30 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-12 02:33 - 2012-05-26 22:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-12 02:33 - 2009-07-14 03:34 - 00000510 _____ () C:\Windows\win.ini
2015-02-12 02:29 - 2014-10-20 02:26 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-02-12 02:29 - 2014-10-20 02:25 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-12 02:28 - 2014-10-20 02:24 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-12 02:28 - 2014-10-20 02:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-12 02:28 - 2013-07-18 22:26 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 02:22 - 2012-02-13 21:38 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-11 20:44 - 2014-06-30 16:46 - 00215128 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-11 20:44 - 2012-02-05 21:03 - 00215128 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-02-11 20:38 - 2012-02-05 20:48 - 00282296 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-02-11 20:28 - 2014-12-26 22:49 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2015-02-11 17:15 - 2014-12-23 21:10 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-10 17:21 - 2012-11-14 11:55 - 00007605 _____ () C:\Users\Fm. Medved\AppData\Local\Resmon.ResmonCfg
2015-02-10 17:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-10 02:51 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2015-02-10 02:49 - 2014-10-10 23:47 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\9181
2015-02-10 02:49 - 2014-09-23 08:23 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\12260
2015-02-10 02:49 - 2012-10-28 16:33 - 00000000 ____D () C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint
2015-02-10 02:49 - 2012-09-06 06:33 - 00000000 ____D () C:\Program Files\14
2015-02-10 02:49 - 2012-05-31 14:34 - 00000000 ____D () C:\ProgramData\InstallMate
2015-02-10 02:06 - 2012-05-30 20:33 - 00000000 ___RD () C:\Bogdan
2015-02-10 02:04 - 2014-04-01 18:07 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\NVIDIA Corporation
2015-02-10 02:04 - 2013-10-05 13:33 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-02-10 02:04 - 2013-05-27 22:23 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\NVIDIA
2015-02-10 02:04 - 2011-12-15 11:52 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-02-10 02:04 - 2011-12-15 11:52 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-02-10 01:18 - 2014-11-13 01:26 - 00002998 _____ () C:\Windows\System32\Tasks\AdobeFlashPlayer-S-2-1-24-198293847112UI
2015-02-10 01:05 - 2012-02-05 12:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-09 21:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-09 05:45 - 2013-04-16 09:54 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-09 05:45 - 2012-05-24 01:42 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-09 05:45 - 2011-10-14 04:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-08 18:14 - 2012-03-16 07:20 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-02-07 12:05 - 2014-06-25 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 3 Designer Edition
2015-02-07 11:26 - 2012-04-07 20:30 - 00000000 ____D () C:\Users\Fm. Medved\Documents\Electronic Arts
2015-02-07 11:11 - 2014-03-02 08:00 - 00000813 _____ () C:\Users\Fm. Medved\AppData\Roaming\tlauncher.rmo.cfg
2015-02-07 06:28 - 2012-02-06 19:05 - 00000000 ___RD () C:\Nikita
2015-02-07 06:20 - 2015-01-02 02:27 - 00000000 ____D () C:\Users\Fm. Medved\Downloads\New Music niko
2015-02-06 19:00 - 2012-02-04 19:54 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\VirtualStore
2015-02-05 22:50 - 2012-03-16 07:21 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-02-05 20:37 - 2014-06-30 17:20 - 00000000 ____D () C:\ProgramData\Orbit
2015-02-05 14:11 - 2012-04-08 10:24 - 00340271 _____ () C:\Windows\DirectX.log
2015-02-05 14:01 - 2011-10-14 04:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-04 16:12 - 2014-06-01 13:27 - 00000000 ____D () C:\Users\Fm. Medved\Desktop\The Sims 3
2015-02-04 15:30 - 2014-06-13 13:06 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\Amigo
2015-02-04 15:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-02-02 23:50 - 2012-07-03 19:28 - 00002388 _____ () C:\Users\Fm. Medved\Desktop\Google Chronm9.lnk
2015-02-02 23:30 - 2013-01-03 14:00 - 00001226 _____ () C:\Windows\wininit.ini
2015-02-02 19:04 - 2014-06-19 13:26 - 00174624 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2015-02-02 14:22 - 2013-08-26 18:17 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\TeamSpeak 3 Client
2015-01-31 21:04 - 2012-02-07 13:46 - 00000000 ____D () C:\Users\Fm. Medved\Documents\My Games
2015-01-30 14:29 - 2012-05-27 19:21 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Mozilla
2015-01-26 12:05 - 2013-03-18 19:08 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2015-01-24 18:52 - 2014-06-30 16:46 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-01-24 18:49 - 2013-06-24 17:21 - 02434856 _____ () C:\Windows\SysWOW64\pbsvc_bc2.exe
2015-01-20 11:19 - 2014-03-01 12:48 - 00041984 ___SH () C:\Users\Fm. Medved\AppData\Roaming\Thumbs.db
2015-01-20 11:14 - 2015-01-18 01:40 - 00000000 ____D () C:\Users\Fm. Medved\Documents\Korra
2015-01-20 02:21 - 2012-02-04 20:26 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\DAEMON Tools Lite
2015-01-19 17:36 - 2012-07-17 07:16 - 01603716 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

==================== Files in the root of some directories =======

2012-04-30 21:18 - 2011-07-23 17:29 - 9591104 _____ (DT Soft Ltd.) C:\Program Files\DTLite [Bigtorrents.org].exe
2015-02-05 04:54 - 2015-02-17 13:51 - 0000020 _____ () C:\Users\Fm. Medved\AppData\Roaming\appdataFr3.bin
2012-07-06 14:19 - 2012-07-22 00:18 - 1203065 _____ () C:\Users\Fm. Medved\AppData\Roaming\haha
2013-07-10 15:22 - 2010-01-07 14:35 - 1007616 _____ (Huawei Technologies Co., Ltd.) C:\Users\Fm. Medved\AppData\Roaming\LiveUpdate.exe
2013-07-10 15:22 - 2013-07-09 23:59 - 0000713 _____ () C:\Users\Fm. Medved\AppData\Roaming\LiveUpdate.ini
2013-07-10 15:22 - 2008-10-11 09:39 - 0927504 _____ (Microsoft Corporation) C:\Users\Fm. Medved\AppData\Roaming\mfc40u.dll
2013-07-10 15:22 - 2006-12-28 04:34 - 1060864 _____ (Microsoft Corporation) C:\Users\Fm. Medved\AppData\Roaming\mfc71.dll
2013-07-10 15:22 - 2006-12-28 04:34 - 1047552 _____ (Microsoft Corporation) C:\Users\Fm. Medved\AppData\Roaming\MFC71u.dll
2013-07-10 15:22 - 2005-08-10 08:19 - 0401462 _____ (Microsoft Corporation) C:\Users\Fm. Medved\AppData\Roaming\msvcp60.dll
2013-07-10 15:22 - 2006-12-28 04:34 - 0499712 _____ (Microsoft Corporation) C:\Users\Fm. Medved\AppData\Roaming\msvcp71.dll
2013-07-10 15:22 - 2006-12-28 04:34 - 0348160 _____ (Microsoft Corporation) C:\Users\Fm. Medved\AppData\Roaming\msvcr71.dll
2013-07-06 13:36 - 2013-07-06 19:43 - 0078872 _____ () C:\Users\Fm. Medved\AppData\Roaming\svhost
2014-03-01 12:48 - 2015-01-20 11:19 - 0041984 ___SH () C:\Users\Fm. Medved\AppData\Roaming\Thumbs.db
2014-03-02 08:00 - 2015-02-07 11:11 - 0000813 _____ () C:\Users\Fm. Medved\AppData\Roaming\tlauncher.rmo.cfg
2013-07-10 15:22 - 2009-12-31 14:10 - 0151552 _____ (Huawei Technologies Co., Ltd.) C:\Users\Fm. Medved\AppData\Roaming\XMessageBox.dll
2014-03-20 02:35 - 2014-06-17 12:05 - 0013312 _____ () C:\Users\Fm. Medved\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-11-14 11:55 - 2015-02-10 17:21 - 0007605 _____ () C:\Users\Fm. Medved\AppData\Local\Resmon.ResmonCfg
2011-12-15 12:13 - 2011-12-15 12:15 - 0015230 _____ () C:\ProgramData\ArcadeDeluxe5.log

Some content of TEMP:
====================
C:\Users\Fm. Medved\AppData\Local\Temp\1210D4E4D7423C79.exe
C:\Users\Fm. Medved\AppData\Local\Temp\2MP5zytCfAyG.exe
C:\Users\Fm. Medved\AppData\Local\Temp\406319A8255cD.exe
C:\Users\Fm. Medved\AppData\Local\Temp\48QMDaYOxADp.exe
C:\Users\Fm. Medved\AppData\Local\Temp\501A88D42DBA8029.exe
C:\Users\Fm. Medved\AppData\Local\Temp\59RKVC1K8a.exe
C:\Users\Fm. Medved\AppData\Local\Temp\6086.exe
C:\Users\Fm. Medved\AppData\Local\Temp\7a6jhbDo3Kxz.exe
C:\Users\Fm. Medved\AppData\Local\Temp\87u3e28ywJ.exe
C:\Users\Fm. Medved\AppData\Local\Temp\9EF564B2604F437F.exe
C:\Users\Fm. Medved\AppData\Local\Temp\autorun.dll
C:\Users\Fm. Medved\AppData\Local\Temp\AutoRun.exe
C:\Users\Fm. Medved\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Fm. Medved\AppData\Local\Temp\ax4v8VAyGj.exe
C:\Users\Fm. Medved\AppData\Local\Temp\B5E151267C76B1C3.exe
C:\Users\Fm. Medved\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Fm. Medved\AppData\Local\Temp\binkw32.dll
C:\Users\Fm. Medved\AppData\Local\Temp\Core.dll
C:\Users\Fm. Medved\AppData\Local\Temp\CYh6NaZ7xkEL.exe
C:\Users\Fm. Medved\AppData\Local\Temp\DC5A518073D21B85.exe
C:\Users\Fm. Medved\AppData\Local\Temp\dmcr.exe
C:\Users\Fm. Medved\AppData\Local\Temp\drv37930.exe
C:\Users\Fm. Medved\AppData\Local\Temp\EAInstall.dll
C:\Users\Fm. Medved\AppData\Local\Temp\eauninstall.exe
C:\Users\Fm. Medved\AppData\Local\Temp\Engine.dll
C:\Users\Fm. Medved\AppData\Local\Temp\EZwUfF63IzKi.exe
C:\Users\Fm. Medved\AppData\Local\Temp\F0722_s_30803.exe
C:\Users\Fm. Medved\AppData\Local\Temp\GfF1mUrt2j9R.exe
C:\Users\Fm. Medved\AppData\Local\Temp\gukEN2THPwjZ.exe
C:\Users\Fm. Medved\AppData\Local\Temp\i4jdel0.exe
C:\Users\Fm. Medved\AppData\Local\Temp\i4jdel1.exe
C:\Users\Fm. Medved\AppData\Local\Temp\i4jdel2.exe
C:\Users\Fm. Medved\AppData\Local\Temp\i4jdel3.exe
C:\Users\Fm. Medved\AppData\Local\Temp\IFC23.dll
C:\Users\Fm. Medved\AppData\Local\Temp\InstallUtil.exe
C:\Users\Fm. Medved\AppData\Local\Temp\iupdate.exe
C:\Users\Fm. Medved\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Fm. Medved\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Fm. Medved\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Fm. Medved\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Fm. Medved\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Fm. Medved\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Fm. Medved\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Fm. Medved\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Fm. Medved\AppData\Local\Temp\K5zdmNsL2x.exe
C:\Users\Fm. Medved\AppData\Local\Temp\LFhw3NohZWSZ.exe
C:\Users\Fm. Medved\AppData\Local\Temp\lowproc.exe
C:\Users\Fm. Medved\AppData\Local\Temp\mailrusputnik.exe
C:\Users\Fm. Medved\AppData\Local\Temp\MailRuUpdater.exe
C:\Users\Fm. Medved\AppData\Local\Temp\MP3_Launcher_1_27_0_0.exe
C:\Users\Fm. Medved\AppData\Local\Temp\MRT.exe
C:\Users\Fm. Medved\AppData\Local\Temp\msvci70.dll
C:\Users\Fm. Medved\AppData\Local\Temp\msvci70d.dll
C:\Users\Fm. Medved\AppData\Local\Temp\msvcirt.dll
C:\Users\Fm. Medved\AppData\Local\Temp\msvcp70.dll
C:\Users\Fm. Medved\AppData\Local\Temp\msvcp70d.dll
C:\Users\Fm. Medved\AppData\Local\Temp\msvcp71.dll
C:\Users\Fm. Medved\AppData\Local\Temp\msvcp71d.dll
C:\Users\Fm. Medved\AppData\Local\Temp\MSVCR70.dll
C:\Users\Fm. Medved\AppData\Local\Temp\MSVCR70d.dll
C:\Users\Fm. Medved\AppData\Local\Temp\MSVCR71.dll
C:\Users\Fm. Medved\AppData\Local\Temp\MSVCR71d.dll
C:\Users\Fm. Medved\AppData\Local\Temp\MSVCRt.dll
C:\Users\Fm. Medved\AppData\Local\Temp\Need for Speed Carbon_uninst.exe
C:\Users\Fm. Medved\AppData\Local\Temp\npp.6.4.3.Installer.exe
C:\Users\Fm. Medved\AppData\Local\Temp\ogg.dll
C:\Users\Fm. Medved\AppData\Local\Temp\ogg_d.dll
C:\Users\Fm. Medved\AppData\Local\Temp\oi_{262839C0-B936-467E-8979-8FDC301E8874}.exe
C:\Users\Fm. Medved\AppData\Local\Temp\oW2jy6Ai6zyH.exe
C:\Users\Fm. Medved\AppData\Local\Temp\PicoZipRT.exe
C:\Users\Fm. Medved\AppData\Local\Temp\pid16.dll
C:\Users\Fm. Medved\AppData\Local\Temp\pid32.dll
C:\Users\Fm. Medved\AppData\Local\Temp\pobLyh96ItOH.exe
C:\Users\Fm. Medved\AppData\Local\Temp\protect.dll
C:\Users\Fm. Medved\AppData\Local\Temp\protect.exe
C:\Users\Fm. Medved\AppData\Local\Temp\Quarantine.exe
C:\Users\Fm. Medved\AppData\Local\Temp\runprog.exe
C:\Users\Fm. Medved\AppData\Local\Temp\S02GqZ3mCdwp.exe
C:\Users\Fm. Medved\AppData\Local\Temp\Setup.exe
C:\Users\Fm. Medved\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Fm. Medved\AppData\Local\Temp\sqlite3.dll
C:\Users\Fm. Medved\AppData\Local\Temp\sr49442.exe
C:\Users\Fm. Medved\AppData\Local\Temp\SRLDetectionLibrary2161041955950608226.dll
C:\Users\Fm. Medved\AppData\Local\Temp\srv3328.exe
C:\Users\Fm. Medved\AppData\Local\Temp\srv50265.exe
C:\Users\Fm. Medved\AppData\Local\Temp\srv78452.exe
C:\Users\Fm. Medved\AppData\Local\Temp\srv83309.exe
C:\Users\Fm. Medved\AppData\Local\Temp\start.exe
C:\Users\Fm. Medved\AppData\Local\Temp\stubhelper.dll
C:\Users\Fm. Medved\AppData\Local\Temp\The Sims 3 Seasons_11251096_162_rar_.exe
C:\Users\Fm. Medved\AppData\Local\Temp\tmp28E5.exe
C:\Users\Fm. Medved\AppData\Local\Temp\tmp7714.exe
C:\Users\Fm. Medved\AppData\Local\Temp\tmpE7B1.exe
C:\Users\Fm. Medved\AppData\Local\Temp\ubi1A89.tmp.exe
C:\Users\Fm. Medved\AppData\Local\Temp\ubi33B1.tmp.exe
C:\Users\Fm. Medved\AppData\Local\Temp\ubi4E33.tmp.exe
C:\Users\Fm. Medved\AppData\Local\Temp\ubi5A60.tmp.exe
C:\Users\Fm. Medved\AppData\Local\Temp\ubi5C57.tmp.exe
C:\Users\Fm. Medved\AppData\Local\Temp\ubi6B2A.tmp.exe
C:\Users\Fm. Medved\AppData\Local\Temp\ubi7509.tmp.exe
C:\Users\Fm. Medved\AppData\Local\Temp\ubiE278.tmp.exe
C:\Users\Fm. Medved\AppData\Local\Temp\ubiE7A1.tmp.exe
C:\Users\Fm. Medved\AppData\Local\Temp\ubiF9EF.tmp.exe
C:\Users\Fm. Medved\AppData\Local\Temp\uninst1.exe
C:\Users\Fm. Medved\AppData\Local\Temp\utt1C73.tmp.exe
C:\Users\Fm. Medved\AppData\Local\Temp\utt4D38.tmp.exe
C:\Users\Fm. Medved\AppData\Local\Temp\uttE0C0.tmp.exe
C:\Users\Fm. Medved\AppData\Local\Temp\uttE39B.tmp.exe
C:\Users\Fm. Medved\AppData\Local\Temp\veCeEtieVMZ9.exe
C:\Users\Fm. Medved\AppData\Local\Temp\vorbis.dll
C:\Users\Fm. Medved\AppData\Local\Temp\vorbisfile.dll
C:\Users\Fm. Medved\AppData\Local\Temp\vorbisfile_d.dll
C:\Users\Fm. Medved\AppData\Local\Temp\vorbis_d.dll
C:\Users\Fm. Medved\AppData\Local\Temp\Window.dll
C:\Users\Fm. Medved\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Fm. Medved\AppData\Local\Temp\YandexPackSetup.exe
C:\Users\Fm. Medved\AppData\Local\Temp\ZP54KZPNt2.exe
C:\Users\Fm. Medved\AppData\Local\Temp\_isC11E.exe
C:\Users\Fm. Medved\AppData\Local\Temp\_isC4EB.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-14 01:19

==================== End Of Log ============================
--- --- ---

--- --- ---


Alt 18.02.2015, 17:35   #6
Mr. Dela
 
Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr. - Standard

Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2015
Ran by Fm. Medved at 2015-02-18 17:10:27
Running from C:\Users\Fm. Medved\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Ableton Live 9 Trial (HKLM-x32\...\{C35BA142-7FDD-4EAF-B0F8-9FF42B1429C3}) (Version: 9.0.0.0 - Ableton)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.100 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0913.2011 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{57878820-C1C6-4EF4-B562-15E485152D66}) (Version: 1.00.0000 - Microsoft Games)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Games) Hidden
Apple Application Support (HKLM-x32\...\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}) (Version: 2.1.7 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}) (Version: 5.1.1.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ava MetaTrader (HKLM-x32\...\Ava MetaTrader) (Version: 4.00 - MetaQuotes Software Corp.)
AVG 2012 (Version: 12.0.2641 - AVG Technologies) Hidden
Backup Manager V3 (x32 Version: 3.0.0.100 - NTI Corporation) Hidden
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Benutzerhandbuch EPSON SX130 Series (HKLM-x32\...\EPSON SX130 Series Useg) (Version:  - )
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{FE5ABB0E-EDEA-4023-B0FB-9DEA39A98D76}) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
calibre 64bit (HKLM\...\{994A15FB-0FA3-455E-8161-A558C7BC4A73}) (Version: 2.19.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 3.16 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Construction Simulator 2015 v.1.0 (HKLM-x32\...\Construction Simulator 2015_is1) (Version:  - )
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}) (Version: 2.40.0009 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX130 Series Printer Uninstall (HKLM\...\EPSON SX130 Series) (Version:  - SEIKO EPSON Corporation)
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)
Explorer Suite III (HKLM\...\Explorer Suite_is1) (Version:  - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farming Simulator 15 v.1.1.0.0 (HKLM-x32\...\Farming Simulator 15_is1) (Version:  - )
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
go te.comp-training (HKLM-x32\...\{905BF3AB-9FC8-40F8-8906-1A7C17C1EC48}) (Version: 7.5.5 - te.comp lernsysteme GmbH)
Google Chrome (HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3223 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
InternetCalls (HKLM-x32\...\InternetCalls_is1) (Version: 4.14 build 745 - Finarea S.A. Switzerland)
iPod Converter 2012 (HKLM-x32\...\{5652CABB-9AD7-4162-B443-5DE7E9540E3F}_is1) (Version: 1.1 - Reganam)
iTunes (HKLM\...\{CF8FFD12-602B-422D-AF1D-511B411E7632}) (Version: 10.6.1.7 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Map Editor for Soldiers v1.28.3E (HKLM-x32\...\Official map editor for Soldiers: Heroes of World War II_is1) (Version:  - Best Way)
MaxDownload (HKLM-x32\...\MaxDownload) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.3 - Notepad++ Team)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.1 - Rockstar Games)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Seznam Software (HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\SeznamInstall) (Version:  - Seznam.cz)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 2.0.0.0 - Electronic Arts)
Skype Web Plugin (HKLM-x32\...\{69F300CB-D6BF-41DD-B7CC-983BAFF4EE15}) (Version: 3.1.15602.22612 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 6.1.0.5 - WildTangent, Inc.)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 8.0.0.10 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
System Requirements Lab CYRI (HKLM-x32\...\{906B34E5-573C-445A-A5D3-40B6BF0A2EC4}) (Version: 6.0.21.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{A77FBB20-76A9-4BD2-8C03-8616AEC27264}) (Version: 2.2.1.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Trainer.Net 7.0 (HKLM-x32\...\{06AD4590-CB21-46A3-BD4B-CC93BF259D58}) (Version: 7.0.0 - Zakharchenko vadim Alexandrovich)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Unity Web Player (HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VirtualDJ PRO Full (HKLM-x32\...\{4769E972-2E92-49C5-B6F9-465EFD0C4D94}) (Version: 7.0.5 - Atomix Productions)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VK Downloader (HKLM-x32\...\VK Downloader) (Version: 1.2.17 - )
Vkmusicdownloader (HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Vkmusicdownloader) (Version:  - )
VoipConnect (HKLM-x32\...\VoipConnect_is1) (Version: 4.14 build 760 - Finarea S.A. Switzerland)
War Thunder Launcher 1.0.1.467 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 16.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}) (Version: 16.0.9715 - WinZip Computing, S.L. )
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Служба автоматического обновления программ (HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\MailRuUpdater) (Version:  - Mail.Ru)
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-347752443-2393636236-3195270278-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Fm. Medved\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-347752443-2393636236-3195270278-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Fm. Medved\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-347752443-2393636236-3195270278-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Fm. Medved\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-347752443-2393636236-3195270278-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Fm. Medved\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-347752443-2393636236-3195270278-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Fm. Medved\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-347752443-2393636236-3195270278-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Fm. Medved\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

15-02-2015 19:00:44 Windows-Sicherung
15-02-2015 19:39:49 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01BD0AFD-4DAB-4F68-ABFC-40816AEE563D} - System32\Tasks\{FB348847-6B27-4A8A-AB68-901B52BF46A6} => pcalua.exe -a "C:\Program Files (x86)\Ava MetaTrader\Uninstall.exe"
Task: {0A611E31-23AA-4601-8B45-0CC85A899107} - System32\Tasks\AdobeFlashPlayer-S-2-1-24-198293847112UI => C:\Users\Fm. Medved\AppData\Roaming\TomTom\adobeupd.exe [2014-11-13] ()
Task: {1C9D751A-588E-4160-854E-56FFD8CFAC0A} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {361BF95B-BC7E-4DFF-9903-C4F6A78E9F42} - \Steam-S-1-8-22-9865GUI No Task File <==== ATTENTION
Task: {3BFBDCBF-F7BF-4A02-9155-2FFAC6C33D6B} - System32\Tasks\{E680DE6A-8784-4213-96B3-C682A9E0F9A0} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -c -runfromtemp -l0x0019 -removeonly
Task: {42AD00A5-B968-4F76-B50A-DA541205D9D8} - System32\Tasks\WdfHG => C:\Users\FM3A93~1.MED\AppData\Local\Temp\start.exe [2014-06-16] (Microsoft) <==== ATTENTION
Task: {4D04755D-B3F2-4494-AAD4-81B1807F03FF} - System32\Tasks\{A80D55A6-8D68-4913-87CB-3CFAEDE19D2C} => C:\Program Files (x86)\iTunes\iTunes.exe [2012-03-27] (Apple Inc.)
Task: {5C3C0E78-7972-44E0-AD43-9A49492125FC} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {5F197820-F382-49B1-A430-44BC94801C07} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {617ABD2D-307B-4EF5-A9E0-24F978146A2A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {620CD551-5BC8-4742-8870-9B4C295D628B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001UA => C:\Users\Fm. Medved\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-14] (Google Inc.)
Task: {698CB884-3864-47DE-92B1-ED5406C97E2D} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {6A199B37-5407-4A37-8568-92CE69B84C03} - System32\Tasks\{FD02CBD1-044D-4386-A61C-DD85C32670CC} => pcalua.exe -a "C:\Spiele\The Sims 3.Gold Edition.v 16.0.136 + Store.(Electronic Arts).(2012).Repack\INstall\The Sims 3.University Life (exe)\flt-s3ul\Sims3EP09Setup.exe" -d "C:\Spiele\The Sims 3.Gold Edition.v 16.0.136 + Store.(Electronic Arts).(2012).Repack\INstall\The Sims 3.University Life (exe)\flt-s3ul"
Task: {6B3E4BB0-8554-444A-9B35-2E54F1011A7D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-14] (Google Inc.)
Task: {75645085-EFFD-4304-BDC3-5E7203E74DA5} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-347752443-2393636236-3195270278-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {7A1F933F-4A91-4DD4-8E41-05803FDED684} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-347752443-2393636236-3195270278-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {7BA87B60-2261-484E-82EC-9A3D828AE5F9} - System32\Tasks\{34BE97F5-3B80-4233-B99C-8FF3FC7FD4E9} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/ru/abandoninstall?page=tsProgressBar
Task: {7BB44764-6B1D-4E27-A567-ED62E12C0FFE} - System32\Tasks\{16361F05-87F8-405D-A2F6-1996E3AFE7AB} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{57878820-C1C6-4EF4-B562-15E485152D66}\setup.exe" -c -runfromtemp -l0x0419
Task: {7C6C55BD-B364-4415-BA93-44B266F119D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-14] (Google Inc.)
Task: {7F69A355-302F-4B73-B1B0-B1E2ACEB71B1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001Core => C:\Users\Fm. Medved\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-14] (Google Inc.)
Task: {8A8DC9E0-AF28-4920-AFDC-9996183568FB} - System32\Tasks\{A8CA6769-0721-4505-AC8C-29DC97F1EF6D} => pcalua.exe -a C:\Windows\unasetup.exe
Task: {8E6B8461-149A-4029-A3C3-5C3A682A33FF} - System32\Tasks\{CF396385-9EBB-4737-A973-F8CDF689787B} => C:\Spiele\Mafia 2\Mafia II от R.G. Element Arts\Setup.exe
Task: {975DD2B5-6609-4D99-ACBE-6321207C20D0} - System32\Tasks\{A8D971F8-0DD2-4F37-A1CD-AF72BDBD6EF3} => pcalua.exe -a "C:\Users\Fm. Medved\Downloads\dotNetFx35setup (1).exe" -d "C:\Users\Fm. Medved\Downloads"
Task: {AA7A1BCF-C9C2-42BC-8438-E94575A7843A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001Core => C:\Users\Fm. Medved\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-08] (Facebook Inc.)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {AD4A211A-B7B3-492D-AB41-4D3368529F5C} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {ADD7F6E9-C8DB-44C1-A334-85C0C2F5DCAF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-09] (Adobe Systems Incorporated)
Task: {B5511A6F-C6AB-45C9-8614-E04D010E2B9D} - System32\Tasks\{AE04A0AA-6195-40EE-A248-20909DEABCE7} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe -c /M{F6BA169A-F1E8-45B5-864D-9A4BB9C24ABF}
Task: {B83B5644-99D4-479A-996A-76C8B29E41C6} - System32\Tasks\RunAsStdUser Task => C:\Users\Fm. Medved\Desktop\Alles\Michal nicht Löschen\Pogo Games\PogoDGC.exe
Task: {B8BEFD48-5665-47EE-A489-F306C535BF16} - System32\Tasks\{6389BD75-0E34-4C75-BCB2-DEBB669B2DE0} => pcalua.exe -a "C:\Users\Fm. Medved\Downloads\CDGX5SP3RuEn.exe" -d "C:\Users\Fm. Medved\Downloads"
Task: {BC2A7CA7-0B77-44AC-BA28-18394020021B} - System32\Tasks\{9C8E7B24-CFA8-4CC9-B50D-BE41BF824C48} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/ru/abandoninstall?page=tsProgressBar
Task: {C576639D-540A-4C64-917E-2C4FA8E92049} - System32\Tasks\{15CCAA8E-7623-42CD-AFC5-7035452C7492} => C:\Spiele\Mafia 2\Mafia II от R.G. Element Arts\Setup.exe
Task: {D381D13E-F4D0-4ACA-A180-A21782136DBD} - System32\Tasks\nethost task => C:\Users\Fm. Medved\AppData\Local\SystemDir\nethost.exe [2015-02-04] ()
Task: {D874F47D-F702-4D70-9160-9143AD44B496} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001UA => C:\Users\Fm. Medved\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-08] (Facebook Inc.)
Task: {DC237A75-7710-4F02-9506-CB9767DC2487} - System32\Tasks\{9DB4BAE9-478D-4510-93F2-34F5901F682F} => C:\Program Files (x86)\iTunes\iTunes.exe [2012-03-27] (Apple Inc.)
Task: {DF7A0A3A-6DAB-43C6-A0D3-153408B45384} - \BrowserDefendert No Task File <==== ATTENTION
Task: {E2B64880-FF09-4616-B31C-35E0C645E37B} - \GoogleUpdateTaskUserS-1-5-21-1970835742GUI No Task File <==== ATTENTION
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {F2B1F4FB-B7B4-474D-B167-85204093A620} - System32\Tasks\{D4A73985-4E9A-43AA-9B43-C0C1ADA96F57} => pcalua.exe -a "C:\Spiele\Battelfield 2\Battlefield 2 (2005) Repack rustorka\Дополнения\Русификатор\battlefield2rus.exe" -d "C:\Spiele\Battelfield 2\Battlefield 2 (2005) Repack rustorka\Дополнения\Русификатор"
Task: {F4EA71C6-011B-411E-928F-792EFAD4B46E} - System32\Tasks\{B9BF3FA6-7F18-4F34-A8CE-9FDCE30C5FD9} => pcalua.exe -a "C:\Users\Fm. Medved\Desktop\Adobe CS4\Illustrator\Adobe CS4\payloads\AdobeAIR1.0\AdobeAIRInstaller.exe" -d "C:\Program Files (x86)\Common Files\Adobe\Installers\2a31ae7a5c43ff52d8577782dd34e04" -c -silent
Task: {F6C3150D-BE89-4842-B32D-273D2F73BFA0} - \{0DABC752-6096-462E-A956-8664FA083FA5} No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001Core.job => C:\Users\Fm. Medved\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001UA.job => C:\Users\Fm. Medved\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001Core.job => C:\Users\Fm. Medved\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001UA.job => C:\Users\Fm. Medved\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-04-17 17:11 - 2014-03-04 14:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-30 16:46 - 2015-01-24 18:52 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-10-14 04:57 - 2011-06-10 18:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-17 16:41 - 2014-03-04 15:35 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2012-01-05 14:22 - 2012-01-05 14:22 - 00465344 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-01-05 14:22 - 2012-01-05 14:22 - 01081368 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-01-05 14:22 - 2012-01-05 14:22 - 00125464 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2011-08-24 18:03 - 2011-08-24 18:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2014-10-16 10:38 - 2014-10-16 10:38 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll
2011-10-14 04:15 - 2011-04-30 08:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-01-27 01:29 - 2015-01-25 07:08 - 01117512 _____ () C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
2015-01-27 01:29 - 2015-01-25 07:08 - 00211272 _____ () C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\40.0.2214.93\libegl.dll
2015-01-27 01:29 - 2015-01-25 07:08 - 09170760 _____ () C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\40.0.2214.93\pdf.dll
2015-02-05 05:03 - 2015-02-03 12:22 - 14964912 _____ () C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\PepperFlash\16.0.0.305\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\Users\Fm. Medved\Lokale Einstellungen:wa
AlternateDataStreams: C:\Users\Fm. Medved\AppData\Local:wa
AlternateDataStreams: C:\Users\Fm. Medved\AppData\Local\Anwendungsdaten:wa

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-347752443-2393636236-3195270278-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Fm. Medved\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138 - 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart
MSCONFIG\startupreg: Facebook Update => "C:\Users\Fm. Medved\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: VoipConnect => "C:\Program Files (x86)\VoipConnect.com\VoipConnect\VoipConnect.exe" -nosplash -minimized

==================== Accounts: =============================

Administrator (S-1-5-21-347752443-2393636236-3195270278-500 - Administrator - Disabled)
Fm. Medved (S-1-5-21-347752443-2393636236-3195270278-1001 - Administrator - Enabled) => C:\Users\Fm. Medved
Gast (S-1-5-21-347752443-2393636236-3195270278-501 - Administrator - Disabled) => C:\Users\Gast.FmMedved-PC
HomeGroupUser$ (S-1-5-21-347752443-2393636236-3195270278-1007 - Limited - Enabled)
UpdatusUser (S-1-5-21-347752443-2393636236-3195270278-1009 - Limited - Enabled) => C:\Users\UpdatusUser.FmMedved-PC

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/18/2015 02:18:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/18/2015 02:18:02 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/17/2015 03:44:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/17/2015 03:43:45 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/17/2015 02:18:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2699

Error: (02/17/2015 02:18:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2699

Error: (02/17/2015 02:18:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/17/2015 02:18:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1700

Error: (02/17/2015 02:18:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1700

Error: (02/17/2015 02:18:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (02/18/2015 02:18:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
prodrv06
prohlp02
prosync1
sfhlp01

Error: (02/18/2015 02:18:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (02/18/2015 02:17:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (02/18/2015 02:17:56 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.

Error: (02/18/2015 02:17:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/17/2015 03:53:36 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureCommand" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (02/17/2015 03:53:34 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (02/17/2015 03:43:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
prodrv06
prohlp02
prosync1
sfhlp01

Error: (02/17/2015 03:43:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (02/17/2015 03:43:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275


Microsoft Office Sessions:
=========================
Error: (02/18/2015 02:18:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/18/2015 02:18:02 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/17/2015 03:44:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/17/2015 03:43:45 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/17/2015 02:18:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2699

Error: (02/17/2015 02:18:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2699

Error: (02/17/2015 02:18:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/17/2015 02:18:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1700

Error: (02/17/2015 02:18:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1700

Error: (02/17/2015 02:18:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 44%
Total physical RAM: 8043.86 MB
Available physical RAM: 4466.79 MB
Total Pagefile: 16085.91 MB
Available Pagefile: 11074.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:913.41 GB) (Free:245.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BEB0AEBE)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=913.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Alt 19.02.2015, 06:54   #7
schrauber
/// the machine
/// TB-Ausbilder
 
Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr. - Standard

Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.


hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.02.2015, 16:00   #8
Mr. Dela
 
Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr. - Standard

Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.


Danke dir,

Code:
ATTFilter
15:55:26.0511 0x0f0c  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
15:55:32.0486 0x0f0c  ============================================================
15:55:32.0486 0x0f0c  Current date / time: 2015/02/19 15:55:32.0486
15:55:32.0486 0x0f0c  SystemInfo:
15:55:32.0486 0x0f0c  
15:55:32.0486 0x0f0c  OS Version: 6.1.7601 ServicePack: 1.0
15:55:32.0486 0x0f0c  Product type: Workstation
15:55:32.0486 0x0f0c  ComputerName: FMMEDVED-PC
15:55:32.0486 0x0f0c  UserName: Fm. Medved
15:55:32.0486 0x0f0c  Windows directory: C:\Windows
15:55:32.0486 0x0f0c  System windows directory: C:\Windows
15:55:32.0486 0x0f0c  Running under WOW64
15:55:32.0486 0x0f0c  Processor architecture: Intel x64
15:55:32.0486 0x0f0c  Number of processors: 4
15:55:32.0486 0x0f0c  Page size: 0x1000
15:55:32.0486 0x0f0c  Boot type: Normal boot
15:55:32.0486 0x0f0c  ============================================================
15:55:32.0829 0x0f0c  KLMD registered as C:\Windows\system32\drivers\02139570.sys
15:55:33.0921 0x0f0c  System UUID: {C13B4038-A0DD-727F-6F6A-CAD9293BF11B}
15:55:34.0810 0x0f0c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:55:35.0967 0x0f0c  ============================================================
15:55:35.0967 0x0f0c  \Device\Harddisk0\DR0:
15:55:35.0982 0x0f0c  MBR partitions:
15:55:35.0982 0x0f0c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2400800, BlocksNum 0x32000
15:55:35.0982 0x0f0c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2432800, BlocksNum 0x722D3800
15:55:35.0982 0x0f0c  ============================================================
15:55:36.0029 0x0f0c  C: <-> \Device\Harddisk0\DR0\Partition2
15:55:36.0029 0x0f0c  ============================================================
15:55:36.0029 0x0f0c  Initialize success
15:55:36.0029 0x0f0c  ============================================================
15:57:25.0561 0x10c0  ============================================================
15:57:25.0561 0x10c0  Scan started
15:57:25.0561 0x10c0  Mode: Manual; SigCheck; TDLFS; 
15:57:25.0561 0x10c0  ============================================================
15:57:25.0561 0x10c0  KSN ping started
15:57:39.0319 0x10c0  KSN ping finished: true
15:57:40.0294 0x10c0  ================ Scan system memory ========================
15:57:40.0294 0x10c0  System memory - ok
15:57:40.0310 0x10c0  ================ Scan services =============================
15:57:40.0457 0x10c0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:57:40.0566 0x10c0  1394ohci - ok
15:57:40.0723 0x10c0  [ B33CF4DE909A5B30F526D82053A63C8E, ABF5BB962C038E545C18B96E686E072D780C907096C7BB341297AF31D3703ABD ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
15:57:40.0770 0x10c0  ABBYY.Licensing.FineReader.Sprint.9.0 - ok
15:57:40.0836 0x10c0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:57:40.0872 0x10c0  ACPI - ok
15:57:40.0896 0x10c0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:57:40.0979 0x10c0  AcpiPmi - ok
15:57:41.0042 0x10c0  [ 2F0683FD2DF1D92E891CACA14B45A8C1, B4A8D6A183FA0B7D642FAD6B51C19FEC998481E1C49480D2B391E5D8B55F5BBD ] adfs            C:\Windows\system32\drivers\adfs.sys
15:57:41.0057 0x10c0  adfs - ok
15:57:41.0120 0x10c0  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:57:41.0151 0x10c0  AdobeARMservice - ok
15:57:41.0292 0x10c0  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:57:41.0317 0x10c0  AdobeFlashPlayerUpdateSvc - ok
15:57:41.0362 0x10c0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:57:41.0399 0x10c0  adp94xx - ok
15:57:41.0452 0x10c0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:57:41.0467 0x10c0  adpahci - ok
15:57:41.0506 0x10c0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:57:41.0527 0x10c0  adpu320 - ok
15:57:41.0545 0x10c0  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:57:41.0686 0x10c0  AeLookupSvc - ok
15:57:41.0749 0x10c0  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
15:57:41.0829 0x10c0  AFD - ok
15:57:41.0860 0x10c0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:57:41.0876 0x10c0  agp440 - ok
15:57:41.0923 0x10c0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:57:41.0981 0x10c0  ALG - ok
15:57:42.0028 0x10c0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:57:42.0043 0x10c0  aliide - ok
15:57:42.0074 0x10c0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:57:42.0090 0x10c0  amdide - ok
15:57:42.0121 0x10c0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:57:42.0164 0x10c0  AmdK8 - ok
15:57:42.0181 0x10c0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
15:57:42.0228 0x10c0  AmdPPM - ok
15:57:42.0259 0x10c0  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:57:42.0275 0x10c0  amdsata - ok
15:57:42.0306 0x10c0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:57:42.0322 0x10c0  amdsbs - ok
15:57:42.0353 0x10c0  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:57:42.0369 0x10c0  amdxata - ok
15:57:42.0400 0x10c0  [ 4DE0D5D747A73797C95A97DCCE5018B5, 17EC669675C2E43515EFE2D8BCC9DDFFBE64F99EBFB9A6DAB429F65A2B504560 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
15:57:42.0478 0x10c0  androidusb - ok
15:57:42.0525 0x10c0  [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID           C:\Windows\system32\drivers\appid.sys
15:57:42.0587 0x10c0  AppID - ok
15:57:42.0587 0x10c0  [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:57:42.0618 0x10c0  AppIDSvc - ok
15:57:42.0681 0x10c0  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
15:57:42.0743 0x10c0  Appinfo - ok
15:57:42.0805 0x10c0  [ 7EF47644B74EBE721CC32211D3C35E76, 1381908E70567AAE5A8C96C4B7BF8E68748F64DE3243FD0FA8CC0E72DEEDA9A7 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:57:42.0821 0x10c0  Apple Mobile Device - ok
15:57:42.0868 0x10c0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
15:57:42.0883 0x10c0  arc - ok
15:57:42.0899 0x10c0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:57:42.0915 0x10c0  arcsas - ok
15:57:43.0024 0x10c0  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:57:43.0039 0x10c0  aspnet_state - ok
15:57:43.0071 0x10c0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:57:43.0149 0x10c0  AsyncMac - ok
15:57:43.0195 0x10c0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:57:43.0211 0x10c0  atapi - ok
15:57:43.0273 0x10c0  [ F88EF61BCD43ADDF2C9555430C16CD96, 7213FE9B9025DA33B0DEA7338B1E00555FCB88326CE26052C9FF16E72E4715AA ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
15:57:43.0320 0x10c0  atksgt - ok
15:57:43.0398 0x10c0  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:57:43.0476 0x10c0  AudioEndpointBuilder - ok
15:57:43.0507 0x10c0  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:57:43.0539 0x10c0  AudioSrv - ok
15:57:43.0570 0x10c0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:57:43.0663 0x10c0  AxInstSV - ok
15:57:43.0710 0x10c0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:57:43.0773 0x10c0  b06bdrv - ok
15:57:43.0804 0x10c0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:57:43.0851 0x10c0  b57nd60a - ok
15:57:43.0897 0x10c0  [ A424CB46A145E5AABF15621550976DF2, B6CA183FD5ED72237D2DC1F599FD04A066C06A717A2CF63AF08D3AA0A227D7BA ] b57xdbd         C:\Windows\system32\DRIVERS\b57xdbd.sys
15:57:43.0913 0x10c0  b57xdbd - ok
15:57:43.0929 0x10c0  [ BE4E6FD5A898812B85D5817AD9754A9F, 46A7C80283BE53F43A0D73DA3338461024DD002A7CF43660F9C7D640E0C72876 ] b57xdmp         C:\Windows\system32\DRIVERS\b57xdmp.sys
15:57:43.0944 0x10c0  b57xdmp - ok
15:57:44.0178 0x10c0  [ 11F844B46B631337395651ABE9C4167B, 98771B4D9DABEE4C485D718E3BB7D4EF365CA1D7CF043BE12431BC08F6D16EFD ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
15:57:44.0428 0x10c0  BCM43XX - ok
15:57:44.0459 0x10c0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:57:44.0506 0x10c0  BDESVC - ok
15:57:44.0543 0x10c0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:57:44.0612 0x10c0  Beep - ok
15:57:44.0691 0x10c0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:57:44.0755 0x10c0  BFE - ok
15:57:44.0818 0x10c0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:57:45.0069 0x10c0  BITS - ok
15:57:45.0116 0x10c0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
15:57:45.0154 0x10c0  blbdrive - ok
15:57:45.0254 0x10c0  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:57:45.0285 0x10c0  Bonjour Service - ok
15:57:45.0319 0x10c0  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:57:45.0372 0x10c0  bowser - ok
15:57:45.0484 0x10c0  [ 7487B46E104303E247F68D485C12326F, BAC6A4FFD5B4009B4B673479630FAA2784618438925DFB6489F07BF163188114 ] BRDriver64_1_3_3_E02B25FC C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys
15:57:45.0516 0x10c0  BRDriver64_1_3_3_E02B25FC - ok
15:57:45.0531 0x10c0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:57:45.0578 0x10c0  BrFiltLo - ok
15:57:45.0609 0x10c0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:57:45.0641 0x10c0  BrFiltUp - ok
15:57:45.0673 0x10c0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:57:45.0719 0x10c0  Browser - ok
15:57:45.0766 0x10c0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:57:45.0797 0x10c0  Brserid - ok
15:57:45.0813 0x10c0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:57:45.0875 0x10c0  BrSerWdm - ok
15:57:45.0953 0x10c0  [ 448917845F097FCE9D4554C3D2001EF3, BDCBEC01579D7CF28963E4E13CDC5B26E4B69CA24FA2CC4D6E24CAE0DDBCB3FE ] BRSptStub       C:\ProgramData\BitRaider\BRSptStub.exe
15:57:46.0105 0x10c0  BRSptStub - ok
15:57:46.0120 0x10c0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:57:46.0167 0x10c0  BrUsbMdm - ok
15:57:46.0183 0x10c0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:57:46.0214 0x10c0  BrUsbSer - ok
15:57:46.0261 0x10c0  [ 0970D8B7151E9113BF8D44CE2E954DF7, D467DFFA1668F3BE29620154A13867568C25211ED823BE6A220D2DEE7E3A1278 ] bScsiMSa        C:\Windows\system32\DRIVERS\bScsiMSa.sys
15:57:46.0276 0x10c0  bScsiMSa - ok
15:57:46.0324 0x10c0  [ 0C1EEE5AF32402D306874B110DE237EC, B0FE0F3B6A1E2C003E6F4B6330601C43126881262B328D7DD93AC2C0B714DC86 ] bScsiSDa        C:\Windows\system32\DRIVERS\bScsiSDa.sys
15:57:46.0324 0x10c0  bScsiSDa - ok
15:57:46.0449 0x10c0  [ 9FD1D36A81C0B13DA1EAA0C8ABB4DC65, EC73BBB82E38BF320E5D4D1597B4170CBDB51E08CF533773E1B9C1209115679A ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
15:57:46.0511 0x10c0  BstHdAndroidSvc - ok
15:57:46.0589 0x10c0  [ B0CEC6040ABA5510B8D36E3066AF718D, EDA306270655A7D6849BEB8E1C7F9A3D5D55C04896A3994AC884D762022AE8D1 ] BstHdDrv        C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
15:57:46.0636 0x10c0  BstHdDrv - ok
15:57:46.0667 0x10c0  [ 4015287649DBA0336CB27A2757C7E5E6, 359C4419836CA61D8CFAC5C6B4555B6694B47E0D22C59588A8A61ED59DA01194 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
15:57:46.0714 0x10c0  BstHdLogRotatorSvc - ok
15:57:46.0792 0x10c0  [ 2A7A71452CE6106E1F50BE759C369E66, D169D2038287F25F10772E66EED469969D616930FF38401D1F30B2D35A6B23F5 ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
15:57:46.0855 0x10c0  BstHdUpdaterSvc - ok
15:57:46.0870 0x10c0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:57:46.0917 0x10c0  BTHMODEM - ok
15:57:46.0979 0x10c0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:57:47.0042 0x10c0  bthserv - ok
15:57:47.0104 0x10c0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:57:47.0167 0x10c0  cdfs - ok
15:57:47.0229 0x10c0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:57:47.0260 0x10c0  cdrom - ok
15:57:47.0291 0x10c0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:57:47.0338 0x10c0  CertPropSvc - ok
15:57:47.0447 0x10c0  [ 08D4BD3F12DFF3A11E4F2C09745DA0FA, 99A19D3B43F5B21A3E23B9A91D9443ED2710C14B954C769B837626181FC4F630 ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe
15:57:47.0463 0x10c0  CGVPNCliService - ok
15:57:47.0510 0x10c0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:57:47.0541 0x10c0  circlass - ok
15:57:47.0603 0x10c0  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
15:57:47.0619 0x10c0  CLFS - ok
15:57:47.0681 0x10c0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:57:47.0697 0x10c0  clr_optimization_v2.0.50727_32 - ok
15:57:47.0713 0x10c0  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:57:47.0728 0x10c0  clr_optimization_v2.0.50727_64 - ok
15:57:47.0822 0x10c0  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:57:47.0837 0x10c0  clr_optimization_v4.0.30319_32 - ok
15:57:47.0853 0x10c0  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:57:47.0869 0x10c0  clr_optimization_v4.0.30319_64 - ok
15:57:47.0884 0x10c0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
15:57:47.0931 0x10c0  CmBatt - ok
15:57:47.0978 0x10c0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:57:47.0978 0x10c0  cmdide - ok
15:57:48.0025 0x10c0  [ E45CDE1C8340DFEDF1D6724263F39E5B, 8B8091D0A8FF08170F34DA01A4201DAE7C3D026226BC77B5C2EC67657C670168 ] CNG             C:\Windows\system32\Drivers\cng.sys
15:57:48.0071 0x10c0  CNG - ok
15:57:48.0118 0x10c0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:57:48.0134 0x10c0  Compbatt - ok
15:57:48.0165 0x10c0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:57:48.0212 0x10c0  CompositeBus - ok
15:57:48.0227 0x10c0  COMSysApp - ok
15:57:48.0321 0x10c0  [ 89A637A8C3164F3823E0C4929F11EE9A, 22C9FA928292A35D59E620FAC8D0C829E221FA38DC0CC3BA777CC9BAF2414772 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
15:57:48.0352 0x10c0  cphs - ok
15:57:48.0368 0x10c0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:57:48.0383 0x10c0  crcdisk - ok
15:57:48.0446 0x10c0  [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:57:48.0477 0x10c0  CryptSvc - ok
15:57:48.0571 0x10c0  [ 7AF9DAC504FBD047CBC3E64AE52C92BF, CA8F9564733DED4C3895CF7150BB254995D66889E6BE08D6654E4F897E4FF7A4 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
15:57:48.0633 0x10c0  dc3d - ok
15:57:48.0695 0x10c0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:57:48.0773 0x10c0  DcomLaunch - ok
15:57:48.0836 0x10c0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:57:48.0992 0x10c0  defragsvc - ok
15:57:49.0054 0x10c0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:57:49.0101 0x10c0  DfsC - ok
15:57:49.0148 0x10c0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:57:49.0210 0x10c0  Dhcp - ok
15:57:49.0226 0x10c0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:57:49.0288 0x10c0  discache - ok
15:57:49.0351 0x10c0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
15:57:49.0366 0x10c0  Disk - ok
15:57:49.0413 0x10c0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:57:49.0444 0x10c0  Dnscache - ok
15:57:49.0491 0x10c0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:57:49.0569 0x10c0  dot3svc - ok
15:57:49.0616 0x10c0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:57:49.0678 0x10c0  DPS - ok
15:57:49.0741 0x10c0  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:57:49.0787 0x10c0  drmkaud - ok
15:57:49.0990 0x10c0  [ 9DD3A22F804697606C2B7FF9E912FF6B, BBE2FC0D554030BA9E3A96CC4A360D61DBCCAA1D81BD7547809F29A3AF0B3A25 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
15:57:50.0006 0x10c0  DsiWMIService - ok
15:57:50.0099 0x10c0  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:57:50.0146 0x10c0  DXGKrnl - ok
15:57:50.0209 0x10c0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:57:50.0271 0x10c0  EapHost - ok
15:57:50.0302 0x10c0  EasyAntiCheat - ok
15:57:50.0458 0x10c0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:57:50.0630 0x10c0  ebdrv - ok
15:57:50.0661 0x10c0  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] EFS             C:\Windows\System32\lsass.exe
15:57:50.0723 0x10c0  EFS - ok
15:57:50.0801 0x10c0  [ 5332EC2BA1C112BD4BB1F38127848FEF, 156585CE4011546B20EDD20D04E639A0788B1DE6455B23B94E2CD31BA725FE3C ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
15:57:50.0817 0x10c0  EgisTec Ticket Service - ok
15:57:50.0895 0x10c0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:57:50.0989 0x10c0  ehRecvr - ok
15:57:51.0020 0x10c0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:57:51.0051 0x10c0  ehSched - ok
15:57:51.0145 0x10c0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:57:51.0176 0x10c0  elxstor - ok
15:57:51.0285 0x10c0  [ 48425C93B6F36529707206E4FA680CF3, 328BD59DEDFAD359EF79CCFBC2AD3E9C95657EC616AE0611F5EFEB34B810692A ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
15:57:51.0316 0x10c0  ePowerSvc - ok
15:57:51.0347 0x10c0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:57:51.0379 0x10c0  ErrDev - ok
15:57:51.0410 0x10c0  [ DBAA0C650C9549DC5C599D1E81DEDAAD, C8DF68CDACEF27C91CFD1FE8032A8DAF830D9E77C573C25DE5D41FC3DB824ABA ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
15:57:51.0457 0x10c0  ETD - ok
15:57:51.0503 0x10c0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:57:51.0581 0x10c0  EventSystem - ok
15:57:51.0613 0x10c0  ew_hwusbdev - ok
15:57:51.0628 0x10c0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:57:51.0706 0x10c0  exfat - ok
15:57:51.0737 0x10c0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:57:51.0800 0x10c0  fastfat - ok
15:57:51.0862 0x10c0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:57:51.0955 0x10c0  Fax - ok
15:57:51.0964 0x10c0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
15:57:52.0005 0x10c0  fdc - ok
15:57:52.0039 0x10c0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:57:52.0106 0x10c0  fdPHost - ok
15:57:52.0128 0x10c0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:57:52.0200 0x10c0  FDResPub - ok
15:57:52.0236 0x10c0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:57:52.0252 0x10c0  FileInfo - ok
15:57:52.0268 0x10c0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:57:52.0330 0x10c0  Filetrace - ok
15:57:52.0377 0x10c0  [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:57:52.0424 0x10c0  FLEXnet Licensing Service - ok
15:57:52.0439 0x10c0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:57:52.0456 0x10c0  flpydisk - ok
15:57:52.0503 0x10c0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:57:52.0534 0x10c0  FltMgr - ok
15:57:52.0629 0x10c0  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
15:57:52.0725 0x10c0  FontCache - ok
15:57:52.0771 0x10c0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:57:52.0787 0x10c0  FontCache3.0.0.0 - ok
15:57:52.0803 0x10c0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:57:52.0818 0x10c0  FsDepends - ok
15:57:52.0834 0x10c0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:57:52.0849 0x10c0  Fs_Rec - ok
15:57:52.0898 0x10c0  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:57:52.0926 0x10c0  fvevol - ok
15:57:52.0959 0x10c0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:57:52.0979 0x10c0  gagp30kx - ok
15:57:53.0030 0x10c0  [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:57:53.0041 0x10c0  GEARAspiWDM - ok
15:57:53.0100 0x10c0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:57:53.0204 0x10c0  gpsvc - ok
15:57:53.0251 0x10c0  [ C9B2D1D3F86FD3673EF847DEF73B6F9E, 9D3822A6464F685F770F8D02A8AE623A676888F135E8425C3BAF1CC077429A7F ] GREGService     C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
15:57:53.0266 0x10c0  GREGService - ok
15:57:53.0329 0x10c0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:57:53.0344 0x10c0  gupdate - ok
15:57:53.0344 0x10c0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:57:53.0360 0x10c0  gupdatem - ok
15:57:53.0375 0x10c0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:57:53.0447 0x10c0  hcw85cir - ok
15:57:53.0489 0x10c0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:57:53.0542 0x10c0  HdAudAddService - ok
15:57:53.0589 0x10c0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:57:53.0620 0x10c0  HDAudBus - ok
15:57:53.0651 0x10c0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:57:53.0682 0x10c0  HidBatt - ok
15:57:53.0729 0x10c0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:57:53.0776 0x10c0  HidBth - ok
15:57:53.0803 0x10c0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:57:53.0830 0x10c0  HidIr - ok
15:57:53.0855 0x10c0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
15:57:53.0924 0x10c0  hidserv - ok
15:57:53.0986 0x10c0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:57:54.0017 0x10c0  HidUsb - ok
15:57:54.0048 0x10c0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:57:54.0111 0x10c0  hkmsvc - ok
15:57:54.0143 0x10c0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:57:54.0205 0x10c0  HomeGroupListener - ok
15:57:54.0237 0x10c0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:57:54.0268 0x10c0  HomeGroupProvider - ok
15:57:54.0330 0x10c0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:57:54.0346 0x10c0  HpSAMD - ok
15:57:54.0399 0x10c0  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:57:54.0491 0x10c0  HTTP - ok
15:57:54.0523 0x10c0  huawei_cdcacm - ok
15:57:54.0523 0x10c0  huawei_enumerator - ok
15:57:54.0554 0x10c0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:57:54.0554 0x10c0  hwpolicy - ok
15:57:54.0585 0x10c0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:57:54.0601 0x10c0  i8042prt - ok
15:57:54.0649 0x10c0  [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
15:57:54.0681 0x10c0  iaStor - ok
15:57:54.0760 0x10c0  [ E79A8E33BD136D14BAE1FA20EB2EF124, 54AD784570282FEF21021BE76C57EE878EC6FF6423CE2FFC3A4372AF6C3112D4 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:57:54.0776 0x10c0  IAStorDataMgrSvc - ok
15:57:54.0819 0x10c0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:57:54.0854 0x10c0  iaStorV - ok
15:57:54.0909 0x10c0  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
15:57:54.0925 0x10c0  ICCS - ok
15:57:55.0003 0x10c0  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:57:55.0059 0x10c0  idsvc - ok
15:57:55.0079 0x10c0  IEEtwCollectorService - ok
15:57:55.0360 0x10c0  [ 690E1FCE66B5F0DB3A00B30E9CC2D617, 157C78A1DD902C2204C6733F5CE502A9240876E8CB3FB2FF44EF2716B65BC4F4 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:57:55.0708 0x10c0  igfx - ok
15:57:55.0754 0x10c0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:57:55.0770 0x10c0  iirsp - ok
15:57:55.0848 0x10c0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:57:55.0898 0x10c0  IKEEXT - ok
15:57:56.0085 0x10c0  [ CB7DADEF3D83FE2C12655A0BDCBA99F2, AD55A578986F008ED01635D3BB26414D71F418640099BFA92D9CABAB6A88E01D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:57:56.0225 0x10c0  IntcAzAudAddService - ok
15:57:56.0272 0x10c0  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
15:57:56.0335 0x10c0  IntcDAud - ok
15:57:56.0366 0x10c0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:57:56.0381 0x10c0  intelide - ok
15:57:56.0413 0x10c0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:57:56.0428 0x10c0  intelppm - ok
15:57:56.0444 0x10c0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:57:56.0522 0x10c0  IPBusEnum - ok
15:57:56.0553 0x10c0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:57:56.0631 0x10c0  IpFilterDriver - ok
15:57:56.0678 0x10c0  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:57:56.0740 0x10c0  iphlpsvc - ok
15:57:56.0771 0x10c0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:57:56.0803 0x10c0  IPMIDRV - ok
15:57:56.0834 0x10c0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:57:56.0896 0x10c0  IPNAT - ok
15:57:57.0005 0x10c0  [ 50D6CCC6FF5561F9F56946B3E6164FB8, 27529E751D3CB13B651B54474F04A17DF5737AD0170CD41F601E779F90603D11 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:57:57.0052 0x10c0  iPod Service - ok
15:57:57.0083 0x10c0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:57:57.0130 0x10c0  IRENUM - ok
15:57:57.0146 0x10c0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:57:57.0161 0x10c0  isapnp - ok
15:57:57.0208 0x10c0  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:57:57.0239 0x10c0  iScsiPrt - ok
15:57:57.0286 0x10c0  [ 455B75C19BF3F1F2EE3AC10E1169826C, C8CE6DE48E0B4621F2851A994261FA787556A27F9868A8859E5E8A8354028257 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
15:57:57.0317 0x10c0  k57nd60a - ok
15:57:57.0349 0x10c0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:57:57.0364 0x10c0  kbdclass - ok
15:57:57.0395 0x10c0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:57:57.0411 0x10c0  kbdhid - ok
15:57:57.0427 0x10c0  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] KeyIso          C:\Windows\system32\lsass.exe
15:57:57.0447 0x10c0  KeyIso - ok
15:57:57.0477 0x10c0  [ C60C6B9A2E50B0404F6789C62B428C03, 0DFFAACBA038FB3D994049E7BBC8E0C63CB8B4A68C4AB770AD995B66B017C25B ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:57:57.0495 0x10c0  KSecDD - ok
15:57:57.0542 0x10c0  [ 78D152A9FD5747FF6AA89C79F0346F62, 69138077E84E5324751E3C8B80D05BE58EDF03CEC84F69B734537F10F6998F3B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:57:57.0564 0x10c0  KSecPkg - ok
15:57:57.0598 0x10c0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:57:57.0678 0x10c0  ksthunk - ok
15:57:57.0735 0x10c0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:57:57.0839 0x10c0  KtmRm - ok
15:57:57.0894 0x10c0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:57:57.0972 0x10c0  LanmanServer - ok
15:57:58.0003 0x10c0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:57:58.0081 0x10c0  LanmanWorkstation - ok
15:57:58.0160 0x10c0  [ 8E4CA9AFD55EF6B509C80A8715ABF8C6, 45698605D17285D346D2052607AEF492EBD89E9625367C31584C7C84757EEFE0 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
15:57:58.0214 0x10c0  lirsgt - ok
15:57:58.0275 0x10c0  [ 93B73DED2BC688F140C6AE2FBAD45789, B6859BC5D309B99BCCDC3717108B714497AAE9C5B26CE5B201344A41FC4CFF9D ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
15:57:58.0291 0x10c0  Live Updater Service - ok
15:57:58.0322 0x10c0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:57:58.0384 0x10c0  lltdio - ok
15:57:58.0416 0x10c0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:57:58.0511 0x10c0  lltdsvc - ok
15:57:58.0539 0x10c0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:57:58.0601 0x10c0  lmhosts - ok
15:57:58.0663 0x10c0  [ 50C7CE53EF461870410355F1F2E7D515, D6E84C63D74E4603D37FD7CC88BF51DE23CD17DB1D1AD4ADBED62F949F3C470C ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:57:58.0695 0x10c0  LMS - ok
15:57:58.0726 0x10c0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:57:58.0741 0x10c0  LSI_FC - ok
15:57:58.0757 0x10c0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:57:58.0773 0x10c0  LSI_SAS - ok
15:57:58.0773 0x10c0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:57:58.0788 0x10c0  LSI_SAS2 - ok
15:57:58.0804 0x10c0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:57:58.0819 0x10c0  LSI_SCSI - ok
15:57:58.0851 0x10c0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:57:58.0897 0x10c0  luafv - ok
15:57:58.0929 0x10c0  massfilter - ok
15:57:59.0007 0x10c0  [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:57:59.0022 0x10c0  MBAMProtector - ok
15:57:59.0178 0x10c0  [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
15:57:59.0256 0x10c0  MBAMScheduler - ok
15:57:59.0350 0x10c0  [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
15:57:59.0397 0x10c0  MBAMService - ok
15:57:59.0459 0x10c0  [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
15:57:59.0476 0x10c0  MBAMWebAccessControl - ok
15:57:59.0538 0x10c0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:57:59.0554 0x10c0  Mcx2Svc - ok
15:57:59.0569 0x10c0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:57:59.0585 0x10c0  megasas - ok
15:57:59.0616 0x10c0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:57:59.0647 0x10c0  MegaSR - ok
15:57:59.0678 0x10c0  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
15:57:59.0694 0x10c0  MEIx64 - ok
15:57:59.0788 0x10c0  Microsoft SharePoint Workspace Audit Service - ok
15:57:59.0819 0x10c0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:57:59.0897 0x10c0  MMCSS - ok
15:57:59.0912 0x10c0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:57:59.0959 0x10c0  Modem - ok
15:57:59.0975 0x10c0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:58:00.0022 0x10c0  monitor - ok
15:58:00.0068 0x10c0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:58:00.0084 0x10c0  mouclass - ok
15:58:00.0100 0x10c0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:58:00.0131 0x10c0  mouhid - ok
15:58:00.0162 0x10c0  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:58:00.0178 0x10c0  mountmgr - ok
15:58:00.0271 0x10c0  [ FBA4CDA6B3B00D7A116DCC2B5C7E9790, FE909159323290555971F031E7911DCCD035B873E630A230A660C13D57719206 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:58:00.0302 0x10c0  MpFilter - ok
15:58:00.0318 0x10c0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:58:00.0334 0x10c0  mpio - ok
15:58:00.0365 0x10c0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:58:00.0412 0x10c0  mpsdrv - ok
15:58:00.0458 0x10c0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:58:00.0552 0x10c0  MpsSvc - ok
15:58:00.0599 0x10c0  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:58:00.0646 0x10c0  MRxDAV - ok
15:58:00.0708 0x10c0  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:58:00.0802 0x10c0  mrxsmb - ok
15:58:00.0833 0x10c0  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:58:00.0895 0x10c0  mrxsmb10 - ok
15:58:00.0958 0x10c0  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:58:00.0989 0x10c0  mrxsmb20 - ok
15:58:01.0020 0x10c0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:58:01.0036 0x10c0  msahci - ok
15:58:01.0051 0x10c0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:58:01.0082 0x10c0  msdsm - ok
15:58:01.0114 0x10c0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:58:01.0145 0x10c0  MSDTC - ok
15:58:01.0160 0x10c0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:58:01.0207 0x10c0  Msfs - ok
15:58:01.0238 0x10c0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:58:01.0301 0x10c0  mshidkmdf - ok
15:58:01.0316 0x10c0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:58:01.0332 0x10c0  msisadrv - ok
15:58:01.0379 0x10c0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:58:01.0457 0x10c0  MSiSCSI - ok
15:58:01.0457 0x10c0  msiserver - ok
15:58:01.0504 0x10c0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:58:01.0566 0x10c0  MSKSSRV - ok
15:58:01.0675 0x10c0  [ F46BA4E7F4A34295B20917CD77F6CEC9, 1A91AC1AC1FBFC6922D0430D752240A91C9001373B1F84F960FDE0AC062A411A ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:58:01.0691 0x10c0  MsMpSvc - ok
15:58:01.0722 0x10c0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:58:01.0769 0x10c0  MSPCLOCK - ok
15:58:01.0784 0x10c0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:58:01.0847 0x10c0  MSPQM - ok
15:58:01.0878 0x10c0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:58:01.0909 0x10c0  MsRPC - ok
15:58:01.0925 0x10c0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:58:01.0940 0x10c0  mssmbios - ok
15:58:01.0972 0x10c0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:58:02.0034 0x10c0  MSTEE - ok
15:58:02.0065 0x10c0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:58:02.0096 0x10c0  MTConfig - ok
15:58:02.0112 0x10c0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:58:02.0128 0x10c0  Mup - ok
15:58:02.0174 0x10c0  [ C009123B206C56854F4E88596035231D, 670403A40B425F77C90ECB048A0C8BC11FB19E40A8CECC2C3DCF79175B745863 ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
15:58:02.0174 0x10c0  mwlPSDFilter - ok
15:58:02.0190 0x10c0  [ BF3739EEB9F008B1DEBAC115089A53F8, 8546AB69087656259BBE17D6F80F4AB164B04171673CE2BF9FFD1B5C9584E9A4 ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
15:58:02.0206 0x10c0  mwlPSDNServ - ok
15:58:02.0221 0x10c0  [ 38DD143D95E7A01B86F219DDA9C28779, 5FA8C0595CCF835DBCE1CC5322E8FD4BFB6DFB6CF869BB7CB73F919445D469AA ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
15:58:02.0221 0x10c0  mwlPSDVDisk - ok
15:58:02.0268 0x10c0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:58:02.0362 0x10c0  napagent - ok
15:58:02.0424 0x10c0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:58:02.0471 0x10c0  NativeWifiP - ok
15:58:02.0580 0x10c0  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:58:02.0627 0x10c0  NDIS - ok
15:58:02.0658 0x10c0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:58:02.0720 0x10c0  NdisCap - ok
15:58:02.0767 0x10c0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:58:02.0830 0x10c0  NdisTapi - ok
15:58:02.0861 0x10c0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:58:02.0923 0x10c0  Ndisuio - ok
15:58:02.0939 0x10c0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:58:03.0017 0x10c0  NdisWan - ok
15:58:03.0032 0x10c0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:58:03.0079 0x10c0  NDProxy - ok
15:58:03.0110 0x10c0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:58:03.0188 0x10c0  NetBIOS - ok
15:58:03.0204 0x10c0  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:58:03.0282 0x10c0  NetBT - ok
15:58:03.0298 0x10c0  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] Netlogon        C:\Windows\system32\lsass.exe
15:58:03.0313 0x10c0  Netlogon - ok
15:58:03.0344 0x10c0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:58:03.0438 0x10c0  Netman - ok
15:58:03.0532 0x10c0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:58:03.0547 0x10c0  NetMsmqActivator - ok
15:58:03.0547 0x10c0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:58:03.0578 0x10c0  NetPipeActivator - ok
15:58:03.0625 0x10c0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:58:03.0719 0x10c0  netprofm - ok
15:58:03.0734 0x10c0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:58:03.0766 0x10c0  NetTcpActivator - ok
15:58:03.0766 0x10c0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:58:03.0781 0x10c0  NetTcpPortSharing - ok
15:58:03.0828 0x10c0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:58:03.0844 0x10c0  nfrd960 - ok
15:58:03.0890 0x10c0  [ E10B84385C3FEEF4BDE8E6A980535522, 56D9E47B76CDABE45E64C9E74DCBCC2F7C07A44519ED938BD730018C48445614 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:58:03.0922 0x10c0  NisDrv - ok
15:58:03.0984 0x10c0  [ 9BF50324444C46997C2492D505B47F2D, 42C74456C64F7D688E0911255746BD2A52A3590AED22B24F7E385760D720B8E9 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
15:58:04.0015 0x10c0  NisSrv - ok
15:58:04.0046 0x10c0  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:58:04.0093 0x10c0  NlaSvc - ok
15:58:04.0109 0x10c0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:58:04.0171 0x10c0  Npfs - ok
15:58:04.0218 0x10c0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:58:04.0280 0x10c0  nsi - ok
15:58:04.0312 0x10c0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:58:04.0358 0x10c0  nsiproxy - ok
15:58:04.0452 0x10c0  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:58:04.0546 0x10c0  Ntfs - ok
15:58:04.0608 0x10c0  [ D27A4546417ED7C4AEA7B3420D4F1F50, 8D52FF7D2C6E338E2E8B414F0FE9ED296A901CB38BCFF8814B1ECE52D8D1599D ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
15:58:04.0702 0x10c0  NTI IScheduleSvc - ok
15:58:04.0733 0x10c0  [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
15:58:04.0748 0x10c0  NTIDrvr - ok
15:58:04.0748 0x10c0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:58:04.0795 0x10c0  Null - ok
15:58:05.0388 0x10c0  [ 757ACE4D4C9FF0571F86AA5D586B45E8, E7F23CC1DE26E2DAA690B78B05FC001EE0051F0ED9B9BCE9E7FA4E9684D4F3D4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:58:06.0074 0x10c0  nvlddmkm - ok
15:58:06.0264 0x10c0  [ DDF6920EBE96B0304279834F2EE2193E, F631974EE3659EC01863C2502FD26A45A237A59B9B005E5B1F9F78357CCBB974 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
15:58:07.0433 0x10c0  NvNetworkService - ok
15:58:07.0496 0x10c0  [ 445422B928D2FE322BB6B956EA77DC7B, 101D940D323BE6086FE0743B34C8717C573B07566334843E571CE6365BEE16D4 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
15:58:07.0511 0x10c0  nvpciflt - ok
15:58:07.0542 0x10c0  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:58:07.0558 0x10c0  nvraid - ok
15:58:07.0574 0x10c0  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:58:07.0589 0x10c0  nvstor - ok
15:58:07.0683 0x10c0  [ 1C7CC708AC4A02A3BE8915539780534A, 0EBDE100880963BF1EC05002BA244CA7700693E958D1974CDD2AC3927D93224F ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:58:07.0730 0x10c0  nvsvc - ok
15:58:07.0745 0x10c0  nvvad_WaveExtensible - ok
15:58:07.0776 0x10c0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:58:07.0792 0x10c0  nv_agp - ok
15:58:07.0808 0x10c0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:58:07.0854 0x10c0  ohci1394 - ok
15:58:08.0042 0x10c0  [ 4F2ED8FB21F127DC1FA98D4CA2279E75, 96DB5DF9C55757EB2F761309036F87D8C55BAB2851FBB716A02A9248712CB13A ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
15:58:08.0260 0x10c0  Origin Client Service - ok
15:58:08.0369 0x10c0  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:58:08.0385 0x10c0  ose - ok
15:58:08.0681 0x10c0  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:58:08.0993 0x10c0  osppsvc - ok
15:58:09.0165 0x10c0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:58:09.0274 0x10c0  p2pimsvc - ok
15:58:09.0305 0x10c0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:58:09.0368 0x10c0  p2psvc - ok
15:58:09.0399 0x10c0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
15:58:09.0446 0x10c0  Parport - ok
15:58:09.0492 0x10c0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:58:09.0508 0x10c0  partmgr - ok
15:58:09.0555 0x10c0  [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:58:09.0633 0x10c0  PcaSvc - ok
15:58:09.0664 0x10c0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:58:09.0680 0x10c0  pci - ok
15:58:09.0711 0x10c0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:58:09.0726 0x10c0  pciide - ok
15:58:09.0758 0x10c0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:58:09.0773 0x10c0  pcmcia - ok
15:58:09.0804 0x10c0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:58:09.0820 0x10c0  pcw - ok
15:58:09.0882 0x10c0  [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:58:09.0945 0x10c0  PEAUTH - ok
15:58:10.0023 0x10c0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:58:10.0054 0x10c0  PerfHost - ok
15:58:10.0163 0x10c0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:58:10.0288 0x10c0  pla - ok
15:58:10.0335 0x10c0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:58:10.0413 0x10c0  PlugPlay - ok
15:58:10.0444 0x10c0  PnkBstrA - ok
15:58:10.0475 0x10c0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:58:10.0506 0x10c0  PNRPAutoReg - ok
15:58:10.0538 0x10c0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:58:10.0584 0x10c0  PNRPsvc - ok
15:58:10.0616 0x10c0  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:58:10.0709 0x10c0  PolicyAgent - ok
15:58:10.0740 0x10c0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:58:10.0834 0x10c0  Power - ok
15:58:10.0865 0x10c0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:58:10.0943 0x10c0  PptpMiniport - ok
15:58:10.0974 0x10c0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
15:58:11.0006 0x10c0  Processor - ok
15:58:11.0037 0x10c0  prodrv06 - ok
15:58:11.0084 0x10c0  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:58:11.0146 0x10c0  ProfSvc - ok
15:58:11.0146 0x10c0  prohlp02 - ok
15:58:11.0162 0x10c0  prosync1 - ok
15:58:11.0193 0x10c0  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:58:11.0208 0x10c0  ProtectedStorage - ok
15:58:11.0240 0x10c0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:58:11.0286 0x10c0  Psched - ok
15:58:11.0380 0x10c0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:58:11.0474 0x10c0  ql2300 - ok
15:58:11.0474 0x10c0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:58:11.0505 0x10c0  ql40xx - ok
15:58:11.0536 0x10c0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:58:11.0583 0x10c0  QWAVE - ok
15:58:11.0598 0x10c0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:58:11.0630 0x10c0  QWAVEdrv - ok
15:58:11.0645 0x10c0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:58:11.0692 0x10c0  RasAcd - ok
15:58:11.0723 0x10c0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:58:11.0770 0x10c0  RasAgileVpn - ok
15:58:11.0801 0x10c0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:58:11.0864 0x10c0  RasAuto - ok
15:58:11.0879 0x10c0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:58:11.0942 0x10c0  Rasl2tp - ok
15:58:11.0973 0x10c0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:58:12.0066 0x10c0  RasMan - ok
15:58:12.0113 0x10c0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:58:12.0191 0x10c0  RasPppoe - ok
15:58:12.0222 0x10c0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:58:12.0300 0x10c0  RasSstp - ok
15:58:12.0347 0x10c0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:58:12.0410 0x10c0  rdbss - ok
15:58:12.0425 0x10c0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
15:58:12.0456 0x10c0  rdpbus - ok
15:58:12.0488 0x10c0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:58:12.0566 0x10c0  RDPCDD - ok
15:58:12.0597 0x10c0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:58:12.0644 0x10c0  RDPENCDD - ok
15:58:12.0659 0x10c0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:58:12.0737 0x10c0  RDPREFMP - ok
15:58:12.0831 0x10c0  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:58:12.0862 0x10c0  RdpVideoMiniport - ok
15:58:12.0909 0x10c0  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:58:12.0956 0x10c0  RDPWD - ok
15:58:13.0002 0x10c0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:58:13.0034 0x10c0  rdyboost - ok
15:58:13.0065 0x10c0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:58:13.0143 0x10c0  RemoteAccess - ok
15:58:13.0190 0x10c0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:58:13.0283 0x10c0  RemoteRegistry - ok
15:58:13.0299 0x10c0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:58:13.0361 0x10c0  RpcEptMapper - ok
15:58:13.0392 0x10c0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:58:13.0408 0x10c0  RpcLocator - ok
15:58:13.0441 0x10c0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
15:58:13.0519 0x10c0  RpcSs - ok
15:58:13.0550 0x10c0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:58:13.0613 0x10c0  rspndr - ok
15:58:13.0628 0x10c0  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] SamSs           C:\Windows\system32\lsass.exe
15:58:13.0644 0x10c0  SamSs - ok
15:58:13.0675 0x10c0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:58:13.0691 0x10c0  sbp2port - ok
15:58:13.0722 0x10c0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:58:13.0800 0x10c0  SCardSvr - ok
15:58:13.0831 0x10c0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:58:13.0894 0x10c0  scfilter - ok
15:58:13.0956 0x10c0  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
15:58:14.0050 0x10c0  Schedule - ok
15:58:14.0081 0x10c0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:58:14.0143 0x10c0  SCPolicySvc - ok
15:58:14.0174 0x10c0  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
15:58:14.0221 0x10c0  sdbus - ok
15:58:14.0252 0x10c0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:58:14.0315 0x10c0  SDRSVC - ok
15:58:14.0346 0x10c0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:58:14.0424 0x10c0  secdrv - ok
15:58:14.0455 0x10c0  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
15:58:14.0533 0x10c0  seclogon - ok
15:58:14.0580 0x10c0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
15:58:14.0658 0x10c0  SENS - ok
15:58:14.0689 0x10c0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:58:14.0752 0x10c0  SensrSvc - ok
15:58:14.0767 0x10c0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:58:14.0798 0x10c0  Serenum - ok
15:58:14.0830 0x10c0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
15:58:14.0861 0x10c0  Serial - ok
15:58:14.0861 0x10c0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:58:14.0908 0x10c0  sermouse - ok
15:58:14.0954 0x10c0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:58:15.0032 0x10c0  SessionEnv - ok
15:58:15.0048 0x10c0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:58:15.0064 0x10c0  sffdisk - ok
15:58:15.0064 0x10c0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:58:15.0095 0x10c0  sffp_mmc - ok
15:58:15.0110 0x10c0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:58:15.0157 0x10c0  sffp_sd - ok
15:58:15.0188 0x10c0  sfhlp01 - ok
15:58:15.0204 0x10c0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:58:15.0220 0x10c0  sfloppy - ok
15:58:15.0266 0x10c0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:58:15.0329 0x10c0  SharedAccess - ok
15:58:15.0360 0x10c0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:58:15.0438 0x10c0  ShellHWDetection - ok
15:58:15.0485 0x10c0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:58:15.0500 0x10c0  SiSRaid2 - ok
15:58:15.0516 0x10c0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:58:15.0532 0x10c0  SiSRaid4 - ok
15:58:15.0610 0x10c0  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:58:15.0641 0x10c0  SkypeUpdate - ok
15:58:15.0672 0x10c0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:58:15.0719 0x10c0  Smb - ok
15:58:15.0750 0x10c0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:58:15.0797 0x10c0  SNMPTRAP - ok
15:58:15.0828 0x10c0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:58:15.0828 0x10c0  spldr - ok
15:58:15.0875 0x10c0  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
15:58:15.0937 0x10c0  Spooler - ok
15:58:16.0109 0x10c0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:58:16.0282 0x10c0  sppsvc - ok
15:58:16.0438 0x10c0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:58:16.0485 0x10c0  sppuinotify - ok
15:58:16.0563 0x10c0  [ 602884696850C86434530790B110E8EB, C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA ] sptd            C:\Windows\system32\Drivers\sptd.sys
15:58:16.0563 0x10c0  Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB, sha256: C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA
15:58:16.0563 0x10c0  sptd - detected LockedFile.Multi.Generic ( 1 )
15:58:19.0434 0x10c0  Detect skipped due to KSN trusted
15:58:19.0434 0x10c0  sptd - ok
15:58:19.0480 0x10c0  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:58:19.0558 0x10c0  srv - ok
15:58:19.0590 0x10c0  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:58:19.0621 0x10c0  srv2 - ok
15:58:19.0652 0x10c0  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:58:19.0668 0x10c0  srvnet - ok
15:58:19.0699 0x10c0  [ 8F8324ED1DE63FFC7B1A02CD2D963C72, E58603F81DEAFF1D45CB83FB6E625E6A13868741B833B1C9E60D672179D18EE0 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
15:58:19.0746 0x10c0  ssadbus - ok
15:58:19.0777 0x10c0  [ 58221EFCB74167B73667F0024C661CE0, D9B67A8897B4DC3E4729187F17ABEB4710CF57440D718E17ED828439198D34DB ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
15:58:19.0824 0x10c0  ssadmdfl - ok
15:58:19.0855 0x10c0  [ 4DA7C71BFAC5AD71255B7E4CAB980163, 4CC0F9C8E96ECEF36EEB021E448A9734B63512D030516DC38B1A2EEAA1043AEC ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
15:58:19.0902 0x10c0  ssadmdm - ok
15:58:19.0948 0x10c0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:58:19.0995 0x10c0  SSDPSRV - ok
15:58:20.0011 0x10c0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:58:20.0073 0x10c0  SstpSvc - ok
15:58:20.0167 0x10c0  [ AC8B882D658AF3070167F59AE92E5CA3, 7781475B6A49DCE239FEE2B32767A7E58188EF04BC4BB29E04B40DAFD8214E85 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:58:20.0806 0x10c0  Steam Client Service - ok
15:58:20.0838 0x10c0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:58:20.0838 0x10c0  stexstor - ok
15:58:20.0900 0x10c0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:58:20.0962 0x10c0  stisvc - ok
15:58:20.0994 0x10c0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:58:21.0009 0x10c0  swenum - ok
15:58:21.0072 0x10c0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:58:21.0150 0x10c0  swprv - ok
15:58:21.0228 0x10c0  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
15:58:21.0306 0x10c0  SysMain - ok
15:58:21.0352 0x10c0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:58:21.0368 0x10c0  TabletInputService - ok
15:58:21.0430 0x10c0  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
15:58:21.0446 0x10c0  tap0901 - ok
15:58:21.0493 0x10c0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:58:21.0555 0x10c0  TapiSrv - ok
15:58:21.0602 0x10c0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
15:58:21.0664 0x10c0  TBS - ok
15:58:21.0774 0x10c0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:58:21.0867 0x10c0  Tcpip - ok
15:58:21.0945 0x10c0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:58:22.0023 0x10c0  TCPIP6 - ok
15:58:22.0070 0x10c0  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:58:22.0101 0x10c0  tcpipreg - ok
15:58:22.0148 0x10c0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:58:22.0195 0x10c0  TDPIPE - ok
15:58:22.0226 0x10c0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:58:22.0242 0x10c0  TDTCP - ok
15:58:22.0288 0x10c0  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:58:22.0351 0x10c0  tdx - ok
15:58:22.0366 0x10c0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:58:22.0382 0x10c0  TermDD - ok
15:58:22.0444 0x10c0  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
15:58:22.0538 0x10c0  TermService - ok
15:58:22.0554 0x10c0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:58:22.0600 0x10c0  Themes - ok
15:58:22.0632 0x10c0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:58:22.0678 0x10c0  THREADORDER - ok
15:58:22.0788 0x10c0  [ 3B43F4F67F3C539C3BBF40A552A12B5E, 565593B9AD01CA02205FC53F6B8A8955CB26901397C3581C3C514F01B69B86BD ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
15:58:22.0803 0x10c0  TomTomHOMEService - ok
15:58:22.0834 0x10c0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:58:22.0912 0x10c0  TrkWks - ok
15:58:22.0961 0x10c0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:58:23.0039 0x10c0  TrustedInstaller - ok
15:58:23.0117 0x10c0  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:58:23.0226 0x10c0  tssecsrv - ok
15:58:23.0273 0x10c0  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:58:23.0320 0x10c0  TsUsbFlt - ok
15:58:23.0351 0x10c0  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:58:23.0382 0x10c0  TsUsbGD - ok
15:58:23.0445 0x10c0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:58:23.0507 0x10c0  tunnel - ok
15:58:23.0570 0x10c0  [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
15:58:23.0601 0x10c0  TurboB - ok
15:58:23.0632 0x10c0  [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
15:58:23.0663 0x10c0  TurboBoost - ok
15:58:23.0679 0x10c0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:58:23.0710 0x10c0  uagp35 - ok
15:58:23.0726 0x10c0  [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
15:58:23.0726 0x10c0  UBHelper - ok
15:58:23.0772 0x10c0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:58:23.0866 0x10c0  udfs - ok
15:58:23.0882 0x10c0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:58:23.0913 0x10c0  UI0Detect - ok
15:58:23.0944 0x10c0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:58:23.0960 0x10c0  uliagpkx - ok
15:58:23.0991 0x10c0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:58:24.0006 0x10c0  umbus - ok
15:58:24.0022 0x10c0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:58:24.0053 0x10c0  UmPass - ok
15:58:24.0225 0x10c0  [ 374EBDA379A8F38E0CFC2211611E7167, 0D6C3002B28E27C052227488CEE69FA99399421FF777EB48031E6080A759F532 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:58:24.0334 0x10c0  UNS - ok
15:58:24.0381 0x10c0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:58:24.0443 0x10c0  upnphost - ok
15:58:24.0490 0x10c0  [ FB251567F41BC61988B26731DEC19E4B, 6A535F5A18EB43DD2E18AF0A05301630A1D1484B7D85DA79A7CD122DA4D018E2 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:58:24.0521 0x10c0  USBAAPL64 - ok
15:58:24.0568 0x10c0  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:58:24.0630 0x10c0  usbccgp - ok
15:58:24.0708 0x10c0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:58:24.0740 0x10c0  usbcir - ok
15:58:24.0771 0x10c0  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:58:24.0786 0x10c0  usbehci - ok
15:58:24.0818 0x10c0  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:58:24.0880 0x10c0  usbhub - ok
15:58:24.0911 0x10c0  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:58:24.0927 0x10c0  usbohci - ok
15:58:24.0974 0x10c0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:58:25.0020 0x10c0  usbprint - ok
15:58:25.0067 0x10c0  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:58:25.0114 0x10c0  usbscan - ok
15:58:25.0145 0x10c0  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:58:25.0223 0x10c0  USBSTOR - ok
15:58:25.0270 0x10c0  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:58:25.0317 0x10c0  usbuhci - ok
15:58:25.0395 0x10c0  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:58:25.0426 0x10c0  usbvideo - ok
15:58:25.0457 0x10c0  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
15:58:25.0504 0x10c0  usb_rndisx - ok
15:58:25.0535 0x10c0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:58:25.0598 0x10c0  UxSms - ok
15:58:25.0629 0x10c0  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] VaultSvc        C:\Windows\system32\lsass.exe
15:58:25.0644 0x10c0  VaultSvc - ok
15:58:25.0676 0x10c0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:58:25.0707 0x10c0  vdrvroot - ok
15:58:25.0769 0x10c0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:58:26.0019 0x10c0  vds - ok
15:58:26.0066 0x10c0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:58:26.0097 0x10c0  vga - ok
15:58:26.0128 0x10c0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:58:26.0175 0x10c0  VgaSave - ok
15:58:26.0206 0x10c0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:58:26.0237 0x10c0  vhdmp - ok
15:58:26.0268 0x10c0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:58:26.0284 0x10c0  viaide - ok
15:58:26.0315 0x10c0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:58:26.0331 0x10c0  volmgr - ok
15:58:26.0346 0x10c0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:58:26.0378 0x10c0  volmgrx - ok
15:58:26.0440 0x10c0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:58:26.0456 0x10c0  volsnap - ok
15:58:26.0518 0x10c0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:58:26.0534 0x10c0  vsmraid - ok
15:58:26.0627 0x10c0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:58:26.0736 0x10c0  VSS - ok
15:58:26.0752 0x10c0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:58:26.0829 0x10c0  vwifibus - ok
15:58:26.0856 0x10c0  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:58:26.0885 0x10c0  vwififlt - ok
15:58:26.0914 0x10c0  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
15:58:26.0955 0x10c0  vwifimp - ok
15:58:26.0986 0x10c0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:58:27.0079 0x10c0  W32Time - ok
15:58:27.0111 0x10c0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:58:27.0142 0x10c0  WacomPen - ok
15:58:27.0189 0x10c0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:58:27.0273 0x10c0  WANARP - ok
15:58:27.0295 0x10c0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:58:27.0357 0x10c0  Wanarpv6 - ok
15:58:27.0450 0x10c0  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:58:27.0525 0x10c0  WatAdminSvc - ok
15:58:27.0610 0x10c0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:58:27.0703 0x10c0  wbengine - ok
15:58:27.0719 0x10c0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:58:27.0767 0x10c0  WbioSrvc - ok
15:58:27.0794 0x10c0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:58:27.0843 0x10c0  wcncsvc - ok
15:58:27.0874 0x10c0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:58:27.0907 0x10c0  WcsPlugInService - ok
15:58:27.0930 0x10c0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
15:58:27.0945 0x10c0  Wd - ok
15:58:28.0008 0x10c0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:58:28.0069 0x10c0  Wdf01000 - ok
15:58:28.0092 0x10c0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:58:28.0170 0x10c0  WdiServiceHost - ok
15:58:28.0178 0x10c0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:58:28.0193 0x10c0  WdiSystemHost - ok
15:58:28.0240 0x10c0  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
15:58:28.0329 0x10c0  WebClient - ok
15:58:28.0361 0x10c0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:58:28.0430 0x10c0  Wecsvc - ok
15:58:28.0443 0x10c0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:58:28.0496 0x10c0  wercplsupport - ok
15:58:28.0526 0x10c0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:58:28.0598 0x10c0  WerSvc - ok
15:58:28.0637 0x10c0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:58:28.0696 0x10c0  WfpLwf - ok
15:58:28.0715 0x10c0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:58:28.0730 0x10c0  WIMMount - ok
15:58:28.0754 0x10c0  WinDefend - ok
15:58:28.0762 0x10c0  WinHttpAutoProxySvc - ok
15:58:28.0822 0x10c0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:58:28.0909 0x10c0  Winmgmt - ok
15:58:29.0029 0x10c0  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
15:58:29.0188 0x10c0  WinRM - ok
15:58:29.0211 0x10c0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:58:29.0242 0x10c0  WinUsb - ok
15:58:29.0300 0x10c0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:58:29.0377 0x10c0  Wlansvc - ok
15:58:29.0442 0x10c0  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:58:29.0442 0x10c0  wlcrasvc - ok
15:58:29.0576 0x10c0  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:58:29.0695 0x10c0  wlidsvc - ok
15:58:29.0741 0x10c0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:58:29.0756 0x10c0  WmiAcpi - ok
15:58:29.0778 0x10c0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:58:29.0828 0x10c0  wmiApSrv - ok
15:58:29.0867 0x10c0  WMPNetworkSvc - ok
15:58:29.0885 0x10c0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:58:29.0913 0x10c0  WPCSvc - ok
15:58:29.0930 0x10c0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:58:29.0946 0x10c0  WPDBusEnum - ok
15:58:29.0978 0x10c0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:58:30.0029 0x10c0  ws2ifsl - ok
15:58:30.0052 0x10c0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
15:58:30.0078 0x10c0  wscsvc - ok
15:58:30.0082 0x10c0  WSearch - ok
15:58:30.0223 0x10c0  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:58:30.0330 0x10c0  wuauserv - ok
15:58:30.0378 0x10c0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:58:30.0430 0x10c0  WudfPf - ok
15:58:30.0466 0x10c0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:58:30.0490 0x10c0  WUDFRd - ok
15:58:30.0530 0x10c0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:58:30.0576 0x10c0  wudfsvc - ok
15:58:30.0614 0x10c0  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:58:30.0645 0x10c0  WwanSvc - ok
15:58:30.0730 0x10c0  X6va011 - ok
15:58:30.0746 0x10c0  ZTEusbmdm6k - ok
15:58:30.0746 0x10c0  ZTEusbnmea - ok
15:58:30.0793 0x10c0  ZTEusbser6k - ok
15:58:30.0830 0x10c0  ================ Scan global ===============================
15:58:30.0870 0x10c0  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:58:30.0913 0x10c0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:58:30.0918 0x10c0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:58:30.0968 0x10c0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:58:31.0000 0x10c0  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
15:58:31.0004 0x10c0  [ Global ] - ok
15:58:31.0004 0x10c0  ================ Scan MBR ==================================
15:58:31.0020 0x10c0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:58:32.0316 0x10c0  \Device\Harddisk0\DR0 - ok
15:58:32.0316 0x10c0  ================ Scan VBR ==================================
15:58:32.0316 0x10c0  [ 03983E7235D1EABDC829BED9FA9D91CA ] \Device\Harddisk0\DR0\Partition1
15:58:32.0347 0x10c0  \Device\Harddisk0\DR0\Partition1 - ok
15:58:32.0362 0x10c0  [ ECBCD428A4F905A3A850CEBD2BC1EE8C ] \Device\Harddisk0\DR0\Partition2
15:58:32.0396 0x10c0  \Device\Harddisk0\DR0\Partition2 - ok
15:58:32.0397 0x10c0  ================ Scan generic autorun ======================
15:58:32.0399 0x10c0  IntelTBRunOnce - ok
15:58:32.0399 0x10c0  ETDCtrl - ok
15:58:32.0950 0x10c0  [ 5DADA908E14051D65DB1991CB0B1F58D, DC02EDA032CEC2241F302995BF010B0376D5421A3E97583CB8A13A80993290B4 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:58:33.0426 0x10c0  RtHDVCpl - ok
15:58:33.0567 0x10c0  [ E897F9B62E611D59FDFAB82FC829B93A, E11E1A488D461105104E7FFD9F8219BDD231807FE33600233BEF11A432E138FD ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
15:58:33.0652 0x10c0  RtHDVBg_Dolby - ok
15:58:33.0799 0x10c0  [ F0474296AC4E0E6BDE733C1B8513E41A, 2E54894FC1B422F0C520D11166204926D3994A3440037D655C73D66D7118859C ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
15:58:33.0876 0x10c0  Power Management - ok
15:58:33.0920 0x10c0  [ C79D7F6C0CC1D73CF981E24EE4198B35, 391F1F615F0BFFE918DE27E0D0ED88124E4F5EEBEEE1EA2282B4208120E0097E ] C:\Windows\system32\igfxtray.exe
15:58:33.0936 0x10c0  IgfxTray - ok
15:58:33.0974 0x10c0  [ 8D5F55C120E38DE0F37B0D3641536126, 1CDA300ABCAEF96BC05447EA79B9823D5473C7B2877813B16BC5D38CA2DDF6AC ] C:\Windows\system32\hkcmd.exe
15:58:34.0001 0x10c0  HotKeysCmds - ok
15:58:34.0023 0x10c0  [ 6B83F535020022E12855904D7EA3F9AC, 33CD9D8B327BBDEA6C0CE6DC4DDE807E4FEC7FEECC723AD0B9BC37EC320AEE05 ] C:\Windows\system32\igfxpers.exe
15:58:34.0054 0x10c0  Persistence - ok
15:58:34.0232 0x10c0  [ 7304E21B92E538E2CC793EDF478AC034, 39992D4541E100E5D8199B2FB5B7C7DD7213F8BC84AEA1924C6EC46E8711BF28 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
15:58:34.0423 0x10c0  NvBackend - ok
15:58:34.0543 0x10c0  [ 87A4BA086E5B5DF0F36E3F6D7234D701, EE26338497E016A95CB5970777B7B7AC8FAEF4E491713D729EDEFBCDC9FBF4A4 ] c:\Program Files\Microsoft Security Client\msseces.exe
15:58:34.0611 0x10c0  MSC - ok
15:58:34.0676 0x10c0  [ 4DDE3E01B5020B3D5DEEC7E3DC0F3185, C7315F3521EE461027A3DDE7CFC0EA4F8E705A98F9292284BB20620D7F34DDE9 ] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
15:58:34.0739 0x10c0  BackupManagerTray - ok
15:58:34.0855 0x10c0  [ 9ABC4E3B00CFA3A47D5569F5B49FE42F, 5D33CCE770BC9BC3AFA544A21F100A7F1E5A36577FDB30884160AC4BFE6A1838 ] C:\Program Files (x86)\Launch Manager\LManager.exe
15:58:34.0924 0x10c0  LManager - ok
15:58:34.0982 0x10c0  [ E6CC0FA3C1040C791EB3F4BA6C789411, 095D5965FEE00ACB6D8713B2E2772A409A84F42D85383AEAF5FC3E2E393DC07D ] C:\Dolby PCEE4\pcee4.exe
15:58:35.0025 0x10c0  Dolby Advanced Audio v2 - ok
15:58:35.0078 0x10c0  [ D35187E38B0BD6E116C2CE582CAC4273, B3C652E0875D4354ACE6F475BC84B4BCA41A1AD8AF5FBE9DE9A9B66B7FCC2756 ] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
15:58:35.0099 0x10c0  SuiteTray - ok
15:58:35.0176 0x10c0  [ D474767D4805CEF801AF6D4AEED1F9E3, 4645EABB554ED97737D9375826EFB06BF43E3DC4C33095FDCCC530B51DEC6145 ] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
15:58:35.0195 0x10c0  ArcadeMovieService - ok
15:58:35.0276 0x10c0  [ 35AC4B63CBB9FB6B4472913E9948B517, 104C7D5E97A680CDF660AA98E6E92447F0FF6B857A847CDAFB0A9EB26086B5A4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:58:35.0291 0x10c0  APSDaemon - ok
15:58:35.0412 0x10c0  [ BF0EE37A14144C88A9F6FDA7B44981BB, 91648E51C6DB3E61B3DFE196C878B33ED493C57218D3BB0374108DDC06990041 ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
15:58:35.0457 0x10c0  EEventManager - ok
15:58:35.0541 0x10c0  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
15:58:35.0557 0x10c0  BCSSync - ok
15:58:35.0600 0x10c0  [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\System32\cmd.exe
15:58:35.0679 0x10c0  Adobe Flash Player SU - ok
15:58:35.0764 0x10c0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:58:35.0839 0x10c0  Sidebar - ok
15:58:35.0863 0x10c0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:58:35.0889 0x10c0  mctadmin - ok
15:58:35.0892 0x10c0  IsMyWinLockerReboot - ok
15:58:35.0952 0x10c0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:58:36.0012 0x10c0  Sidebar - ok
15:58:36.0019 0x10c0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:58:36.0044 0x10c0  mctadmin - ok
15:58:36.0044 0x10c0  IsMyWinLockerReboot - ok
15:58:36.0088 0x10c0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:58:36.0147 0x10c0  Sidebar - ok
15:58:36.0154 0x10c0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:58:36.0179 0x10c0  mctadmin - ok
15:58:36.0182 0x10c0  IsMyWinLockerReboot - ok
15:58:36.0312 0x10c0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Fm. Medved\AppData\Local\Google\Update\GoogleUpdate.exe
15:58:36.0325 0x10c0  Google Update - ok
15:58:36.0328 0x10c0  7bb57c0fd12a2022cd4bb9ea - ok
15:58:36.0399 0x10c0  [ 168531BB1255C1B45DF47694409F9DE1, DB8AD75FA5A4D455FE220E2D8940572D08490D5E6535F7EF2C94C1DFAC2D7CA2 ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
15:58:36.0438 0x10c0  OfficeSyncProcess - ok
15:58:36.0506 0x10c0  [ 2287DAEA100837E40232FD9053F635D8, 8E905B8BC72F8DD6C7C71A7E04CD8D8EC1E9AD2B77EF5A48E089E439A75043D6 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE
15:58:36.0526 0x10c0  EPLTarget\P0000000000000000 - ok
15:58:36.0529 0x10c0  mliznprdtc - ok
15:58:36.0554 0x10c0  Vkmusicdownloader - ok
15:58:36.0661 0x10c0  [ 4B6A42EA42E5805C0C0BF83925FE78BC, A4DD0D01EAC82D8813C5BC7AA8440E9E06E58CF2B4F1FE40519E51F70C83BD5D ] C:\Users\Fm. Medved\AppData\Roaming\MaxDownload\Updater.exe
15:58:36.0720 0x10c0  MaxDownload - detected UnsignedFile.Multi.Generic ( 1 )
15:58:39.0570 0x10c0  Detect skipped due to KSN trusted
15:58:39.0570 0x10c0  MaxDownload - ok
15:58:39.0633 0x10c0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:58:39.0695 0x10c0  Sidebar - ok
15:58:39.0695 0x10c0  HW_OPENEYE_OUC_tele.ring Verbindungsmanager - ok
15:58:39.0695 0x10c0  uTorrent - ok
15:58:39.0759 0x10c0  [ F34E7705751BB413283434697BF8E55D, BDF8B29A56C51439BEB9B4C3576341BBE3EE80582063AD602AB77D19A0630C35 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
15:58:39.0781 0x10c0  DAEMON Tools Lite - ok
15:58:39.0799 0x10c0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Fm. Medved\AppData\Local\Google\Update\GoogleUpdate.exe
15:58:39.0814 0x10c0  Google Update - ok
15:58:39.0899 0x10c0  [ 2A3FB4C98F139038E23330D2439DB8A4, DE9253AD362B03FA5D3D4912662398E5C4AC76F7274B83E51C251A6921A5B838 ] C:\Users\Fm. Medved\AppData\Local\Facebook\Update\FacebookUpdate.exe
15:58:39.0914 0x10c0  Facebook Update - ok
15:58:39.0917 0x10c0  7bb57c0fd12a2022cd4bb9ea - ok
15:58:39.0964 0x10c0  Skype - ok
15:58:40.0020 0x10c0  [ 4EA63B2AF94A69E5D89D25D45BF8C8D8, D666BC52A093643F21D99C55928851DDE5862DD47FA56C845019B31C6066D7B7 ] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
15:58:40.0035 0x10c0  TomTomHOME.exe - ok
15:58:40.0084 0x10c0  [ 2287DAEA100837E40232FD9053F635D8, 8E905B8BC72F8DD6C7C71A7E04CD8D8EC1E9AD2B77EF5A48E089E439A75043D6 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE
15:58:40.0104 0x10c0  EPLTarget\P0000000000000000 - ok
15:58:40.0150 0x10c0  [ 168531BB1255C1B45DF47694409F9DE1, DB8AD75FA5A4D455FE220E2D8940572D08490D5E6535F7EF2C94C1DFAC2D7CA2 ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
15:58:40.0189 0x10c0  OfficeSyncProcess - ok
15:58:40.0210 0x10c0  RGSC - ok
15:58:40.0253 0x10c0  MailRuUpdater - ok
15:58:40.0288 0x10c0  InternetCalls - ok
15:58:40.0288 0x10c0  test - ok
15:58:40.0304 0x10c0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:58:40.0332 0x10c0  mctadmin - ok
15:58:40.0375 0x10c0  [ 8E27F731A1BDED1B13DEBA9E54FE0B20, 326F0CFC75AD7E552DA5DD64964C06AC0AD6E71BF0D5F568C2AEE9206C2FD0BE ] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe
15:58:40.0392 0x10c0  ScrSav - ok
15:58:40.0453 0x10c0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:58:40.0513 0x10c0  Sidebar - ok
15:58:40.0515 0x10c0  HW_OPENEYE_OUC_tele.ring Verbindungsmanager - ok
15:58:40.0515 0x10c0  uTorrent - ok
15:58:40.0537 0x10c0  [ F34E7705751BB413283434697BF8E55D, BDF8B29A56C51439BEB9B4C3576341BBE3EE80582063AD602AB77D19A0630C35 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
15:58:40.0553 0x10c0  DAEMON Tools Lite - ok
15:58:40.0584 0x10c0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Fm. Medved\AppData\Local\Google\Update\GoogleUpdate.exe
15:58:40.0603 0x10c0  Google Update - ok
15:58:40.0621 0x10c0  [ 2A3FB4C98F139038E23330D2439DB8A4, DE9253AD362B03FA5D3D4912662398E5C4AC76F7274B83E51C251A6921A5B838 ] C:\Users\Fm. Medved\AppData\Local\Facebook\Update\FacebookUpdate.exe
15:58:40.0635 0x10c0  Facebook Update - ok
15:58:40.0638 0x10c0  7bb57c0fd12a2022cd4bb9ea - ok
15:58:40.0638 0x10c0  Skype - ok
15:58:40.0659 0x10c0  [ 4EA63B2AF94A69E5D89D25D45BF8C8D8, D666BC52A093643F21D99C55928851DDE5862DD47FA56C845019B31C6066D7B7 ] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
15:58:40.0677 0x10c0  TomTomHOME.exe - ok
15:58:40.0702 0x10c0  [ 2287DAEA100837E40232FD9053F635D8, 8E905B8BC72F8DD6C7C71A7E04CD8D8EC1E9AD2B77EF5A48E089E439A75043D6 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE
15:58:40.0718 0x10c0  EPLTarget\P0000000000000000 - ok
15:58:40.0765 0x10c0  [ 168531BB1255C1B45DF47694409F9DE1, DB8AD75FA5A4D455FE220E2D8940572D08490D5E6535F7EF2C94C1DFAC2D7CA2 ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
15:58:40.0796 0x10c0  OfficeSyncProcess - ok
15:58:40.0796 0x10c0  RGSC - ok
15:58:40.0796 0x10c0  MailRuUpdater - ok
15:58:40.0812 0x10c0  InternetCalls - ok
15:58:40.0812 0x10c0  test - ok
15:58:40.0831 0x10c0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:58:40.0861 0x10c0  mctadmin - ok
15:58:40.0879 0x10c0  [ 8E27F731A1BDED1B13DEBA9E54FE0B20, 326F0CFC75AD7E552DA5DD64964C06AC0AD6E71BF0D5F568C2AEE9206C2FD0BE ] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe
15:58:40.0896 0x10c0  ScrSav - ok
15:58:40.0932 0x10c0  [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
15:58:40.0980 0x10c0  RESTART_STICKY_NOTES - ok
15:58:41.0002 0x10c0  [ F34E7705751BB413283434697BF8E55D, BDF8B29A56C51439BEB9B4C3576341BBE3EE80582063AD602AB77D19A0630C35 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
15:58:41.0013 0x10c0  DAEMON Tools Lite - ok
15:58:41.0044 0x10c0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Fm. Medved\AppData\Local\Google\Update\GoogleUpdate.exe
15:58:41.0060 0x10c0  Google Update - ok
15:58:41.0076 0x10c0  [ 2A3FB4C98F139038E23330D2439DB8A4, DE9253AD362B03FA5D3D4912662398E5C4AC76F7274B83E51C251A6921A5B838 ] C:\Users\Fm. Medved\AppData\Local\Facebook\Update\FacebookUpdate.exe
15:58:41.0076 0x10c0  Facebook Update - ok
15:58:41.0093 0x10c0  7bb57c0fd12a2022cd4bb9ea - ok
15:58:41.0114 0x10c0  [ 4EA63B2AF94A69E5D89D25D45BF8C8D8, D666BC52A093643F21D99C55928851DDE5862DD47FA56C845019B31C6066D7B7 ] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
15:58:41.0124 0x10c0  TomTomHOME.exe - ok
15:58:41.0155 0x10c0  [ 168531BB1255C1B45DF47694409F9DE1, DB8AD75FA5A4D455FE220E2D8940572D08490D5E6535F7EF2C94C1DFAC2D7CA2 ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
15:58:41.0207 0x10c0  OfficeSyncProcess - ok
15:58:41.0283 0x10c0  MailRuUpdater - ok
15:58:41.0307 0x10c0  [ 2287DAEA100837E40232FD9053F635D8, 8E905B8BC72F8DD6C7C71A7E04CD8D8EC1E9AD2B77EF5A48E089E439A75043D6 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE
15:58:41.0323 0x10c0  EPLTarget\P0000000000000000 - ok
15:58:41.0323 0x10c0  InternetCalls - ok
15:58:41.0323 0x10c0  test - ok
15:58:41.0339 0x10c0  Waiting for KSN requests completion. In queue: 47
15:58:42.0341 0x10c0  Waiting for KSN requests completion. In queue: 47
15:58:43.0343 0x10c0  Waiting for KSN requests completion. In queue: 47
15:58:44.0346 0x10c0  Waiting for KSN requests completion. In queue: 47
15:58:45.0348 0x10c0  Waiting for KSN requests completion. In queue: 47
15:58:46.0350 0x10c0  Waiting for KSN requests completion. In queue: 47
15:58:47.0353 0x10c0  Waiting for KSN requests completion. In queue: 47
15:58:48.0356 0x10c0  Waiting for KSN requests completion. In queue: 47
15:58:49.0357 0x10c0  Waiting for KSN requests completion. In queue: 47
15:58:50.0360 0x10c0  Waiting for KSN requests completion. In queue: 47
15:58:51.0363 0x10c0  Waiting for KSN requests completion. In queue: 47
15:58:52.0365 0x10c0  Waiting for KSN requests completion. In queue: 47
15:58:53.0367 0x10c0  Waiting for KSN requests completion. In queue: 35
15:58:54.0383 0x10c0  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.7.205.0 ), 0x61000 ( enabled : updated )
15:58:54.0387 0x10c0  Win FW state via NFP2: enabled
15:58:57.0189 0x10c0  ============================================================
15:58:57.0189 0x10c0  Scan finished
15:58:57.0189 0x10c0  ============================================================
15:58:57.0191 0x1a40  Detected object count: 0
15:58:57.0191 0x1a40  Actual detected object count: 0

Alt 19.02.2015, 21:56   #9
Mr. Dela
 
Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr. - Standard

Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.


1 Scan von mbar:

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.08.3.1004
www.malwarebytes.org

Database version:
  main:    v2015.02.19.05
  rootkit: v2015.02.03.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17633
Fm. Medved :: FMMEDVED-PC [administrator]

19.02.2015 16:04:00
mbar-log-2015-02-19 (16-04-00).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 575225
Time elapsed: 1 hour(s), 1 minute(s), 51 second(s)

Memory Processes Detected: 1
C:\Users\Fm. Medved\AppData\Local\Temp\htgmcmqf.l0t\x64\m1.exe (Riskware.BitcoinMiner) -> 3296 -> Delete on reboot. [fa579e820d7d8da9e3f43d2c9b66ca36]

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 6
C:\Users\Fm. Medved\AppData\Local\Temp\htgmcmqf.l0t\x64\m1.exe (Riskware.BitcoinMiner) -> Delete on reboot. [fa579e820d7d8da9e3f43d2c9b66ca36]
C:\Users\Fm. Medved\AppData\Local\Temp\htgmcmqf.l0t\x86\m1.exe (Riskware.BitcoinMiner) -> Delete on reboot. [d67b8e921674e254a23584e515ecf20e]
C:\Users\Fm. Medved\AppData\Local\Temp\uioh3hx3.50d\x86\m1.exe (Riskware.BitcoinMiner) -> Delete on reboot. [a6ab829e2f5b4de9e5f2e683ba4735cb]
C:\Users\Fm. Medved\AppData\Local\Temp\rfcg22ch.1ri\x86\m1.exe (Riskware.BitcoinMiner) -> Delete on reboot. [6ee37aa6c6c4cd69a03724451ce5dd23]
C:\Users\Fm. Medved\AppData\Local\Temp\pooswkdv.0sx\x86\m1.exe (Riskware.BitcoinMiner) -> Delete on reboot. [da77160ad4b6f83e9e39f5744cb555ab]
C:\Users\Fm. Medved\AppData\Local\SystemDir\setsearchm.exe (Trojan.Agent) -> Delete on reboot. [242d42ded9b156e046c89b761ee4bf41]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
2 Scan von mbar:

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.08.3.1004
www.malwarebytes.org

Database version:
  main:    v2015.02.19.06
  rootkit: v2015.02.03.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17633
Fm. Medved :: FMMEDVED-PC [administrator]

19.02.2015 17:28:51
mbar-log-2015-02-19 (17-28-51).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 574968
Time elapsed: 1 hour(s), 8 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Users\Fm. Medved\AppData\Local\Temp\cmxwwcnx.qyc\x64\m1.exe (Riskware.BitcoinMiner) -> Delete on reboot. [59f94ed24a40b77f508a1b4e7a8748b8]
C:\Users\Fm. Medved\AppData\Local\Temp\cmxwwcnx.qyc\x86\m1.exe (Riskware.BitcoinMiner) -> Delete on reboot. [72e0a27ed4b69e98e2f8fc6d738e6898]
C:\Users\Fm. Medved\AppData\Local\SystemDir\setsearchm.exe (Trojan.Agent) -> Delete on reboot. [2f23da462e5c62d4f918ab66b44e768a]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Alt 20.02.2015, 14:03   #10
schrauber
/// the machine
/// TB-Ausbilder
 
Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr. - Standard

Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.


hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.02.2015, 16:21   #11
Mr. Dela
 
Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr. - Standard

Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.


Alles gemacht wie in der beschreibung, danke!

Code:
ATTFilter
ComboFix 15-02-16.01 - Fm. Medved 20.02.2015  16:00:29.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8044.5746 [GMT 1:00]
ausgeführt von:: c:\users\Fm. Medved\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ABBYY FineReader 9.0 Sprint\e8b81c09-4582-4567-aca3-7b6a8bedd113.dll
c:\program files (x86)\e8b81c09-4582-4567-aca3-7b6a8bedd113\a7583f0c-5de1-4b3c-b81d-a194f7ef8d53.dll
c:\users\Fm. Medved\AppData\Local\Temp\fxn4o3xm.hgs\dcore.exe
c:\users\Fm. Medved\AppData\Local\Temp\fxn4o3xm.hgs\x64\libcurl-4.dll
c:\users\Fm. Medved\AppData\Local\Temp\fxn4o3xm.hgs\x64\libwinpthread-1.dll
c:\users\Fm. Medved\AppData\Local\Temp\fxn4o3xm.hgs\x64\m1.exe
c:\users\Fm. Medved\AppData\Local\Temp\fxn4o3xm.hgs\x64\zlib1.dll
c:\users\Fm. Medved\AppData\Local\Temp\sleufcmo.xmq\x64\libcurl-4.dll
c:\users\Fm. Medved\AppData\Local\Temp\sleufcmo.xmq\x64\libwinpthread-1.dll
c:\users\Fm. Medved\AppData\Local\Temp\sleufcmo.xmq\x64\m1.exe
c:\users\Fm. Medved\AppData\Local\Temp\sleufcmo.xmq\x64\zlib1.dll
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\3Gvk@YI.edu
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\3Gvk@YI.edu\bootstrap.js
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\3Gvk@YI.edu\chrome.manifest
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\3Gvk@YI.edu\content\bg.js
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\3Gvk@YI.edu\install.rdf
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\AlVxq@2.net
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\AlVxq@2.net\bootstrap.js
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\AlVxq@2.net\chrome.manifest
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\AlVxq@2.net\content\bg.js
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\AlVxq@2.net\install.rdf
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\ByBcJl@9.com
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\ByBcJl@9.com\bootstrap.js
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\ByBcJl@9.com\chrome.manifest
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\ByBcJl@9.com\content\bg.js
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\ByBcJl@9.com\install.rdf
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\fa@EPiwoaew.org
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\fa@EPiwoaew.org\bootstrap.js
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\fa@EPiwoaew.org\chrome.manifest
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\fa@EPiwoaew.org\content\bg.js
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\fa@EPiwoaew.org\install.rdf
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\hti@xXD.com
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\hti@xXD.com\bootstrap.js
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\hti@xXD.com\chrome.manifest
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\hti@xXD.com\content\bg.js
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\hti@xXD.com\install.rdf
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\tj@Y.edu
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\tj@Y.edu\bootstrap.js
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\tj@Y.edu\chrome.manifest
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\tj@Y.edu\content\bg.js
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\tj@Y.edu\install.rdf
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\TJbOjzNG@I.net
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\TJbOjzNG@I.net\bootstrap.js
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\TJbOjzNG@I.net\chrome.manifest
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\TJbOjzNG@I.net\content\bg.js
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\TJbOjzNG@I.net\install.rdf
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vk2s7@Iy8.com
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vk2s7@Iy8.com\bootstrap.js
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vk2s7@Iy8.com\chrome.manifest
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vk2s7@Iy8.com\content\bg.js
c:\users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vk2s7@Iy8.com\install.rdf
c:\users\FM3A93~1.MED\AppData\Local\Temp\fxn4o3xm.hgs\dcore.exe
c:\users\FM3A93~1.MED\AppData\Local\Temp\fxn4o3xm.hgs\x64\libcurl-4.dll
c:\users\FM3A93~1.MED\AppData\Local\Temp\fxn4o3xm.hgs\x64\libwinpthread-1.dll
c:\users\FM3A93~1.MED\AppData\Local\Temp\fxn4o3xm.hgs\x64\m1.exe
c:\users\FM3A93~1.MED\AppData\Local\Temp\fxn4o3xm.hgs\x64\zlib1.dll
c:\users\FM3A93~1.MED\AppData\Local\Temp\sleufcmo.xmq\x64\libcurl-4.dll
c:\users\FM3A93~1.MED\AppData\Local\Temp\sleufcmo.xmq\x64\libwinpthread-1.dll
c:\users\FM3A93~1.MED\AppData\Local\Temp\sleufcmo.xmq\x64\m1.exe
c:\users\FM3A93~1.MED\AppData\Local\Temp\sleufcmo.xmq\x64\zlib1.dll
c:\windows\msdownld.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-01-20 bis 2015-02-20  ))))))))))))))))))))))))))))))
.
.
2015-02-20 15:09 . 2015-02-20 15:09	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-02-20 15:09 . 2015-02-20 15:09	--------	d-----w-	c:\users\UpdatusUser.FmMedved-PC\AppData\Local\temp
2015-02-20 15:09 . 2015-02-20 15:09	--------	d-----w-	c:\users\Gast.FmMedved-PC\AppData\Local\temp
2015-02-20 14:47 . 2015-02-20 14:47	75888	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A8EF8E43-BF7E-4CC2-983C-4A3CF8E42B1F}\offreg.dll
2015-02-20 14:45 . 2015-01-29 09:07	11910896	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A8EF8E43-BF7E-4CC2-983C-4A3CF8E42B1F}\mpengine.dll
2015-02-19 20:58 . 2015-02-20 03:17	--------	d-----w-	c:\users\Fm. Medved\jagexcache
2015-02-19 15:03 . 2015-02-20 14:34	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-02-19 14:42 . 2015-01-29 09:07	11910896	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-02-18 14:00 . 2015-02-18 14:00	--------	d-----w-	c:\programdata\Canneverbe Limited
2015-02-18 14:00 . 2015-02-18 14:00	--------	d-----w-	c:\users\Fm. Medved\AppData\Roaming\Canneverbe Limited
2015-02-18 14:00 . 2015-02-18 14:00	--------	d-----w-	c:\program files (x86)\CDBurnerXP
2015-02-17 12:56 . 2015-02-18 16:11	--------	d-----w-	C:\FRST
2015-02-17 00:00 . 2015-02-17 00:00	--------	d-----w-	c:\program files (x86)\Common Files\Java
2015-02-15 19:29 . 2015-02-20 02:29	--------	d-----w-	c:\users\Fm. Medved\AppData\Local\NetBoxLogs
2015-02-15 12:07 . 2015-02-15 12:11	--------	d-----w-	c:\users\Fm. Medved\AppData\Roaming\.technic
2015-02-14 12:37 . 2015-02-14 12:37	--------	d-----w-	c:\users\Fm. Medved\AppData\Local\SWTOR
2015-02-14 11:43 . 2015-02-14 11:43	--------	d-----w-	c:\programdata\BitRaider
2015-02-14 11:40 . 2015-02-14 11:40	--------	d-----w-	c:\program files (x86)\Common Files\BioWare
2015-02-14 10:54 . 2015-02-14 11:05	--------	d-----w-	c:\program files (x86)\Plants vs. Zombies Garden Warfare
2015-02-14 09:07 . 2015-02-14 09:07	--------	d-----w-	c:\users\Fm. Medved\AppData\Roaming\MaxDownload
2015-02-13 23:12 . 2015-02-13 23:12	--------	d-----w-	c:\users\Fm. Medved\AppData\Local\calibre-cache
2015-02-13 23:10 . 2015-02-14 19:05	--------	d-----w-	c:\users\Fm. Medved\AppData\Roaming\calibre
2015-02-13 23:09 . 2015-02-13 23:10	--------	d-----w-	c:\program files\Calibre2
2015-02-12 16:00 . 2015-01-23 04:41	6041600	----a-w-	c:\windows\system32\jscript9.dll
2015-02-12 16:00 . 2015-01-23 03:43	620032	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2015-02-12 16:00 . 2015-01-23 03:17	4300800	----a-w-	c:\windows\SysWow64\jscript9.dll
2015-02-12 16:00 . 2015-01-23 04:42	814080	----a-w-	c:\windows\system32\jscript9diag.dll
2015-02-11 13:44 . 2015-01-12 02:25	968704	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2015-02-11 13:43 . 2014-12-08 03:09	406528	----a-w-	c:\windows\system32\scesrv.dll
2015-02-11 13:43 . 2014-12-08 02:46	308224	----a-w-	c:\windows\SysWow64\scesrv.dll
2015-02-11 13:43 . 2015-01-14 06:09	5554112	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-02-11 13:43 . 2015-01-14 05:44	3972544	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2015-02-11 13:43 . 2015-01-14 05:44	3917760	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2015-02-11 13:43 . 2015-01-14 06:05	503808	----a-w-	c:\windows\system32\srcore.dll
2015-02-11 13:43 . 2015-01-14 06:05	50176	----a-w-	c:\windows\system32\srclient.dll
2015-02-11 13:43 . 2015-01-14 06:04	296960	----a-w-	c:\windows\system32\rstrui.exe
2015-02-11 13:43 . 2015-01-14 05:41	43008	----a-w-	c:\windows\SysWow64\srclient.dll
2015-02-11 13:43 . 2015-01-09 02:03	3201536	----a-w-	c:\windows\system32\win32k.sys
2015-02-11 13:40 . 2014-09-10 14:30	1188440	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4A40C05D-B1AB-4332-A5A5-CDB87A5CD07B}\gapaengine.dll
2015-02-10 00:53 . 2015-02-20 14:53	129752	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-02-10 00:53 . 2015-02-19 16:27	97496	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-02-10 00:53 . 2014-11-21 05:14	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-02-10 00:52 . 2015-02-10 00:53	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2015-02-10 00:52 . 2015-02-10 00:52	--------	d-----w-	c:\programdata\Malwarebytes
2015-02-10 00:52 . 2014-11-21 05:14	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-02-10 00:02 . 2015-02-13 13:24	--------	d-----w-	C:\AdwCleaner
2015-02-09 10:49 . 2015-02-09 10:49	687	----a-w-	C:\awh3BE7.tmp
2015-02-09 08:32 . 2015-02-09 08:32	687	----a-w-	C:\awh777F.tmp
2015-02-08 22:33 . 2015-02-09 00:28	--------	d-----w-	c:\users\Fm. Medved\AppData\Local\ArmA 2 OA
2015-02-08 17:12 . 2015-02-08 17:13	--------	d-----w-	c:\program files (x86)\Team Liquid Streams
2015-02-08 13:13 . 2015-02-08 13:13	--------	d-----w-	c:\program files (x86)\Click free Browsing
2015-02-08 08:56 . 2015-02-08 08:56	687	----a-w-	C:\awh8729.tmp
2015-02-08 08:17 . 2015-02-08 08:17	687	----a-w-	C:\awh862F.tmp
2015-02-07 21:16 . 2015-02-07 21:16	687	----a-w-	C:\awhA85F.tmp
2015-02-07 10:26 . 2015-02-07 11:05	--------	d-----w-	c:\program files (x86)\The Sims 3 Designer Edition
2015-02-07 09:13 . 2015-02-07 09:13	687	----a-w-	C:\awh52E.tmp
2015-02-06 17:50 . 2015-02-06 18:00	--------	d-----w-	c:\users\Fm. Medved\AppData\Local\CyberGhost
2015-02-06 17:50 . 2015-02-06 17:50	--------	d-----w-	c:\program files\TAP-Windows
2015-02-06 17:49 . 2015-02-06 17:50	--------	d-----w-	c:\program files\CyberGhost 5
2015-02-06 14:55 . 2015-02-06 14:55	--------	d-----w-	c:\users\Fm. Medved\AppData\Local\Setup Integrity Check
2015-02-06 11:58 . 2015-02-06 11:58	687	----a-w-	C:\awh1BE9.tmp
2015-02-05 19:47 . 2015-02-05 19:47	687	----a-w-	C:\awh7722.tmp
2015-02-05 13:10 . 2015-02-05 13:10	--------	d-----w-	c:\programdata\Media Center Programs
2015-02-05 13:10 . 2015-02-05 13:10	42696	----a-w-	c:\windows\system32\drivers\lirsgt.sys
2015-02-05 13:10 . 2015-02-05 13:10	310984	----a-w-	c:\windows\system32\drivers\atksgt.sys
2015-02-05 10:17 . 2015-02-06 12:04	--------	d-----w-	c:\users\Fm. Medved\AppData\Roaming\VoipConnect
2015-02-05 10:17 . 2015-02-05 10:17	--------	d-----w-	c:\program files (x86)\VoipConnect.com
2015-02-05 10:13 . 2015-02-05 10:13	687	----a-w-	C:\awhB9FB.tmp
2015-02-05 03:54 . 2015-02-19 14:29	20	----a-w-	c:\users\Fm. Medved\AppData\Roaming\appdataFr3.bin
2015-02-04 17:17 . 2015-02-04 17:17	687	----a-w-	C:\awh32B3.tmp
2015-02-04 15:10 . 2015-02-04 15:10	--------	d-----w-	c:\users\Fm. Medved\AppData\Roaming\VK Downloader
2015-02-04 14:44 . 2015-02-04 14:44	687	----a-w-	C:\awhEF4D.tmp
2015-02-04 14:34 . 2015-02-04 14:34	--------	d-----w-2inf.net	c:\users\FM3A93~1.MED\AppData\Local\OE2INF~1.NET
2015-02-04 14:33 . 2015-02-13 13:21	--------	d-----w-	c:\program files (x86)\VK Downloader
2015-02-04 14:26 . 2015-02-04 14:26	--------	d-----w-	c:\users\FM3A93~1.MED\AppData\Local\CE616C~1
2015-02-04 14:24 . 2015-02-20 14:44	--------	d-----w-	c:\users\Fm. Medved\AppData\Local\SystemDir
2015-02-04 13:46 . 2015-02-04 13:46	--------	d-----w-	c:\users\Fm. Medved\AppData\Roaming\LEGO Company
2015-02-04 13:37 . 2015-02-04 13:37	687	----a-w-	C:\awh74C1.tmp
2015-02-03 09:40 . 2015-02-03 09:40	687	----a-w-	C:\awhF056.tmp
2015-02-03 09:30 . 2015-02-03 09:30	687	----a-w-	C:\awhDC4A.tmp
2015-02-02 22:31 . 2015-02-02 22:31	687	----a-w-	C:\awhF9F7.tmp
2015-02-02 12:57 . 2015-02-02 12:57	687	----a-w-	C:\awh5955.tmp
2015-02-02 00:19 . 2015-02-02 00:19	687	----a-w-	C:\awh8A83.tmp
2015-02-01 15:03 . 2015-02-06 15:58	--------	d-----w-	c:\users\Fm. Medved\AppData\Local\Game Updater
2015-02-01 12:52 . 2015-02-01 12:52	687	----a-w-	C:\awh312D.tmp
2015-02-01 10:38 . 2015-02-01 10:38	687	----a-w-	C:\awh7B27.tmp
2015-01-31 20:08 . 2015-02-20 15:09	--------	d-----w-	c:\program files (x86)\e8b81c09-4582-4567-aca3-7b6a8bedd113
2015-01-31 13:00 . 2015-01-31 13:00	--------	d-----w-	c:\users\Fm. Medved\AppData\Roaming\QuickScan
2015-01-31 12:52 . 2015-02-01 12:52	--------	d-----w-	c:\users\Fm. Medved\AppData\Roaming\Seznam.cz
2015-01-30 18:38 . 2015-01-30 18:53	--------	d-----w-	c:\users\TEMP
2015-01-30 07:45 . 2015-01-30 07:45	687	----a-w-	C:\awh5705.tmp
2015-01-29 13:20 . 2015-01-29 13:20	687	----a-w-	C:\awh3FFC.tmp
2015-01-28 09:00 . 2015-01-28 09:00	687	----a-w-	C:\awh6306.tmp
2015-01-27 08:19 . 2015-01-27 08:19	687	----a-w-	C:\awhD6AA.tmp
2015-01-26 22:55 . 2015-01-26 22:55	--------	d-----w-	c:\users\Fm. Medved\AppData\Roaming\Promotion Software GmbH
2015-01-26 22:03 . 2015-01-26 22:03	--------	d-----w-	c:\users\Fm. Medved\AppData\Roaming\11bitstudios
2015-01-25 15:14 . 2015-01-25 15:14	687	----a-w-	C:\awh3526.tmp
2015-01-25 08:33 . 2015-01-25 08:33	--------	d-----w-	c:\users\Fm. Medved\AppData\Roaming\PremiumCraft_slave
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-16 23:59 . 2014-07-19 11:51	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-02-12 01:22 . 2012-02-13 20:38	116773704	----a-w-	c:\windows\system32\MRT.exe
2015-02-11 19:44 . 2014-06-30 15:46	215128	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2015-02-11 19:44 . 2012-02-05 20:03	215128	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2015-02-11 19:38 . 2012-02-05 19:48	282296	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2015-02-09 04:45 . 2012-05-24 00:42	701616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-09 04:45 . 2011-10-14 03:49	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-02 18:04 . 2014-06-19 12:26	174624	----a-w-	c:\windows\SysWow64\EasyAntiCheat.exe
2015-01-24 17:52 . 2014-06-30 15:46	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2015-01-24 17:49 . 2013-06-24 16:21	2434856	----a-w-	c:\windows\SysWow64\pbsvc_bc2.exe
2015-01-21 09:29 . 2015-01-21 09:29	687	----a-w-	C:\awh2206.tmp
2015-01-20 19:27 . 2015-01-20 19:27	687	----a-w-	C:\awh29E.tmp
2015-01-20 08:35 . 2015-01-20 08:35	687	----a-w-	C:\awhF314.tmp
2015-01-19 22:30 . 2015-01-19 22:30	687	----a-w-	C:\awhE0BD.tmp
2015-01-19 06:00 . 2015-01-19 06:00	687	----a-w-	C:\awh85D1.tmp
2015-01-17 23:46 . 2015-01-17 23:46	687	----a-w-	C:\awh55FB.tmp
2015-01-14 17:36 . 2015-01-14 17:36	687	----a-w-	C:\awh7DA7.tmp
2015-01-14 01:48 . 2015-01-14 01:48	687	----a-w-	C:\awhEBF7.tmp
2015-01-11 20:44 . 2015-01-11 20:44	687	----a-w-	C:\awhFCAE.tmp
2015-01-09 11:45 . 2015-01-09 11:45	687	----a-w-	C:\awh3207.tmp
2015-01-08 17:05 . 2015-01-08 17:05	687	----a-w-	C:\awh3E28.tmp
2015-01-07 10:38 . 2015-01-07 10:38	687	----a-w-	C:\awh3487.tmp
2015-01-06 17:50 . 2015-01-06 17:50	687	----a-w-	C:\awh7CBD.tmp
2015-01-05 21:12 . 2015-01-05 21:12	687	----a-w-	C:\awh44BD.tmp
2015-01-04 10:40 . 2015-01-04 10:40	687	----a-w-	C:\awh5BA2.tmp
2015-01-03 10:54 . 2015-01-03 10:54	687	----a-w-	C:\awh310E.tmp
2015-01-02 10:31 . 2015-01-02 10:31	687	----a-w-	C:\awh3EC4.tmp
2015-01-01 09:33 . 2015-01-01 09:33	687	----a-w-	C:\awhE240.tmp
2014-12-31 11:14 . 2010-11-21 03:27	298120	------w-	c:\windows\system32\MpSigStub.exe
2014-12-31 09:45 . 2014-12-31 09:45	687	----a-w-	C:\awh42AA.tmp
2014-12-30 10:04 . 2014-12-30 10:04	687	----a-w-	C:\awh6E4C.tmp
2014-12-29 09:08 . 2014-12-29 09:08	687	----a-w-	C:\awh3CFF.tmp
2014-12-28 15:23 . 2014-12-28 15:23	687	----a-w-	C:\awh18CD.tmp
2014-12-27 23:54 . 2014-12-27 23:54	687	----a-w-	C:\awh221B.tmp
2014-12-25 11:02 . 2014-12-25 11:02	687	----a-w-	C:\awh41FF.tmp
2014-12-24 09:01 . 2014-12-24 09:01	687	----a-w-	C:\awh9C00.tmp
2014-12-23 23:41 . 2014-12-23 23:41	687	----a-w-	C:\awh34B9.tmp
2014-12-20 14:06 . 2014-12-20 14:06	687	----a-w-	C:\awh3062.tmp
2014-12-20 00:05 . 2014-12-20 00:05	687	----a-w-	C:\awh50CD.tmp
2014-12-19 14:42 . 2014-12-19 14:42	687	----a-w-	C:\awhFF64.tmp
2014-12-19 03:06 . 2015-01-14 02:06	210432	----a-w-	c:\windows\system32\profsvc.dll
2014-12-19 01:46 . 2015-01-14 02:06	141312	----a-w-	c:\windows\system32\drivers\mrxdav.sys
2014-12-18 20:40 . 2014-12-18 20:40	687	----a-w-	C:\awh4440.tmp
2014-12-18 14:04 . 2014-12-18 14:04	687	----a-w-	C:\awhC84D.tmp
2014-12-17 12:40 . 2014-12-17 12:40	687	----a-w-	C:\awhF018.tmp
2014-12-16 17:18 . 2014-12-16 17:18	687	----a-w-	C:\awh269D.tmp
2014-12-11 17:47 . 2015-01-14 02:06	62976	----a-w-	c:\windows\system32\TSWbPrxy.exe
2014-12-08 13:33 . 2014-12-08 13:33	687	----a-w-	C:\awh4077.tmp
2014-12-06 04:17 . 2015-01-14 02:06	303616	----a-w-	c:\windows\system32\nlasvc.dll
2014-12-06 03:50 . 2015-01-14 02:06	52224	----a-w-	c:\windows\SysWow64\nlaapi.dll
2014-12-06 03:50 . 2015-01-14 02:06	156672	----a-w-	c:\windows\SysWow64\ncsi.dll
2014-12-03 19:19 . 2014-12-03 19:19	687	----a-w-	C:\awh595A.tmp
2014-11-30 15:29 . 2014-11-30 15:29	687	----a-w-	C:\awh9315.tmp
2014-11-28 23:01 . 2014-11-28 23:01	687	----a-w-	C:\awh6BEB.tmp
2014-11-28 17:58 . 2014-11-28 17:58	687	----a-w-	C:\awh9B71.tmp
2011-07-23 16:29 . 2012-04-30 20:18	9591104	----a-w-	c:\program files\DTLite [Bigtorrents.org].exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mliznprdtc"="start hxxp://foretuned.com/" [X]
"7bb57c0fd12a2022cd4bb9ea"="iexplore.exe" [2009-04-20 60416]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2014-10-14 720064]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE" [2012-02-29 283232]
"MaxDownload"="c:\users\Fm. Medved\AppData\Roaming\MaxDownload\Updater.exe" [2014-10-13 308224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Flash Player SU"="if %date:~6" [X]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2012-01-05 296984]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-07-01 1103440]
"Dolby Advanced Audio v2"="c:\dolby pcee4\pcee4.exe" [2011-06-01 506712]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-09-20 341360]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-08-26 177448]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2010-08-30 979328]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 BRDriver64_1_3_3_E02B25FC;BRDriver64_1_3_3_E02B25FC;c:\programdata\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys;c:\programdata\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [x]
R3 BRSptStub;BitRaider Mini-Support Service Stub Loader;c:\programdata\BitRaider\BRSptStub.exe;c:\programdata\BitRaider\BRSptStub.exe [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R4 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
R4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 CGVPNCliService;CyberGhost 5 Client Service;c:\program files\CyberGhost 5\Service.exe;c:\program files\CyberGhost 5\Service.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-02-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-24 04:45]
.
2015-02-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001Core.job
- c:\users\Fm. Medved\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-08 17:50]
.
2015-02-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001UA.job
- c:\users\Fm. Medved\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-08 17:50]
.
2015-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-14 12:10]
.
2015-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-14 12:10]
.
2015-02-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001Core.job
- c:\users\Fm. Medved\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-03 12:10]
.
2015-02-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001UA.job
- c:\users\Fm. Medved\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-03 12:10]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-16 12673128]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-16 2277480]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-08-02 1831016]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-08-14 172016]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-08-14 399856]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-08-14 442352]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-12-13 2531472]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-01-30 1332296]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com
TCP: DhcpNameServer = 10.0.0.138 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-*LABAL* - (no file)
Wow6432Node-HKCU-Run-Vkmusicdownloader - c:\users\Fm. Medved\AppData\Local\Microsoft\Windows\Vkmusicdownloader.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-Fraps - c:\users\Fm. Medved\Desktop\uninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
AddRemove-MailRuUpdater - c:\users\Fm. Medved\AppData\Local\Mail.Ru\MailRuUpdater.exe
AddRemove-Vkmusicdownloader - c:\users\Fm. Medved\AppData\Local\Microsoft\Windows\Vkmusicdownloader.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-347752443-2393636236-3195270278-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:9e,0d,02,5a,c2,41,87,47,4b,2b,9e,8d,be,ac,35,45,e9,e9,e0,23,88,6b,c2,
   ce,01,1f,dd,49,02,f8,53,50,ea,07,b6,ba,c5,b9,60,d7,48,4a,fc,3e,f4,b6,0d,31,\
"??"=hex:e2,06,90,c3,a9,ab,f7,ca,1c,f7,63,d7,3e,f2,89,5d
.
[HKEY_USERS\S-1-5-21-347752443-2393636236-3195270278-1001\Software\SecuROM\License information*]
"datasecu"=hex:bf,c3,91,b3,1a,b0,6e,a5,11,c8,b2,3d,93,45,ab,e8,7c,c4,e7,28,f3,
   18,c9,34,1b,3d,a0,f3,4e,ad,90,93,d6,ce,3a,57,a9,20,35,2d,e3,e3,f2,8a,b7,8e,\
"rkeysecu"=hex:ec,e4,c3,82,1e,ee,05,d7,0c,a1,b7,a5,40,6f,51,0d
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
"Key"="ActionsPane3"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-02-20  16:13:22
ComboFix-quarantined-files.txt  2015-02-20 15:13
.
Vor Suchlauf: 22 Verzeichnis(se), 263.030.235.136 Bytes frei
Nach Suchlauf: 29 Verzeichnis(se), 318.158.200.832 Bytes frei
.
- - End Of File - - 54A8A3F16FDFD6DCCA0503905E6FD3DE

Alt 21.02.2015, 10:34   #12
schrauber
/// the machine
/// TB-Ausbilder
 
Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr. - Standard

Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.02.2015, 15:53   #13
Mr. Dela
 
Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr. - Standard

Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.


So, ich habe ca. vor 3 Wochen schon adwcleaner und Antimalware angewendet.

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 22.02.2015
Suchlauf-Zeit: 14:40:30
Logdatei: 22-02-2015.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.02.22.03
Rootkit Datenbank: v2015.02.20.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Fm. Medved

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 605175
Verstrichene Zeit: 38 Min, 59 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 7
PUP.Optional.InternetSpeedChecker.A, HKLM\SOFTWARE\Internet Speed Checker-nv, In Quarantäne, [a0db021f3b4fbb7b818f682cd42f6b95], 
PUP.Optional.InternetSpeedChecker.A, HKLM\SOFTWARE\WOW6432NODE\Internet Speed Checker-nv, In Quarantäne, [b1ca7ea3b6d4ea4cb25efc9857ac669a], 
PUP.Optional.InternetSpeedChecker.A, HKLM\SOFTWARE\WOW6432NODE\Internet Speed Checker-nv-ie, In Quarantäne, [ff7c09181c6ef64041cf870de91a40c0], 
PUP.Optional.InternetSpeedChecker.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Internet Speed Checker-nv, In Quarantäne, [0e6d6bb690fadb5bd63b8212976cae52], 
PUP.Optional.InternetSpeedChecker.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Internet Speed Checker-nv-ie, In Quarantäne, [5625c45d8a006bcb5eb3563e21e22cd4], 
PUP.Optional.InternetSpeedChecker.A, HKU\S-1-5-21-347752443-2393636236-3195270278-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Internet Speed Checker-nv, In Quarantäne, [f2893be692f8280ede334351cb382ed2], 
PUP.Optional.InternetSpeedChecker.A, HKU\S-1-5-21-347752443-2393636236-3195270278-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Internet Speed Checker-nv-ie, In Quarantäne, [df9c75acf496f541e62baaea08fb02fe], 

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 1
Trojan.Agent, C:\Users\Fm. Medved\AppData\Local\SystemDir\setsearchm.exe, In Quarantäne, [1c5f26fb573388aea2e0e22f55ad48b8], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
Code:
ATTFilter
# AdwCleaner v4.111 - Bericht erstellt 22/02/2015 um 15:28:58
# Aktualisiert 18/02/2015 von Xplode
# Datenbank : 2015-02-18.3 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Fm. Medved - FMMEDVED-PC
# Gestarted von : C:\Users\Fm. Medved\Desktop\AdwCleaner_4.111.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\END

***** [ Geplante Tasks ] *****

Task Gelöscht : BrowserDefendert
Task Gelöscht : RunAsStdUser Task

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17631


-\\ Mozilla Firefox v


-\\ Google Chrome v


-\\ Chromium v


-\\ Comodo Dragon v


-\\ Chrome Canary v


*************************

AdwCleaner[R0].txt - [38989 Bytes] - [10/02/2015 01:02:59]
AdwCleaner[R1].txt - [1340 Bytes] - [10/02/2015 01:43:51]
AdwCleaner[R2].txt - [1399 Bytes] - [13/02/2015 14:21:41]
AdwCleaner[R3].txt - [1276 Bytes] - [22/02/2015 15:26:50]
AdwCleaner[S0].txt - [36666 Bytes] - [10/02/2015 01:04:43]
AdwCleaner[S1].txt - [1409 Bytes] - [13/02/2015 14:24:22]
AdwCleaner[S2].txt - [1198 Bytes] - [22/02/2015 15:28:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1257  Bytes] ##########
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Premium x64
Ran by Fm. Medved on 22.02.2015 at 15:42:26,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\AlawarWrapper
Successfully deleted: [Folder] "C:\Users\Fm. Medved\appdata\local\breakpad"
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{02147DB2-0CE1-4CEE-8DB9-CDC1501595E2}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{0248835E-83FC-4905-95BE-8DC22516A96F}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{0392CA78-D680-451F-9EBE-0E6961F5B3EF}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{0725E8ED-FD28-4032-884D-FBE3D52B734D}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{07BFB20B-642A-431B-8E24-D0928D3B468E}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{08BA6C19-85A3-4475-828C-251C5E03C2D8}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{0B744994-5DEE-4150-B77C-BE221B67E243}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{0EEBE791-C7AC-4162-A97A-4DBFF59BC310}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{1295098F-3E54-41E5-9A79-1C7266863B35}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{16698FDA-9645-485E-85F8-4586D47280AA}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{1ADF661F-DC67-41D5-B2A1-7AD0FF77ED11}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{1D55EA4B-522B-40FC-A8A3-61881CB7B4EE}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{1FE350F3-C97D-44D2-80A7-E9FCE71BB74C}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{285DF482-6AD3-44C0-9391-62C0DBA0D570}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{2BDD0B3C-5321-469E-9377-0CD4BE4D07C6}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{2E60221A-A60C-4BB0-86C5-FED6EF291497}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{2E8C368E-64A5-42F4-B766-E1A9CDB23608}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{300BA918-5BD8-4782-B22D-A6CE62E727C0}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{33347798-BCFB-4AA9-AEBD-CD019E7DC944}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{3A138580-607B-496B-8017-50DE151ADE67}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{3D9F87D8-58C6-48C3-90B6-335CCAABD004}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{44EA6603-16EA-4169-B065-94470D98B51E}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{4AD4637B-282B-4BC0-ACFA-51C89D00D84F}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{4D184CDD-31DC-4010-9E2B-5DC1B8071517}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{53674A9D-8EFE-44D0-807E-0CCFE9CE9F29}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{56E26FAA-F2F6-4116-A805-B7EFC7F8E2D6}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{5D933A9D-38EE-4ED4-81C2-80BEE9DC44B7}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{5E865D67-86F7-4465-B6E7-47679872C804}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{5FBD7211-BBF8-4A9A-A3DC-8127E9BF387E}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{632DE72C-43E1-4C73-9FE6-231B14D36D40}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{64BD0367-C3D9-4C7B-95C7-7E801D703148}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{689F67A5-7919-469A-B54F-C46ADFF820CF}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{6A63F194-5398-470A-A95C-CB7041B62716}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{6BE8F7A3-A7D5-42AA-8431-168A9AE6972C}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{72A4778D-49C3-40B4-990A-B019BA180181}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{7332F20D-767E-41ED-8EB9-519E654B60BE}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{735CABE7-6A53-42B6-80E6-E3E1BD90B92B}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{75B8291F-41E2-4BAB-8230-5021CCD6EF5E}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{7607D967-4C57-44C2-A34B-32E879563E47}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{779F3DEA-91FC-4518-8F08-98FCBF66E3AA}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{784F9FC8-C43E-4B4D-9FC8-D9EB2A9F4BCF}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{7C949A17-5E69-4C60-9409-A0D5F9B1B2E5}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{7D6CF2FC-A3CC-42AF-B556-8B349AF90CAE}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{7F8DD1C3-18DA-46E5-9E1E-44FE2FDF97A3}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{812E1A17-72DB-4051-88D4-28B330CE9C69}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{83B29732-074A-4A9B-A4A5-9099A9670A77}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{84CE882A-C6BB-4FD5-8883-B74B158867C6}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{86ECEAFC-016F-43F0-B2E1-C0CAAB0AE672}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{874A5838-3E1D-434E-AF92-F2B881918301}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{8C76C21E-6914-4D9A-A0D2-3F91A5F12226}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{8E727E90-BF80-4B78-91D2-821EA3DDB9A3}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{91270CF2-E9D0-4A6C-951C-226F6D7D5D57}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{92A421F4-BDAD-4199-B8F5-D6EF2191847F}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{93517FF4-642F-4009-AF3A-1B85032CFF33}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{985CB6C7-1747-4961-AE2B-3CF9B33AAE91}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{9F84713F-7DE2-429A-A205-3A3A21FE75E0}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{A42F0869-1EC3-425D-8263-A394A3FE8484}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{A55E4B6C-8F7A-4B07-85E3-AB729488F1BF}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{A66F6313-93A6-44E7-8369-BBEC35E30A61}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{A6BD421A-DD32-443E-B9D8-F3B0FE9A50F9}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{A7F28C00-6F32-49CB-A89C-D189E3124C86}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{A80BA1BE-3581-4376-9CA1-01CA76571918}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{A8B8FE23-4B80-479E-8E0F-108DD14A1FAC}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{B18512DC-3D59-4EAB-A112-03BBA48AE94A}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{B5AF72B8-2C86-40BD-A43B-E54A1358BDA5}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{BB42D206-4F9A-4A73-9024-F9C3FFF6DC38}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{BD12F857-F22C-451F-9FB3-D2B1861360CD}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{C17BFA3B-70FE-4CAC-968E-3E06EFC7B130}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{C21EE9A0-5CC6-4890-A2B5-2956EE5665BD}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{C2FBFD1E-CB04-45EC-926E-12D51C41B3A4}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{C4305B67-17B5-4B2D-A51D-E69EAC91D761}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{C490C440-B78D-442C-8B25-8A3559861352}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{C8259E83-689A-4B1B-B181-9C2907E555D4}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{CCB5570D-84A2-44B2-A6B5-5B1E7832A9C5}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{CF5BB6BD-7429-44A0-82D3-B3EB747EFCB9}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{D41D4C3C-3EAC-4797-B395-CF2A200C646F}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{D4321C18-0D86-43B5-A6AF-5AEBC84B68E4}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{D629416A-F07F-4E9D-82BD-F9E4F3D9233C}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{D7103F92-3485-4E41-9BF8-E20F62CB136A}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{E027A3C9-8F7A-4E5D-84FA-A2767EB2622E}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{E219A319-73AE-4BA9-8198-6B3BFF4EAFEB}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{E52BBE54-6D76-483F-8886-E436A3A048F1}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{EC9393EB-CD1D-4DF2-ADC2-AEFAF943F162}
Successfully deleted: [Empty Folder] C:\Users\Fm. Medved\appdata\local\{F28B77A1-5083-4DC4-BD0F-37EDB346F4EE}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.02.2015 at 15:45:24,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-02-2015
Ran by Fm. Medved (administrator) on FMMEDVED-PC on 22-02-2015 15:51:12
Running from C:\Users\Fm. Medved\Desktop
Loaded Profiles: Fm. Medved (Available profiles: Fm. Medved & UpdatusUser & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHJE.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-08-30] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Flash Player SU] => C:\Windows\System32\cmd.exe /k if %date:~6,4%%date:~3,2%%date:~0,2% LEQ 20130606 (exit) else (start hxxp://liketour.org/ && exit)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Run: [7bb57c0fd12a2022cd4bb9ea] => iexplore.exe
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2014-10-14] (Microsoft Corporation)
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Run: [mliznprdtc] => cmd /c start hxxp://foretuned.com/
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Run: [MaxDownload] => C:\Users\Fm. Medved\AppData\Roaming\MaxDownload\Updater.exe [308224 2014-10-13] ()
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
GroupPolicyUsers\S-1-5-21-347752443-2393636236-3195270278-1009\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-347752443-2393636236-3195270278-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = 
SearchScopes: HKLM-x32 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-347752443-2393636236-3195270278-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.134.0.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.1.15602.22612\npSkypeWebPlugin64.dll (Skype)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.1.15602.22612\npSkypeWebPlugin.dll (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-347752443-2393636236-3195270278-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Fm. Medved\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-347752443-2393636236-3195270278-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Fm. Medved\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-347752443-2393636236-3195270278-1001: @talk.google.com/O1DPlugin -> C:\Users\Fm. Medved\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-347752443-2393636236-3195270278-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Fm. Medved\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-347752443-2393636236-3195270278-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Fm. Medved\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-347752443-2393636236-3195270278-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Fm. Medved\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-347752443-2393636236-3195270278-1001: ubisoft.com/uplaypc -> C:\Spiele\The.Settlers7.PtaK.Multi9-RU.Repack\INstall\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Users\Fm. Medved\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Fm. Medved\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Firefox\Extensions: [{8c9ee4c1-6fb6-4773-afd6-23f4398777ac}] - C:\Program Files (x86)\LyricsPal\130.xpi

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://2inf.net/?utm_source=startpage12
CHR StartupUrls: Default -> "https://www.google.ru/webhp?tab=ww&ei=sUHSVKe9OIG1U5b7gLgN&ved=0CAYQ1S4"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-02]
CHR Extension: (Design Something) - C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgeclailpjmobncndjbahebjhboblhno [2014-11-01]
CHR Extension: (AdBlock) - C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-06]
CHR Extension: (Learn Hebrew - Ma Kore) - C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiphfaggmjkobfelhkaddcoagngjogeg [2014-11-01]
CHR Extension: (Google Wallet) - C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Adblock Plus Chrome) - C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\Default\Extensions\omihghdlmaedmkipdikamnejbeecjcim [2014-11-01]
CHR HKU\S-1-5-21-347752443-2393636236-3195270278-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cifhijkiiikloafabeloklapclpjgpom] - C:\Users\Fm. Medved\AppData\Roaming\VkVideo\chrome.crx [2012-10-24]
CHR HKLM-x32\...\Chrome\Extension: [gdknicmnhbaajdglbinpahhapghpakch] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jedelkhanefmcnpappfhachbpnlhomai] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [mfhobjnbhogmcagcbgjlileeghfbbodm] - C:\ProgramData\ADDICT-THING\mfhobjnbhogmcagcbgjlileeghfbbodm.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pganlglbhgfjfgopijbhemcpbehjnpia] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [phfiheafjohhojemkgljhlhfpgdlpppa] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha6627\ch\TrustMediaViewerV1alpha6627.crx [Not Found]
StartMenuInternet: Google Chrome - C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-02-14] (BitRaider, LLC)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174624 2015-02-02] (EasyAntiCheat Ltd)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-31] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-01-24] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2015-02-05] ()
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-02-14] (BitRaider)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2015-02-05] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [111808 2004-05-13] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed]
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-02-04] () [File not signed]
U3 ai9y7taq; C:\Windows\System32\Drivers\ai9y7taq.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-22 15:50 - 2015-02-22 15:50 - 00000000 ____D () C:\Users\Fm. Medved\Desktop\FRST-OlderVersion
2015-02-22 15:45 - 2015-02-22 15:45 - 00010151 _____ () C:\Users\Fm. Medved\Desktop\JRT.txt
2015-02-22 15:40 - 2015-02-22 15:40 - 00001337 _____ () C:\Users\Fm. Medved\Desktop\AdwCleaner[S2].txt
2015-02-22 15:25 - 2015-02-22 15:25 - 00002485 _____ () C:\Users\Fm. Medved\Desktop\22-02-2015.txt
2015-02-22 15:20 - 2015-02-22 15:20 - 01388274 _____ (Thisisu) C:\Users\Fm. Medved\Desktop\JRT.exe
2015-02-22 14:41 - 2015-02-22 14:41 - 02126848 _____ () C:\Users\Fm. Medved\Desktop\AdwCleaner_4.111.exe
2015-02-20 16:13 - 2015-02-20 16:13 - 00042114 _____ () C:\ComboFix.txt
2015-02-20 15:57 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-20 15:57 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-20 15:57 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-20 15:57 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-20 15:57 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-20 15:57 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-20 15:57 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-20 15:57 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-20 15:44 - 2015-02-20 16:13 - 00000000 ____D () C:\Qoobox
2015-02-20 15:43 - 2015-02-20 16:11 - 00000000 ____D () C:\Windows\erdnt
2015-02-20 15:40 - 2015-02-20 15:41 - 05611903 ____R (Swearware) C:\Users\Fm. Medved\Desktop\ComboFix.exe
2015-02-20 04:17 - 2015-02-20 04:19 - 00000023 _____ () C:\Users\Fm. Medved\jagexappletviewer.preferences
2015-02-20 04:17 - 2015-02-20 04:17 - 00000049 _____ () C:\Users\Fm. Medved\jagex_cl_runescape_LIVE.dat
2015-02-19 21:58 - 2015-02-20 04:17 - 00000000 ____D () C:\Users\Fm. Medved\jagexcache
2015-02-19 21:58 - 2015-02-19 21:58 - 00002118 _____ () C:\Users\Fm. Medved\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
2015-02-19 21:58 - 2015-02-19 21:58 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2015-02-19 16:03 - 2015-02-20 15:34 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-19 16:01 - 2015-02-19 18:51 - 00000000 ____D () C:\Users\Fm. Medved\Desktop\mbar
2015-02-19 15:55 - 2015-02-19 15:56 - 16466552 _____ (Malwarebytes Corp.) C:\Users\Fm. Medved\Desktop\mbar-1.08.3.1004.exe
2015-02-19 15:54 - 2015-02-19 15:55 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Fm. Medved\Desktop\tdsskiller.exe
2015-02-18 17:10 - 2015-02-18 17:21 - 00047729 _____ () C:\Users\Fm. Medved\Desktop\Addition.txt
2015-02-18 17:08 - 2015-02-22 15:51 - 00025739 _____ () C:\Users\Fm. Medved\Desktop\FRST.txt
2015-02-18 15:00 - 2015-02-18 15:00 - 00001119 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-02-18 15:00 - 2015-02-18 15:00 - 00001069 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-02-18 15:00 - 2015-02-18 15:00 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Canneverbe Limited
2015-02-18 15:00 - 2015-02-18 15:00 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2015-02-18 15:00 - 2015-02-18 15:00 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2015-02-17 13:56 - 2015-02-22 15:51 - 00000000 ____D () C:\FRST
2015-02-17 13:55 - 2015-02-22 15:50 - 02086912 _____ (Farbar) C:\Users\Fm. Medved\Desktop\FRST64.exe
2015-02-15 13:07 - 2015-02-15 13:11 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\.technic
2015-02-14 20:00 - 2015-02-14 20:00 - 00000000 ____D () C:\Users\Fm. Medved\Desktop\Das Lied von Eis & Feuer
2015-02-14 19:48 - 2015-02-14 20:02 - 00000000 ____D () C:\Users\Fm. Medved\Desktop\Knigy
2015-02-14 19:48 - 2015-02-14 19:48 - 00096768 _____ () C:\Users\Fm. Medved\Downloads\Буньян Джон. Путешествие пилигрима - royallib.com.fb2.zip
2015-02-14 13:37 - 2015-02-14 13:37 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\SWTOR
2015-02-14 12:43 - 2015-02-14 12:43 - 00000000 ____D () C:\Users\Public\Documents\BitRaider
2015-02-14 12:43 - 2015-02-14 12:43 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\SWTORPerf
2015-02-14 12:43 - 2015-02-14 12:43 - 00000000 ____D () C:\ProgramData\BitRaider
2015-02-14 12:40 - 2015-02-14 12:40 - 00015881 _____ () C:\Users\Fm. Medved\Documents\Install STAR WARS The Old Republic.log
2015-02-14 12:40 - 2015-02-14 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2015-02-14 12:04 - 2015-02-14 12:05 - 00003582 _____ () C:\Windows\System32\Tasks\WdfHG
2015-02-14 11:54 - 2015-02-14 12:05 - 00000000 ____D () C:\Program Files (x86)\Plants vs. Zombies Garden Warfare
2015-02-14 10:54 - 2015-02-14 10:54 - 00000097 _____ () C:\Users\Fm. Medved\Documents\Plants v.s Zombies Garden Warfare.rar
2015-02-14 10:10 - 2015-02-14 10:10 - 00000000 ____D () C:\Users\Fm. Medved\Downloads\The.Amazing.Spider-Man.2.Proper-RELOADED
2015-02-14 10:07 - 2015-02-14 10:07 - 00001951 _____ () C:\Users\UpdatusUser.FmMedved-PC\Desktop\MaxDownload.lnk
2015-02-14 10:07 - 2015-02-14 10:07 - 00001951 _____ () C:\Users\Gast.FmMedved-PC\Desktop\MaxDownload.lnk
2015-02-14 10:07 - 2015-02-14 10:07 - 00000000 ____D () C:\Users\Fm. Medved\Downloads\maxload
2015-02-14 10:07 - 2015-02-14 10:07 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MaxDownload
2015-02-14 10:07 - 2015-02-14 10:07 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\MaxDownload
2015-02-14 10:07 - 2015-02-14 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MaxDownload
2015-02-14 00:18 - 2015-02-14 00:18 - 00839110 _____ () C:\Users\Fm. Medved\Downloads\Толстой Лев. Анна Каренина - royallib.com.fb2.zip
2015-02-14 00:12 - 2015-02-14 00:12 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\calibre-cache
2015-02-14 00:10 - 2015-02-14 20:16 - 00000000 ____D () C:\Users\Fm. Medved\Documents\Calibre-Bibliothek
2015-02-14 00:10 - 2015-02-14 20:05 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\calibre
2015-02-14 00:09 - 2015-02-14 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2015-02-14 00:09 - 2015-02-14 00:10 - 00000000 ____D () C:\Program Files\Calibre2
2015-02-12 17:00 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 17:00 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 17:00 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 17:00 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 14:45 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 14:45 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 14:45 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 14:45 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 14:45 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 14:45 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 14:45 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 14:45 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 14:45 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 14:45 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 14:45 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 14:45 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 14:45 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 14:45 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 14:45 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 14:45 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 14:45 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 14:45 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:45 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 14:45 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:45 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:45 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 14:45 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 14:45 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 14:45 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 14:45 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:45 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 14:45 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 14:45 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 14:45 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 14:45 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 14:45 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 14:45 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 14:45 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 14:45 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 14:45 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 14:45 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 14:45 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 14:45 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 14:45 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 14:45 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 14:45 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 14:45 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 14:45 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 14:45 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 14:45 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 14:45 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 14:44 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:44 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 14:44 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 14:44 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 14:44 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 14:44 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 14:44 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 14:44 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 14:44 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 14:44 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 14:44 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 14:44 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 14:44 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 14:44 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 14:44 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 14:44 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 14:44 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 14:44 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 14:44 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:44 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:44 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 14:44 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 14:44 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 14:44 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 14:44 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:44 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 14:44 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 14:44 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 14:44 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:44 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 14:44 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 14:44 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 14:44 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 14:44 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 14:44 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 14:44 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 14:44 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 14:44 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 14:44 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 14:44 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 14:44 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 14:44 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 14:44 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 14:44 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:44 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 14:44 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 14:44 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 14:44 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 14:44 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 14:44 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 14:44 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 14:43 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:43 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 14:43 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 14:43 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 14:43 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:43 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:43 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 14:43 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 14:43 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 14:43 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-10 01:53 - 2015-02-22 15:43 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-10 01:53 - 2015-02-19 17:27 - 00097496 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-10 01:53 - 2015-02-10 01:53 - 00001066 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-10 01:53 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-10 01:52 - 2015-02-10 01:53 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-10 01:52 - 2015-02-10 01:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-10 01:52 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-10 01:29 - 2015-02-13 13:23 - 00000000 ____D () C:\Windows\pss
2015-02-10 01:02 - 2015-02-22 15:29 - 00000000 ____D () C:\AdwCleaner
2015-02-09 11:49 - 2015-02-09 11:49 - 00000687 _____ () C:\awh3BE7.tmp
2015-02-09 09:32 - 2015-02-09 09:32 - 00000687 _____ () C:\awh777F.tmp
2015-02-08 23:33 - 2015-02-09 01:28 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\ArmA 2 OA
2015-02-08 23:33 - 2015-02-08 23:35 - 00000000 ____D () C:\Users\Fm. Medved\Documents\ArmA 2
2015-02-08 18:12 - 2015-02-08 18:13 - 00000000 ____D () C:\Program Files (x86)\Team Liquid Streams
2015-02-08 14:13 - 2015-02-08 14:13 - 00000000 ____D () C:\Program Files (x86)\Click free Browsing
2015-02-08 09:56 - 2015-02-08 09:56 - 00000687 _____ () C:\awh8729.tmp
2015-02-08 09:47 - 2015-02-08 15:14 - 00000000 ____D () C:\Users\Fm. Medved\Downloads\Plants vs. Zombies Garden Warfare
2015-02-08 09:17 - 2015-02-08 09:17 - 00000687 _____ () C:\awh862F.tmp
2015-02-07 22:16 - 2015-02-07 22:16 - 00000687 _____ () C:\awhA85F.tmp
2015-02-07 11:26 - 2015-02-07 12:05 - 00000000 ____D () C:\Program Files (x86)\The Sims 3 Designer Edition
2015-02-07 10:13 - 2015-02-07 10:13 - 00000687 _____ () C:\awh52E.tmp
2015-02-06 18:50 - 2015-02-06 19:00 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\CyberGhost
2015-02-06 18:50 - 2015-02-06 18:50 - 00000000 ____D () C:\Program Files\TAP-Windows
2015-02-06 18:49 - 2015-02-07 12:24 - 00001897 _____ () C:\Users\Fm. Medved\Desktop\CyberGhost 5.lnk
2015-02-06 18:49 - 2015-02-06 18:50 - 00000000 ____D () C:\Program Files\CyberGhost 5
2015-02-06 18:49 - 2015-02-06 18:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
2015-02-06 16:20 - 2015-02-06 16:20 - 00002655 _____ () C:\Users\Public\Desktop\Assassin's Creed 4 - Черный Флаг.lnk
2015-02-06 16:20 - 2015-02-06 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed 4 - Черный Флаг
2015-02-06 15:55 - 2015-02-06 15:55 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\Setup Integrity Check
2015-02-06 12:58 - 2015-02-06 12:58 - 00000687 _____ () C:\awh1BE9.tmp
2015-02-05 20:47 - 2015-02-05 20:47 - 00000687 _____ () C:\awh7722.tmp
2015-02-05 20:37 - 2015-02-06 16:58 - 00000000 ____D () C:\Users\Fm. Medved\Documents\Assassin's Creed IV Black Flag
2015-02-05 14:17 - 2015-02-05 14:17 - 00001375 _____ () C:\Users\Fm. Medved\Desktop\Play Settlers 6 - Verknüpfung.lnk
2015-02-05 14:10 - 2015-02-05 14:10 - 00310984 _____ () C:\Windows\system32\Drivers\atksgt.sys
2015-02-05 14:10 - 2015-02-05 14:10 - 00042696 _____ () C:\Windows\system32\Drivers\lirsgt.sys
2015-02-05 11:17 - 2015-02-06 13:04 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\VoipConnect
2015-02-05 11:17 - 2015-02-05 11:17 - 00001191 _____ () C:\Users\Fm. Medved\Desktop\VoipConnect.lnk
2015-02-05 11:17 - 2015-02-05 11:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VoipConnect
2015-02-05 11:17 - 2015-02-05 11:17 - 00000000 ____D () C:\Program Files (x86)\VoipConnect.com
2015-02-05 11:13 - 2015-02-05 11:13 - 00000687 _____ () C:\awhB9FB.tmp
2015-02-05 04:54 - 2015-02-22 04:16 - 00000020 _____ () C:\Users\Fm. Medved\AppData\Roaming\appdataFr3.bin
2015-02-04 18:20 - 2015-02-04 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-02-04 18:17 - 2015-02-04 18:17 - 00000687 _____ () C:\awh32B3.tmp
2015-02-04 16:10 - 2015-02-04 16:10 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\VK Downloader
2015-02-04 15:44 - 2015-02-04 15:44 - 00000687 _____ () C:\awhEF4D.tmp
2015-02-04 15:34 - 2015-02-04 15:34 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\Вoйти в Интeрнет 2inf.net
2015-02-04 15:33 - 2015-02-13 14:21 - 00000000 ____D () C:\Program Files (x86)\VK Downloader
2015-02-04 15:26 - 2015-02-04 15:26 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\Поиcк в Интeрнете
2015-02-04 15:24 - 2015-02-22 15:39 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\SystemDir
2015-02-04 15:24 - 2015-02-04 15:29 - 00003516 _____ () C:\Windows\System32\Tasks\nethost task
2015-02-04 14:46 - 2015-02-04 14:46 - 00000000 ____D () C:\Users\Fm. Medved\Documents\LEGO Creations
2015-02-04 14:46 - 2015-02-04 14:46 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\LEGO Company
2015-02-04 14:45 - 2015-02-04 15:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Company
2015-02-04 14:37 - 2015-02-04 14:37 - 00000687 _____ () C:\awh74C1.tmp
2015-02-03 20:03 - 2015-02-03 20:03 - 00000000 ____D () C:\Users\Fm. Medved\Documents\DIE SIEDLER - Aufstieg eines Königreichs
2015-02-03 10:40 - 2015-02-03 10:40 - 00000687 _____ () C:\awhF056.tmp
2015-02-03 10:30 - 2015-02-03 10:30 - 00000687 _____ () C:\awhDC4A.tmp
2015-02-02 23:31 - 2015-02-02 23:31 - 00000687 _____ () C:\awhF9F7.tmp
2015-02-02 19:03 - 2015-02-02 19:03 - 00000222 _____ () C:\Users\Fm. Medved\Desktop\Rust.url
2015-02-02 13:57 - 2015-02-02 13:57 - 00000687 _____ () C:\awh5955.tmp
2015-02-02 01:19 - 2015-02-02 01:19 - 00000687 _____ () C:\awh8A83.tmp
2015-02-01 16:03 - 2015-02-06 16:58 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\Game Updater
2015-02-01 13:52 - 2015-02-01 13:52 - 00000687 _____ () C:\awh312D.tmp
2015-02-01 11:38 - 2015-02-01 11:38 - 00000687 _____ () C:\awh7B27.tmp
2015-01-31 21:08 - 2015-02-20 16:09 - 00000000 ____D () C:\Program Files (x86)\e8b81c09-4582-4567-aca3-7b6a8bedd113
2015-01-31 14:00 - 2015-01-31 14:00 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\QuickScan
2015-01-31 13:52 - 2015-02-01 13:52 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Seznam.cz
2015-01-30 19:38 - 2015-01-30 19:53 - 00000000 ____D () C:\Users\TEMP
2015-01-30 19:38 - 2013-01-31 09:00 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\TuneUp Software
2015-01-30 19:38 - 2012-05-28 11:07 - 00000000 ____D () C:\Users\TEMP\Documents\Visual Studio 2008
2015-01-30 19:38 - 2012-05-28 11:07 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Microsoft Help
2015-01-30 19:38 - 2011-10-14 04:54 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Macromedia
2015-01-30 19:38 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-30 19:38 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-30 08:45 - 2015-01-30 08:45 - 00000687 _____ () C:\awh5705.tmp
2015-01-29 14:20 - 2015-01-29 14:20 - 00000687 _____ () C:\awh3FFC.tmp
2015-01-28 10:00 - 2015-01-28 10:00 - 00000687 _____ () C:\awh6306.tmp
2015-01-27 09:19 - 2015-01-27 09:19 - 00000687 _____ () C:\awhD6AA.tmp
2015-01-26 23:55 - 2015-01-26 23:55 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Promotion Software GmbH
2015-01-26 23:03 - 2015-01-26 23:03 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\11bitstudios
2015-01-26 19:47 - 2015-01-26 19:47 - 00001395 _____ () C:\Users\Fm. Medved\Desktop\Construction Simulator 2015.lnk
2015-01-25 16:14 - 2015-01-25 16:14 - 00000687 _____ () C:\awh3526.tmp
2015-01-25 15:09 - 2015-01-25 15:09 - 00000000 ____D () C:\Users\Fm. Medved\Documents\Paradox Interactive
2015-01-25 09:33 - 2015-01-25 09:33 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\PremiumCraft_slave
2015-01-24 18:41 - 2014-05-09 23:20 - 00820224 _____ () C:\Users\Fm. Medved\Desktop\pbsetup.exe
2015-01-24 17:09 - 2015-01-24 17:09 - 00000222 _____ () C:\Users\Fm. Medved\Desktop\Starbound.url

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-22 15:45 - 2013-04-16 09:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-22 15:38 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-22 15:38 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-22 15:35 - 2011-12-15 11:47 - 01760809 _____ () C:\Windows\WindowsUpdate.log
2015-02-22 15:33 - 2012-02-04 20:13 - 00000000 ____D () C:\ProgramData\clear.fi
2015-02-22 15:31 - 2012-06-14 13:11 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-22 15:30 - 2012-02-23 00:13 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-02-22 15:29 - 2012-04-28 20:44 - 00393736 _____ () C:\Windows\PFRO.log
2015-02-22 15:29 - 2012-03-19 11:07 - 00294209 _____ () C:\Windows\setupact.log
2015-02-22 15:29 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-22 15:28 - 2012-07-03 19:17 - 00001140 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001UA.job
2015-02-22 15:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-02-22 15:18 - 2012-06-14 13:11 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-22 15:13 - 2012-02-05 12:35 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Skype
2015-02-22 14:38 - 2012-08-08 18:50 - 00000948 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001UA.job
2015-02-22 06:34 - 2014-12-23 21:10 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-22 06:34 - 2012-02-06 19:52 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\uTorrent
2015-02-22 05:49 - 2014-11-01 12:25 - 00000696 _____ () C:\Users\Fm. Medved\Desktop\Serialy.txt
2015-02-22 04:16 - 2012-10-28 16:29 - 00000000 ____D () C:\Users\Fm. Medved\Desktop\Alles
2015-02-21 19:55 - 2012-08-08 18:50 - 00000926 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001Core.job
2015-02-21 16:41 - 2013-12-11 20:41 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3A8A8C6A-E170-415F-84EB-4159B6166112}
2015-02-21 14:52 - 2014-12-20 19:38 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-21 14:52 - 2011-10-14 04:30 - 00000000 ____D () C:\ProgramData\Skype
2015-02-21 11:53 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-21 02:09 - 2012-07-03 19:17 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001Core.job
2015-02-20 16:09 - 2012-10-28 16:33 - 00000000 ____D () C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint
2015-02-20 16:09 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-02-20 04:17 - 2012-03-30 20:14 - 00000000 ____D () C:\Windows\.jagex_cache_32
2015-02-20 04:17 - 2012-02-04 19:54 - 00000000 ____D () C:\Users\Fm. Medved
2015-02-20 00:39 - 2014-12-09 13:08 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\Steam
2015-02-19 18:52 - 2011-10-14 04:42 - 00000000 ____D () C:\Windows\tr
2015-02-19 13:55 - 2015-01-20 11:55 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\.minecraft
2015-02-19 00:04 - 2012-11-14 11:55 - 00007605 _____ () C:\Users\Fm. Medved\AppData\Local\Resmon.ResmonCfg
2015-02-18 21:21 - 2014-12-26 22:49 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2015-02-18 19:38 - 2013-01-02 15:09 - 00000000 ____D () C:\ProgramData\Origin
2015-02-18 19:31 - 2013-01-02 15:08 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-18 14:30 - 2011-10-14 04:48 - 00000000 ____D () C:\ProgramData\Adobe
2015-02-17 16:31 - 2012-02-04 20:39 - 00000000 ___RD () C:\Spiele
2015-02-17 01:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\schemas
2015-02-17 01:02 - 2014-06-20 10:08 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-17 01:02 - 2013-10-19 22:15 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-17 00:59 - 2014-07-19 12:51 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-02-17 00:59 - 2014-07-19 12:51 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-02-17 00:59 - 2014-07-19 12:51 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-02-17 00:59 - 2014-07-19 12:51 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-16 22:12 - 2012-08-31 19:04 - 778444645 _____ () C:\Windows\MEMORY.DMP
2015-02-16 22:12 - 2012-08-31 19:04 - 00000000 ____D () C:\Windows\Minidump
2015-02-16 03:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-02-15 10:58 - 2014-10-25 01:42 - 00000000 ____D () C:\Users\Fm. Medved\Documents\Outlook-Dateien
2015-02-15 02:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-14 19:30 - 2011-12-15 20:39 - 00703214 _____ () C:\Windows\system32\perfh007.dat
2015-02-14 19:30 - 2011-12-15 20:39 - 00150822 _____ () C:\Windows\system32\perfc007.dat
2015-02-14 19:30 - 2009-07-14 06:13 - 01629436 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-14 12:40 - 2012-03-12 18:39 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2015-02-14 12:40 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-14 12:33 - 2013-01-02 15:35 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Origin
2015-02-13 14:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2015-02-12 20:57 - 2013-08-26 18:18 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\TS3Client
2015-02-12 16:49 - 2009-07-14 05:45 - 03056376 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 16:47 - 2014-12-17 13:33 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 16:47 - 2014-05-07 03:46 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 02:35 - 2013-04-23 22:30 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-12 02:33 - 2012-05-26 22:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-12 02:33 - 2009-07-14 03:34 - 00000510 _____ () C:\Windows\win.ini
2015-02-12 02:29 - 2014-10-20 02:26 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-02-12 02:29 - 2014-10-20 02:25 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-12 02:28 - 2014-10-20 02:24 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-12 02:28 - 2014-10-20 02:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-12 02:28 - 2013-07-18 22:26 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 02:22 - 2012-02-13 21:38 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-11 20:44 - 2014-06-30 16:46 - 00215128 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-11 20:44 - 2012-02-05 21:03 - 00215128 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-02-11 20:38 - 2012-02-05 20:48 - 00282296 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-02-10 17:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-10 02:51 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2015-02-10 02:49 - 2014-10-10 23:47 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\9181
2015-02-10 02:49 - 2014-09-23 08:23 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\12260
2015-02-10 02:49 - 2012-09-06 06:33 - 00000000 ____D () C:\Program Files\14
2015-02-10 02:49 - 2012-05-31 14:34 - 00000000 ____D () C:\ProgramData\InstallMate
2015-02-10 02:06 - 2012-05-30 20:33 - 00000000 ___RD () C:\Bogdan
2015-02-10 02:04 - 2014-04-01 18:07 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\NVIDIA Corporation
2015-02-10 02:04 - 2013-10-05 13:33 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-02-10 02:04 - 2013-05-27 22:23 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\NVIDIA
2015-02-10 02:04 - 2011-12-15 11:52 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-02-10 02:04 - 2011-12-15 11:52 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-02-10 01:18 - 2014-11-13 01:26 - 00002998 _____ () C:\Windows\System32\Tasks\AdobeFlashPlayer-S-2-1-24-198293847112UI
2015-02-10 01:05 - 2012-02-05 12:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-09 21:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-09 05:45 - 2013-04-16 09:54 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-09 05:45 - 2012-05-24 01:42 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-09 05:45 - 2011-10-14 04:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-08 18:14 - 2012-03-16 07:20 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-02-07 12:05 - 2014-06-25 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 3 Designer Edition
2015-02-07 11:26 - 2012-04-07 20:30 - 00000000 ____D () C:\Users\Fm. Medved\Documents\Electronic Arts
2015-02-07 11:11 - 2014-03-02 08:00 - 00000813 _____ () C:\Users\Fm. Medved\AppData\Roaming\tlauncher.rmo.cfg
2015-02-07 06:28 - 2012-02-06 19:05 - 00000000 ___RD () C:\Nikita
2015-02-07 06:20 - 2015-01-02 02:27 - 00000000 ____D () C:\Users\Fm. Medved\Downloads\New Music niko
2015-02-06 19:00 - 2012-02-04 19:54 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\VirtualStore
2015-02-05 20:37 - 2014-06-30 17:20 - 00000000 ____D () C:\ProgramData\Orbit
2015-02-05 14:11 - 2012-04-08 10:24 - 00340271 _____ () C:\Windows\DirectX.log
2015-02-05 14:01 - 2011-10-14 04:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-04 16:12 - 2014-06-01 13:27 - 00000000 ____D () C:\Users\Fm. Medved\Desktop\The Sims 3
2015-02-04 15:30 - 2014-06-13 13:06 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\Amigo
2015-02-04 15:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-02-02 23:50 - 2012-07-03 19:28 - 00002388 _____ () C:\Users\Fm. Medved\Desktop\Google Chronm9.lnk
2015-02-02 19:04 - 2014-06-19 13:26 - 00174624 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2015-02-02 14:22 - 2013-08-26 18:17 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\TeamSpeak 3 Client
2015-01-31 21:04 - 2012-02-07 13:46 - 00000000 ____D () C:\Users\Fm. Medved\Documents\My Games
2015-01-30 14:29 - 2012-05-27 19:21 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Mozilla
2015-01-26 12:05 - 2013-03-18 19:08 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2015-01-24 18:52 - 2014-06-30 16:46 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-01-24 18:49 - 2013-06-24 17:21 - 02434856 _____ () C:\Windows\SysWOW64\pbsvc_bc2.exe

==================== Files in the root of some directories =======

2012-04-30 21:18 - 2011-07-23 17:29 - 9591104 _____ (DT Soft Ltd.) C:\Program Files\DTLite [Bigtorrents.org].exe
2015-02-05 04:54 - 2015-02-22 04:16 - 0000020 _____ () C:\Users\Fm. Medved\AppData\Roaming\appdataFr3.bin
2012-07-06 14:19 - 2012-07-22 00:18 - 1203065 _____ () C:\Users\Fm. Medved\AppData\Roaming\haha
2013-07-10 15:22 - 2010-01-07 14:35 - 1007616 _____ (Huawei Technologies Co., Ltd.) C:\Users\Fm. Medved\AppData\Roaming\LiveUpdate.exe
2013-07-10 15:22 - 2013-07-09 23:59 - 0000713 _____ () C:\Users\Fm. Medved\AppData\Roaming\LiveUpdate.ini
2013-07-10 15:22 - 2008-10-11 09:39 - 0927504 _____ (Microsoft Corporation) C:\Users\Fm. Medved\AppData\Roaming\mfc40u.dll
2013-07-10 15:22 - 2006-12-28 04:34 - 1060864 _____ (Microsoft Corporation) C:\Users\Fm. Medved\AppData\Roaming\mfc71.dll
2013-07-10 15:22 - 2006-12-28 04:34 - 1047552 _____ (Microsoft Corporation) C:\Users\Fm. Medved\AppData\Roaming\MFC71u.dll
2013-07-10 15:22 - 2005-08-10 08:19 - 0401462 _____ (Microsoft Corporation) C:\Users\Fm. Medved\AppData\Roaming\msvcp60.dll
2013-07-10 15:22 - 2006-12-28 04:34 - 0499712 _____ (Microsoft Corporation) C:\Users\Fm. Medved\AppData\Roaming\msvcp71.dll
2013-07-10 15:22 - 2006-12-28 04:34 - 0348160 _____ (Microsoft Corporation) C:\Users\Fm. Medved\AppData\Roaming\msvcr71.dll
2013-07-06 13:36 - 2013-07-06 19:43 - 0078872 _____ () C:\Users\Fm. Medved\AppData\Roaming\svhost
2014-03-01 12:48 - 2015-01-20 11:19 - 0041984 ___SH () C:\Users\Fm. Medved\AppData\Roaming\Thumbs.db
2014-03-02 08:00 - 2015-02-07 11:11 - 0000813 _____ () C:\Users\Fm. Medved\AppData\Roaming\tlauncher.rmo.cfg
2013-07-10 15:22 - 2009-12-31 14:10 - 0151552 _____ (Huawei Technologies Co., Ltd.) C:\Users\Fm. Medved\AppData\Roaming\XMessageBox.dll
2014-03-20 02:35 - 2014-06-17 12:05 - 0013312 _____ () C:\Users\Fm. Medved\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-11-14 11:55 - 2015-02-19 00:04 - 0007605 _____ () C:\Users\Fm. Medved\AppData\Local\Resmon.ResmonCfg
2011-12-15 12:13 - 2011-12-15 12:15 - 0015230 _____ () C:\ProgramData\ArcadeDeluxe5.log

Files to move or delete:
====================
C:\Users\Fm. Medved\jagex_cl_runescape_LIVE.dat


Some content of TEMP:
====================
C:\Users\Fm. Medved\AppData\Local\Temp\Quarantine.exe
C:\Users\Fm. Medved\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-14 01:19

==================== End Of Log ============================
--- --- ---

--- --- ---

Alt 23.02.2015, 07:28   #14
schrauber
/// the machine
/// TB-Ausbilder
 
Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr. - Standard

Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.02.2015, 16:12   #15
Mr. Dela
 
Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr. - Standard

Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.


Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=73cbfc4abb7e9f4ebbd1358aff46215a
# engine=22611
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-23 09:24:20
# local_time=2015-02-23 10:24:20 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 1022135 47710654 0 0
# scanned=2642
# found=50
# cleaned=0
# scan_time=136
sh=B3CD8B5280AF7387824CE50A2040993561A575EB ft=1 fh=83fd7ecc2a207b93 vn="Win32/Toolbar.Neobar.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\advplugin\BackgroundSingleton.exe.vir"
sh=2265176C4DE2B8C83409CD1BF0687E6BAA763936 ft=1 fh=200331ea0a054d08 vn="Variante von Win32/Toolbar.Neobar.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\advplugin\Interfaces32.dll.vir"
sh=FBD02DFD25FC599BB18A967D934390A0023B71AF ft=1 fh=bdb6eaaf4e00aba3 vn="Win64/Toolbar.Neobar.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\advplugin\Interfaces64.dll.vir"
sh=DDBB0CBBFBF22B637E0E58D0A87F661D2769F18D ft=1 fh=43d46031b20e67f7 vn="Win32/Toolbar.Neobar.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\advplugin\Loader.exe.vir"
sh=AB7CA1E95CA44ED600B97E9D37B226226A06B192 ft=1 fh=8362e465c773d42b vn="Variante von Win32/Toolbar.Neobar.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\advplugin\Toolbar32.dll.vir"
sh=F535E5A2DCFEECDD8DB241BDEDC225F5AEE7DFC0 ft=1 fh=547d1857844f8a4e vn="Win64/Toolbar.Neobar.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\advplugin\Toolbar64.dll.vir"
sh=90041E68C718C0425B7C1A394C21A0BA315851D0 ft=1 fh=e49aa872a089d147 vn="Win32/Toolbar.Neobar.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\advplugin\uninstall.exe.vir"
sh=FB897ECE9F12A5AF7C2EE78C2C195FD402F9DFC5 ft=1 fh=932128e3fb027afe vn="Win32/Toolbar.Neobar.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\advplugin\Uninstaller.exe.vir"
sh=751AB26A11929122394ACD8F12F26A34502A6990 ft=1 fh=cec2aef15ec15086 vn="Win32/Toolbar.Neobar.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\advplugin\Basement\ExtensionUpdaterService.exe.vir"
sh=C6167497936A8B287B19EBAF2CE74A9B4EC4314A ft=1 fh=c71c0011ef7f83f5 vn="Variante von Win32/Adware.MultiPlug.EG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DiigiCOupon\cM2a36MgqWYlIh.dll.vir"
sh=2B8F0DB26D9405D9C13CC731C3FE398667BA3A9B ft=1 fh=4abd756e8d251c9d vn="Variante von Win64/Adware.MultiPlug.F Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DiigiCOupon\cM2a36MgqWYlIh.x64.dll.vir"
sh=0AC984C092753511E6BE6DEFDE8A00D9383FBC64 ft=1 fh=c71c0011b7f0322f vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\incredibar.com\incredibar\1.5.11.14\incredibarApp.dll.vir"
sh=79936EC6AE99F9620F27BE4FD814F0728F206AFA ft=1 fh=c71c00115f1871a9 vn="Win32/Toolbar.Montiera.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\incredibar.com\incredibar\1.5.11.14\incredibarEng.dll.vir"
sh=0B733E68082A8A6D442076F04560D87C274F4343 ft=1 fh=c71c001183cce06d vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe.vir"
sh=D99A3225C9887C347B30002398245FB679C88B05 ft=1 fh=c71c00119cd1e83d vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll.vir"
sh=6D3CF20E7CCB1A1A13A703BFC6A275974D914781 ft=1 fh=c71c00115907386a vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll.vir"
sh=09D4ABD104742AF217F72DFB987756FFD2AFFBE4 ft=1 fh=42f3c0a4b34c8be5 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\2434b64f-253f-4509-87aa-a0a45cc3dcbe.dll.vir"
sh=AA84DA11C3E8CB47E31DADE7A22C4B4BB794E629 ft=1 fh=3e4392024ca3073d vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\c567de57-9ce3-44e6-a0e6-dc0c21a02504-1-6.exe.vir"
sh=010667861CA5F3FF741415DD8456FE7921F31FF5 ft=1 fh=644e8b9ecff271fc vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\c567de57-9ce3-44e6-a0e6-dc0c21a02504-1-7.exe.vir"
sh=D8DDD6D52093C73D4AA9A4CFB25B71BCB3394019 ft=1 fh=9309d4ecb85ee13b vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\c567de57-9ce3-44e6-a0e6-dc0c21a02504-10.exe.vir"
sh=7CD613D57E9D9A164ACD8A9894364AC84C5ED0D8 ft=1 fh=336a80ee5aedaa35 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\c567de57-9ce3-44e6-a0e6-dc0c21a02504-5.exe.vir"
sh=E3E01F114A4C7E74B30C43F67FB8EB8DB798F3AD ft=1 fh=bbc218ab0c462230 vn="Variante von Win32/Toolbar.CrossRider.BZ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\c567de57-9ce3-44e6-a0e6-dc0c21a02504-6.exe.vir"
sh=EB782EC7DCAD8B7696F91673DEE0FAFDC911A0A2 ft=1 fh=7b610cbd8eec085a vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\c567de57-9ce3-44e6-a0e6-dc0c21a02504-64.exe.vir"
sh=010667861CA5F3FF741415DD8456FE7921F31FF5 ft=1 fh=644e8b9ecff271fc vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\c567de57-9ce3-44e6-a0e6-dc0c21a02504-7.exe.vir"
sh=4CBD26446BDBA63D763C73B3ECD49222EE29994C ft=1 fh=05d4c5b331d39cd6 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\c8393399-6051-459d-bdc4-ccee75511a08.dll.vir"
sh=DE4761D3E05DF47FC300000F74AF19473242A7BC ft=1 fh=91e70189f5e42278 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\Uninstall.exe.vir"
sh=A9452A4CA79D9B01776BE463AFBDCF6C2DADC5DB ft=1 fh=11ea9158fe51d654 vn="Win32/Packed.VMDetector.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\utils.exe.vir"
sh=EB1F8C5B64609976DFF96B946C115FBB147C9453 ft=1 fh=c71c0011ca4b9920 vn="Variante von Win32/Adware.MultiPlug.EG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ISaaver\Y1eOFgoJnKiJMN.dll.vir"
sh=857FE4C7EC8581F4D253E5B92B70323C605C8FFF ft=1 fh=4abd756e39fb3cc7 vn="Variante von Win64/Adware.MultiPlug.F Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ISaaver\Y1eOFgoJnKiJMN.x64.dll.vir"
sh=1B2549AD3A77445DB857EB1EDB525672D2278E77 ft=1 fh=c71c001189d47e18 vn="Variante von Win32/BHOUninstaller.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PriccEELeassa\WxUhVvybcnfR7n.exe.vir"
sh=1B2549AD3A77445DB857EB1EDB525672D2278E77 ft=1 fh=c71c001189d47e18 vn="Variante von Win32/BHOUninstaller.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PriceLESs\9YYpVRDy7FyWkN.exe.vir"
sh=1B2549AD3A77445DB857EB1EDB525672D2278E77 ft=1 fh=c71c001189d47e18 vn="Variante von Win32/BHOUninstaller.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PricieLeesss\TDA5KkztcqBJhL.exe.vir"
sh=1B2549AD3A77445DB857EB1EDB525672D2278E77 ft=1 fh=c71c001189d47e18 vn="Variante von Win32/BHOUninstaller.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PruiceiLesis\58I3kSzqZ7aE6J.exe.vir"
sh=CE669D60B5D3CF043CFB34F771E23072207A5424 ft=1 fh=c71c00111d1560eb vn="Variante von Win32/SProtector.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\supporter\Supporter.dll.vir"
sh=1B2549AD3A77445DB857EB1EDB525672D2278E77 ft=1 fh=c71c001189d47e18 vn="Variante von Win32/BHOUninstaller.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YoutubeaAdBleoaCke\PRjlHBuGbmFC4j.exe.vir"
sh=1B2549AD3A77445DB857EB1EDB525672D2278E77 ft=1 fh=c71c001189d47e18 vn="Variante von Win32/BHOUninstaller.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YoutuBeeAdBloucke\DUtlfwlN8Bi9u0.exe.vir"
sh=338901240FEDCEF4E3892FD4C723C89154F4DE05 ft=1 fh=020823327ce5bc47 vn="Win32/Adware.MultiPlug.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\ADDICT-THING\bhoclass.dll.vir"
sh=5B0CCA662149240D1FD4354BEAC1338E97E334EA ft=1 fh=45b9659c78b9b894 vn="Win32/Adware.MultiPlug.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\ADDICT-THING\uninstall.exe.vir"
sh=7B68E5976BC49024CE9BE5C6A4CB33E83E5999B2 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\fnbehbfladmoadhkalgjgfipnfhocbpb\content.js.vir"
sh=CDC5EDC6D25D2C8E3627B4F7BF3FAFC968A7629C ft=0 fh=0000000000000000 vn="JS/Kryptik.ATL Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\fnbehbfladmoadhkalgjgfipnfhocbpb\IVS.js.vir"
sh=D0AAF19124500D5B65A94A04981884768E5C29CA ft=1 fh=51b07835288e1053 vn="Variante von Win32/Amonetize.AB evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Fm. Medved\AppData\Local\SwvUpdater\Updater.exe.vir"
sh=F26D9A5607DFC31B5B80B9355AF480F5795886CC ft=1 fh=2cd00d880cab13c4 vn="Win32/Adware.Toolbar.Webalta.BO Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Fm. Medved\AppData\Local\Webalta Toolbar\BandObjectLib.dll.vir"
sh=C7B2F59F398EA23CD32D0038D3DC74465786B9ED ft=0 fh=0000000000000000 vn="Win32/Adware.Toolbar.Webalta.CO Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Fm. Medved\AppData\Local\Webalta Toolbar\webalta_nw_final_chrome.crx.vir"
sh=08A0C25B0BF40535697C1C584ACCDA490D6BC882 ft=1 fh=dbe7f66a50ce49ed vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\FM3A93~1.MED\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
sh=5353C2021C1DB25B027D5E97680131AC9CB2C43D ft=1 fh=a62584fabc5db667 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=BBB9567A6E1A271E10AE543D0F2A152092991D6B ft=1 fh=2f848c2af9b2ebf4 vn="Variante von Win64/Riskware.NetFilter.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\nethfdrv.sys.vir"
sh=E1E94E18CCBF1D2156A1B865696C6D5712AB0669 ft=1 fh=7ab9d73f8e709ec6 vn="Variante von Win32/RiskWare.NetFilter.L Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\hfpapi.dll.vir"
sh=415AF1D26B4BB84EBB0DE3F28C7CAFE09E76C894 ft=1 fh=83c6a0a0bf817a08 vn="Variante von Win32/Amonetize.DX evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\installd.exe.vir"
sh=2A549FB655AA61919A830D20FF32EFC0EB605635 ft=1 fh=be8b23b59eacb7ac vn="Variante von Win32/Amonetize.AZ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\nethtsrv.exe.vir"
sh=FC59BCB86712FF1834899590D24C75599B915365 ft=1 fh=c71c00113f87b9cc vn="Variante von Win32/Amonetize.DZ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\netupdsrv.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=73cbfc4abb7e9f4ebbd1358aff46215a
# engine=22611
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-24 06:04:18
# local_time=2015-02-24 07:04:18 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 1053333 47741852 0 0
# scanned=346154
# found=98
# cleaned=0
# scan_time=31107
sh=B3CD8B5280AF7387824CE50A2040993561A575EB ft=1 fh=83fd7ecc2a207b93 vn="Win32/Toolbar.Neobar.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\advplugin\BackgroundSingleton.exe.vir"
sh=2265176C4DE2B8C83409CD1BF0687E6BAA763936 ft=1 fh=200331ea0a054d08 vn="Variante von Win32/Toolbar.Neobar.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\advplugin\Interfaces32.dll.vir"
sh=FBD02DFD25FC599BB18A967D934390A0023B71AF ft=1 fh=bdb6eaaf4e00aba3 vn="Win64/Toolbar.Neobar.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\advplugin\Interfaces64.dll.vir"
sh=DDBB0CBBFBF22B637E0E58D0A87F661D2769F18D ft=1 fh=43d46031b20e67f7 vn="Win32/Toolbar.Neobar.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\advplugin\Loader.exe.vir"
sh=AB7CA1E95CA44ED600B97E9D37B226226A06B192 ft=1 fh=8362e465c773d42b vn="Variante von Win32/Toolbar.Neobar.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\advplugin\Toolbar32.dll.vir"
sh=F535E5A2DCFEECDD8DB241BDEDC225F5AEE7DFC0 ft=1 fh=547d1857844f8a4e vn="Win64/Toolbar.Neobar.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\advplugin\Toolbar64.dll.vir"
sh=90041E68C718C0425B7C1A394C21A0BA315851D0 ft=1 fh=e49aa872a089d147 vn="Win32/Toolbar.Neobar.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\advplugin\uninstall.exe.vir"
sh=FB897ECE9F12A5AF7C2EE78C2C195FD402F9DFC5 ft=1 fh=932128e3fb027afe vn="Win32/Toolbar.Neobar.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\advplugin\Uninstaller.exe.vir"
sh=751AB26A11929122394ACD8F12F26A34502A6990 ft=1 fh=cec2aef15ec15086 vn="Win32/Toolbar.Neobar.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\advplugin\Basement\ExtensionUpdaterService.exe.vir"
sh=C6167497936A8B287B19EBAF2CE74A9B4EC4314A ft=1 fh=c71c0011ef7f83f5 vn="Variante von Win32/Adware.MultiPlug.EG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DiigiCOupon\cM2a36MgqWYlIh.dll.vir"
sh=2B8F0DB26D9405D9C13CC731C3FE398667BA3A9B ft=1 fh=4abd756e8d251c9d vn="Variante von Win64/Adware.MultiPlug.F Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DiigiCOupon\cM2a36MgqWYlIh.x64.dll.vir"
sh=0AC984C092753511E6BE6DEFDE8A00D9383FBC64 ft=1 fh=c71c0011b7f0322f vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\incredibar.com\incredibar\1.5.11.14\incredibarApp.dll.vir"
sh=79936EC6AE99F9620F27BE4FD814F0728F206AFA ft=1 fh=c71c00115f1871a9 vn="Win32/Toolbar.Montiera.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\incredibar.com\incredibar\1.5.11.14\incredibarEng.dll.vir"
sh=0B733E68082A8A6D442076F04560D87C274F4343 ft=1 fh=c71c001183cce06d vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe.vir"
sh=D99A3225C9887C347B30002398245FB679C88B05 ft=1 fh=c71c00119cd1e83d vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll.vir"
sh=6D3CF20E7CCB1A1A13A703BFC6A275974D914781 ft=1 fh=c71c00115907386a vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll.vir"
sh=09D4ABD104742AF217F72DFB987756FFD2AFFBE4 ft=1 fh=42f3c0a4b34c8be5 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\2434b64f-253f-4509-87aa-a0a45cc3dcbe.dll.vir"
sh=AA84DA11C3E8CB47E31DADE7A22C4B4BB794E629 ft=1 fh=3e4392024ca3073d vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\c567de57-9ce3-44e6-a0e6-dc0c21a02504-1-6.exe.vir"
sh=010667861CA5F3FF741415DD8456FE7921F31FF5 ft=1 fh=644e8b9ecff271fc vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\c567de57-9ce3-44e6-a0e6-dc0c21a02504-1-7.exe.vir"
sh=D8DDD6D52093C73D4AA9A4CFB25B71BCB3394019 ft=1 fh=9309d4ecb85ee13b vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\c567de57-9ce3-44e6-a0e6-dc0c21a02504-10.exe.vir"
sh=7CD613D57E9D9A164ACD8A9894364AC84C5ED0D8 ft=1 fh=336a80ee5aedaa35 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\c567de57-9ce3-44e6-a0e6-dc0c21a02504-5.exe.vir"
sh=E3E01F114A4C7E74B30C43F67FB8EB8DB798F3AD ft=1 fh=bbc218ab0c462230 vn="Variante von Win32/Toolbar.CrossRider.BZ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\c567de57-9ce3-44e6-a0e6-dc0c21a02504-6.exe.vir"
sh=EB782EC7DCAD8B7696F91673DEE0FAFDC911A0A2 ft=1 fh=7b610cbd8eec085a vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\c567de57-9ce3-44e6-a0e6-dc0c21a02504-64.exe.vir"
sh=010667861CA5F3FF741415DD8456FE7921F31FF5 ft=1 fh=644e8b9ecff271fc vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\c567de57-9ce3-44e6-a0e6-dc0c21a02504-7.exe.vir"
sh=4CBD26446BDBA63D763C73B3ECD49222EE29994C ft=1 fh=05d4c5b331d39cd6 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\c8393399-6051-459d-bdc4-ccee75511a08.dll.vir"
sh=DE4761D3E05DF47FC300000F74AF19473242A7BC ft=1 fh=91e70189f5e42278 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\Uninstall.exe.vir"
sh=A9452A4CA79D9B01776BE463AFBDCF6C2DADC5DB ft=1 fh=11ea9158fe51d654 vn="Win32/Packed.VMDetector.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\utils.exe.vir"
sh=EB1F8C5B64609976DFF96B946C115FBB147C9453 ft=1 fh=c71c0011ca4b9920 vn="Variante von Win32/Adware.MultiPlug.EG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ISaaver\Y1eOFgoJnKiJMN.dll.vir"
sh=857FE4C7EC8581F4D253E5B92B70323C605C8FFF ft=1 fh=4abd756e39fb3cc7 vn="Variante von Win64/Adware.MultiPlug.F Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ISaaver\Y1eOFgoJnKiJMN.x64.dll.vir"
sh=1B2549AD3A77445DB857EB1EDB525672D2278E77 ft=1 fh=c71c001189d47e18 vn="Variante von Win32/BHOUninstaller.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PriccEELeassa\WxUhVvybcnfR7n.exe.vir"
sh=1B2549AD3A77445DB857EB1EDB525672D2278E77 ft=1 fh=c71c001189d47e18 vn="Variante von Win32/BHOUninstaller.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PriceLESs\9YYpVRDy7FyWkN.exe.vir"
sh=1B2549AD3A77445DB857EB1EDB525672D2278E77 ft=1 fh=c71c001189d47e18 vn="Variante von Win32/BHOUninstaller.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PricieLeesss\TDA5KkztcqBJhL.exe.vir"
sh=1B2549AD3A77445DB857EB1EDB525672D2278E77 ft=1 fh=c71c001189d47e18 vn="Variante von Win32/BHOUninstaller.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PruiceiLesis\58I3kSzqZ7aE6J.exe.vir"
sh=CE669D60B5D3CF043CFB34F771E23072207A5424 ft=1 fh=c71c00111d1560eb vn="Variante von Win32/SProtector.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\supporter\Supporter.dll.vir"
sh=1B2549AD3A77445DB857EB1EDB525672D2278E77 ft=1 fh=c71c001189d47e18 vn="Variante von Win32/BHOUninstaller.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YoutubeaAdBleoaCke\PRjlHBuGbmFC4j.exe.vir"
sh=1B2549AD3A77445DB857EB1EDB525672D2278E77 ft=1 fh=c71c001189d47e18 vn="Variante von Win32/BHOUninstaller.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YoutuBeeAdBloucke\DUtlfwlN8Bi9u0.exe.vir"
sh=338901240FEDCEF4E3892FD4C723C89154F4DE05 ft=1 fh=020823327ce5bc47 vn="Win32/Adware.MultiPlug.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\ADDICT-THING\bhoclass.dll.vir"
sh=5B0CCA662149240D1FD4354BEAC1338E97E334EA ft=1 fh=45b9659c78b9b894 vn="Win32/Adware.MultiPlug.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\ADDICT-THING\uninstall.exe.vir"
sh=7B68E5976BC49024CE9BE5C6A4CB33E83E5999B2 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\fnbehbfladmoadhkalgjgfipnfhocbpb\content.js.vir"
sh=CDC5EDC6D25D2C8E3627B4F7BF3FAFC968A7629C ft=0 fh=0000000000000000 vn="JS/Kryptik.ATL Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\fnbehbfladmoadhkalgjgfipnfhocbpb\IVS.js.vir"
sh=D0AAF19124500D5B65A94A04981884768E5C29CA ft=1 fh=51b07835288e1053 vn="Variante von Win32/Amonetize.AB evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Fm. Medved\AppData\Local\SwvUpdater\Updater.exe.vir"
sh=F26D9A5607DFC31B5B80B9355AF480F5795886CC ft=1 fh=2cd00d880cab13c4 vn="Win32/Adware.Toolbar.Webalta.BO Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Fm. Medved\AppData\Local\Webalta Toolbar\BandObjectLib.dll.vir"
sh=C7B2F59F398EA23CD32D0038D3DC74465786B9ED ft=0 fh=0000000000000000 vn="Win32/Adware.Toolbar.Webalta.CO Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Fm. Medved\AppData\Local\Webalta Toolbar\webalta_nw_final_chrome.crx.vir"
sh=08A0C25B0BF40535697C1C584ACCDA490D6BC882 ft=1 fh=dbe7f66a50ce49ed vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\FM3A93~1.MED\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
sh=5353C2021C1DB25B027D5E97680131AC9CB2C43D ft=1 fh=a62584fabc5db667 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=BBB9567A6E1A271E10AE543D0F2A152092991D6B ft=1 fh=2f848c2af9b2ebf4 vn="Variante von Win64/Riskware.NetFilter.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\nethfdrv.sys.vir"
sh=E1E94E18CCBF1D2156A1B865696C6D5712AB0669 ft=1 fh=7ab9d73f8e709ec6 vn="Variante von Win32/RiskWare.NetFilter.L Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\hfpapi.dll.vir"
sh=415AF1D26B4BB84EBB0DE3F28C7CAFE09E76C894 ft=1 fh=83c6a0a0bf817a08 vn="Variante von Win32/Amonetize.DX evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\installd.exe.vir"
sh=2A549FB655AA61919A830D20FF32EFC0EB605635 ft=1 fh=be8b23b59eacb7ac vn="Variante von Win32/Amonetize.AZ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\nethtsrv.exe.vir"
sh=FC59BCB86712FF1834899590D24C75599B915365 ft=1 fh=c71c00113f87b9cc vn="Variante von Win32/Amonetize.DZ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\netupdsrv.exe.vir"
sh=F621236A09C43854466366EC843B59E9CB96F45E ft=1 fh=b6436dbf93b058bb vn="Variante von Win32/Multibar.AN evtl. unerwünschte Anwendung" ac=I fn="C:\Mama\Lara\setup.exe"
sh=2E4BD38E61FB30EA685104C7C9A9BD4DCC717EF6 ft=1 fh=1c43cc4113872170 vn="Win32/Toolbar.Neobar.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\VK Downloader\BackgroundSingleton.exe"
sh=B99BA68A65447463FDEA2CCB33EBDA7B9A334740 ft=1 fh=3aa4bdce42a148a8 vn="Variante von Win32/Toolbar.Neobar.C evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\VK Downloader\Interfaces32.dll"
sh=A875BB47CAA8DC3D055F0412493076A8B15B44BD ft=1 fh=ada876c34e4247ec vn="Win64/Toolbar.Neobar.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\VK Downloader\Interfaces64.dll"
sh=5B4BDC507A96A0DE7EC4AEDD740CF1D01DAAE265 ft=1 fh=818fcf0647cb09fe vn="Win32/Toolbar.Neobar.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\VK Downloader\Loader.exe"
sh=8FA6BFC61AF6A090A91E22804E57D7129FC8B95B ft=1 fh=59187986ea50b572 vn="Win32/Toolbar.Neobar.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\VK Downloader\uninstall.exe"
sh=171E22582F717A7AB06DD9FD4448A2927E9E0E1A ft=1 fh=b2018a2246782e12 vn="Win32/Toolbar.Neobar.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\VK Downloader\Uninstaller.exe"
sh=740982CE3B3E4BD08C1CBD5FC8CFEB982F1D4E05 ft=1 fh=af8c0585c052e303 vn="Win32/InstalleRex.T evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\InstallMate\{A7F80DBD-08AB-A060-428B-40897C1B2F4B}\_Setupx.dll"
sh=09D4ABD104742AF217F72DFB987756FFD2AFFBE4 ft=1 fh=42f3c0a4b34c8be5 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\ABBYY FineReader 9.0 Sprint\e8b81c09-4582-4567-aca3-7b6a8bedd113.dll.vir"
sh=09D4ABD104742AF217F72DFB987756FFD2AFFBE4 ft=1 fh=42f3c0a4b34c8be5 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\e8b81c09-4582-4567-aca3-7b6a8bedd113\a7583f0c-5de1-4b3c-b81d-a194f7ef8d53.dll.vir"
sh=E995114A45D048DD558EE95A723758BC9FA3445A ft=1 fh=a193fe111385369b vn="MSIL/CoinMiner.OR Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Fm. Medved\AppData\Local\Temp\fxn4o3xm.hgs\dcore.exe.vir"
sh=533C5018FAD8A5A6891843FB55D245B142F146C7 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATL Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\3Gvk@YI.edu\content\bg.js.vir"
sh=CDAE8D26AB3DBC0759B17673D683329C0808E93E ft=0 fh=0000000000000000 vn="JS/Kryptik.ATL Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\AlVxq@2.net\content\bg.js.vir"
sh=713AE8BF6C4497EB181E9DDA4C28009A70BFF18D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATL Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\ByBcJl@9.com\content\bg.js.vir"
sh=C0DF9E9E8F4AAAB4D80ED05E70B8859FDFFA663D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATL Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\fa@EPiwoaew.org\content\bg.js.vir"
sh=C3AC35C01589461ECF98D4BF5865BC43D6C06A91 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATL Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\hti@xXD.com\content\bg.js.vir"
sh=75BD284DF9D007F5E3A92D6917CDDCCA9A9FF3BA ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\tj@Y.edu\content\bg.js.vir"
sh=8762DA323E1231E1F5D37E4FA1778ADC2D728877 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATL Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\TJbOjzNG@I.net\content\bg.js.vir"
sh=57111469EC99D664A22E58D3D3ABBCCDAA13D407 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\staged\vk2s7@Iy8.com\content\bg.js.vir"
sh=740982CE3B3E4BD08C1CBD5FC8CFEB982F1D4E05 ft=1 fh=af8c0585c052e303 vn="Win32/InstalleRex.T evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{A7F80DBD-08AB-A060-428B-40897C1B2F4B}\_Setupx.dll"
sh=8134EF1C44866DCF3A538A76F4892DC049C60B7F ft=1 fh=d87107af3175bb6b vn="Variante von Win32/InstallShare.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Fm. Medved\AppData\Local\InstallShare\2_20124_installer.exe"
sh=B7F46A72596EF76D0188A1DDDDFD6AF49D51CEB2 ft=1 fh=c71c0011df3c647f vn="Win32/RuKometa.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Fm. Medved\AppData\Local\SystemDir\nethost.exe"
sh=368B2F0724D8AE03DA66956146FB265A18FCBB9C ft=1 fh=c71c0011d7d6f150 vn="Variante von Win32/RuKometa.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Fm. Medved\AppData\Local\SystemDir\nethost_update.exe"
sh=372901459C8DBA73BC9F30AA0DA6FE888D2C58B5 ft=1 fh=b47df06b81f0ad8d vn="Win32/RuKometa.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Fm. Medved\AppData\Local\SystemDir\setsearchm.exe"
sh=C71914E340515A405A3BAAE60FDB1ED58B2F4140 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Fm. Medved\AppData\Roaming\AVG\Rescue\PC Tuneup 2011\120820161926670.rsc"
sh=C5C0561A9830BFC6710741F1ACA9FCCE8EB6B442 ft=1 fh=5376362a6375043f vn="Variante von MSIL/CoinMiner.EU Trojaner" ac=I fn="C:\Users\Fm. Medved\AppData\Roaming\PremiumCraft_slave\Mining.exe"
sh=694D2372E0C4E62C003F310224239515B38FEB80 ft=1 fh=a711631f8469636e vn="Win32/TicnoTab.AA evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Fm. Medved\AppData\Roaming\TicnoTemp\homepage.exe"
sh=17707C9EEE85BCFEC92BFCA5B70E4E02A556ECE2 ft=1 fh=42d0f061aaf82aab vn="Variante von Win32/Multibar.AC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Fm. Medved\AppData\Roaming\TicnoTemp\multibar_setup.exe"
sh=53F2F869FCA7CDB93CB934C37530ACDB8F7BC432 ft=1 fh=7bd36400078f5005 vn="MSIL/TrojanClicker.Agent.NFH Trojaner" ac=I fn="C:\Users\Fm. Medved\AppData\Roaming\TomTom\adobeupd.exe"
sh=BDE703910934FD991DB863C9B9B18108A287668C ft=1 fh=9fd2066a1d79a6b0 vn="Variante von MSIL/CoinMiner.PF Trojaner" ac=I fn="C:\Users\Fm. Medved\Downloads\Plants vs. Zombies Garden Warfare\Setup.exe"
sh=934F3E26A54C9BD77AE66786334D950EF3131CB2 ft=1 fh=5de458138c1d17cc vn="Variante von Win32/HideBaid.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\setup.exe"
sh=F26D9A5607DFC31B5B80B9355AF480F5795886CC ft=1 fh=2cd00d880cab13c4 vn="Win32/Adware.Toolbar.Webalta.BO Anwendung" ac=I fn="C:\Windows\assembly\GAC_MSIL\BandObjectLib\1.0.0.0__4b827ebe229d539f\BandObjectLib.dll"
sh=CCA3E254FECCAA98D24DEC59BCDCEC0873E0F574 ft=1 fh=9488151c8a252837 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
sh=3114EF6F5F87AB6D975A8A460F4582AE1CC13965 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\f2f010.msi"
sh=85E1FA7F171BD892AF8BEFC6F89FDD35566B5C67 ft=1 fh=138ef7aa60026bc9 vn="Variante von Win32/Amonetize.BR evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[1].exe"
sh=82E249017FE03A39752E2C746EEF1ADE63EA58FC ft=1 fh=138ef7aa38619f4f vn="Variante von Win32/Amonetize.BR evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[2].exe"
sh=F1770B7908770E3D5B914FE7F5BA21E689D90381 ft=1 fh=4fedb8f76c7c9c1b vn="Variante von Win32/Amonetize.BS evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[3].exe"
sh=7BB6A7C18F3DD0DED50F24A80DD1EB61EE270B19 ft=1 fh=4fedb8f7edd529b5 vn="Variante von Win32/Amonetize.BS evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[4].exe"
sh=7BB6A7C18F3DD0DED50F24A80DD1EB61EE270B19 ft=1 fh=4fedb8f7edd529b5 vn="Variante von Win32/Amonetize.BS evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[5].exe"
sh=14873DFDE7E15E28AD3924E97EF0050C0BAD3395 ft=1 fh=c457b41c7ea8a553 vn="Mehrere Bedrohungen" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[6].exe"
sh=7F3123F9486AB1DB721227C96D34C13AF7DC96BD ft=1 fh=1390f562c049107b vn="Variante von Win32/Wajam.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\wajam_update[1].exe"
sh=85E1FA7F171BD892AF8BEFC6F89FDD35566B5C67 ft=1 fh=138ef7aa60026bc9 vn="Variante von Win32/Amonetize.BR evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[1].exe"
sh=82E249017FE03A39752E2C746EEF1ADE63EA58FC ft=1 fh=138ef7aa38619f4f vn="Variante von Win32/Amonetize.BR evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[2].exe"
sh=F1770B7908770E3D5B914FE7F5BA21E689D90381 ft=1 fh=4fedb8f76c7c9c1b vn="Variante von Win32/Amonetize.BS evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[3].exe"
sh=7BB6A7C18F3DD0DED50F24A80DD1EB61EE270B19 ft=1 fh=4fedb8f7edd529b5 vn="Variante von Win32/Amonetize.BS evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[4].exe"
sh=7BB6A7C18F3DD0DED50F24A80DD1EB61EE270B19 ft=1 fh=4fedb8f7edd529b5 vn="Variante von Win32/Amonetize.BS evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[5].exe"
sh=14873DFDE7E15E28AD3924E97EF0050C0BAD3395 ft=1 fh=c457b41c7ea8a553 vn="Mehrere Bedrohungen" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[6].exe"
sh=7F3123F9486AB1DB721227C96D34C13AF7DC96BD ft=1 fh=1390f562c049107b vn="Variante von Win32/Wajam.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\wajam_update[1].exe"
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.96  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 31  
 Java version 32-bit out of Date! 
  Java 64-bit 8 Update 31  
 Adobe Flash Player 16.0.0.305  
 Adobe Reader 10.1.13 Adobe Reader out of Date!  
 Google Chrome (40.0.2214.91) 
 Google Chrome (40.0.2214.93) 
 Google Chrome (GoogleUpdate.dll..) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
Ich glaube der Bitcoin miner ist weg, die werbung und die tabs, die sich ständig öffnen sind noch immer da. danke


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
Ran by Fm. Medved (administrator) on FMMEDVED-PC on 25-02-2015 16:03:05
Running from C:\Users\Fm. Medved\Desktop
Loaded Profiles: Fm. Medved (Available profiles: Fm. Medved & UpdatusUser & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHJE.EXE
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-08-30] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Flash Player SU] => C:\Windows\System32\cmd.exe /k if %date:~6,4%%date:~3,2%%date:~0,2% LEQ 20130606 (exit) else (start hxxp://liketour.org/ && exit)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Run: [7bb57c0fd12a2022cd4bb9ea] => iexplore.exe
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2014-10-14] (Microsoft Corporation)
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Run: [mliznprdtc] => cmd /c start hxxp://foretuned.com/
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Run: [MaxDownload] => C:\Users\Fm. Medved\AppData\Roaming\MaxDownload\Updater.exe [308224 2014-10-13] ()
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
GroupPolicyUsers\S-1-5-21-347752443-2393636236-3195270278-1009\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-347752443-2393636236-3195270278-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-347752443-2393636236-3195270278-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = 
SearchScopes: HKLM-x32 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-347752443-2393636236-3195270278-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.134.0.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Fm. Medved\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.1.15602.22612\npSkypeWebPlugin64.dll (Skype)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.1.15602.22612\npSkypeWebPlugin.dll (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-347752443-2393636236-3195270278-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Fm. Medved\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-347752443-2393636236-3195270278-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Fm. Medved\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-347752443-2393636236-3195270278-1001: @talk.google.com/O1DPlugin -> C:\Users\Fm. Medved\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-347752443-2393636236-3195270278-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Fm. Medved\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-347752443-2393636236-3195270278-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Fm. Medved\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-347752443-2393636236-3195270278-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Fm. Medved\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-347752443-2393636236-3195270278-1001: ubisoft.com/uplaypc -> C:\Spiele\The.Settlers7.PtaK.Multi9-RU.Repack\INstall\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Users\Fm. Medved\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Fm. Medved\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKU\S-1-5-21-347752443-2393636236-3195270278-1001\...\Firefox\Extensions: [{8c9ee4c1-6fb6-4773-afd6-23f4398777ac}] - C:\Program Files (x86)\LyricsPal\130.xpi

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://2inf.net/?utm_source=startpage12
CHR StartupUrls: Default -> "https://www.google.ru/webhp?tab=ww&ei=sUHSVKe9OIG1U5b7gLgN&ved=0CAYQ1S4"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-02]
CHR Extension: (Design Something) - C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgeclailpjmobncndjbahebjhboblhno [2014-11-01]
CHR Extension: (AdBlock) - C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-06]
CHR Extension: (Learn Hebrew - Ma Kore) - C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiphfaggmjkobfelhkaddcoagngjogeg [2014-11-01]
CHR Extension: (Google Wallet) - C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Adblock Plus Chrome) - C:\Users\Fm. Medved\AppData\Local\Google\Chrome\User Data\Default\Extensions\omihghdlmaedmkipdikamnejbeecjcim [2014-11-01]
CHR HKU\S-1-5-21-347752443-2393636236-3195270278-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cifhijkiiikloafabeloklapclpjgpom] - C:\Users\Fm. Medved\AppData\Roaming\VkVideo\chrome.crx [2012-10-24]
CHR HKLM-x32\...\Chrome\Extension: [gdknicmnhbaajdglbinpahhapghpakch] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jedelkhanefmcnpappfhachbpnlhomai] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [mfhobjnbhogmcagcbgjlileeghfbbodm] - C:\ProgramData\ADDICT-THING\mfhobjnbhogmcagcbgjlileeghfbbodm.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pganlglbhgfjfgopijbhemcpbehjnpia] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [phfiheafjohhojemkgljhlhfpgdlpppa] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha6627\ch\TrustMediaViewerV1alpha6627.crx [Not Found]
StartMenuInternet: Google Chrome - C:\Users\Fm. Medved\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-02-14] (BitRaider, LLC)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174624 2015-02-02] (EasyAntiCheat Ltd)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-31] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-01-24] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2015-02-05] ()
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-02-14] (BitRaider)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2015-02-05] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-25] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [111808 2004-05-13] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed]
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-02-04] () [File not signed]
U3 armlhybf; C:\Windows\System32\Drivers\armlhybf.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-23 22:18 - 2015-02-23 22:18 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-02-23 22:17 - 2015-02-23 22:17 - 02347384 _____ (ESET) C:\Users\Fm. Medved\Desktop\esetsmartinstaller_deu.exe
2015-02-23 22:17 - 2015-02-23 22:17 - 00852594 _____ () C:\Users\Fm. Medved\Desktop\SecurityCheck.exe
2015-02-22 15:50 - 2015-02-25 16:02 - 00000000 ____D () C:\Users\Fm. Medved\Desktop\FRST-OlderVersion
2015-02-22 15:45 - 2015-02-22 15:45 - 00010151 _____ () C:\Users\Fm. Medved\Desktop\JRT.txt
2015-02-22 15:40 - 2015-02-22 15:40 - 00001337 _____ () C:\Users\Fm. Medved\Desktop\AdwCleaner[S2].txt
2015-02-22 15:25 - 2015-02-22 15:25 - 00002485 _____ () C:\Users\Fm. Medved\Desktop\22-02-2015.txt
2015-02-22 15:20 - 2015-02-22 15:20 - 01388274 _____ (Thisisu) C:\Users\Fm. Medved\Desktop\JRT.exe
2015-02-22 14:41 - 2015-02-22 14:41 - 02126848 _____ () C:\Users\Fm. Medved\Desktop\AdwCleaner_4.111.exe
2015-02-20 16:13 - 2015-02-20 16:13 - 00042114 _____ () C:\ComboFix.txt
2015-02-20 15:57 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-20 15:57 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-20 15:57 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-20 15:57 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-20 15:57 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-20 15:57 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-20 15:57 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-20 15:57 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-20 15:44 - 2015-02-20 16:13 - 00000000 ____D () C:\Qoobox
2015-02-20 15:43 - 2015-02-20 16:11 - 00000000 ____D () C:\Windows\erdnt
2015-02-20 15:40 - 2015-02-20 15:41 - 05611903 ____R (Swearware) C:\Users\Fm. Medved\Desktop\ComboFix.exe
2015-02-20 04:17 - 2015-02-20 04:19 - 00000023 _____ () C:\Users\Fm. Medved\jagexappletviewer.preferences
2015-02-20 04:17 - 2015-02-20 04:17 - 00000049 _____ () C:\Users\Fm. Medved\jagex_cl_runescape_LIVE.dat
2015-02-19 21:58 - 2015-02-20 04:17 - 00000000 ____D () C:\Users\Fm. Medved\jagexcache
2015-02-19 21:58 - 2015-02-19 21:58 - 00002118 _____ () C:\Users\Fm. Medved\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
2015-02-19 21:58 - 2015-02-19 21:58 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2015-02-19 16:03 - 2015-02-20 15:34 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-19 16:01 - 2015-02-19 18:51 - 00000000 ____D () C:\Users\Fm. Medved\Desktop\mbar
2015-02-19 15:55 - 2015-02-19 15:56 - 16466552 _____ (Malwarebytes Corp.) C:\Users\Fm. Medved\Desktop\mbar-1.08.3.1004.exe
2015-02-19 15:54 - 2015-02-19 15:55 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Fm. Medved\Desktop\tdsskiller.exe
2015-02-18 17:10 - 2015-02-18 17:21 - 00047729 _____ () C:\Users\Fm. Medved\Desktop\Addition.txt
2015-02-18 17:08 - 2015-02-25 16:03 - 00026464 _____ () C:\Users\Fm. Medved\Desktop\FRST.txt
2015-02-18 15:00 - 2015-02-18 15:00 - 00001119 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-02-18 15:00 - 2015-02-18 15:00 - 00001069 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-02-18 15:00 - 2015-02-18 15:00 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Canneverbe Limited
2015-02-18 15:00 - 2015-02-18 15:00 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2015-02-18 15:00 - 2015-02-18 15:00 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2015-02-17 13:56 - 2015-02-25 16:03 - 00000000 ____D () C:\FRST
2015-02-17 13:55 - 2015-02-25 16:02 - 02087936 _____ (Farbar) C:\Users\Fm. Medved\Desktop\FRST64.exe
2015-02-15 13:07 - 2015-02-15 13:11 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\.technic
2015-02-14 20:00 - 2015-02-14 20:00 - 00000000 ____D () C:\Users\Fm. Medved\Desktop\Das Lied von Eis & Feuer
2015-02-14 19:48 - 2015-02-14 20:02 - 00000000 ____D () C:\Users\Fm. Medved\Desktop\Knigy
2015-02-14 19:48 - 2015-02-14 19:48 - 00096768 _____ () C:\Users\Fm. Medved\Downloads\Буньян Джон. Путешествие пилигрима - royallib.com.fb2.zip
2015-02-14 13:37 - 2015-02-14 13:37 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\SWTOR
2015-02-14 12:43 - 2015-02-14 12:43 - 00000000 ____D () C:\Users\Public\Documents\BitRaider
2015-02-14 12:43 - 2015-02-14 12:43 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\SWTORPerf
2015-02-14 12:43 - 2015-02-14 12:43 - 00000000 ____D () C:\ProgramData\BitRaider
2015-02-14 12:40 - 2015-02-14 12:40 - 00015881 _____ () C:\Users\Fm. Medved\Documents\Install STAR WARS The Old Republic.log
2015-02-14 12:40 - 2015-02-14 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2015-02-14 12:04 - 2015-02-14 12:05 - 00003582 _____ () C:\Windows\System32\Tasks\WdfHG
2015-02-14 11:54 - 2015-02-14 12:05 - 00000000 ____D () C:\Program Files (x86)\Plants vs. Zombies Garden Warfare
2015-02-14 10:54 - 2015-02-14 10:54 - 00000097 _____ () C:\Users\Fm. Medved\Documents\Plants v.s Zombies Garden Warfare.rar
2015-02-14 10:10 - 2015-02-14 10:10 - 00000000 ____D () C:\Users\Fm. Medved\Downloads\The.Amazing.Spider-Man.2.Proper-RELOADED
2015-02-14 10:07 - 2015-02-14 10:07 - 00001951 _____ () C:\Users\UpdatusUser.FmMedved-PC\Desktop\MaxDownload.lnk
2015-02-14 10:07 - 2015-02-14 10:07 - 00001951 _____ () C:\Users\Gast.FmMedved-PC\Desktop\MaxDownload.lnk
2015-02-14 10:07 - 2015-02-14 10:07 - 00000000 ____D () C:\Users\Fm. Medved\Downloads\maxload
2015-02-14 10:07 - 2015-02-14 10:07 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MaxDownload
2015-02-14 10:07 - 2015-02-14 10:07 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\MaxDownload
2015-02-14 10:07 - 2015-02-14 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MaxDownload
2015-02-14 00:18 - 2015-02-14 00:18 - 00839110 _____ () C:\Users\Fm. Medved\Downloads\Толстой Лев. Анна Каренина - royallib.com.fb2.zip
2015-02-14 00:12 - 2015-02-14 00:12 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\calibre-cache
2015-02-14 00:10 - 2015-02-14 20:16 - 00000000 ____D () C:\Users\Fm. Medved\Documents\Calibre-Bibliothek
2015-02-14 00:10 - 2015-02-14 20:05 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\calibre
2015-02-14 00:09 - 2015-02-14 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2015-02-14 00:09 - 2015-02-14 00:10 - 00000000 ____D () C:\Program Files\Calibre2
2015-02-12 17:00 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 17:00 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 17:00 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 17:00 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 14:45 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 14:45 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 14:45 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 14:45 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 14:45 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 14:45 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 14:45 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 14:45 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 14:45 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 14:45 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 14:45 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 14:45 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 14:45 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 14:45 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 14:45 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 14:45 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 14:45 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 14:45 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:45 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 14:45 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:45 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:45 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 14:45 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 14:45 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 14:45 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 14:45 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:45 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 14:45 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 14:45 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 14:45 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 14:45 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 14:45 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 14:45 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 14:45 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 14:45 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 14:45 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 14:45 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 14:45 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 14:45 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 14:45 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 14:45 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 14:45 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 14:45 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 14:45 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 14:45 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 14:45 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 14:45 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 14:44 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:44 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 14:44 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 14:44 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 14:44 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 14:44 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 14:44 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 14:44 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 14:44 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 14:44 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 14:44 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 14:44 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 14:44 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 14:44 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 14:44 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 14:44 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 14:44 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 14:44 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 14:44 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:44 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:44 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 14:44 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 14:44 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 14:44 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 14:44 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:44 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 14:44 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 14:44 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 14:44 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:44 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 14:44 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 14:44 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 14:44 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 14:44 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 14:44 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 14:44 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 14:44 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 14:44 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 14:44 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 14:44 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 14:44 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 14:44 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 14:44 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 14:44 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:44 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 14:44 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 14:44 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 14:44 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 14:44 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 14:44 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 14:44 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 14:43 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:43 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 14:43 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 14:43 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 14:43 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:43 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:43 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 14:43 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 14:43 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 14:43 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-10 01:53 - 2015-02-25 16:02 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-10 01:53 - 2015-02-19 17:27 - 00097496 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-10 01:53 - 2015-02-10 01:53 - 00001066 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-10 01:53 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-10 01:52 - 2015-02-10 01:53 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-10 01:52 - 2015-02-10 01:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-10 01:52 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-10 01:29 - 2015-02-13 13:23 - 00000000 ____D () C:\Windows\pss
2015-02-10 01:02 - 2015-02-22 15:29 - 00000000 ____D () C:\AdwCleaner
2015-02-09 11:49 - 2015-02-09 11:49 - 00000687 _____ () C:\awh3BE7.tmp
2015-02-09 09:32 - 2015-02-09 09:32 - 00000687 _____ () C:\awh777F.tmp
2015-02-08 23:33 - 2015-02-09 01:28 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\ArmA 2 OA
2015-02-08 23:33 - 2015-02-08 23:35 - 00000000 ____D () C:\Users\Fm. Medved\Documents\ArmA 2
2015-02-08 18:12 - 2015-02-08 18:13 - 00000000 ____D () C:\Program Files (x86)\Team Liquid Streams
2015-02-08 14:13 - 2015-02-08 14:13 - 00000000 ____D () C:\Program Files (x86)\Click free Browsing
2015-02-08 09:56 - 2015-02-08 09:56 - 00000687 _____ () C:\awh8729.tmp
2015-02-08 09:47 - 2015-02-08 15:14 - 00000000 ____D () C:\Users\Fm. Medved\Downloads\Plants vs. Zombies Garden Warfare
2015-02-08 09:17 - 2015-02-08 09:17 - 00000687 _____ () C:\awh862F.tmp
2015-02-07 22:16 - 2015-02-07 22:16 - 00000687 _____ () C:\awhA85F.tmp
2015-02-07 11:26 - 2015-02-07 12:05 - 00000000 ____D () C:\Program Files (x86)\The Sims 3 Designer Edition
2015-02-07 10:13 - 2015-02-07 10:13 - 00000687 _____ () C:\awh52E.tmp
2015-02-06 18:50 - 2015-02-06 19:00 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\CyberGhost
2015-02-06 18:50 - 2015-02-06 18:50 - 00000000 ____D () C:\Program Files\TAP-Windows
2015-02-06 18:49 - 2015-02-07 12:24 - 00001897 _____ () C:\Users\Fm. Medved\Desktop\CyberGhost 5.lnk
2015-02-06 18:49 - 2015-02-06 18:50 - 00000000 ____D () C:\Program Files\CyberGhost 5
2015-02-06 18:49 - 2015-02-06 18:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
2015-02-06 16:20 - 2015-02-06 16:20 - 00002655 _____ () C:\Users\Public\Desktop\Assassin's Creed 4 - Черный Флаг.lnk
2015-02-06 16:20 - 2015-02-06 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed 4 - Черный Флаг
2015-02-06 15:55 - 2015-02-06 15:55 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\Setup Integrity Check
2015-02-06 12:58 - 2015-02-06 12:58 - 00000687 _____ () C:\awh1BE9.tmp
2015-02-05 20:47 - 2015-02-05 20:47 - 00000687 _____ () C:\awh7722.tmp
2015-02-05 20:37 - 2015-02-06 16:58 - 00000000 ____D () C:\Users\Fm. Medved\Documents\Assassin's Creed IV Black Flag
2015-02-05 14:17 - 2015-02-05 14:17 - 00001375 _____ () C:\Users\Fm. Medved\Desktop\Play Settlers 6 - Verknüpfung.lnk
2015-02-05 14:10 - 2015-02-05 14:10 - 00310984 _____ () C:\Windows\system32\Drivers\atksgt.sys
2015-02-05 14:10 - 2015-02-05 14:10 - 00042696 _____ () C:\Windows\system32\Drivers\lirsgt.sys
2015-02-05 11:17 - 2015-02-06 13:04 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\VoipConnect
2015-02-05 11:17 - 2015-02-05 11:17 - 00001191 _____ () C:\Users\Fm. Medved\Desktop\VoipConnect.lnk
2015-02-05 11:17 - 2015-02-05 11:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VoipConnect
2015-02-05 11:17 - 2015-02-05 11:17 - 00000000 ____D () C:\Program Files (x86)\VoipConnect.com
2015-02-05 11:13 - 2015-02-05 11:13 - 00000687 _____ () C:\awhB9FB.tmp
2015-02-05 04:54 - 2015-02-24 04:21 - 00000020 _____ () C:\Users\Fm. Medved\AppData\Roaming\appdataFr3.bin
2015-02-04 18:20 - 2015-02-04 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-02-04 18:17 - 2015-02-04 18:17 - 00000687 _____ () C:\awh32B3.tmp
2015-02-04 16:10 - 2015-02-04 16:10 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\VK Downloader
2015-02-04 15:44 - 2015-02-04 15:44 - 00000687 _____ () C:\awhEF4D.tmp
2015-02-04 15:34 - 2015-02-04 15:34 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\Вoйти в Интeрнет 2inf.net
2015-02-04 15:33 - 2015-02-13 14:21 - 00000000 ____D () C:\Program Files (x86)\VK Downloader
2015-02-04 15:26 - 2015-02-04 15:26 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\Поиcк в Интeрнете
2015-02-04 15:24 - 2015-02-23 21:29 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\SystemDir
2015-02-04 15:24 - 2015-02-04 15:29 - 00003516 _____ () C:\Windows\System32\Tasks\nethost task
2015-02-04 14:46 - 2015-02-04 14:46 - 00000000 ____D () C:\Users\Fm. Medved\Documents\LEGO Creations
2015-02-04 14:46 - 2015-02-04 14:46 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\LEGO Company
2015-02-04 14:45 - 2015-02-04 15:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Company
2015-02-04 14:37 - 2015-02-04 14:37 - 00000687 _____ () C:\awh74C1.tmp
2015-02-03 20:03 - 2015-02-03 20:03 - 00000000 ____D () C:\Users\Fm. Medved\Documents\DIE SIEDLER - Aufstieg eines Königreichs
2015-02-03 10:40 - 2015-02-03 10:40 - 00000687 _____ () C:\awhF056.tmp
2015-02-03 10:30 - 2015-02-03 10:30 - 00000687 _____ () C:\awhDC4A.tmp
2015-02-02 23:31 - 2015-02-02 23:31 - 00000687 _____ () C:\awhF9F7.tmp
2015-02-02 19:03 - 2015-02-02 19:03 - 00000222 _____ () C:\Users\Fm. Medved\Desktop\Rust.url
2015-02-02 13:57 - 2015-02-02 13:57 - 00000687 _____ () C:\awh5955.tmp
2015-02-02 01:19 - 2015-02-02 01:19 - 00000687 _____ () C:\awh8A83.tmp
2015-02-01 16:03 - 2015-02-06 16:58 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\Game Updater
2015-02-01 13:52 - 2015-02-01 13:52 - 00000687 _____ () C:\awh312D.tmp
2015-02-01 11:38 - 2015-02-01 11:38 - 00000687 _____ () C:\awh7B27.tmp
2015-01-31 21:08 - 2015-02-20 16:09 - 00000000 ____D () C:\Program Files (x86)\e8b81c09-4582-4567-aca3-7b6a8bedd113
2015-01-31 14:00 - 2015-01-31 14:00 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\QuickScan
2015-01-31 13:52 - 2015-02-01 13:52 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Seznam.cz
2015-01-30 19:38 - 2015-01-30 19:53 - 00000000 ____D () C:\Users\TEMP
2015-01-30 19:38 - 2013-01-31 09:00 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\TuneUp Software
2015-01-30 19:38 - 2012-05-28 11:07 - 00000000 ____D () C:\Users\TEMP\Documents\Visual Studio 2008
2015-01-30 19:38 - 2012-05-28 11:07 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Microsoft Help
2015-01-30 19:38 - 2011-10-14 04:54 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Macromedia
2015-01-30 19:38 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-30 19:38 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-30 08:45 - 2015-01-30 08:45 - 00000687 _____ () C:\awh5705.tmp
2015-01-29 14:20 - 2015-01-29 14:20 - 00000687 _____ () C:\awh3FFC.tmp
2015-01-28 10:00 - 2015-01-28 10:00 - 00000687 _____ () C:\awh6306.tmp
2015-01-27 09:19 - 2015-01-27 09:19 - 00000687 _____ () C:\awhD6AA.tmp
2015-01-26 23:55 - 2015-01-26 23:55 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Promotion Software GmbH
2015-01-26 23:03 - 2015-01-26 23:03 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\11bitstudios
2015-01-26 19:47 - 2015-01-26 19:47 - 00001395 _____ () C:\Users\Fm. Medved\Desktop\Construction Simulator 2015.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-25 15:56 - 2011-12-15 11:47 - 02094570 _____ () C:\Windows\WindowsUpdate.log
2015-02-25 15:45 - 2013-04-16 09:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-25 15:28 - 2012-07-03 19:17 - 00001140 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001UA.job
2015-02-25 15:18 - 2012-06-14 13:11 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-25 15:06 - 2012-08-08 18:50 - 00000948 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001UA.job
2015-02-25 01:33 - 2014-12-23 21:10 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-25 01:28 - 2012-07-03 19:17 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001Core.job
2015-02-25 00:00 - 2012-08-08 18:50 - 00000926 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-347752443-2393636236-3195270278-1001Core.job
2015-02-24 19:37 - 2013-12-11 20:41 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3A8A8C6A-E170-415F-84EB-4159B6166112}
2015-02-24 18:57 - 2015-01-20 11:55 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\.minecraft
2015-02-24 16:00 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-24 16:00 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-24 15:59 - 2012-02-04 20:13 - 00000000 ____D () C:\ProgramData\clear.fi
2015-02-24 15:58 - 2012-06-14 13:11 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-24 15:52 - 2012-03-19 11:07 - 00294769 _____ () C:\Windows\setupact.log
2015-02-24 15:52 - 2012-02-23 00:13 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-02-24 15:52 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-23 21:44 - 2012-02-05 12:35 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Skype
2015-02-23 05:51 - 2012-02-06 19:52 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\uTorrent
2015-02-23 05:05 - 2014-11-01 12:25 - 00000679 _____ () C:\Users\Fm. Medved\Desktop\Serialy.txt
2015-02-22 15:29 - 2012-04-28 20:44 - 00393736 _____ () C:\Windows\PFRO.log
2015-02-22 15:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-02-22 04:16 - 2012-10-28 16:29 - 00000000 ____D () C:\Users\Fm. Medved\Desktop\Alles
2015-02-21 14:52 - 2014-12-20 19:38 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-21 14:52 - 2011-10-14 04:30 - 00000000 ____D () C:\ProgramData\Skype
2015-02-21 11:53 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-20 16:09 - 2012-10-28 16:33 - 00000000 ____D () C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint
2015-02-20 16:09 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-02-20 04:17 - 2012-03-30 20:14 - 00000000 ____D () C:\Windows\.jagex_cache_32
2015-02-20 04:17 - 2012-02-04 19:54 - 00000000 ____D () C:\Users\Fm. Medved
2015-02-20 00:39 - 2014-12-09 13:08 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\Steam
2015-02-19 18:52 - 2011-10-14 04:42 - 00000000 ____D () C:\Windows\tr
2015-02-19 00:04 - 2012-11-14 11:55 - 00007605 _____ () C:\Users\Fm. Medved\AppData\Local\Resmon.ResmonCfg
2015-02-18 21:21 - 2014-12-26 22:49 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2015-02-18 19:38 - 2013-01-02 15:09 - 00000000 ____D () C:\ProgramData\Origin
2015-02-18 19:31 - 2013-01-02 15:08 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-18 14:30 - 2011-10-14 04:48 - 00000000 ____D () C:\ProgramData\Adobe
2015-02-17 16:31 - 2012-02-04 20:39 - 00000000 ___RD () C:\Spiele
2015-02-17 01:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\schemas
2015-02-17 01:02 - 2014-06-20 10:08 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-17 01:02 - 2013-10-19 22:15 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-17 00:59 - 2014-07-19 12:51 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-02-17 00:59 - 2014-07-19 12:51 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-02-17 00:59 - 2014-07-19 12:51 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-02-17 00:59 - 2014-07-19 12:51 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-16 22:12 - 2012-08-31 19:04 - 778444645 _____ () C:\Windows\MEMORY.DMP
2015-02-16 22:12 - 2012-08-31 19:04 - 00000000 ____D () C:\Windows\Minidump
2015-02-16 03:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-02-15 10:58 - 2014-10-25 01:42 - 00000000 ____D () C:\Users\Fm. Medved\Documents\Outlook-Dateien
2015-02-15 02:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-14 19:30 - 2011-12-15 20:39 - 00703214 _____ () C:\Windows\system32\perfh007.dat
2015-02-14 19:30 - 2011-12-15 20:39 - 00150822 _____ () C:\Windows\system32\perfc007.dat
2015-02-14 19:30 - 2009-07-14 06:13 - 01629436 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-14 12:40 - 2012-03-12 18:39 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2015-02-14 12:40 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-14 12:33 - 2013-01-02 15:35 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Origin
2015-02-13 14:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2015-02-12 20:57 - 2013-08-26 18:18 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\TS3Client
2015-02-12 16:49 - 2009-07-14 05:45 - 03056376 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 16:47 - 2014-12-17 13:33 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 16:47 - 2014-05-07 03:46 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 02:35 - 2013-04-23 22:30 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-12 02:33 - 2012-05-26 22:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-12 02:33 - 2009-07-14 03:34 - 00000510 _____ () C:\Windows\win.ini
2015-02-12 02:29 - 2014-10-20 02:26 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-02-12 02:29 - 2014-10-20 02:25 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-12 02:28 - 2014-10-20 02:24 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-12 02:28 - 2014-10-20 02:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-12 02:28 - 2013-07-18 22:26 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 02:22 - 2012-02-13 21:38 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-11 20:44 - 2014-06-30 16:46 - 00215128 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-11 20:44 - 2012-02-05 21:03 - 00215128 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-02-11 20:38 - 2012-02-05 20:48 - 00282296 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-02-10 17:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-10 02:51 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2015-02-10 02:49 - 2014-10-10 23:47 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\9181
2015-02-10 02:49 - 2014-09-23 08:23 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\12260
2015-02-10 02:49 - 2012-09-06 06:33 - 00000000 ____D () C:\Program Files\14
2015-02-10 02:49 - 2012-05-31 14:34 - 00000000 ____D () C:\ProgramData\InstallMate
2015-02-10 02:06 - 2012-05-30 20:33 - 00000000 ___RD () C:\Bogdan
2015-02-10 02:04 - 2014-04-01 18:07 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\NVIDIA Corporation
2015-02-10 02:04 - 2013-10-05 13:33 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-02-10 02:04 - 2013-05-27 22:23 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\NVIDIA
2015-02-10 02:04 - 2011-12-15 11:52 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-02-10 02:04 - 2011-12-15 11:52 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-02-10 01:18 - 2014-11-13 01:26 - 00002998 _____ () C:\Windows\System32\Tasks\AdobeFlashPlayer-S-2-1-24-198293847112UI
2015-02-10 01:05 - 2012-02-05 12:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-09 21:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-09 05:45 - 2013-04-16 09:54 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-09 05:45 - 2012-05-24 01:42 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-09 05:45 - 2011-10-14 04:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-08 18:14 - 2012-03-16 07:20 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-02-07 12:05 - 2014-06-25 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 3 Designer Edition
2015-02-07 11:26 - 2012-04-07 20:30 - 00000000 ____D () C:\Users\Fm. Medved\Documents\Electronic Arts
2015-02-07 11:11 - 2014-03-02 08:00 - 00000813 _____ () C:\Users\Fm. Medved\AppData\Roaming\tlauncher.rmo.cfg
2015-02-07 06:28 - 2012-02-06 19:05 - 00000000 ___RD () C:\Nikita
2015-02-07 06:20 - 2015-01-02 02:27 - 00000000 ____D () C:\Users\Fm. Medved\Downloads\New Music niko
2015-02-06 19:00 - 2012-02-04 19:54 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\VirtualStore
2015-02-05 20:37 - 2014-06-30 17:20 - 00000000 ____D () C:\ProgramData\Orbit
2015-02-05 14:11 - 2012-04-08 10:24 - 00340271 _____ () C:\Windows\DirectX.log
2015-02-05 14:01 - 2011-10-14 04:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-04 16:12 - 2014-06-01 13:27 - 00000000 ____D () C:\Users\Fm. Medved\Desktop\The Sims 3
2015-02-04 15:30 - 2014-06-13 13:06 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\Amigo
2015-02-04 15:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-02-02 23:50 - 2012-07-03 19:28 - 00002388 _____ () C:\Users\Fm. Medved\Desktop\Google Chronm9.lnk
2015-02-02 19:04 - 2014-06-19 13:26 - 00174624 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2015-02-02 14:22 - 2013-08-26 18:17 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Local\TeamSpeak 3 Client
2015-01-31 21:04 - 2012-02-07 13:46 - 00000000 ____D () C:\Users\Fm. Medved\Documents\My Games
2015-01-30 14:29 - 2012-05-27 19:21 - 00000000 ____D () C:\Users\Fm. Medved\AppData\Roaming\Mozilla
2015-01-26 12:05 - 2013-03-18 19:08 - 00000000 ____D () C:\Program Files (x86)\Origin Games

==================== Files in the root of some directories =======

2012-04-30 21:18 - 2011-07-23 17:29 - 9591104 _____ (DT Soft Ltd.) C:\Program Files\DTLite [Bigtorrents.org].exe
2015-02-05 04:54 - 2015-02-24 04:21 - 0000020 _____ () C:\Users\Fm. Medved\AppData\Roaming\appdataFr3.bin
2012-07-06 14:19 - 2012-07-22 00:18 - 1203065 _____ () C:\Users\Fm. Medved\AppData\Roaming\haha
2013-07-10 15:22 - 2010-01-07 14:35 - 1007616 _____ (Huawei Technologies Co., Ltd.) C:\Users\Fm. Medved\AppData\Roaming\LiveUpdate.exe
2013-07-10 15:22 - 2013-07-09 23:59 - 0000713 _____ () C:\Users\Fm. Medved\AppData\Roaming\LiveUpdate.ini
2013-07-10 15:22 - 2008-10-11 09:39 - 0927504 _____ (Microsoft Corporation) C:\Users\Fm. Medved\AppData\Roaming\mfc40u.dll
2013-07-10 15:22 - 2006-12-28 04:34 - 1060864 _____ (Microsoft Corporation) C:\Users\Fm. Medved\AppData\Roaming\mfc71.dll
2013-07-10 15:22 - 2006-12-28 04:34 - 1047552 _____ (Microsoft Corporation) C:\Users\Fm. Medved\AppData\Roaming\MFC71u.dll
2013-07-10 15:22 - 2005-08-10 08:19 - 0401462 _____ (Microsoft Corporation) C:\Users\Fm. Medved\AppData\Roaming\msvcp60.dll
2013-07-10 15:22 - 2006-12-28 04:34 - 0499712 _____ (Microsoft Corporation) C:\Users\Fm. Medved\AppData\Roaming\msvcp71.dll
2013-07-10 15:22 - 2006-12-28 04:34 - 0348160 _____ (Microsoft Corporation) C:\Users\Fm. Medved\AppData\Roaming\msvcr71.dll
2013-07-06 13:36 - 2013-07-06 19:43 - 0078872 _____ () C:\Users\Fm. Medved\AppData\Roaming\svhost
2014-03-01 12:48 - 2015-01-20 11:19 - 0041984 ___SH () C:\Users\Fm. Medved\AppData\Roaming\Thumbs.db
2014-03-02 08:00 - 2015-02-07 11:11 - 0000813 _____ () C:\Users\Fm. Medved\AppData\Roaming\tlauncher.rmo.cfg
2013-07-10 15:22 - 2009-12-31 14:10 - 0151552 _____ (Huawei Technologies Co., Ltd.) C:\Users\Fm. Medved\AppData\Roaming\XMessageBox.dll
2014-03-20 02:35 - 2014-06-17 12:05 - 0013312 _____ () C:\Users\Fm. Medved\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-11-14 11:55 - 2015-02-19 00:04 - 0007605 _____ () C:\Users\Fm. Medved\AppData\Local\Resmon.ResmonCfg
2011-12-15 12:13 - 2011-12-15 12:15 - 0015230 _____ () C:\ProgramData\ArcadeDeluxe5.log

Files to move or delete:
====================
C:\Users\Fm. Medved\jagex_cl_runescape_LIVE.dat


Some content of TEMP:
====================
C:\Users\Fm. Medved\AppData\Local\Temp\Quarantine.exe
C:\Users\Fm. Medved\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-23 05:24

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Mir ist auch gerade aufgefallen das sich neue Erweiterungen im Hintergrund auf mein Google Chrome installieren.

Antwort
Seite 1 von 2 1 2

Themen zu Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.
automatisch, coinminer, datei, entdeck, entdeckt, folge, folgende, geändert, google, java, java update, löschen, malware, neue, neue tabs mit werbung, ordner, programme, scan, scannen, tabs mit werbung, tabs werbung browser öffnet unaufgefordert, trojan.bitcoinminer, trojaner, trotz, update, verlauf, virus, website, werbung, werbung auf jeder internetseite, öffnen


« Nach VLC Player Instalation, habe ich startseite.de und SM.de | Windows 8: Es tauchen stets Programme auf die ich nicht kenne (Windows installer usw.) »


Ähnliche Themen: Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.


  1. Firefox lädt ständig - ununterbrochen neu/Werbung/neue Tabs/neue Fenster
    Log-Analyse und Auswertung - 28.10.2015 (11)
  2. Mozilla Firefox öffnet ständig Werbung und neue Tabs mit Werbung
    Log-Analyse und Auswertung - 21.07.2015 (10)
  3. Chrome öffnet automatisch neue Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 13.05.2015 (29)
  4. Google Chrome viel werbung und Neue Tabs werden mit Malware geöfnet
    Log-Analyse und Auswertung - 14.01.2015 (19)
  5. Ständige Werbung trotz AdBlock, ungewünschte Programme auf dem Laptop, Werbungsseiten werden geöffnet
    Plagegeister aller Art und deren Bekämpfung - 12.01.2015 (25)
  6. Ständige Werbung trotz AdBlock, Inernet Explorer springt Werbungsseiten werden geöffnet, filepony kann nicht
    Log-Analyse und Auswertung - 10.01.2015 (23)
  7. Ständige Werbung trotz AdBlock, ungewünschte Programme auf dem Laptop, Werbungsseiten werden geöffnet
    Plagegeister aller Art und deren Bekämpfung - 08.01.2015 (13)
  8. Pc langsam, überall Werbung, neue Fenster mit Werbung, Adblocker verschlimmerte alles
    Plagegeister aller Art und deren Bekämpfung - 14.11.2014 (3)
  9. Windows 7: Internet Explorer startet automatisch Werbung/ Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 27.07.2014 (7)
  10. Es kommt ständig Werbung und es werden ständig neue Seiten geöffnet
    Plagegeister aller Art und deren Bekämpfung - 29.06.2014 (16)
  11. Windows 7: Webseiten werden auf Werbung umgeleitet, dauernd neue Tabs und Seiten ohne das ich was mache
    Log-Analyse und Auswertung - 24.06.2014 (35)
  12. grün unterstrichene Wörter + Werbung trotz Adblocker
    Plagegeister aller Art und deren Bekämpfung - 26.05.2014 (17)
  13. Ständige Pop-Ups trotz AdBlocker / Unerwünschte Werbung
    Plagegeister aller Art und deren Bekämpfung - 10.05.2014 (16)
  14. Firefox öffnet automatisch neue Tabs mit Werbung
    Log-Analyse und Auswertung - 28.02.2014 (11)
  15. massive werbung trotz adblocker und wahllose verlinkungen auf wörtern
    Log-Analyse und Auswertung - 23.02.2014 (5)
  16. Windows 7: Firefox öffnet automatisch neue Tabs mit Werbung
    Log-Analyse und Auswertung - 05.02.2014 (7)
  17. Firefox öffnet automatisch neue Tabs (Werbung) NIS meldet sich auch
    Log-Analyse und Auswertung - 30.04.2010 (9)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr. - Hallo, ich habe seit einem Monat ein Problem. Wie im Titel geschrieben habe ich eine Menge an Trojaner, Malware und Adware. Ich habe versucht das Problem zu lösen, normalerweise erledige - Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr....
Archiv
Du betrachtest: Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131