Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Trojaner "Tencent"?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 07.06.2015, 16:15   #1
81Dobermann
 
Trojaner "Tencent"? - Standard

Trojaner "Tencent"?



hallo,

alle zusammen ich bin neu hier habe keine Ahnung von dem was ihr alle hier schreibt aber ich brauche eure Hilfe.

i
Ich glaube ich habe einen miesen Trojaner der heißt "Tencent"
ich kann den nicht Deinstallieren und auch nicht entfernen,mir wird der Zugang zu der Datei durch den"Ersteller-Besitzer" Zugang verwehrt!hab schon alles versucht,sogar die Freigabe wollte ich ändern aber er lässt es nicht zu, was kann ich machen bzw wie werde ich den los?
was braucht ihr von mir noch an Daten damit ich euch helfen kann um mir zu helfen?
die Datei versteckt sich bei mir unter C:--> Programme(x86)-->Tencent,es handelt sich bei mir um ein Windows 7 ,64 Bit System ich arbeite mit Chrome und benutze Kaspersky als Anti Virus Programm

Lg

Alt 07.06.2015, 16:29   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Trojaner "Tencent"? - Standard

Trojaner "Tencent"?





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.



Los geht's:

Schritt 1


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 07.06.2015, 16:40   #3
81Dobermann
 
Trojaner "Tencent"? - Standard

Trojaner "Tencent"?



Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-06-2015
Ran by Tomek (administrator) on TOMEK-PC on 07-06-2015 17:35:50
Running from D:\downloades
Loaded Profiles: Tomek (Available Profiles: Tomek)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCRTP.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve Corporation) D:\Games\Steam\Steam.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILFE.EXE
(Electronic Arts) D:\Games\Origin\Origin.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILFE.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Logitech(c)) C:\Program Files (x86)\Logitech\G35\G35.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Valve Corporation) D:\Games\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-05-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [mbot_de_292] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-15] (Raptr, Inc)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Logitech G35] => C:\Program Files (x86)\Logitech\G35\G35.exe [1811800 2010-10-05] (Logitech(c))
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCTray.exe [355296 2015-06-05] (Tencent)
HKU\S-1-5-21-2967830349-2458404097-1864745776-1000\...\Run: [Steam] => D:\Games\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-2967830349-2458404097-1864745776-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2967830349-2458404097-1864745776-1000\...\Run: [EADM] => D:\Games\Origin\Origin.exe [3632472 2015-05-30] (Electronic Arts)
HKU\S-1-5-21-2967830349-2458404097-1864745776-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2967830349-2458404097-1864745776-1000\...\MountPoints2: {56a85494-f218-11e3-bb6e-806e6f6e6963} - F:\Run.exe
HKU\S-1-5-21-2967830349-2458404097-1864745776-1000\...\MountPoints2: {da7f5c52-f21d-11e3-8589-806e6f6e6963} - F:\SETUP.EXE
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QMGCShellExt64.dll [2015-06-05] (Tencent)
BootExecute: autocheck autochk * bootdelete

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2967830349-2458404097-1864745776-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:52552;https=127.0.0.1:52552
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.omiga-plus.com/?type=hp&ts=1416518293&from=air&uid=ADATAXSP900_2E2120001917
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1416518293&from=air&uid=ADATAXSP900_2E2120001917&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1416518293&from=air&uid=ADATAXSP900_2E2120001917
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1416518293&from=air&uid=ADATAXSP900_2E2120001917&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites03_14_29_ch&cd=2XzuyEtN2Y1L1QzuyByE0DyEtAyDzzzztB0EtAzyzzyC0A0CtN0D0Tzu0SzytAtCtN1L2XzutBtFtBtCtFtCyEtFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0F0C0AtBtAtA0AtGyByD0EzytGyE0DtCtAtG0CyB0D0EtGyC0CyEzytC0FyDzztBzz0B0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyE0DyDyEzyyE0AtGyCtDzytCtG0DzyyCtDtG0C0EtAzztGtAzzyB0DtBtAtAtDyB0CtAyE2Q&cr=586408327&ir=
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2967830349-2458404097-1864745776-1000 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKU\S-1-5-21-2967830349-2458404097-1864745776-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-06-12] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-20] (Kaspersky Lab ZAO)
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\TSWebMon64.dat No File
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-06-12] (Kaspersky Lab ZAO)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-06-12] (Kaspersky Lab ZAO)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-06-12] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-20] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-06-12] (Kaspersky Lab ZAO)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-06-12] (Kaspersky Lab ZAO)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{3648858D-C717-4E2D-A474-A7DC404E237C}: [NameServer] 31.168.224.100,5.135.12.56
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-21] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-21] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\npQMExtensionsMozilla.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-06-12]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-06-12]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-06-12]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-06-12]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-06-12]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-09-10]

Chrome: 
=======
CHR Profile: C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-20]
CHR Extension: (Google Drive) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-20]
CHR Extension: (YouTube) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-20]
CHR Extension: (Google Search) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-20]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-11-20]
CHR Extension: (Google Sheets) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-20]
CHR Extension: (Safe Money) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-11-20]
CHR Extension: (Dangerous Websites Blocker) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-11-20]
CHR Extension: (Virtual Keyboard) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-11-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Google Wallet) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-20]
CHR Extension: (Vosteran New Tab) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce [2015-01-22]
CHR Extension: (Gmail) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-20]
CHR Extension: (Anti-Banner) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-11-20]
CHR Profile: C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-21]
CHR Extension: (Google Docs) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-21]
CHR Extension: (Google Drive) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-21]
CHR Extension: (YouTube) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-21]
CHR Extension: (Google Search) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-21]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2015-04-21]
CHR Extension: (Google Sheets) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-21]
CHR Extension: (AdBlock) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-06]
CHR Extension: (Bookmark Manager) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-24]
CHR Extension: (Safe Money) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hakdifolhalapjijoafobooafbilfakh [2015-04-21]
CHR Extension: (Dangerous Websites Blocker) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2015-04-21]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-21]
CHR Extension: (Google Wallet) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-21]
CHR Extension: (Gmail) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-21]
CHR Extension: (Anti-Banner) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2015-04-21]
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2967830349-2458404097-1864745776-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2967830349-2458404097-1864745776-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [116224 2014-11-20] (Advanced Micro Devices) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [1997168 2015-05-30] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-03-03] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-03-16] ()
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCRtp.exe [297608 2015-06-05] (Tencent)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 TAOFrame; "C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\TAOFrame.exe" [X]
S2 ZAPrivacyService; "C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [294600 2014-11-21] (Advanced Micro Devices)
R3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-06-07] ()
S0 hitmanpro37duringboot; C:\Windows\System32\drivers\hitmanpro37.sys [43664 2015-06-07] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-06-12] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-06-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-06-12] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-06-12] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-06-12] (Kaspersky Lab ZAO)
R3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
R3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R2 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [99640 2015-06-05] (Tencent)
R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [174392 2015-06-05] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-06-05] (电脑管家)
S3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [38200 2015-06-05] (电脑管家)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QMUdisk64.sys [X]
S2 QQSysMonX64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQSysMonX64.sys [X]
S3 TS888x64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\TS888x64.sys [X]
S1 TSCPM; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\tscpm64.sys [X]
S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\TsDefenseBT64.sys [X]
S1 wpnfd_1_10_0_2; system32\drivers\wpnfd_1_10_0_2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 17:34 - 2015-06-07 17:33 - 02108928 _____ (Farbar) C:\Users\Tomek\Desktop\FRST64.exe
2015-06-07 17:33 - 2015-06-07 17:35 - 00000000 ____D C:\FRST
2015-06-07 16:47 - 2015-06-07 16:53 - 00001585 _____ C:\Users\Tomek\Desktop\Fixlist.txt
2015-06-07 16:38 - 2015-06-07 16:38 - 00043664 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2015-06-07 16:36 - 2015-06-07 16:36 - 00232822 _____ C:\Windows\system32\.crusader
2015-06-07 16:33 - 2015-06-07 16:33 - 00000000 ____D C:\Program Files\HitmanPro
2015-06-07 16:32 - 2015-06-07 16:37 - 00000000 ____D C:\ProgramData\HitmanPro
2015-06-05 12:05 - 2015-06-05 12:08 - 00000000 ____D C:\Program Files (x86)\MiniGet
2015-06-05 12:05 - 2015-06-05 12:05 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\MiniGet
2015-06-05 12:03 - 2015-06-05 12:03 - 00003468 _____ C:\Windows\System32\Tasks\avabvbyvyc
2015-06-05 10:41 - 2015-06-05 10:41 - 00000207 _____ C:\Windows\tweaking.com-regbackup-TOMEK-PC-Windows-7-Professional-(64-bit).dat
2015-06-05 10:41 - 2015-06-05 10:41 - 00000000 ____D C:\RegBackup
2015-06-05 09:44 - 2015-06-05 09:44 - 00007600 _____ C:\Users\Tomek\AppData\Local\Resmon.ResmonCfg
2015-06-05 09:22 - 2015-06-05 10:01 - 00028984 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
2015-06-05 09:16 - 2015-06-07 16:36 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\03D40274-1433488586-0588-2E06-390700080009
2015-06-05 09:16 - 2015-06-05 09:16 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\inminet
2015-06-05 09:16 - 2015-06-05 09:16 - 00000000 ____D C:\Program Files (x86)\MyPCBU
2015-06-05 09:11 - 2015-06-05 09:11 - 00000000 ____D C:\ProgramData\TXQMPC
2015-06-05 08:56 - 2015-06-05 10:43 - 00000000 ____D C:\ProgramData\Tencent
2015-06-05 08:56 - 2015-06-05 10:00 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\Tencent
2015-06-05 08:56 - 2015-06-05 08:56 - 00174392 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel64.sys
2015-06-05 08:56 - 2015-06-05 08:56 - 00099640 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys
2015-06-05 08:56 - 2015-06-05 08:56 - 00087864 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2015-06-05 08:56 - 2015-06-05 08:56 - 00038200 _____ (电脑管家) C:\Windows\system32\Drivers\TSSKX64.sys
2015-06-05 08:56 - 2015-06-05 08:56 - 00000000 ____D C:\Program Files\Common Files\Tencent
2015-06-05 08:56 - 2015-06-05 08:56 - 00000000 ____D C:\Program Files (x86)\Tencent
2015-06-05 08:55 - 2015-06-05 08:55 - 00000000 ____D C:\ProgramData\Rising
2015-06-05 08:53 - 2015-06-05 12:09 - 00000000 ____D C:\ProgramData\EpsanDrive
2015-06-05 08:52 - 2015-06-05 08:52 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\WinRAR
2015-06-05 08:51 - 2015-06-05 08:51 - 00001001 _____ C:\Users\Tomek\Desktop\WinRAR.lnk
2015-06-05 08:51 - 2015-06-05 08:51 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-05 08:51 - 2015-06-05 08:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-05 08:51 - 2015-06-05 08:51 - 00000000 ____D C:\Program Files\WinRAR
2015-06-05 08:45 - 2015-06-05 08:45 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-06-05 08:45 - 2015-06-05 08:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-06-05 08:45 - 2015-06-05 08:45 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-06-05 08:45 - 2015-06-05 08:45 - 00000000 ____D C:\Program Files\iTunes
2015-06-05 08:45 - 2015-06-05 08:45 - 00000000 ____D C:\Program Files\iPod
2015-06-05 08:45 - 2015-06-05 08:45 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-05-21 16:16 - 2015-06-07 16:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-21 16:16 - 2015-05-21 16:16 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-21 16:16 - 2015-05-21 16:16 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-21 16:16 - 2015-05-21 16:16 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-21 16:16 - 2015-05-21 16:16 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-05-21 16:16 - 2015-05-21 16:16 - 00000000 ____D C:\Windows\system32\Macromed
2015-05-14 18:37 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 18:37 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 16:26 - 2015-05-14 18:03 - 00000000 ____D C:\Users\Tomek\AppData\Local\Battle.net
2015-05-14 16:26 - 2015-05-14 16:27 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\Battle.net
2015-05-14 16:26 - 2015-05-14 16:27 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-05-14 16:26 - 2015-05-14 16:26 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\AMD
2015-05-14 16:26 - 2015-05-14 16:26 - 00000000 ____D C:\Users\Tomek\AppData\Local\Blizzard Entertainment
2015-05-14 16:25 - 2015-05-14 16:25 - 03184696 _____ (Blizzard Entertainment) C:\Users\Tomek\Downloads\StarCraft-II-Setup-deDE.exe
2015-05-14 16:25 - 2015-05-14 16:25 - 00000000 ____D C:\ProgramData\Battle.net
2015-05-14 15:44 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-14 15:44 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-14 15:44 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-14 15:44 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-14 15:44 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-14 15:44 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-14 15:44 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-14 15:44 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-14 15:44 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-14 15:44 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-14 15:44 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-14 15:44 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-14 15:44 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-14 15:44 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-14 15:44 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-14 15:44 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-14 15:44 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-14 15:44 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-14 15:44 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-14 15:44 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-14 15:44 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-14 15:44 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-14 15:44 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-14 15:44 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-14 15:44 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-14 15:44 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-14 15:44 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-14 15:44 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-14 15:44 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-14 15:44 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-14 15:44 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-14 15:44 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-14 15:44 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-14 15:44 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-14 15:44 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-14 15:44 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-14 15:44 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-14 15:44 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-14 15:44 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-14 15:44 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-14 15:44 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-14 15:44 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-14 15:44 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-14 15:44 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-14 15:44 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-14 15:44 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-14 15:44 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-14 15:44 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-14 15:44 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-14 15:44 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-14 15:44 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-14 15:44 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-14 15:44 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-14 15:44 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-14 15:44 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-14 15:44 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-14 15:44 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-14 15:44 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-14 15:44 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-14 15:44 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-14 15:44 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-14 15:44 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-14 15:44 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-14 15:44 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-14 15:44 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-14 15:44 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-14 15:44 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-14 15:44 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-14 15:44 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-14 15:44 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-14 15:44 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-14 15:44 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-14 15:44 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-14 15:44 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-14 15:44 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-14 15:44 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-14 15:44 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-14 15:44 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-14 15:44 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-14 15:44 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-14 15:44 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-14 15:44 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-14 15:44 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-14 15:44 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-14 15:44 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-14 15:44 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-14 15:44 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-14 15:44 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-14 15:44 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-14 15:44 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-14 15:44 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-14 15:44 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-14 15:44 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-14 15:44 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-14 15:44 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-14 15:44 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-14 15:44 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-14 15:44 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-14 15:44 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-14 15:44 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-14 15:44 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-14 15:44 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-14 15:44 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-14 15:44 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-14 15:44 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-14 15:44 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-14 15:44 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-14 15:44 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-14 15:44 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-14 15:44 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-14 15:44 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-14 15:44 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-14 15:44 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-14 15:44 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-14 15:44 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-14 15:44 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-14 15:44 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-14 15:44 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-14 15:44 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-14 15:44 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-14 15:44 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-14 15:44 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-14 15:44 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-14 15:44 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-14 15:44 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-14 15:44 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-14 15:44 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-14 15:44 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-14 15:44 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 14:33 - 2015-05-12 14:33 - 00002102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-05-12 14:33 - 2015-05-12 14:33 - 00002090 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2015-05-12 14:33 - 2015-05-12 14:33 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\Thunderbird
2015-05-12 14:33 - 2015-05-12 14:33 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\Mozilla
2015-05-12 14:33 - 2015-05-12 14:33 - 00000000 ____D C:\Users\Tomek\AppData\Local\Thunderbird
2015-05-12 14:33 - 2015-05-12 14:33 - 00000000 ____D C:\ProgramData\Mozilla
2015-05-12 14:33 - 2015-05-12 14:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-05-12 14:33 - 2015-05-12 14:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-12 14:32 - 2015-05-12 14:32 - 01203488 _____ C:\Users\Tomek\Downloads\Thunderbird - CHIP-Installer.exe
2015-05-11 17:53 - 2015-05-11 17:53 - 50629792 _____ (Adobe Systems Incorporated) C:\Users\Tomek\Downloads\AcroRdrDC1500720033_de_DE.exe
2015-05-11 17:53 - 2015-05-11 17:53 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-05-11 17:53 - 2015-05-11 17:53 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-05-11 17:53 - 2015-05-11 17:53 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-05-11 17:42 - 2015-05-11 17:42 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-05-11 17:42 - 2015-05-11 17:42 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\OpenOffice
2015-05-11 17:41 - 2015-05-11 17:42 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-05-11 17:41 - 2015-05-11 17:41 - 00000000 ____D C:\Users\Tomek\Desktop\OpenOffice 4.1.1 (de) Installation Files
2015-05-11 17:41 - 2015-05-11 17:41 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2015-05-11 17:39 - 2015-05-11 17:39 - 01203488 _____ C:\Users\Tomek\Downloads\OpenOffice - CHIP-Installer.exe
2015-05-11 16:56 - 2015-06-07 16:56 - 00000911 _____ C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {92216CAB-CF59-4199-BE27-85C5C96C72A6}.job
2015-05-11 16:56 - 2015-06-07 16:56 - 00000725 _____ C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {92216CAB-CF59-4199-BE27-85C5C96C72A6}.job
2015-05-11 16:56 - 2015-05-11 16:56 - 00003978 _____ C:\Windows\System32\Tasks\EPSON XP-312 313 315 Series Update {92216CAB-CF59-4199-BE27-85C5C96C72A6}
2015-05-11 16:56 - 2015-05-11 16:56 - 00003792 _____ C:\Windows\System32\Tasks\EPSON XP-312 313 315 Series Invitation {92216CAB-CF59-4199-BE27-85C5C96C72A6}
2015-05-11 16:55 - 2015-05-14 17:11 - 00000000 ____D C:\Users\Tomek\Desktop\Bewerbung

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 17:20 - 2014-06-12 12:50 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-06-07 16:51 - 2014-09-10 18:51 - 00000911 _____ C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {3B031913-35D2-4D9A-91F8-70331A6ED43F}.job
2015-06-07 16:51 - 2014-09-10 18:51 - 00000725 _____ C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {3B031913-35D2-4D9A-91F8-70331A6ED43F}.job
2015-06-07 16:51 - 2014-06-12 12:12 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-07 16:45 - 2009-07-14 06:45 - 00035936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-07 16:45 - 2009-07-14 06:45 - 00035936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-07 16:44 - 2014-06-12 21:58 - 00700130 _____ C:\Windows\system32\perfh007.dat
2015-06-07 16:44 - 2014-06-12 21:58 - 00149768 _____ C:\Windows\system32\perfc007.dat
2015-06-07 16:44 - 2009-07-14 07:13 - 01622706 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-07 16:41 - 2014-06-12 12:04 - 01450934 _____ C:\Windows\WindowsUpdate.log
2015-06-07 16:39 - 2014-09-17 17:32 - 00000000 ____D C:\ProgramData\Origin
2015-06-07 16:39 - 2014-06-12 12:38 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\Raptr
2015-06-07 16:38 - 2014-06-12 12:12 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-07 16:38 - 2010-11-21 05:47 - 00089544 _____ C:\Windows\PFRO.log
2015-06-07 16:38 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-07 16:38 - 2009-07-14 06:51 - 00064936 _____ C:\Windows\setupact.log
2015-06-07 16:37 - 2014-06-12 12:39 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-06-05 11:11 - 2014-07-19 16:21 - 00000000 ____D C:\Program Files (x86)\DSP-worx
2015-06-05 11:10 - 2014-11-25 18:44 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-06-05 11:09 - 2014-07-12 13:22 - 00000000 ____D C:\Windows\system32\appmgmt
2015-06-05 11:09 - 2014-06-12 13:37 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\Adobe
2015-06-05 11:02 - 2009-07-14 07:08 - 00000882 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-05 09:22 - 2009-07-14 06:45 - 00296120 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-05 09:07 - 2014-06-12 12:22 - 00064416 _____ C:\Users\Tomek\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-05 08:56 - 2014-06-12 12:04 - 00000000 ____D C:\Users\Tomek\AppData\Local\VirtualStore
2015-06-05 08:45 - 2014-09-04 11:10 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-05-28 16:13 - 2014-07-30 20:57 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-27 12:55 - 2014-06-14 00:37 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\Skype
2015-05-24 13:50 - 2014-11-25 18:49 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-05-22 14:46 - 2014-11-20 23:19 - 00000000 ____D C:\Users\Tomek\AppData\Local\BoBrowser
2015-05-22 14:14 - 2015-04-24 14:17 - 00000000 ____D C:\Windows\Minidump
2015-05-21 16:16 - 2014-11-25 18:50 - 00000000 ____D C:\Users\Tomek\AppData\Local\Adobe
2015-05-21 13:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-05-20 16:16 - 2015-04-11 21:10 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-20 16:16 - 2015-04-11 21:10 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-20 15:08 - 2014-09-17 18:12 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-05-20 12:31 - 2014-06-12 12:38 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-05-19 09:46 - 2014-06-12 12:12 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-19 09:46 - 2014-06-12 12:12 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 13:25 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-15 13:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-14 18:39 - 2014-06-12 13:32 - 00000000 ____D C:\Windows\system32\MRT
2015-05-14 18:38 - 2014-06-12 13:32 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-14 18:37 - 2015-01-23 00:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-14 18:36 - 2015-01-23 00:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-14 18:36 - 2015-01-23 00:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 18:01 - 2014-06-15 19:05 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-05-14 16:31 - 2014-06-14 00:33 - 00000000 ____D C:\Users\Tomek\Desktop\Bilder
2015-05-14 15:40 - 2014-09-17 17:34 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\Origin
2015-05-11 17:54 - 2014-11-25 18:41 - 00000000 ____D C:\ProgramData\Adobe
2015-05-11 16:59 - 2014-09-12 19:38 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\Epson

==================== Files in the root of some directories =======

2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\Tomek\AppData\Roaming\SWIYCKOS
2015-01-22 19:29 - 2015-01-22 19:29 - 2004968 _____ (MediaProPlayer+) C:\Users\Tomek\AppData\Roaming\SWIYCKOS.exe
2014-08-03 14:21 - 2015-02-25 16:21 - 0000133 _____ () C:\Users\Tomek\AppData\Roaming\WB.CFG
2014-11-01 01:12 - 2015-01-31 19:31 - 0005632 _____ () C:\Users\Tomek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-22 23:10 - 2015-01-22 23:10 - 0000001 _____ () C:\Users\Tomek\AppData\Local\DSI.DAT
2015-01-22 23:10 - 2015-01-22 23:10 - 0022528 _____ () C:\Users\Tomek\AppData\Local\dsisetup32386582.exe
2015-06-05 09:44 - 2015-06-05 09:44 - 0007600 _____ () C:\Users\Tomek\AppData\Local\Resmon.ResmonCfg
2014-06-12 12:21 - 2014-06-12 12:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Tomek\AppData\Local\Temp\beddejeijb.exe
C:\Users\Tomek\AppData\Local\Temp\ECE0.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-03 17:10

==================== End of log ============================
         
__________________

Alt 07.06.2015, 16:45   #4
81Dobermann
 
Trojaner "Tencent"? - Standard

Trojaner "Tencent"?



[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:07-06-2015
Ran by Tomek at 2015-06-07 17:36:07
Running from D:\downloades
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2967830349-2458404097-1864745776-500 - Administrator - Disabled)
Gast (S-1-5-21-2967830349-2458404097-1864745776-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2967830349-2458404097-1864745776-1003 - Limited - Enabled)
Tomek (S-1-5-21-2967830349-2458404097-1864745776-1000 - Administrator - Enabled) => C:\Users\Tomek

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACP Application (Version: 2.15.10.0003 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)
Battlefield 4™ CTE (HKLM-x32\...\{551A08D1-B60E-4DED-9B67-C3B38258CCA3}) (Version: 1.0.2.31585 - Electronic Arts)
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.0.0.2 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - Infinity Ward)
Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version:  - Infinity Ward)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\{9580813D-94B1-4C28-9426-A441E2BB29A5}) (Version: 1.0.0.0 - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version:  - Valve)
Enemy Front (HKLM-x32\...\Steam App 256190) (Version:  - CI Games)
Epic Games Launcher (HKLM\...\{325AC861-EDAF-440B-97DD-259906E216D3}) (Version: 1.1.24.0 - Epic Games, Inc.)
Epson Easy Photo Print 2 (HKLM-x32\...\{71E90740-5E5F-4D43-AB8F-CAC1D93DBB5B}) (Version: 2.5.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{896667C8-53F8-47B8-B6B0-B113B10F05BC}) (Version: 1.20.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-312 313 315 Series Printer Uninstall (HKLM\...\EPSON XP-312 313 315 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version:  - Valve)
Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version:  - Valve)
inminet (HKLM-x32\...\{e20d6e44-c692-4329-d495-57e2996fc3ed}) (Version: 1.0.0 - esties) <==== ATTENTION!
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Logitech G35 (HKLM\...\{27607A94-33AC-4AA7-AACE-95AF6ACA3E30}) (Version: 1.1.178 - Logitech)
Medal of Honor™ Warfighter (HKLM-x32\...\{1040143F-FEFB-4B90-8E51-E47D40E14C4E}) (Version: 1.0.0.3 - Electronic Arts)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.6.0 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPCBU version 2.25 (HKLM-x32\...\{7D7D6742-5B49-4454-9E9B-748E731E741A}_is1) (Version: 2.25 - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.6.4639 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
Shopping Helper Smartbar (HKLM-x32\...\{7473B376-BABC-4D84-BF08-00EE7CE8CD8E}) (Version: 11.123.63.20379 - ReSoft Ltd.) <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{B307472F-7BD9-4040-9255-CE6D6A1196A3}) (Version: 4.3.1 - SEIKO EPSON CORPORATION)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam(TM) (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Ultimate Codecs Packages (HKU\S-1-5-21-2967830349-2458404097-1864745776-1000\...\Ultimate Codecs Packages) (Version:  - ) <==== ATTENTION
Unreal Tournament (HKLM-x32\...\{0F784A30-05FF-4532-8D66-41022D757A3E}_is1) (Version:  - EPIC Games)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2967830349-2458404097-1864745776-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\Tomek\AppData\Roaming\inminet\sencolny.dll () <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-2967830349-2458404097-1864745776-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

30-05-2015 21:41:39 Windows Update
05-06-2015 08:33:45 Windows Update
05-06-2015 11:09:42 Removed Adobe Common File Installer
05-06-2015 11:09:55 Removed Adobe Stock Photos 1.0
07-06-2015 16:13:34 Software Removal Tool
07-06-2015 16:35:28 Prüfpunkt von HitmanPro
07-06-2015 16:36:25 Prüfpunkt von HitmanPro

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03B45661-F3BD-44F3-8321-393A024620F5} - System32\Tasks\{D7C8F475-0DBD-4337-A238-F3F0B1ED9BD0} => pcalua.exe -a C:\Users\Tomek\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=air <==== ATTENTION
Task: {0A6DAE4B-0022-49A6-A859-FDB4AEC5C442} - System32\Tasks\{76ACEA0E-C669-4879-9DB5-F82A58555C23} => pcalua.exe -a C:\PROGRA~2\SearchProtect\Main\bin\uninstall.exe -c /S <==== ATTENTION
Task: {1F33A9F0-8633-48B7-8290-690201315FF0} - System32\Tasks\{0DCD96FE-54AD-46C0-B74C-E7F52D67D1AE} => pcalua.exe -a "C:\Users\Tomek\Downloads\Internet_Downloads\Adobe(R) Photoshop(R) CS2\instmsiw.exe" -d "C:\Users\Tomek\Downloads\Internet_Downloads\Adobe(R) Photoshop(R) CS2"
Task: {36A90079-52CF-4DF0-9A32-39729C289F2E} - System32\Tasks\avabvbyvyc => C:\Users\Tomek\AppData\Local\avabvbyvyc\avabvbyvyc.exe <==== ATTENTION
Task: {3BCAC1AF-E3D2-4BF9-A93E-A106A35547B8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {4075533D-BB4F-4248-98A0-E3FDF9E39712} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-21] (Adobe Systems Incorporated)
Task: {50D04743-F9E7-464B-A5CA-8208B15790F1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {625FE465-5FE3-4A24-852E-6BB33733D5A4} - System32\Tasks\EPSON XP-312 313 315 Series Update {92216CAB-CF59-4199-BE27-85C5C96C72A6} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {8E6CBA70-CA95-46E7-B184-08CA105A8ADE} - \ProPCCleaner_Start No Task File <==== ATTENTION
Task: {9E22EED4-5C21-4879-87FF-BE61B2855FD8} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {AA8EFC5D-A468-4156-BB1C-847A79321D03} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {92216CAB-CF59-4199-BE27-85C5C96C72A6} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {AFAD5B25-8162-4D96-90B8-C302F0A48E61} - \SuperClick Auto Updater 1.10.0.16 Core No Task File <==== ATTENTION
Task: {B4237F61-0D8F-44AE-92B9-3EBF1BDB4703} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-12] (Google Inc.)
Task: {BF5A0715-4EF7-41B0-B3A6-3868430CE652} - \SuperClick Auto Updater 1.10.0.16 Pending Update No Task File <==== ATTENTION
Task: {CC4EFFB5-6AD4-4769-A25A-56114DDC8964} - System32\Tasks\EPSON XP-312 313 315 Series Update {3B031913-35D2-4D9A-91F8-70331A6ED43F} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {CEE0A259-50C9-444F-BCC0-5FBF625E1126} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {D1D9366F-F8C4-4993-8C98-AB87B8236DDE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-12] (Google Inc.)
Task: {E9722AE3-EEF8-4685-A371-9179C4F0F49F} - \ProPCCleaner_Popup No Task File <==== ATTENTION
Task: {FBCFE8B7-4B93-409F-9AB6-1F2A25615B7D} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {3B031913-35D2-4D9A-91F8-70331A6ED43F} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {FE8B16AD-3BDC-4679-B152-F84958C53AF2} - \ASP No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {3B031913-35D2-4D9A-91F8-70331A6ED43F}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {92216CAB-CF59-4199-BE27-85C5C96C72A6}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {3B031913-35D2-4D9A-91F8-70331A6ED43F}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{3B031913-35D2-4D9A-91F8-70331A6ED43F} /F:UpdateSYSTEM
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {92216CAB-CF59-4199-BE27-85C5C96C72A6}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{92216CAB-CF59-4199-BE27-85C5C96C72A6} /F:UpdateSYSTEM
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-25 18:49 - 2015-03-16 23:06 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-05-21 14:46 - 2015-05-21 14:46 - 00169984 _____ () C:\Users\Tomek\AppData\Roaming\inminet\sencolny.dll
2015-06-05 08:56 - 2015-06-05 08:56 - 00481632 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\sqlite.dll
2015-06-05 08:56 - 2015-06-05 08:56 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\tinyxml.dll
2015-06-05 08:56 - 2015-06-05 08:56 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\zlib.dll
2015-06-05 08:56 - 2015-06-05 08:56 - 00203104 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQFileFlt.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2014-05-16 17:36 - 2015-04-16 19:40 - 00776192 _____ () D:\Games\Steam\SDL2.dll
2015-01-22 23:18 - 2015-04-23 04:16 - 04962816 _____ () D:\Games\Steam\v8.dll
2015-01-22 23:18 - 2015-04-23 04:16 - 01556992 _____ () D:\Games\Steam\icui18n.dll
2015-01-22 23:18 - 2015-04-23 04:16 - 01187840 _____ () D:\Games\Steam\icuuc.dll
2014-05-29 09:37 - 2015-06-04 20:56 - 02407104 _____ () D:\Games\Steam\video.dll
2014-09-10 17:17 - 2014-12-01 23:31 - 02396672 _____ () D:\Games\Steam\libavcodec-56.dll
2014-09-10 17:17 - 2014-12-01 23:31 - 00442880 _____ () D:\Games\Steam\libavutil-54.dll
2014-09-10 17:17 - 2014-12-01 23:31 - 00479744 _____ () D:\Games\Steam\libavformat-56.dll
2014-09-10 17:17 - 2014-12-01 23:31 - 00332800 _____ () D:\Games\Steam\libavresample-2.dll
2014-09-10 17:17 - 2014-12-01 23:31 - 00485888 _____ () D:\Games\Steam\libswscale-3.dll
2014-05-29 09:36 - 2015-06-04 20:56 - 00703168 _____ () D:\Games\Steam\bin\chromehtml.DLL
2015-05-21 14:45 - 2015-05-21 14:45 - 00141824 _____ () C:\Users\Tomek\AppData\Roaming\inminet\forvercu.dll
2014-09-17 17:34 - 2015-05-30 21:38 - 01007104 _____ () D:\Games\Origin\platforms\qwindows.dll
2014-09-17 17:34 - 2015-05-30 21:38 - 00023552 _____ () D:\Games\Origin\imageformats\qgif.dll
2014-09-17 17:34 - 2015-05-30 21:38 - 00024576 _____ () D:\Games\Origin\imageformats\qico.dll
2014-09-17 17:34 - 2015-05-30 21:38 - 00216576 _____ () D:\Games\Origin\imageformats\qjpeg.dll
2014-09-17 17:34 - 2015-05-30 21:38 - 00261120 _____ () D:\Games\Origin\imageformats\qmng.dll
2014-09-17 17:34 - 2015-05-30 21:38 - 00019456 _____ () D:\Games\Origin\imageformats\qtga.dll
2014-09-17 17:34 - 2015-05-30 21:38 - 00337408 _____ () D:\Games\Origin\imageformats\qtiff.dll
2014-09-17 17:34 - 2015-05-30 21:38 - 00018944 _____ () D:\Games\Origin\imageformats\qwbmp.dll
2014-09-17 17:34 - 2015-05-30 21:38 - 00228352 _____ () D:\Games\Origin\mediaservice\wmfengine.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2014-08-14 02:37 - 2014-08-14 02:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 02:37 - 2014-08-14 02:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 02:56 - 2014-06-18 02:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-05-01 15:35 - 2015-05-11 21:01 - 36302728 _____ () D:\Games\Steam\bin\libcef.dll
2015-05-25 22:57 - 2015-05-22 22:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-25 22:57 - 2015-05-22 22:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll
2014-06-12 12:15 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2967830349-2458404097-1864745776-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 31.168.224.100 - 5.135.12.56

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{F92821A7-8838-4762-A7A8-3078F36F1481}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [{BEBF7996-7BBA-441A-B6CD-61CB0EC90FCA}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [{DD1B83B5-B846-4540-80D2-19BD69CF75FD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A6C653BF-8E67-4634-B111-A06235F741F5}] => (Allow) D:\Games\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{8EF8E4B8-211B-4978-A09A-DA67F3F4391E}] => (Allow) D:\Games\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{8BF8A9FB-CA6D-4370-A7A1-CA6764E5FC46}] => (Allow) D:\Games\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{D97016A9-04AC-4C35-B5E7-822DFA42DFF5}] => (Allow) D:\Games\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{4D78BEC7-E819-4748-BE5D-660DAACE5242}] => (Allow) D:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4AC77154-74E8-496E-B21D-2EA5C2491B42}] => (Allow) D:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CDFA8BE3-B70F-45EA-BBF9-30DD1E713A8C}] => (Allow) D:\Games\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{D51EE5A7-5D0D-4EA5-AAB0-20DD75C67B30}] => (Allow) D:\Games\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{868B23DC-F771-4861-92FA-CCEEAC712E54}] => (Allow) D:\Games\Steam\SteamApps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{B700CE9C-ABA8-4B4C-824E-7B3BCF6B0261}] => (Allow) D:\Games\Steam\SteamApps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{0CB5F1E3-F12E-49CE-9541-98651E535F8F}] => (Allow) D:\Games\Steam\SteamApps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{3AA72FD6-39BC-4FBD-9700-D9155A6EF084}] => (Allow) D:\Games\Steam\SteamApps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{4AE94C42-6784-4208-8D7D-7E97A873AEF2}] => (Allow) D:\Games\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{A553620C-CB2E-4BA1-A6D5-9F37D1F8B511}] => (Allow) D:\Games\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{40725199-2DC6-4268-BD8E-7B3ED687A2C9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{63A02D94-5208-4C30-AF81-D6E66AA2696D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AD17A033-B2EF-43F2-AC0A-0A5A59D2C4BC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{95871167-4AA7-4CF1-AF7C-B1829329BF4C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A37915E0-B4A2-469A-9207-DAE2CEA6195D}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{08496A6D-0986-47FE-BD67-DA885A393288}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{867635F6-F3AF-4285-9B07-38F2DBA8B00F}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{71C57D09-3903-474B-AFAC-18AEF164AC75}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{A333AB61-2A92-45DB-B7EE-8DE5012E2560}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{21BFF362-10D8-4A47-9F9D-5B58B2E88EB3}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{77ED56C5-7DED-498C-A157-0E8869BCFEE8}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{7C3E9187-31D8-425D-B8FC-13958012F706}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{7AEC4C03-9653-4756-9C1C-9934F668E547}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{7F249F80-E2AC-4DC0-970F-18F4C068AFAD}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{B9FD01F3-14D8-4459-A0A0-5C6F875BDDC8}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{78B4FF1C-9D99-4388-ADDD-A013F51DFE7C}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{ED0B4B07-297B-4B60-936A-221E8772CD21}] => (Allow) C:\Users\Tomek\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup3_6_1_2200\ENEasyApp.exe
FirewallRules: [{A2E01E83-9C10-42BC-B943-F2BAAE61B914}] => (Allow) C:\Users\Tomek\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup3_6_1_2200\ENEasyApp.exe
FirewallRules: [TCP Query User{71EBB75E-CD48-4DFB-BDA3-FD443FB70BC5}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{781527CC-3BA1-45A7-8B61-514CA3B99E99}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{4FE74600-9CAF-420F-9CAE-5411E53ACE00}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{44BC593D-C3CE-4FCB-AD5F-B59930BF3662}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{BF6E4EA6-C78D-4589-8A73-4F751CD98173}] => (Allow) D:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{ECB8AA7F-6AA8-4646-BC55-D13D89089906}] => (Allow) D:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{315494E3-3AC2-4935-AF00-4039EE4BF83D}] => (Allow) D:\Games\Steam\SteamApps\common\Enemy Front\Bin32\EnemyFront.exe
FirewallRules: [{FB211D33-BA14-4C34-B6DA-FFB3A444C223}] => (Allow) D:\Games\Steam\SteamApps\common\Enemy Front\Bin32\EnemyFront.exe
FirewallRules: [{41CDAC95-C7E0-444E-939F-5A6C6EB093F3}] => (Allow) D:\Games\Steam\SteamApps\common\Enemy Front\Bin32\DedicatedServer.exe
FirewallRules: [{853B78B6-0980-4183-B0D8-CA908E38B13D}] => (Allow) D:\Games\Steam\SteamApps\common\Enemy Front\Bin32\DedicatedServer.exe
FirewallRules: [{75C189C1-CEA5-471D-9EEB-57D8EA2B1E81}] => (Allow) C:\Users\Tomek\AppData\Local\BoBrowser\Application\bobrowser.exe
FirewallRules: [{97D20E6A-2E18-4443-A8D3-8AAA32382B7E}] => (Allow) D:\Program Files (x86)\Origin Games\Medal of Honor Warfighter\MOHW.exe
FirewallRules: [{1E9E8F34-192B-40EE-B130-44F387FAEBAC}] => (Allow) D:\Program Files (x86)\Origin Games\Medal of Honor Warfighter\MOHW.exe
FirewallRules: [{4956A03D-BBF2-4E5F-96F7-BF9061A40AED}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D9E96D36-A1AD-4707-B8E0-A042785FA2FD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{27C8BEF9-FCDB-41A5-9667-8A2DF288B4B4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F53D4217-A3A5-49ED-9D15-1A27037F1A98}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F53E3518-15D4-4DD1-9B4F-69947477253F}] => (Allow) D:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{C5116BB5-2DA6-41C9-ACD8-4AF0233D9FB2}] => (Allow) D:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{5502227E-8600-4DCF-B3F5-4307176C5098}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{42EC9593-484E-4AC7-A0F8-D8E05E295FF3}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{21763367-EFF3-4A87-804D-EE52E15C9CB6}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{87DB4605-0E3E-4504-A06E-50B2E8CD4214}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{0CA21AE0-CF80-4193-B920-2363F09C20DD}] => (Allow) D:\Games\Battle.net\Battle.net.exe
FirewallRules: [{34B0198D-A16B-4DC4-9417-62A92036FB31}] => (Allow) D:\Games\Battle.net\Battle.net.exe
FirewallRules: [{8A1BC5DB-7D54-4D11-A846-4ACAECEEE6B4}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{AB501310-600F-462A-857F-14EF56F17F30}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{39F83211-95A4-4D12-A085-09BD39B4BB4F}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{AE222A48-870E-4421-A7EE-32C465A4FF32}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{D589A9C0-75A9-4597-B785-6C1DA5DA6B6E}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{2D545850-2EB2-40B6-95A9-93C3412F80C4}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{3AE5F2B4-1217-4290-BD90-8C24199C0D39}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A6854F8C-3FAB-4332-BFB5-6C3F306F21FE}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{B3732F89-BF42-4171-9247-4BDE7BF4234A}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{80C1BA02-F24D-483C-9C5C-E0B23CCD2059}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{023E124D-1461-44ED-9B42-C24CE413D0CE}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{A1221962-E943-490F-BDF9-4D408107E6EC}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4 CTE\bf4cte_x86.exe
FirewallRules: [{1DB84F36-D1B8-43BF-AD4A-6D8F705E00F2}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4 CTE\bf4cte_x86.exe
FirewallRules: [{DC89BD3F-5B2A-4BB5-9B39-A76DA766432C}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4 CTE\bf4cte.exe
FirewallRules: [{AC091C58-15B4-434B-9709-B3612CFF5CE7}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4 CTE\bf4cte.exe
FirewallRules: [{85CE5F72-7D22-48AC-A39E-ECD84029529F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{24B2B4D7-FACD-4935-95F6-307C29F83E22}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCmgrInstallGuide.exe
FirewallRules: [{CF548EAD-876D-4A7E-8B79-832154EA7B33}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCTray.exe
FirewallRules: [{60B2E32C-2867-4233-9DC4-9B85C143A01E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCMgr.exe
FirewallRules: [{C01C6F0D-5F2B-4BDE-9079-1310048B9E77}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCRTP.exe
FirewallRules: [{50D56715-D0A8-45EF-82DA-78C45ED4D57C}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QMDL.exe
FirewallRules: [{E8427E63-E1DD-44D9-9F18-BEDABB96B691}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\bugreport.exe
FirewallRules: [{FD8A796A-8425-4E24-B381-8B236D4F3E88}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCFileOpen.exe
FirewallRules: [{77B6D9F6-0328-4302-A21D-7CDA273E1AAA}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCLeakScan.exe
FirewallRules: [{51C66844-219E-4901-9F5C-C0255675A414}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPConfig.exe
FirewallRules: [{F2FCF537-9667-4C8E-83D4-A453B30311E4}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCSoftMgr.exe
FirewallRules: [{50B521F0-BB7A-497D-B65E-C198A4544411}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{F26FC3D3-E2E6-4AA8-9D8E-7C39EC9C817B}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCBTU.exe
FirewallRules: [{C02A41AF-6B17-4ECB-9DDA-E7A6FF553266}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCClinic.exe
FirewallRules: [{DB4796CD-75DB-435C-8C3F-14D5EB9296C1}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCLaunch.exe
FirewallRules: [{6B10DEDB-F94C-4B40-ADF2-2C0670C6BE41}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{4908CDC2-EB20-4140-9978-1C73845BD0CE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCSoftGame.exe
FirewallRules: [{6DE0D907-5273-40C9-99F9-3B99CCFB4176}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCSysOptimize.exe
FirewallRules: [{04E04DA9-3DA2-4CA2-A25E-19E17BD11CDE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCUpdateAVLib.exe
FirewallRules: [{D8D2CC55-57AD-47B1-BA26-B8D409CE172F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQRepair.exe
FirewallRules: [{113C1B6E-A82D-43EE-B5A8-6285E9C8F602}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\Uninst.exe
FirewallRules: [{B1DAA86F-7AF5-4A01-98D2-5A717F28CFA3}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCPatch.exe
FirewallRules: [{CDF17D82-D509-4AD9-8914-C44BD0D6BE4B}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\TpkUpdate.exe
FirewallRules: [{927A701C-31D0-47D0-85D4-17AA876C6393}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QMRouterMgr.exe
FirewallRules: [{E9B355AE-8B9F-4200-81FA-1AA95348F3E7}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QMAccountProtection.exe
FirewallRules: [{0269C86B-E217-4B69-8F35-B81037C61121}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{FACDDA41-E0EC-42C7-B72B-83089CE670BD}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe

==================== Faulty Device Manager Devices =============

Name: wpnfd_1_10_0_2
Description: wpnfd_1_10_0_2
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: wpnfd_1_10_0_2
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: tencent QMUdisk
Description: tencent QMUdisk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: QMUdisk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: TSCPM
Description: TSCPM
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: TSCPM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: TSDefenseBt
Description: TSDefenseBt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: TSDefenseBt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/07/2015 04:40:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2015 04:37:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8bfa
Ausnahmecode: 0xc000000d
Fehleroffset: 0x000000000006ec12
ID des fehlerhaften Prozesses: 0x858
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3

Error: (06/07/2015 04:36:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Single Spaced Removable Media since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (06/07/2015 04:35:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Single Spaced Removable Media since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (06/07/2015 04:13:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Single Spaced Removable Media since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (06/07/2015 03:48:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 11:09:30 AM) (Source: MsiInstaller) (EventID: 11704) (User: Tomek-PC)
Description: Product: Adobe Bridge 1.0 -- Error 1704.An installation for Community Smartbar is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?

Error: (06/05/2015 11:04:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 09:24:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 09:18:07 AM) (Source: Winlogon) (EventID: 4004) (User: )
Description: Fehler beim Beenden der Prozesse des aktuell angemeldeten Benutzers durch den Windows-Anmeldeprozess.


System errors:
=============
Error: (06/07/2015 04:38:09 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "HitmanPro 3.7 Crusader (Boot)" wurde mit folgendem dienstspezifischem Fehler beendet: %%0.

Error: (06/07/2015 04:38:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "QQSysMonX64" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/07/2015 04:38:08 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
TSDefenseBt
wpnfd_1_10_0_2

Error: (06/07/2015 04:38:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ZoneAlarm Privacy Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/07/2015 04:38:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "QQSysMonX64" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/07/2015 04:37:44 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (06/07/2015 04:37:44 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (06/07/2015 04:37:44 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (06/07/2015 04:37:44 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (06/07/2015 04:37:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Diagnostics Tracking Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (06/07/2015 04:40:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2015 04:37:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.18839553e8bfac000000d000000000006ec1285801d0a1289cb9564cC:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dllc1b0d952-0d22-11e5-90c4-74d435882e39

Error: (06/07/2015 04:36:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Single Spaced Removable Media since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (06/07/2015 04:35:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Single Spaced Removable Media since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (06/07/2015 04:13:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Single Spaced Removable Media since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (06/07/2015 03:48:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 11:09:30 AM) (Source: MsiInstaller) (EventID: 11704) (User: Tomek-PC)
Description: Product: Adobe Bridge 1.0 -- Error 1704.An installation for Community Smartbar is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (06/05/2015 11:04:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 09:24:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 09:18:07 AM) (Source: Winlogon) (EventID: 4004) (User: )
Description: 


CodeIntegrity Errors:
===================================
  Date: 2015-03-11 15:22:36.803
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-11 15:22:36.801
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-11 15:20:23.757
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-11 15:20:23.749
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-07 21:20:06.524
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-07 21:20:06.522
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-07 21:19:11.802
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-07 21:19:11.749
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-04 14:47:33.774
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-04 14:47:33.772
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 33%
Total physical RAM: 8067.93 MB
Available physical RAM: 5329.75 MB
Total Pagefile: 16134.06 MB
Available Pagefile: 12966.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:51.97 GB) NTFS
Drive d: (750er) (Fixed) (Total:698.63 GB) (Free:390.27 GB) NTFS
Drive f: (STARCRAFT) (CDROM) (Total:0.62 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 8AB3841D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 5655BED3)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

==================== End of log ============================
         
--- --- ---


ich hoffe das ich bis jetzt alles richtig gemacht hab

Alt 07.06.2015, 17:09   #5
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Trojaner "Tencent"? - Standard

Trojaner "Tencent"?



Hi,

Schritt 1

Bitte deinstalliere folgende Programme:

inminet
Shopping Helper Smartbar
Ultimate Codecs Packages


Versuche es bei Windows 7 zunächst über Systemsteuerung/Programme deinstallieren.

Sollte das nicht gehen, lade Dir bitte Revo Uninstallerhier herunter. Entpacke die zip-Datei auf den Desktop. Anleitung
  • Starte die Revouninstaller.exe
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den oben angegebenen Programmen und wähle sie einzeln aus.
    Klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

Wenn Du ein Programm nicht deinstallieren kannst, mach mit dem nächsten weiter.
Auch wenn am Ende noch Programme übrig geblieben sind, führe den nächsten Schritt aus:

Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3

  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Gehe zurück zum Armaturenbrett und klicke auf "Jetzt scannen".
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben und poste mir das Log.

Schritt 4



Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 07.06.2015, 18:06   #6
81Dobermann
 
Trojaner "Tencent"? - Standard

Trojaner "Tencent"?



ist es normal das der Revo Unistaller beim schritt 4 solange braucht fürs scannen?ich habe 2 von 3 Programmen gelöscht nur der Shoppingistaller ist übrig geblieben,bin dabei ihn zu Entfernen aber das Revo Programm scannt schon seid fast 30min und kommt nicht Voran!das Programm ist aber nicht abgeschmiert laut Systemsteuerung.
soll ich ihn einfach machen lassen oder Abbrechen und erneut versuchen?

Alt 07.06.2015, 18:07   #7
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Trojaner "Tencent"? - Standard

Trojaner "Tencent"?



Warte mal noch. Ansonsten nochmal probieren. Wenn es wieder nicht geht, dann weiter mit dem nächsten Schritt.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 07.06.2015, 18:31   #8
81Dobermann
 
Trojaner "Tencent"? - Standard

Trojaner "Tencent"?



zu schritt 2.

Code:
ATTFilter
# AdwCleaner v4.206 - Bericht erstellt 07/06/2015 um 19:12:49
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-05.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Tomek - TOMEK-PC
# Gestarted von : D:\downloades\AdwCleaner_4.206.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : QQPCRTP
Dienst Gelöscht : TAOAccelerator
[#] Dienst Gelöscht : TSDefenseBt
[#] Dienst Gelöscht : QMUdisk
[#] Dienst Gelöscht : wpnfd_1_10_0_2

***** [ Dateien / Ordner ] *****

[!] Ordner Gelöscht : C:\ProgramData\tencent
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
Ordner Gelöscht : C:\Program Files (x86)\MyPCBU
Ordner Gelöscht : C:\Program Files (x86)\tencent
Ordner Gelöscht : C:\Program Files (x86)\Common Files\ClaraUpdater
Ordner Gelöscht : C:\Program Files (x86)\Common Files\tencent
Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent
[!] Ordner Gelöscht : C:\Program Files\Common Files\tencent
Ordner Gelöscht : C:\Users\Tomek\AppData\Local\LPT
Ordner Gelöscht : C:\Users\Tomek\AppData\Local\BoBrowser
Ordner Gelöscht : C:\Users\Tomek\AppData\Local\StormFall
Ordner Gelöscht : C:\Users\Tomek\AppData\Roaming\RocketUpdater
Ordner Gelöscht : C:\Users\Tomek\AppData\Roaming\StormFall
Ordner Gelöscht : C:\Users\Tomek\AppData\Roaming\tencent
Ordner Gelöscht : C:\Users\Tomek\Documents\Updater
Datei Gelöscht : C:\Users\Tomek\AppData\Roaming\SWIYCKOS
Datei Gelöscht : C:\Users\Tomek\AppData\Roaming\SWIYCKOS.exe

***** [ Geplante Tasks ] *****

Task Gelöscht : ASP

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\bobrowser.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\bobrowser.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\CLASSES\METNSD
Schlüssel Gelöscht : HKLM\SOFTWARE\Clients\StartMenuInternet\BoBrowser.FHMKKIKUKDYLD2AD7ASQFLDOTM
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F1963E76-845B-474C-8C7F-D69A96D8AA34}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKCU\Software\Boost
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\RocketUpdater
Schlüssel Gelöscht : HKCU\Software\DriverTuner_Init
Schlüssel Gelöscht : HKCU\Software\DriverTuner
Schlüssel Gelöscht : HKLM\SOFTWARE\Boost
Schlüssel Gelöscht : HKLM\SOFTWARE\FlvPlayer
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\Tutorials
Schlüssel Gelöscht : HKLM\SOFTWARE\Clara
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7D7D6742-5B49-4454-9E9B-748E731E741A}_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\hao123.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.omiga-plus.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\omiga-plus.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.hao123.com
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:52552;hxxps=127.0.0.1:52552
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17801

Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v43.0.2357.81


*************************

AdwCleaner[R0].txt - [9088 Bytes] - [07/06/2015 19:11:31]
AdwCleaner[S0].txt - [7940 Bytes] - [07/06/2015 19:12:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7999  Bytes] ##########
         
schritt 3.

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 07.06.2015
Suchlauf-Zeit: 19:18:42
Logdatei: 
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.07.04
Rootkit Datenbank: v2015.06.02.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Tomek

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 362833
Verstrichene Zeit: 6 Min, 32 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 4
PUP.Optional.WordProser.A, HKLM\SOFTWARE\WOW6432NODE\WordProser_1.10.0.2, , [e9f7ab0c6723171fdcd8fa0a5fa5f50b], 
PUP.Optional.PCSpeedUp.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, , [40a04671f892181efddc89fc75904ab6], 
Trojan.DNSChanger, HKU\S-1-5-21-2967830349-2458404097-1864745776-1000\SOFTWARE\HDQuality, , [e9f74f681872c571c95ddaccf21243bd], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2967830349-2458404097-1864745776-1000\SOFTWARE\SearchProtectIN4T, , [954bf5c22466d264a14f78fa2cd99769], 

Registrierungswerte: 2
PUP.Optional.Vosteran.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Vosteran\\, , [14ccfdba5a308da924aab7323fc4b947]
PUP.Optional.MBot.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mbot_de_292, , [a739189f9af069cd1ef07a95897b956b], 

Registrierungsdaten: 1
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{3648858D-C717-4E2D-A474-A7DC404E237C}|NameServer, 31.168.224.100,5.135.12.56, Gut: (), Schlecht: (31.168.224.100,5.135.12.56),,[fae69e193a50d75fb89a2a1111f5f30d]

Ordner: 3
PUP.Optional.FastPlayer.A, C:\Users\Tomek\AppData\Local\com\FastPlayer.exe_Url_ypw5ldaz5xtubzl3ykl5vaw3nmhswq1q, , [40a0e1d6d3b7e155103533aa37cc8a76], 
PUP.Optional.FastPlayer.A, C:\Users\Tomek\AppData\Local\com\FastPlayer.exe_Url_ypw5ldaz5xtubzl3ykl5vaw3nmhswq1q\1.0.0.6, , [40a0e1d6d3b7e155103533aa37cc8a76], 
PUP.Optional.EpsanDrive.A, C:\ProgramData\EpsanDrive, , [b030912641492a0cb65c6186c04355ab], 

Dateien: 22
PUP.Optional.InstallCore, C:\Users\Tomek\AppData\Local\Temp\99684.Uninstall\uninstaller.exe, , [e3fd63546723bf77b0da1066778bb24e], 
PUP.Optional.ReImageRepair.A, C:\Users\Tomek\Downloads\ReimageRepair.exe, , [617fe0d7afdb0f278095e8805aa807f9], 
PUP.Optional.BundleInstaller.A, C:\Users\Tomek\Downloads\setup (3).exe, , [21bf5067e9a178be4e61d787f30fa25e], 
PUP.Optional.InstallCore.A, C:\Users\Tomek\Downloads\FlvPlayerSetup.exe, , [09d7cbecfa90c17588cdce9a40c2f20e], 
PUP.Optional.PersonalCleaner, C:\Users\Tomek\Downloads\UltimateCodecsSetup.exe, , [ad33684f850586b08479906f2dd8ce32], 
PUP.Optional.InstallCore.C, C:\Users\Tomek\Downloads\installer_adobe_flash_player_English (1).exe, , [57895d5a1c6e0234be2931297f836a96], 
PUP.Optional.InstallCore.C, C:\Users\Tomek\Downloads\installer_adobe_flash_player_English.exe, , [38a8b304800a0a2c08df14463cc67d83], 
PUP.Optional.DsiLoad, C:\Users\Tomek\AppData\Local\dsisetup32386582.exe, , [d30d7f380e7cf24429506bf5f70bfa06], 
PUP.Optional.SnapDo.A, C:\Windows\Installer\918fe7.msi, , [746cfeb91179a5911ea29326ec15eb15], 
PUP.Optional.SmartBar, C:\Windows\Installer\MSI2C7D.tmp, , [08d82790e7a336009fd0ed434fb1ca36], 
PUP.Optional.SmartBar, C:\Windows\Installer\MSIC5E1.tmp, , [4b95e4d3c1c987af501f1b15c040827e], 
PUP.Optional.SmartBar, C:\Windows\Installer\MSIBDF2.tmp-\Smartbar.Installer.CustomActions.dll, , [33ad783f1c6ed06687e880b0709053ad], 
PUP.Optional.SmartBar, C:\Windows\Installer\MSI2C7D.tmp-\Smartbar.Installer.CustomActions.dll, , [eaf65e59fa9051e5551a161a768a40c0], 
PUP.Optional.SmartBar, C:\Windows\Installer\MSI74D2.tmp-\Smartbar.Installer.CustomActions.dll, , [0bd55a5d85051f17016e5ed2bd43de22], 
PUP.Optional.SmartBar, C:\Windows\Installer\MSIC5E1.tmp-\Smartbar.Installer.CustomActions.dll, , [57896c4b97f342f479f6ea46619f4cb4], 
PUP.Optional.SmartBar, C:\Windows\Installer\MSID2E0.tmp-\Smartbar.Installer.CustomActions.dll, , [9050d4e3008a171fd29d939d936d0ff1], 
PUP.Optional.SmartBar, C:\Windows\Installer\MSIDC03.tmp-\Smartbar.Installer.CustomActions.dll, , [0ad6496eec9e06304728ab8548b8f907], 
PUP.Optional.SmartBar, C:\Windows\Installer\MSIDDF8.tmp-\Smartbar.Installer.CustomActions.dll, , [865a9b1cfd8dda5c1c5358d8ce32eb15], 
PUP.Optional.SearchProtect.A, C:\Windows\System32\Tasks\avabvbyvyc, , [3ca44b6c6723df571b12c42f7a8901ff], 
PUP.Optional.WebInstr.A, C:\Windows\System32\drivers\Msft_Kernel_webinstrT_01009.Wdf, , , 
PUP.Optional.FastPlayer.A, C:\Users\Tomek\AppData\Local\com\FastPlayer.exe_Url_ypw5ldaz5xtubzl3ykl5vaw3nmhswq1q\1.0.0.6\user.config, , [40a0e1d6d3b7e155103533aa37cc8a76], 
PUP.Optional.EpsanDrive.A, C:\ProgramData\EpsanDrive\NSISHelper.dll, , [b030912641492a0cb65c6186c04355ab], 

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         
schritt 4.
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-06-2015
Ran by Tomek (administrator) on TOMEK-PC on 07-06-2015 19:29:13
Running from C:\Users\Tomek\Desktop
Loaded Profiles: Tomek (Available Profiles: Tomek)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve Corporation) D:\Games\Steam\Steam.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILFE.EXE
(Electronic Arts) D:\Games\Origin\Origin.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILFE.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Logitech(c)) C:\Program Files (x86)\Logitech\G35\G35.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) D:\Games\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\wmi64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-05-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-15] (Raptr, Inc)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Logitech G35] => C:\Program Files (x86)\Logitech\G35\G35.exe [1811800 2010-10-05] (Logitech(c))
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCTray.exe"  /regrun
HKU\S-1-5-21-2967830349-2458404097-1864745776-1000\...\Run: [Steam] => D:\Games\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-2967830349-2458404097-1864745776-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2967830349-2458404097-1864745776-1000\...\Run: [EADM] => D:\Games\Origin\Origin.exe [3632472 2015-05-30] (Electronic Arts)
HKU\S-1-5-21-2967830349-2458404097-1864745776-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2967830349-2458404097-1864745776-1000\...\MountPoints2: {56a85494-f218-11e3-bb6e-806e6f6e6963} - F:\Run.exe
HKU\S-1-5-21-2967830349-2458404097-1864745776-1000\...\MountPoints2: {da7f5c52-f21d-11e3-8589-806e6f6e6963} - F:\SETUP.EXE
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QMGCShellExt64.dll No File
BootExecute: autocheck autochk * bootdelete

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2967830349-2458404097-1864745776-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-06-12] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-20] (Kaspersky Lab ZAO)
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\TSWebMon64.dat No File
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-06-12] (Kaspersky Lab ZAO)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-06-12] (Kaspersky Lab ZAO)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-06-12] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-20] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-06-12] (Kaspersky Lab ZAO)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-06-12] (Kaspersky Lab ZAO)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-21] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-21] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\npQMExtensionsMozilla.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-06-12]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-06-12]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-06-12]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-06-12]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-06-12]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-09-10]

Chrome: 
=======
CHR Profile: C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-20]
CHR Extension: (Google Drive) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-20]
CHR Extension: (YouTube) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-20]
CHR Extension: (Google Search) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-20]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-11-20]
CHR Extension: (Google Sheets) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-20]
CHR Extension: (Safe Money) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-11-20]
CHR Extension: (Dangerous Websites Blocker) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-11-20]
CHR Extension: (Virtual Keyboard) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-11-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Google Wallet) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-20]
CHR Extension: (Vosteran New Tab) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce [2015-01-22]
CHR Extension: (Gmail) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-20]
CHR Extension: (Anti-Banner) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-11-20]
CHR Profile: C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-21]
CHR Extension: (Google Docs) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-21]
CHR Extension: (Google Drive) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-21]
CHR Extension: (YouTube) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-21]
CHR Extension: (Google Search) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-21]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2015-04-21]
CHR Extension: (Google Sheets) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-21]
CHR Extension: (AdBlock) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-06]
CHR Extension: (Bookmark Manager) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-24]
CHR Extension: (Safe Money) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hakdifolhalapjijoafobooafbilfakh [2015-04-21]
CHR Extension: (Dangerous Websites Blocker) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2015-04-21]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-21]
CHR Extension: (Google Wallet) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-21]
CHR Extension: (Gmail) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-21]
CHR Extension: (Anti-Banner) - C:\Users\Tomek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2015-04-21]
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [116224 2014-11-20] (Advanced Micro Devices) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [1997168 2015-05-30] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-03-03] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-03-16] ()
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 TAOFrame; "C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\TAOFrame.exe" [X]
S2 ZAPrivacyService; "C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [294600 2014-11-21] (Advanced Micro Devices)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-06-07] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-06-12] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-06-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-06-12] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-06-12] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-06-12] (Kaspersky Lab ZAO)
R3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
R3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [174392 2015-06-05] (Tencent Technology(Shenzhen) Company Limited)
S3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-06-05] (电脑管家)
S3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [38200 2015-06-05] (电脑管家)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S2 QQSysMonX64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQSysMonX64.sys [X]
S3 TS888x64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\TS888x64.sys [X]
S1 TSCPM; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\tscpm64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 19:29 - 2015-06-07 19:29 - 00028724 _____ C:\Users\Tomek\Desktop\FRST.txt
2015-06-07 19:16 - 2015-06-07 19:27 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-07 19:16 - 2015-06-07 19:16 - 00001160 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-07 19:16 - 2015-06-07 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-07 19:16 - 2015-06-07 19:16 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-07 19:16 - 2015-06-07 19:16 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-07 19:16 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-07 19:16 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-07 19:16 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-07 19:11 - 2015-06-07 19:10 - 02231296 _____ C:\Users\Tomek\Desktop\AdwCleaner_4.206.exe
2015-06-07 19:10 - 2015-06-07 19:12 - 00000000 ____D C:\AdwCleaner
2015-06-07 18:21 - 2014-10-13 16:54 - 00156192 _____ (PortableApps.com) C:\Users\Tomek\Desktop\RevoUninstallerPortable.exe
2015-06-07 18:19 - 2015-06-07 18:17 - 02785665 _____ (PortableApps.com) C:\Users\Tomek\Desktop\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2015-06-07 17:34 - 2015-06-07 17:33 - 02108928 _____ (Farbar) C:\Users\Tomek\Desktop\FRST64.exe
2015-06-07 17:33 - 2015-06-07 19:29 - 00000000 ____D C:\FRST
2015-06-07 16:38 - 2015-06-07 16:38 - 00043664 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2015-06-07 16:36 - 2015-06-07 16:36 - 00232822 _____ C:\Windows\system32\.crusader
2015-06-07 16:33 - 2015-06-07 16:33 - 00000000 ____D C:\Program Files\HitmanPro
2015-06-07 16:32 - 2015-06-07 16:37 - 00000000 ____D C:\ProgramData\HitmanPro
2015-06-05 12:05 - 2015-06-05 12:08 - 00000000 ____D C:\Program Files (x86)\MiniGet
2015-06-05 12:05 - 2015-06-05 12:05 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\MiniGet
2015-06-05 10:41 - 2015-06-05 10:41 - 00000207 _____ C:\Windows\tweaking.com-regbackup-TOMEK-PC-Windows-7-Professional-(64-bit).dat
2015-06-05 10:41 - 2015-06-05 10:41 - 00000000 ____D C:\RegBackup
2015-06-05 09:44 - 2015-06-05 09:44 - 00007600 _____ C:\Users\Tomek\AppData\Local\Resmon.ResmonCfg
2015-06-05 09:22 - 2015-06-05 10:01 - 00028984 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
2015-06-05 09:16 - 2015-06-07 16:36 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\03D40274-1433488586-0588-2E06-390700080009
2015-06-05 09:11 - 2015-06-05 09:11 - 00000000 ____D C:\ProgramData\TXQMPC
2015-06-05 08:56 - 2015-06-05 08:56 - 00174392 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel64.sys
2015-06-05 08:56 - 2015-06-05 08:56 - 00099640 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys
2015-06-05 08:56 - 2015-06-05 08:56 - 00087864 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2015-06-05 08:56 - 2015-06-05 08:56 - 00038200 _____ (电脑管家) C:\Windows\system32\Drivers\TSSKX64.sys
2015-06-05 08:55 - 2015-06-05 08:55 - 00000000 ____D C:\ProgramData\Rising
2015-06-05 08:52 - 2015-06-05 08:52 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\WinRAR
2015-06-05 08:51 - 2015-06-05 08:51 - 00001001 _____ C:\Users\Tomek\Desktop\WinRAR.lnk
2015-06-05 08:51 - 2015-06-05 08:51 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-05 08:51 - 2015-06-05 08:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-05 08:51 - 2015-06-05 08:51 - 00000000 ____D C:\Program Files\WinRAR
2015-06-05 08:45 - 2015-06-05 08:45 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-06-05 08:45 - 2015-06-05 08:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-06-05 08:45 - 2015-06-05 08:45 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-06-05 08:45 - 2015-06-05 08:45 - 00000000 ____D C:\Program Files\iTunes
2015-06-05 08:45 - 2015-06-05 08:45 - 00000000 ____D C:\Program Files\iPod
2015-06-05 08:45 - 2015-06-05 08:45 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-05-21 16:16 - 2015-06-07 18:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-21 16:16 - 2015-05-21 16:16 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-21 16:16 - 2015-05-21 16:16 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-21 16:16 - 2015-05-21 16:16 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-21 16:16 - 2015-05-21 16:16 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-05-21 16:16 - 2015-05-21 16:16 - 00000000 ____D C:\Windows\system32\Macromed
2015-05-14 18:37 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 18:37 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 16:26 - 2015-05-14 18:03 - 00000000 ____D C:\Users\Tomek\AppData\Local\Battle.net
2015-05-14 16:26 - 2015-05-14 16:27 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\Battle.net
2015-05-14 16:26 - 2015-05-14 16:27 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-05-14 16:26 - 2015-05-14 16:26 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\AMD
2015-05-14 16:26 - 2015-05-14 16:26 - 00000000 ____D C:\Users\Tomek\AppData\Local\Blizzard Entertainment
2015-05-14 16:25 - 2015-05-14 16:25 - 03184696 _____ (Blizzard Entertainment) C:\Users\Tomek\Downloads\StarCraft-II-Setup-deDE.exe
2015-05-14 16:25 - 2015-05-14 16:25 - 00000000 ____D C:\ProgramData\Battle.net
2015-05-14 15:44 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-14 15:44 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-14 15:44 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-14 15:44 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-14 15:44 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-14 15:44 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-14 15:44 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-14 15:44 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-14 15:44 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-14 15:44 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-14 15:44 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-14 15:44 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-14 15:44 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-14 15:44 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-14 15:44 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-14 15:44 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-14 15:44 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-14 15:44 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-14 15:44 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-14 15:44 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-14 15:44 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-14 15:44 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-14 15:44 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-14 15:44 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-14 15:44 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-14 15:44 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-14 15:44 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-14 15:44 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-14 15:44 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-14 15:44 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-14 15:44 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-14 15:44 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-14 15:44 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-14 15:44 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-14 15:44 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-14 15:44 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-14 15:44 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-14 15:44 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-14 15:44 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-14 15:44 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-14 15:44 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-14 15:44 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-14 15:44 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-14 15:44 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-14 15:44 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-14 15:44 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-14 15:44 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-14 15:44 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-14 15:44 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-14 15:44 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-14 15:44 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-14 15:44 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-14 15:44 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-14 15:44 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-14 15:44 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-14 15:44 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-14 15:44 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-14 15:44 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-14 15:44 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-14 15:44 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-14 15:44 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-14 15:44 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-14 15:44 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-14 15:44 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-14 15:44 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-14 15:44 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-14 15:44 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-14 15:44 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-14 15:44 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-14 15:44 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-14 15:44 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-14 15:44 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-14 15:44 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-14 15:44 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-14 15:44 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-14 15:44 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-14 15:44 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-14 15:44 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-14 15:44 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-14 15:44 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-14 15:44 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-14 15:44 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-14 15:44 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-14 15:44 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-14 15:44 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-14 15:44 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-14 15:44 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-14 15:44 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-14 15:44 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-14 15:44 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-14 15:44 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-14 15:44 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-14 15:44 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-14 15:44 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-14 15:44 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-14 15:44 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-14 15:44 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-14 15:44 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-14 15:44 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-14 15:44 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-14 15:44 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-14 15:44 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-14 15:44 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-14 15:44 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-14 15:44 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-14 15:44 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-14 15:44 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-14 15:44 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-14 15:44 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-14 15:44 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-14 15:44 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-14 15:44 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-14 15:44 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-14 15:44 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-14 15:44 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-14 15:44 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-14 15:44 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-14 15:44 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-14 15:44 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-14 15:44 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-14 15:44 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-14 15:44 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-14 15:44 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-14 15:44 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-14 15:44 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-14 15:44 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-14 15:44 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-14 15:44 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-14 15:44 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-14 15:44 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-14 15:44 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 14:33 - 2015-05-12 14:33 - 00002102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-05-12 14:33 - 2015-05-12 14:33 - 00002090 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2015-05-12 14:33 - 2015-05-12 14:33 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\Thunderbird
2015-05-12 14:33 - 2015-05-12 14:33 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\Mozilla
2015-05-12 14:33 - 2015-05-12 14:33 - 00000000 ____D C:\Users\Tomek\AppData\Local\Thunderbird
2015-05-12 14:33 - 2015-05-12 14:33 - 00000000 ____D C:\ProgramData\Mozilla
2015-05-12 14:33 - 2015-05-12 14:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-05-12 14:33 - 2015-05-12 14:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-12 14:32 - 2015-05-12 14:32 - 01203488 _____ C:\Users\Tomek\Downloads\Thunderbird - CHIP-Installer.exe
2015-05-11 17:53 - 2015-05-11 17:53 - 50629792 _____ (Adobe Systems Incorporated) C:\Users\Tomek\Downloads\AcroRdrDC1500720033_de_DE.exe
2015-05-11 17:53 - 2015-05-11 17:53 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-05-11 17:53 - 2015-05-11 17:53 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-05-11 17:53 - 2015-05-11 17:53 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-05-11 17:42 - 2015-05-11 17:42 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-05-11 17:42 - 2015-05-11 17:42 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\OpenOffice
2015-05-11 17:41 - 2015-05-11 17:42 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-05-11 17:41 - 2015-05-11 17:41 - 00000000 ____D C:\Users\Tomek\Desktop\OpenOffice 4.1.1 (de) Installation Files
2015-05-11 17:41 - 2015-05-11 17:41 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2015-05-11 17:39 - 2015-05-11 17:39 - 01203488 _____ C:\Users\Tomek\Downloads\OpenOffice - CHIP-Installer.exe
2015-05-11 16:56 - 2015-06-07 18:56 - 00000911 _____ C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {92216CAB-CF59-4199-BE27-85C5C96C72A6}.job
2015-05-11 16:56 - 2015-06-07 18:56 - 00000725 _____ C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {92216CAB-CF59-4199-BE27-85C5C96C72A6}.job
2015-05-11 16:56 - 2015-05-11 16:56 - 00003978 _____ C:\Windows\System32\Tasks\EPSON XP-312 313 315 Series Update {92216CAB-CF59-4199-BE27-85C5C96C72A6}
2015-05-11 16:56 - 2015-05-11 16:56 - 00003792 _____ C:\Windows\System32\Tasks\EPSON XP-312 313 315 Series Invitation {92216CAB-CF59-4199-BE27-85C5C96C72A6}
2015-05-11 16:55 - 2015-05-14 17:11 - 00000000 ____D C:\Users\Tomek\Desktop\Bewerbung

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 19:28 - 2014-06-12 12:38 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\Raptr
2015-06-07 19:27 - 2014-09-17 17:32 - 00000000 ____D C:\ProgramData\Origin
2015-06-07 19:27 - 2014-06-12 12:50 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-06-07 19:27 - 2014-06-12 12:39 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-06-07 19:27 - 2014-06-12 12:12 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-07 19:27 - 2014-06-12 12:04 - 01476798 _____ C:\Windows\WindowsUpdate.log
2015-06-07 19:27 - 2010-11-21 05:47 - 00096434 _____ C:\Windows\PFRO.log
2015-06-07 19:27 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-07 19:27 - 2009-07-14 06:51 - 00065104 _____ C:\Windows\setupact.log
2015-06-07 19:25 - 2015-01-22 19:30 - 00000000 ____D C:\Users\Tomek\AppData\Local\com
2015-06-07 19:21 - 2009-07-14 06:45 - 00035936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-07 19:21 - 2009-07-14 06:45 - 00035936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-07 19:19 - 2014-06-12 21:58 - 00700130 _____ C:\Windows\system32\perfh007.dat
2015-06-07 19:19 - 2014-06-12 21:58 - 00149768 _____ C:\Windows\system32\perfc007.dat
2015-06-07 19:19 - 2009-07-14 07:13 - 01622706 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-07 18:51 - 2014-09-10 18:51 - 00000911 _____ C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {3B031913-35D2-4D9A-91F8-70331A6ED43F}.job
2015-06-07 18:51 - 2014-09-10 18:51 - 00000725 _____ C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {3B031913-35D2-4D9A-91F8-70331A6ED43F}.job
2015-06-07 18:51 - 2014-06-12 12:12 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-05 11:11 - 2014-07-19 16:21 - 00000000 ____D C:\Program Files (x86)\DSP-worx
2015-06-05 11:10 - 2014-11-25 18:44 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-06-05 11:09 - 2014-07-12 13:22 - 00000000 ____D C:\Windows\system32\appmgmt
2015-06-05 11:09 - 2014-06-12 13:37 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\Adobe
2015-06-05 11:02 - 2009-07-14 07:08 - 00001638 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-05 09:22 - 2009-07-14 06:45 - 00296120 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-05 09:07 - 2014-06-12 12:22 - 00064416 _____ C:\Users\Tomek\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-05 08:56 - 2014-06-12 12:04 - 00000000 ____D C:\Users\Tomek\AppData\Local\VirtualStore
2015-06-05 08:45 - 2014-09-04 11:10 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-05-28 16:13 - 2014-07-30 20:57 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-27 12:55 - 2014-06-14 00:37 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\Skype
2015-05-24 13:50 - 2014-11-25 18:49 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-05-22 14:14 - 2015-04-24 14:17 - 00000000 ____D C:\Windows\Minidump
2015-05-21 16:16 - 2014-11-25 18:50 - 00000000 ____D C:\Users\Tomek\AppData\Local\Adobe
2015-05-21 13:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-05-20 16:16 - 2015-04-11 21:10 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-20 16:16 - 2015-04-11 21:10 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-20 15:08 - 2014-09-17 18:12 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-05-20 12:31 - 2014-06-12 12:38 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-05-19 09:46 - 2014-06-12 12:12 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-19 09:46 - 2014-06-12 12:12 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 13:25 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-15 13:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-14 18:39 - 2014-06-12 13:32 - 00000000 ____D C:\Windows\system32\MRT
2015-05-14 18:38 - 2014-06-12 13:32 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-14 18:37 - 2015-01-23 00:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-14 18:36 - 2015-01-23 00:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-14 18:36 - 2015-01-23 00:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 18:01 - 2014-06-15 19:05 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-05-14 16:31 - 2014-06-14 00:33 - 00000000 ____D C:\Users\Tomek\Desktop\Bilder
2015-05-14 15:40 - 2014-09-17 17:34 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\Origin
2015-05-11 17:54 - 2014-11-25 18:41 - 00000000 ____D C:\ProgramData\Adobe
2015-05-11 16:59 - 2014-09-12 19:38 - 00000000 ____D C:\Users\Tomek\AppData\Roaming\Epson

==================== Files in the root of some directories =======

2014-08-03 14:21 - 2015-02-25 16:21 - 0000133 _____ () C:\Users\Tomek\AppData\Roaming\WB.CFG
2014-11-01 01:12 - 2015-01-31 19:31 - 0005632 _____ () C:\Users\Tomek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-22 23:10 - 2015-01-22 23:10 - 0000001 _____ () C:\Users\Tomek\AppData\Local\DSI.DAT
2015-06-05 09:44 - 2015-06-05 09:44 - 0007600 _____ () C:\Users\Tomek\AppData\Local\Resmon.ResmonCfg
2014-06-12 12:21 - 2014-06-12 12:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Tomek\AppData\Local\Temp\beddejeijb.exe
C:\Users\Tomek\AppData\Local\Temp\ECE0.exe
C:\Users\Tomek\AppData\Local\Temp\Quarantine.exe
C:\Users\Tomek\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-03 17:10

==================== End of log ============================
         

Alt 07.06.2015, 18:35   #9
81Dobermann
 
Trojaner "Tencent"? - Standard

Trojaner "Tencent"?



[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:07-06-2015
Ran by Tomek at 2015-06-07 19:33:43
Running from C:\Users\Tomek\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2967830349-2458404097-1864745776-500 - Administrator - Disabled)
Gast (S-1-5-21-2967830349-2458404097-1864745776-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2967830349-2458404097-1864745776-1003 - Limited - Enabled)
Tomek (S-1-5-21-2967830349-2458404097-1864745776-1000 - Administrator - Enabled) => C:\Users\Tomek

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACP Application (Version: 2.15.10.0003 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)
Battlefield 4™ CTE (HKLM-x32\...\{551A08D1-B60E-4DED-9B67-C3B38258CCA3}) (Version: 1.0.2.31585 - Electronic Arts)
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.0.0.2 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - Infinity Ward)
Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version:  - Infinity Ward)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\{9580813D-94B1-4C28-9426-A441E2BB29A5}) (Version: 1.0.0.0 - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version:  - Valve)
Enemy Front (HKLM-x32\...\Steam App 256190) (Version:  - CI Games)
Epic Games Launcher (HKLM\...\{325AC861-EDAF-440B-97DD-259906E216D3}) (Version: 1.1.24.0 - Epic Games, Inc.)
Epson Easy Photo Print 2 (HKLM-x32\...\{71E90740-5E5F-4D43-AB8F-CAC1D93DBB5B}) (Version: 2.5.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{896667C8-53F8-47B8-B6B0-B113B10F05BC}) (Version: 1.20.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-312 313 315 Series Printer Uninstall (HKLM\...\EPSON XP-312 313 315 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version:  - Valve)
Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version:  - Valve)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Logitech G35 (HKLM\...\{27607A94-33AC-4AA7-AACE-95AF6ACA3E30}) (Version: 1.1.178 - Logitech)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Medal of Honor™ Warfighter (HKLM-x32\...\{1040143F-FEFB-4B90-8E51-E47D40E14C4E}) (Version: 1.0.0.3 - Electronic Arts)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.6.0 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.6.4639 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{B307472F-7BD9-4040-9255-CE6D6A1196A3}) (Version: 4.3.1 - SEIKO EPSON CORPORATION)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam(TM) (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Unreal Tournament (HKLM-x32\...\{0F784A30-05FF-4532-8D66-41022D757A3E}_is1) (Version:  - EPIC Games)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2967830349-2458404097-1864745776-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

30-05-2015 21:41:39 Windows Update
05-06-2015 08:33:45 Windows Update
05-06-2015 11:09:42 Removed Adobe Common File Installer
05-06-2015 11:09:55 Removed Adobe Stock Photos 1.0
07-06-2015 16:13:34 Software Removal Tool
07-06-2015 16:35:28 Prüfpunkt von HitmanPro
07-06-2015 16:36:25 Prüfpunkt von HitmanPro
07-06-2015 18:20:34 Revo Uninstaller's restore point - Shopping Helper Smartbar
07-06-2015 19:09:07 Revo Uninstaller's restore point - Shopping Helper Smartbar

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03B45661-F3BD-44F3-8321-393A024620F5} - System32\Tasks\{D7C8F475-0DBD-4337-A238-F3F0B1ED9BD0} => pcalua.exe -a C:\Users\Tomek\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=air <==== ATTENTION
Task: {0A6DAE4B-0022-49A6-A859-FDB4AEC5C442} - System32\Tasks\{76ACEA0E-C669-4879-9DB5-F82A58555C23} => pcalua.exe -a C:\PROGRA~2\SearchProtect\Main\bin\uninstall.exe -c /S <==== ATTENTION
Task: {1F33A9F0-8633-48B7-8290-690201315FF0} - System32\Tasks\{0DCD96FE-54AD-46C0-B74C-E7F52D67D1AE} => pcalua.exe -a "C:\Users\Tomek\Downloads\Internet_Downloads\Adobe(R) Photoshop(R) CS2\instmsiw.exe" -d "C:\Users\Tomek\Downloads\Internet_Downloads\Adobe(R) Photoshop(R) CS2"
Task: {36A90079-52CF-4DF0-9A32-39729C289F2E} - \avabvbyvyc No Task File <==== ATTENTION
Task: {3BCAC1AF-E3D2-4BF9-A93E-A106A35547B8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {4075533D-BB4F-4248-98A0-E3FDF9E39712} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-21] (Adobe Systems Incorporated)
Task: {50D04743-F9E7-464B-A5CA-8208B15790F1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {625FE465-5FE3-4A24-852E-6BB33733D5A4} - System32\Tasks\EPSON XP-312 313 315 Series Update {92216CAB-CF59-4199-BE27-85C5C96C72A6} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {8E6CBA70-CA95-46E7-B184-08CA105A8ADE} - \ProPCCleaner_Start No Task File <==== ATTENTION
Task: {9E22EED4-5C21-4879-87FF-BE61B2855FD8} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {AA8EFC5D-A468-4156-BB1C-847A79321D03} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {92216CAB-CF59-4199-BE27-85C5C96C72A6} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {AFAD5B25-8162-4D96-90B8-C302F0A48E61} - \SuperClick Auto Updater 1.10.0.16 Core No Task File <==== ATTENTION
Task: {B4237F61-0D8F-44AE-92B9-3EBF1BDB4703} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-12] (Google Inc.)
Task: {BF5A0715-4EF7-41B0-B3A6-3868430CE652} - \SuperClick Auto Updater 1.10.0.16 Pending Update No Task File <==== ATTENTION
Task: {CC4EFFB5-6AD4-4769-A25A-56114DDC8964} - System32\Tasks\EPSON XP-312 313 315 Series Update {3B031913-35D2-4D9A-91F8-70331A6ED43F} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {CEE0A259-50C9-444F-BCC0-5FBF625E1126} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {D1D9366F-F8C4-4993-8C98-AB87B8236DDE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-12] (Google Inc.)
Task: {E9722AE3-EEF8-4685-A371-9179C4F0F49F} - \ProPCCleaner_Popup No Task File <==== ATTENTION
Task: {FBCFE8B7-4B93-409F-9AB6-1F2A25615B7D} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {3B031913-35D2-4D9A-91F8-70331A6ED43F} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {3B031913-35D2-4D9A-91F8-70331A6ED43F}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {92216CAB-CF59-4199-BE27-85C5C96C72A6}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {3B031913-35D2-4D9A-91F8-70331A6ED43F}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{3B031913-35D2-4D9A-91F8-70331A6ED43F} /F:UpdateSYSTEM
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {92216CAB-CF59-4199-BE27-85C5C96C72A6}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{92216CAB-CF59-4199-BE27-85C5C96C72A6} /F:UpdateSYSTEM
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-25 18:49 - 2015-03-16 23:06 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2014-05-16 17:36 - 2015-04-16 19:40 - 00776192 _____ () D:\Games\Steam\SDL2.dll
2015-01-22 23:18 - 2015-04-23 04:16 - 04962816 _____ () D:\Games\Steam\v8.dll
2015-01-22 23:18 - 2015-04-23 04:16 - 01556992 _____ () D:\Games\Steam\icui18n.dll
2015-01-22 23:18 - 2015-04-23 04:16 - 01187840 _____ () D:\Games\Steam\icuuc.dll
2014-05-29 09:37 - 2015-06-04 20:56 - 02407104 _____ () D:\Games\Steam\video.dll
2014-09-10 17:17 - 2014-12-01 23:31 - 02396672 _____ () D:\Games\Steam\libavcodec-56.dll
2014-09-10 17:17 - 2014-12-01 23:31 - 00442880 _____ () D:\Games\Steam\libavutil-54.dll
2014-09-10 17:17 - 2014-12-01 23:31 - 00479744 _____ () D:\Games\Steam\libavformat-56.dll
2014-09-10 17:17 - 2014-12-01 23:31 - 00332800 _____ () D:\Games\Steam\libavresample-2.dll
2014-09-10 17:17 - 2014-12-01 23:31 - 00485888 _____ () D:\Games\Steam\libswscale-3.dll
2014-05-29 09:36 - 2015-06-04 20:56 - 00703168 _____ () D:\Games\Steam\bin\chromehtml.DLL
2014-09-17 17:34 - 2015-05-30 21:38 - 01007104 _____ () D:\Games\Origin\platforms\qwindows.dll
2014-09-17 17:34 - 2015-05-30 21:38 - 00023552 _____ () D:\Games\Origin\imageformats\qgif.dll
2014-09-17 17:34 - 2015-05-30 21:38 - 00024576 _____ () D:\Games\Origin\imageformats\qico.dll
2014-09-17 17:34 - 2015-05-30 21:38 - 00216576 _____ () D:\Games\Origin\imageformats\qjpeg.dll
2014-09-17 17:34 - 2015-05-30 21:38 - 00261120 _____ () D:\Games\Origin\imageformats\qmng.dll
2014-09-17 17:34 - 2015-05-30 21:38 - 00019456 _____ () D:\Games\Origin\imageformats\qtga.dll
2014-09-17 17:34 - 2015-05-30 21:38 - 00337408 _____ () D:\Games\Origin\imageformats\qtiff.dll
2014-09-17 17:34 - 2015-05-30 21:38 - 00018944 _____ () D:\Games\Origin\imageformats\qwbmp.dll
2014-09-17 17:34 - 2015-05-30 21:38 - 00228352 _____ () D:\Games\Origin\mediaservice\wmfengine.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2014-08-14 02:37 - 2014-08-14 02:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 02:37 - 2014-08-14 02:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 02:56 - 2014-06-18 02:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-05-01 15:35 - 2015-05-11 21:01 - 36302728 _____ () D:\Games\Steam\bin\libcef.dll
2015-05-25 22:57 - 2015-05-22 22:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-25 22:57 - 2015-05-22 22:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll
2015-05-25 22:57 - 2015-05-22 22:22 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll
2014-06-12 12:15 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2967830349-2458404097-1864745776-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{F92821A7-8838-4762-A7A8-3078F36F1481}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [{BEBF7996-7BBA-441A-B6CD-61CB0EC90FCA}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [{DD1B83B5-B846-4540-80D2-19BD69CF75FD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A6C653BF-8E67-4634-B111-A06235F741F5}] => (Allow) D:\Games\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{8EF8E4B8-211B-4978-A09A-DA67F3F4391E}] => (Allow) D:\Games\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{8BF8A9FB-CA6D-4370-A7A1-CA6764E5FC46}] => (Allow) D:\Games\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{D97016A9-04AC-4C35-B5E7-822DFA42DFF5}] => (Allow) D:\Games\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{4D78BEC7-E819-4748-BE5D-660DAACE5242}] => (Allow) D:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4AC77154-74E8-496E-B21D-2EA5C2491B42}] => (Allow) D:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CDFA8BE3-B70F-45EA-BBF9-30DD1E713A8C}] => (Allow) D:\Games\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{D51EE5A7-5D0D-4EA5-AAB0-20DD75C67B30}] => (Allow) D:\Games\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{868B23DC-F771-4861-92FA-CCEEAC712E54}] => (Allow) D:\Games\Steam\SteamApps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{B700CE9C-ABA8-4B4C-824E-7B3BCF6B0261}] => (Allow) D:\Games\Steam\SteamApps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{0CB5F1E3-F12E-49CE-9541-98651E535F8F}] => (Allow) D:\Games\Steam\SteamApps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{3AA72FD6-39BC-4FBD-9700-D9155A6EF084}] => (Allow) D:\Games\Steam\SteamApps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{4AE94C42-6784-4208-8D7D-7E97A873AEF2}] => (Allow) D:\Games\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{A553620C-CB2E-4BA1-A6D5-9F37D1F8B511}] => (Allow) D:\Games\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{40725199-2DC6-4268-BD8E-7B3ED687A2C9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{63A02D94-5208-4C30-AF81-D6E66AA2696D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AD17A033-B2EF-43F2-AC0A-0A5A59D2C4BC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{95871167-4AA7-4CF1-AF7C-B1829329BF4C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A37915E0-B4A2-469A-9207-DAE2CEA6195D}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{08496A6D-0986-47FE-BD67-DA885A393288}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{867635F6-F3AF-4285-9B07-38F2DBA8B00F}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{71C57D09-3903-474B-AFAC-18AEF164AC75}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{A333AB61-2A92-45DB-B7EE-8DE5012E2560}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{21BFF362-10D8-4A47-9F9D-5B58B2E88EB3}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{77ED56C5-7DED-498C-A157-0E8869BCFEE8}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{7C3E9187-31D8-425D-B8FC-13958012F706}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{7AEC4C03-9653-4756-9C1C-9934F668E547}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{7F249F80-E2AC-4DC0-970F-18F4C068AFAD}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{B9FD01F3-14D8-4459-A0A0-5C6F875BDDC8}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{78B4FF1C-9D99-4388-ADDD-A013F51DFE7C}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{ED0B4B07-297B-4B60-936A-221E8772CD21}] => (Allow) C:\Users\Tomek\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup3_6_1_2200\ENEasyApp.exe
FirewallRules: [{A2E01E83-9C10-42BC-B943-F2BAAE61B914}] => (Allow) C:\Users\Tomek\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup3_6_1_2200\ENEasyApp.exe
FirewallRules: [TCP Query User{71EBB75E-CD48-4DFB-BDA3-FD443FB70BC5}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{781527CC-3BA1-45A7-8B61-514CA3B99E99}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{4FE74600-9CAF-420F-9CAE-5411E53ACE00}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{44BC593D-C3CE-4FCB-AD5F-B59930BF3662}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{BF6E4EA6-C78D-4589-8A73-4F751CD98173}] => (Allow) D:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{ECB8AA7F-6AA8-4646-BC55-D13D89089906}] => (Allow) D:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{315494E3-3AC2-4935-AF00-4039EE4BF83D}] => (Allow) D:\Games\Steam\SteamApps\common\Enemy Front\Bin32\EnemyFront.exe
FirewallRules: [{FB211D33-BA14-4C34-B6DA-FFB3A444C223}] => (Allow) D:\Games\Steam\SteamApps\common\Enemy Front\Bin32\EnemyFront.exe
FirewallRules: [{41CDAC95-C7E0-444E-939F-5A6C6EB093F3}] => (Allow) D:\Games\Steam\SteamApps\common\Enemy Front\Bin32\DedicatedServer.exe
FirewallRules: [{853B78B6-0980-4183-B0D8-CA908E38B13D}] => (Allow) D:\Games\Steam\SteamApps\common\Enemy Front\Bin32\DedicatedServer.exe
FirewallRules: [{75C189C1-CEA5-471D-9EEB-57D8EA2B1E81}] => (Allow) C:\Users\Tomek\AppData\Local\BoBrowser\Application\bobrowser.exe
FirewallRules: [{97D20E6A-2E18-4443-A8D3-8AAA32382B7E}] => (Allow) D:\Program Files (x86)\Origin Games\Medal of Honor Warfighter\MOHW.exe
FirewallRules: [{1E9E8F34-192B-40EE-B130-44F387FAEBAC}] => (Allow) D:\Program Files (x86)\Origin Games\Medal of Honor Warfighter\MOHW.exe
FirewallRules: [{4956A03D-BBF2-4E5F-96F7-BF9061A40AED}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D9E96D36-A1AD-4707-B8E0-A042785FA2FD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{27C8BEF9-FCDB-41A5-9667-8A2DF288B4B4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F53D4217-A3A5-49ED-9D15-1A27037F1A98}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F53E3518-15D4-4DD1-9B4F-69947477253F}] => (Allow) D:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{C5116BB5-2DA6-41C9-ACD8-4AF0233D9FB2}] => (Allow) D:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{5502227E-8600-4DCF-B3F5-4307176C5098}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{42EC9593-484E-4AC7-A0F8-D8E05E295FF3}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{21763367-EFF3-4A87-804D-EE52E15C9CB6}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{87DB4605-0E3E-4504-A06E-50B2E8CD4214}] => (Allow) D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{0CA21AE0-CF80-4193-B920-2363F09C20DD}] => (Allow) D:\Games\Battle.net\Battle.net.exe
FirewallRules: [{34B0198D-A16B-4DC4-9417-62A92036FB31}] => (Allow) D:\Games\Battle.net\Battle.net.exe
FirewallRules: [{8A1BC5DB-7D54-4D11-A846-4ACAECEEE6B4}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{AB501310-600F-462A-857F-14EF56F17F30}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{39F83211-95A4-4D12-A085-09BD39B4BB4F}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{AE222A48-870E-4421-A7EE-32C465A4FF32}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{D589A9C0-75A9-4597-B785-6C1DA5DA6B6E}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{2D545850-2EB2-40B6-95A9-93C3412F80C4}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{3AE5F2B4-1217-4290-BD90-8C24199C0D39}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A6854F8C-3FAB-4332-BFB5-6C3F306F21FE}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{B3732F89-BF42-4171-9247-4BDE7BF4234A}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{80C1BA02-F24D-483C-9C5C-E0B23CCD2059}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{023E124D-1461-44ED-9B42-C24CE413D0CE}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{A1221962-E943-490F-BDF9-4D408107E6EC}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4 CTE\bf4cte_x86.exe
FirewallRules: [{1DB84F36-D1B8-43BF-AD4A-6D8F705E00F2}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4 CTE\bf4cte_x86.exe
FirewallRules: [{DC89BD3F-5B2A-4BB5-9B39-A76DA766432C}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4 CTE\bf4cte.exe
FirewallRules: [{AC091C58-15B4-434B-9709-B3612CFF5CE7}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4 CTE\bf4cte.exe
FirewallRules: [{85CE5F72-7D22-48AC-A39E-ECD84029529F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{24B2B4D7-FACD-4935-95F6-307C29F83E22}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCmgrInstallGuide.exe
FirewallRules: [{CF548EAD-876D-4A7E-8B79-832154EA7B33}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCTray.exe
FirewallRules: [{60B2E32C-2867-4233-9DC4-9B85C143A01E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCMgr.exe
FirewallRules: [{C01C6F0D-5F2B-4BDE-9079-1310048B9E77}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCRTP.exe
FirewallRules: [{50D56715-D0A8-45EF-82DA-78C45ED4D57C}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QMDL.exe
FirewallRules: [{E8427E63-E1DD-44D9-9F18-BEDABB96B691}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\bugreport.exe
FirewallRules: [{FD8A796A-8425-4E24-B381-8B236D4F3E88}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCFileOpen.exe
FirewallRules: [{77B6D9F6-0328-4302-A21D-7CDA273E1AAA}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCLeakScan.exe
FirewallRules: [{51C66844-219E-4901-9F5C-C0255675A414}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPConfig.exe
FirewallRules: [{F2FCF537-9667-4C8E-83D4-A453B30311E4}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCSoftMgr.exe
FirewallRules: [{50B521F0-BB7A-497D-B65E-C198A4544411}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{F26FC3D3-E2E6-4AA8-9D8E-7C39EC9C817B}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCBTU.exe
FirewallRules: [{C02A41AF-6B17-4ECB-9DDA-E7A6FF553266}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCClinic.exe
FirewallRules: [{DB4796CD-75DB-435C-8C3F-14D5EB9296C1}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCLaunch.exe
FirewallRules: [{6B10DEDB-F94C-4B40-ADF2-2C0670C6BE41}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{4908CDC2-EB20-4140-9978-1C73845BD0CE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCSoftGame.exe
FirewallRules: [{6DE0D907-5273-40C9-99F9-3B99CCFB4176}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCSysOptimize.exe
FirewallRules: [{04E04DA9-3DA2-4CA2-A25E-19E17BD11CDE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCUpdateAVLib.exe
FirewallRules: [{D8D2CC55-57AD-47B1-BA26-B8D409CE172F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQRepair.exe
FirewallRules: [{113C1B6E-A82D-43EE-B5A8-6285E9C8F602}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\Uninst.exe
FirewallRules: [{B1DAA86F-7AF5-4A01-98D2-5A717F28CFA3}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCPatch.exe
FirewallRules: [{CDF17D82-D509-4AD9-8914-C44BD0D6BE4B}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\TpkUpdate.exe
FirewallRules: [{927A701C-31D0-47D0-85D4-17AA876C6393}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QMRouterMgr.exe
FirewallRules: [{E9B355AE-8B9F-4200-81FA-1AA95348F3E7}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QMAccountProtection.exe
FirewallRules: [{0269C86B-E217-4B69-8F35-B81037C61121}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{FACDDA41-E0EC-42C7-B72B-83089CE670BD}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe

==================== Faulty Device Manager Devices =============

Name: TSCPM
Description: TSCPM
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: TSCPM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/07/2015 07:29:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2015 07:15:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2015 07:13:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8bfa
Ausnahmecode: 0xc000000d
Fehleroffset: 0x000000000006ec12
ID des fehlerhaften Prozesses: 0x808
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3

Error: (06/07/2015 06:17:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2015 06:14:43 PM) (Source: MsiInstaller) (EventID: 11719) (User: Tomek-PC)
Description: Product: Shopping Helper Smartbar -- Error 1719. The Windows Installer Service could not be accessed. This can occur if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

Error: (06/07/2015 06:14:43 PM) (Source: MsiInstaller) (EventID: 11719) (User: Tomek-PC)
Description: Product: Shopping Helper Smartbar -- Error 1719. The Windows Installer Service could not be accessed. This can occur if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

Error: (06/07/2015 04:40:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2015 04:37:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8bfa
Ausnahmecode: 0xc000000d
Fehleroffset: 0x000000000006ec12
ID des fehlerhaften Prozesses: 0x858
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3

Error: (06/07/2015 04:36:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Single Spaced Removable Media since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (06/07/2015 04:35:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Single Spaced Removable Media since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.


System errors:
=============
Error: (06/07/2015 07:27:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ZoneAlarm Privacy Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/07/2015 07:27:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "QQSysMonX64" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (06/07/2015 07:13:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ZoneAlarm Privacy Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/07/2015 07:13:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "QQSysMonX64" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (06/07/2015 07:13:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Diagnostics Tracking Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/07/2015 07:12:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/07/2015 07:12:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (06/07/2015 07:12:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/07/2015 07:12:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/07/2015 07:12:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office:
=========================
Error: (06/07/2015 07:29:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2015 07:15:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2015 07:13:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.18839553e8bfac000000d000000000006ec1280801d0a13d24d79f11C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll7481954b-0d38-11e5-84d8-74d435882e39

Error: (06/07/2015 06:17:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2015 06:14:43 PM) (Source: MsiInstaller) (EventID: 11719) (User: Tomek-PC)
Description: Product: Shopping Helper Smartbar -- Error 1719. The Windows Installer Service could not be accessed. This can occur if the Windows Installer is not correctly installed. Contact your support personnel for assistance.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (06/07/2015 06:14:43 PM) (Source: MsiInstaller) (EventID: 11719) (User: Tomek-PC)
Description: Product: Shopping Helper Smartbar -- Error 1719. The Windows Installer Service could not be accessed. This can occur if the Windows Installer is not correctly installed. Contact your support personnel for assistance.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (06/07/2015 04:40:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2015 04:37:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.18839553e8bfac000000d000000000006ec1285801d0a1289cb9564cC:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dllc1b0d952-0d22-11e5-90c4-74d435882e39

Error: (06/07/2015 04:36:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Single Spaced Removable Media since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (06/07/2015 04:35:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Single Spaced Removable Media since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.


CodeIntegrity Errors:
===================================
  Date: 2015-03-11 15:22:36.803
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-11 15:22:36.801
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-11 15:20:23.757
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-11 15:20:23.749
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-07 21:20:06.524
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-07 21:20:06.522
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-07 21:19:11.802
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-07 21:19:11.749
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-04 14:47:33.774
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-04 14:47:33.772
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 44%
Total physical RAM: 8067.93 MB
Available physical RAM: 4515.61 MB
Total Pagefile: 16134.06 MB
Available Pagefile: 12297.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:51.13 GB) NTFS
Drive d: (750er) (Fixed) (Total:698.63 GB) (Free:390.24 GB) NTFS
Drive f: (STARCRAFT) (CDROM) (Total:0.62 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 8AB3841D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 5655BED3)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

==================== End of log ============================
         
--- --- ---


bin jetzt mit allem durch

Alt 07.06.2015, 18:36   #10
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Trojaner "Tencent"? - Standard

Trojaner "Tencent"?



Hast Du die Funde von Malwarebytes in die Quarantäne verschieben lassen?
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 07.06.2015, 18:38   #11
81Dobermann
 
Trojaner "Tencent"? - Standard

Trojaner "Tencent"?



also er hat mich nicht danach gefragt ich konnte die Drecks Dateien löschen

Alt 07.06.2015, 18:41   #12
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Trojaner "Tencent"? - Standard

Trojaner "Tencent"?



Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 07.06.2015, 18:42   #13
81Dobermann
 
Trojaner "Tencent"? - Standard

Trojaner "Tencent"?



hab gerade nach geschaut ,und alles ist weg nichts mehr davon da,super arbeit und danke für deine/eure Geduld und Hilfe.ihr habt mir echt geholfen die beste Seite die es gibt macht weiter so..vielen vielen dank nochmal

Alt 07.06.2015, 18:46   #14
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Trojaner "Tencent"? - Standard

Trojaner "Tencent"?



Wir sind dann fertig wenn ich es sage!
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 07.06.2015, 20:01   #15
81Dobermann
 
Trojaner "Tencent"? - Standard

Trojaner "Tencent"?



hab es eben gemerkt das wir noch nicht fertig sind hahahhaa du hast das sagen hier

Schritt 1.

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=835f1c8e917f004095dc704ba1b85616
# end=init
# utc_time=2015-06-07 05:48:08
# local_time=2015-06-07 07:48:08 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24212
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=835f1c8e917f004095dc704ba1b85616
# end=updated
# utc_time=2015-06-07 05:53:55
# local_time=2015-06-07 07:53:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=835f1c8e917f004095dc704ba1b85616
# engine=24212
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-06-07 06:39:25
# local_time=2015-06-07 08:39:25 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777213 100 100 4321 65180387 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 7912 185332215 0 0
# scanned=199643
# found=119
# cleaned=0
# scan_time=2729
sh=66B850C515F36113E9D0873EE5CC21B77458D3E6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\BoBrowser\User Data\Default\Cache\f_000044.vir"
sh=5B64EF948B5D99B90E2DC28FF6974262C296CCC9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\BoBrowser\User Data\Default\Cache\f_000046.vir"
sh=E6C984D4F9BCB0ABDF063995D6F016EAE557CB57 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\BoBrowser\User Data\Default\Cache\f_000047.vir"
sh=B62FBAB90EFDA09597480DE2D27BF397CD7F497E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\BoBrowser\User Data\Default\Cache\f_000087.vir"
sh=C071211BFE4720575DFB380E3CFFD06B890C90F8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\BoBrowser\User Data\Default\Cache\f_0000d4.vir"
sh=DFF7B76894705E9979209C70ED1CD55104003F6B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\BoBrowser\User Data\Default\Cache\f_000179.vir"
sh=DFF7B76894705E9979209C70ED1CD55104003F6B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\BoBrowser\User Data\Default\Cache\f_00017a.vir"
sh=F70A66A0C97B53E9D458178A060973F5AF96372E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.39_0\extensionData\plugins\91.js.vir"
sh=F70A66A0C97B53E9D458178A060973F5AF96372E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\BoBrowser\User Data\Default\Extensions\jjefenjipjclpkenckhbbdllobohbfoe\1.26.66_0\extensionData\plugins\91.js.vir"
sh=40278DCBBA6961CE2F571740A3CF16C8F4E7CFA9 ft=1 fh=74107cda7b6c8ebd vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\LPT\lrrot.dll.vir"
sh=9FDA6A85F87F806810F5E31B1CDED7C975E2EAE7 ft=1 fh=e3f325fe782690f8 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll.vir"
sh=6F5E24BACC073826EBE0274904A52307940A6AD7 ft=1 fh=e3117a35bf03c3d8 vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\LPT\smia.exe.vir"
sh=1831A138ED60AEE1E61D6581931194E774F0232D ft=1 fh=a8b0a279b496d3bc vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\LPT\smia64.exe.vir"
sh=6F6EF41A3FF7E4A9714B9B2BCE2F32A7AAC3E2E2 ft=1 fh=fdf83eda99ec04e8 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\LPT\sppsm.dll.vir"
sh=CA4E1538A02EADD440BD0ABF925EC25F58E364D9 ft=1 fh=b6f71c311dbe7acb vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\LPT\spusm.dll.vir"
sh=32DB5F81C91CE0A3BC1943B868A370A4350B5A04 ft=1 fh=737e2a56703d79fc vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\LPT\srbs.dll.vir"
sh=385D13C3E63B0F4346B3C4F1F9649A04B30B392B ft=1 fh=bcce9affb6585c5c vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\LPT\srbu.dll.vir"
sh=73C1CAB488614B027DA143A02FB08A19873D300C ft=1 fh=232ac248da6ca285 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\LPT\srpt.dll.vir"
sh=5CC827427381A0D51CF00DD7F0B49764B08F94BD ft=1 fh=45c09d5b8bcb6169 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\LPT\srptc.dll.vir"
sh=F1F65EC8F8657BBC82D4AF75253D1D525199D55C ft=1 fh=5d412254fa1b6d1a vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\LPT\srut.dll.vir"
sh=D09838E520AFAB1AC27A960E15A1E9E9A6011E2C ft=1 fh=0916a6d9a632f140 vn="Variante von Win32/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\LPT\Resources\ntdis_32.dll.vir"
sh=568DDC0708C8BD6983081D420074F2FB507A66A4 ft=1 fh=fcb5aef1ede86740 vn="Variante von Win64/Toolbar.Linkury.A.gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Local\LPT\Resources\ntdis_64.dll.vir"
sh=C001DB4D4E0D1620B85F3B920AF14939B2D02F68 ft=1 fh=493eb0599d977674 vn="Variante von Win32/Toolbar.CrossRider.BV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Roaming\SWIYCKOS.exe.vir"
sh=DDD7E789E67132CF6C5D8169B2F46E3498FCA60F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tomek\AppData\Roaming\SWIYCKOS.vir"
sh=783F826A691C6FB4EB495AA4FA6E5862744EBAA9 ft=1 fh=702716bcf6474d7e vn="Variante von Win32/OutBrowse.CF evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tomek\AppData\Local\Temp\beddejeijb.exe"
sh=EC71D316BE80FE5C3D1094B09924CDB8E000FA28 ft=0 fh=0000000000000000 vn="Variante von Win32/OutBrowse.CF evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tomek\AppData\Local\Temp\gfcabfjbej.zip"
sh=33A1992A29E11B1646144BF585DA580AB493943D ft=1 fh=052cd4e6a6102638 vn="Variante von Win32/OutBrowse.CB evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tomek\AppData\Local\Temp\nsu512D.tmp\ajrlrqe.dll"
sh=F19D850D0B3CD4B0C012E12E6953E065E6499567 ft=1 fh=c86f1547f6f696bd vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tomek\Downloads\OpenOffice - CHIP-Installer.exe"
sh=6BD2C5C247A86A1C2FFB61844E6F1C84427A01A6 ft=1 fh=cf64e4c614651a8a vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tomek\Downloads\Thunderbird - CHIP-Installer.exe"
sh=E62F639644A0954F117AA5EBF419F4E4E9EF0FE9 ft=1 fh=db2e9d4701c296b6 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tomek\Downloads\VLC media player 64 Bit - CHIP-Installer.exe"
sh=ED7992DC14563E999AF69C26A7B0777E90C6DE20 ft=1 fh=5e1507f236aec417 vn="Variante von Win32/InstallCore.BB evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tomek\Downloads\Internet_Downloads\FLVPlayerSetup.exe"
sh=E8CD33623287C08C7CC3662A042E45522654BB30 ft=1 fh=7cd3b160b0dbd4bd vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tomek\Downloads\Internet_Downloads\FreeYouTubeToMP3Converter37.exe"
sh=5ABAFD677FF505D27D1E8E9DF90BDA7B806AAAB2 ft=1 fh=10862dfb3371e110 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tomek\Downloads\Internet_Downloads\HSS-2.88-install-hss-476-conduit.exe"
sh=649E689EA55CB4E8E218CE343F1911B077EBB535 ft=1 fh=09e7909de1450882 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tomek\Downloads\Internet_Downloads\HW1.21-32bit.zip.exe"
sh=365780C0AA761BCB362AF0AC51B295BF765E816B ft=1 fh=b97fd053d15afc12 vn="Win32/Toggle.D.Gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tomek\Downloads\Internet_Downloads\trust_bt180_class_1_usb_bluetooth_adapter_13853.exe"
sh=F40C939E41F82FEA7D8E8AFBAE25786EEA1AB006 ft=1 fh=0910290234354b89 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI2C7D.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll"
sh=37B4403A239961B7468CF4C558799436ACDCA129 ft=1 fh=d5332291c9179787 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI2C7D.tmp-\Smartbar.Resources.LanguageSettings.resources.dll"
sh=6DC2AFE7B45B07A73ACFE6A890CE12BB5C38C1B5 ft=1 fh=e3e3ba6cff7a9c91 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI2C7D.tmp-\spbe.dll"
sh=52370ED66086747820F076ECD70D4AD82B127B0A ft=1 fh=584ce4920a0ffcaf vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI2C7D.tmp-\spbl.dll"
sh=FF2FC0C8CCDB65BF72E0C9FD18F411A889235F27 ft=1 fh=19b13b7d04b1e3a8 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI2C7D.tmp-\sppsm.dll"
sh=2A4953CB6F707D7232CF307383BBFBC0E970149D ft=1 fh=728537a854fad1a9 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI2C7D.tmp-\spusm.dll"
sh=EDE8A7092413525BADD42ED3E6117E8CCF7C76C3 ft=1 fh=bd9c28c8c85c083b vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI2C7D.tmp-\srbs.dll"
sh=115B4F7144F57622CAABF0B7B320CA64E5216476 ft=1 fh=f7e39282b91ddbfd vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI2C7D.tmp-\srbu.dll"
sh=12E99C6C37206AA4CF952C3F10159B62DDE3511F ft=1 fh=f568bbb197662cd8 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI2C7D.tmp-\srptc.dll"
sh=DC0BD40E15B6596B20A0C4B22C3E3FA5198AD04A ft=1 fh=80b3f9ba1fb30a36 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI2C7D.tmp-\srpu.dll"
sh=FD430AD5BF72A3135BBE7BCDCD73818765690D33 ft=1 fh=d6d890bac7067253 vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI2C7D.tmp-\srut.dll"
sh=F40C939E41F82FEA7D8E8AFBAE25786EEA1AB006 ft=1 fh=0910290234354b89 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI74D2.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll"
sh=37B4403A239961B7468CF4C558799436ACDCA129 ft=1 fh=d5332291c9179787 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI74D2.tmp-\Smartbar.Resources.LanguageSettings.resources.dll"
sh=6DC2AFE7B45B07A73ACFE6A890CE12BB5C38C1B5 ft=1 fh=e3e3ba6cff7a9c91 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI74D2.tmp-\spbe.dll"
sh=52370ED66086747820F076ECD70D4AD82B127B0A ft=1 fh=584ce4920a0ffcaf vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI74D2.tmp-\spbl.dll"
sh=FF2FC0C8CCDB65BF72E0C9FD18F411A889235F27 ft=1 fh=19b13b7d04b1e3a8 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI74D2.tmp-\sppsm.dll"
sh=2A4953CB6F707D7232CF307383BBFBC0E970149D ft=1 fh=728537a854fad1a9 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI74D2.tmp-\spusm.dll"
sh=EDE8A7092413525BADD42ED3E6117E8CCF7C76C3 ft=1 fh=bd9c28c8c85c083b vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI74D2.tmp-\srbs.dll"
sh=115B4F7144F57622CAABF0B7B320CA64E5216476 ft=1 fh=f7e39282b91ddbfd vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI74D2.tmp-\srbu.dll"
sh=12E99C6C37206AA4CF952C3F10159B62DDE3511F ft=1 fh=f568bbb197662cd8 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI74D2.tmp-\srptc.dll"
sh=DC0BD40E15B6596B20A0C4B22C3E3FA5198AD04A ft=1 fh=80b3f9ba1fb30a36 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI74D2.tmp-\srpu.dll"
sh=FD430AD5BF72A3135BBE7BCDCD73818765690D33 ft=1 fh=d6d890bac7067253 vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI74D2.tmp-\srut.dll"
sh=F40C939E41F82FEA7D8E8AFBAE25786EEA1AB006 ft=1 fh=0910290234354b89 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIBDF2.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll"
sh=37B4403A239961B7468CF4C558799436ACDCA129 ft=1 fh=d5332291c9179787 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIBDF2.tmp-\Smartbar.Resources.LanguageSettings.resources.dll"
sh=6DC2AFE7B45B07A73ACFE6A890CE12BB5C38C1B5 ft=1 fh=e3e3ba6cff7a9c91 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIBDF2.tmp-\spbe.dll"
sh=52370ED66086747820F076ECD70D4AD82B127B0A ft=1 fh=584ce4920a0ffcaf vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIBDF2.tmp-\spbl.dll"
sh=FF2FC0C8CCDB65BF72E0C9FD18F411A889235F27 ft=1 fh=19b13b7d04b1e3a8 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIBDF2.tmp-\sppsm.dll"
sh=2A4953CB6F707D7232CF307383BBFBC0E970149D ft=1 fh=728537a854fad1a9 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIBDF2.tmp-\spusm.dll"
sh=EDE8A7092413525BADD42ED3E6117E8CCF7C76C3 ft=1 fh=bd9c28c8c85c083b vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIBDF2.tmp-\srbs.dll"
sh=115B4F7144F57622CAABF0B7B320CA64E5216476 ft=1 fh=f7e39282b91ddbfd vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIBDF2.tmp-\srbu.dll"
sh=12E99C6C37206AA4CF952C3F10159B62DDE3511F ft=1 fh=f568bbb197662cd8 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIBDF2.tmp-\srptc.dll"
sh=DC0BD40E15B6596B20A0C4B22C3E3FA5198AD04A ft=1 fh=80b3f9ba1fb30a36 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIBDF2.tmp-\srpu.dll"
sh=FD430AD5BF72A3135BBE7BCDCD73818765690D33 ft=1 fh=d6d890bac7067253 vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIBDF2.tmp-\srut.dll"
sh=F40C939E41F82FEA7D8E8AFBAE25786EEA1AB006 ft=1 fh=0910290234354b89 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC5E1.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll"
sh=37B4403A239961B7468CF4C558799436ACDCA129 ft=1 fh=d5332291c9179787 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC5E1.tmp-\Smartbar.Resources.LanguageSettings.resources.dll"
sh=6DC2AFE7B45B07A73ACFE6A890CE12BB5C38C1B5 ft=1 fh=e3e3ba6cff7a9c91 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC5E1.tmp-\spbe.dll"
sh=52370ED66086747820F076ECD70D4AD82B127B0A ft=1 fh=584ce4920a0ffcaf vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC5E1.tmp-\spbl.dll"
sh=FF2FC0C8CCDB65BF72E0C9FD18F411A889235F27 ft=1 fh=19b13b7d04b1e3a8 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC5E1.tmp-\sppsm.dll"
sh=115B4F7144F57622CAABF0B7B320CA64E5216476 ft=1 fh=f7e39282b91ddbfd vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC5E1.tmp-\srbu.dll"
sh=12E99C6C37206AA4CF952C3F10159B62DDE3511F ft=1 fh=f568bbb197662cd8 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC5E1.tmp-\srptc.dll"
sh=DC0BD40E15B6596B20A0C4B22C3E3FA5198AD04A ft=1 fh=80b3f9ba1fb30a36 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC5E1.tmp-\srpu.dll"
sh=FD430AD5BF72A3135BBE7BCDCD73818765690D33 ft=1 fh=d6d890bac7067253 vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC5E1.tmp-\srut.dll"
sh=F40C939E41F82FEA7D8E8AFBAE25786EEA1AB006 ft=1 fh=0910290234354b89 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSID2E0.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll"
sh=FF2FC0C8CCDB65BF72E0C9FD18F411A889235F27 ft=1 fh=19b13b7d04b1e3a8 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSID2E0.tmp-\sppsm.dll"
sh=2A4953CB6F707D7232CF307383BBFBC0E970149D ft=1 fh=728537a854fad1a9 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSID2E0.tmp-\spusm.dll"
sh=EDE8A7092413525BADD42ED3E6117E8CCF7C76C3 ft=1 fh=bd9c28c8c85c083b vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSID2E0.tmp-\srbs.dll"
sh=115B4F7144F57622CAABF0B7B320CA64E5216476 ft=1 fh=f7e39282b91ddbfd vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSID2E0.tmp-\srbu.dll"
sh=FD430AD5BF72A3135BBE7BCDCD73818765690D33 ft=1 fh=d6d890bac7067253 vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSID2E0.tmp-\srut.dll"
sh=F40C939E41F82FEA7D8E8AFBAE25786EEA1AB006 ft=1 fh=0910290234354b89 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDC03.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll"
sh=37B4403A239961B7468CF4C558799436ACDCA129 ft=1 fh=d5332291c9179787 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDC03.tmp-\Smartbar.Resources.LanguageSettings.resources.dll"
sh=6DC2AFE7B45B07A73ACFE6A890CE12BB5C38C1B5 ft=1 fh=e3e3ba6cff7a9c91 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDC03.tmp-\spbe.dll"
sh=52370ED66086747820F076ECD70D4AD82B127B0A ft=1 fh=584ce4920a0ffcaf vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDC03.tmp-\spbl.dll"
sh=FF2FC0C8CCDB65BF72E0C9FD18F411A889235F27 ft=1 fh=19b13b7d04b1e3a8 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDC03.tmp-\sppsm.dll"
sh=2A4953CB6F707D7232CF307383BBFBC0E970149D ft=1 fh=728537a854fad1a9 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDC03.tmp-\spusm.dll"
sh=EDE8A7092413525BADD42ED3E6117E8CCF7C76C3 ft=1 fh=bd9c28c8c85c083b vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDC03.tmp-\srbs.dll"
sh=115B4F7144F57622CAABF0B7B320CA64E5216476 ft=1 fh=f7e39282b91ddbfd vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDC03.tmp-\srbu.dll"
sh=12E99C6C37206AA4CF952C3F10159B62DDE3511F ft=1 fh=f568bbb197662cd8 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDC03.tmp-\srptc.dll"
sh=DC0BD40E15B6596B20A0C4B22C3E3FA5198AD04A ft=1 fh=80b3f9ba1fb30a36 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDC03.tmp-\srpu.dll"
sh=FD430AD5BF72A3135BBE7BCDCD73818765690D33 ft=1 fh=d6d890bac7067253 vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDC03.tmp-\srut.dll"
sh=F40C939E41F82FEA7D8E8AFBAE25786EEA1AB006 ft=1 fh=0910290234354b89 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDDF8.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll"
sh=37B4403A239961B7468CF4C558799436ACDCA129 ft=1 fh=d5332291c9179787 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDDF8.tmp-\Smartbar.Resources.LanguageSettings.resources.dll"
sh=6DC2AFE7B45B07A73ACFE6A890CE12BB5C38C1B5 ft=1 fh=e3e3ba6cff7a9c91 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDDF8.tmp-\spbe.dll"
sh=52370ED66086747820F076ECD70D4AD82B127B0A ft=1 fh=584ce4920a0ffcaf vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDDF8.tmp-\spbl.dll"
sh=FF2FC0C8CCDB65BF72E0C9FD18F411A889235F27 ft=1 fh=19b13b7d04b1e3a8 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDDF8.tmp-\sppsm.dll"
sh=2A4953CB6F707D7232CF307383BBFBC0E970149D ft=1 fh=728537a854fad1a9 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDDF8.tmp-\spusm.dll"
sh=EDE8A7092413525BADD42ED3E6117E8CCF7C76C3 ft=1 fh=bd9c28c8c85c083b vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDDF8.tmp-\srbs.dll"
sh=115B4F7144F57622CAABF0B7B320CA64E5216476 ft=1 fh=f7e39282b91ddbfd vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDDF8.tmp-\srbu.dll"
sh=12E99C6C37206AA4CF952C3F10159B62DDE3511F ft=1 fh=f568bbb197662cd8 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDDF8.tmp-\srptc.dll"
sh=DC0BD40E15B6596B20A0C4B22C3E3FA5198AD04A ft=1 fh=80b3f9ba1fb30a36 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDDF8.tmp-\srpu.dll"
sh=FD430AD5BF72A3135BBE7BCDCD73818765690D33 ft=1 fh=d6d890bac7067253 vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIDDF8.tmp-\srut.dll"
sh=0B1DC091ADE17558251D40A540110CE209629B12 ft=0 fh=0000000000000000 vn="Variante von Win32/Amonetize.DW evtl. unerwünschte Anwendung" ac=I fn="D:\downloades\8+Ball+Pool+MultiPlayer+Hack_10924_i15521754_il345.exe.zip"
sh=EC0E9DB237BAD314348E10D21E0C9E7E6F1E8697 ft=0 fh=0000000000000000 vn="Variante von Win32/Amonetize.DW evtl. unerwünschte Anwendung" ac=I fn="D:\downloades\8+Ball+Pool+MultiPlayer+Hack_10924_i15522065_il345.exe (1).zip"
sh=EF377C7CDB575D83261095D40158A3E01DD7E87C ft=0 fh=0000000000000000 vn="Variante von Win32/Amonetize.DW evtl. unerwünschte Anwendung" ac=I fn="D:\downloades\8+Ball+Pool+MultiPlayer+Hack_10924_i15522065_il345.exe.zip"
sh=141F44195B4D8137ECC2265FFADA1D31557990E9 ft=0 fh=0000000000000000 vn="Variante von Win32/Amonetize.DW evtl. unerwünschte Anwendung" ac=I fn="D:\downloades\8+Ball+Pool+MultiPlayer+Hack_10924_i15530512_il345.exe.zip"
sh=9D406E1275459829C9DF9783695C92374285890A ft=0 fh=0000000000000000 vn="Variante von Win32/Amonetize.DW evtl. unerwünschte Anwendung" ac=I fn="D:\downloades\8+Ball+Pool+MultiPlayer+Hack_10924_i15539802_il345.exe (1).zip"
sh=979BA134737BB3B75F80B32088628BE00DCD353F ft=0 fh=0000000000000000 vn="Variante von Win32/Amonetize.DW evtl. unerwünschte Anwendung" ac=I fn="D:\downloades\8+Ball+Pool+MultiPlayer+Hack_10924_i15539802_il345.exe.zip"
sh=967C2E02D129F3B4596F25589E07248E4D276724 ft=1 fh=0632aa7e55771cb6 vn="Variante von Win32/OutBrowse.CB evtl. unerwünschte Anwendung" ac=I fn="D:\downloades\Nicht bestätigt 776991.crdownload"
sh=D0C9E24DBB07A4CFF350A137BDA2E36AB403F0C3 ft=1 fh=c71c001185d4cf5f vn="Variante von Win32/InstallCore.VW evtl. unerwünschte Anwendung" ac=I fn="D:\Sicherung\Downloads\spybot_setup.exe"
sh=ED7992DC14563E999AF69C26A7B0777E90C6DE20 ft=1 fh=5e1507f236aec417 vn="Variante von Win32/InstallCore.BB evtl. unerwünschte Anwendung" ac=I fn="D:\Sicherung\Downloads\Internet_Downloads\FLVPlayerSetup.exe"
sh=E8CD33623287C08C7CC3662A042E45522654BB30 ft=1 fh=7cd3b160b0dbd4bd vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="D:\Sicherung\Downloads\Internet_Downloads\FreeYouTubeToMP3Converter37.exe"
sh=5ABAFD677FF505D27D1E8E9DF90BDA7B806AAAB2 ft=1 fh=10862dfb3371e110 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="D:\Sicherung\Downloads\Internet_Downloads\HSS-2.88-install-hss-476-conduit.exe"
sh=649E689EA55CB4E8E218CE343F1911B077EBB535 ft=1 fh=09e7909de1450882 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\Sicherung\Downloads\Internet_Downloads\HW1.21-32bit.zip.exe"
sh=365780C0AA761BCB362AF0AC51B295BF765E816B ft=1 fh=b97fd053d15afc12 vn="Win32/Toggle.D.Gen evtl. unerwünschte Anwendung" ac=I fn="D:\Sicherung\Downloads\Internet_Downloads\trust_bt180_class_1_usb_bluetooth_adapter_13853.exe"
sh=3C3084C12F3C988AF73B9DC9E7539F7F80ED8A85 ft=1 fh=bfa035c11eccfdc3 vn="Win32/DomaIQ.C evtl. unerwünschte Anwendung" ac=I fn="D:\Sicherung\Downloads\Internet_Downloads\zipper_V.6325166.exe"
         
muss ich noch was beachten ?

Antwort

Themen zu Trojaner "Tencent"?
ahnung, anti, brauche, datei, daten, deinstalliere, deinstallieren, entferne, entfernen, freigabe, glaube, kaspersky, neu, programme, system, tencent, troja, trojaner, versteckt, versteckt sich, versucht, verwehrt, virus, windows, windows 7, zugang, zusammen, ändern



Ähnliche Themen: Trojaner "Tencent"?


  1. "Suspicious.Cloud.9" (Trojaner) und "SAPE.DnwldSponsor.2" (Virus?, vielleicht False Positive)
    Plagegeister aller Art und deren Bekämpfung - 22.08.2015 (23)
  2. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  3. Trojaner-Warnung! Im Betreff: "Die Zahlung fur…" und "Dankeschon fur das Einkaufen mit uns heute! Ihre Bestellung wird derzeit verarbeitet."
    Diskussionsforum - 25.07.2014 (0)
  4. Avira: (Win7) Trojaner "TR/Rogue.11186992" in "C:\Windows\Temp\44158_updater.exe" gefunden
    Plagegeister aller Art und deren Bekämpfung - 25.04.2014 (77)
  5. "monstermarketplace.com" Infektion und ihre Folgen; "Anti-Virus-Blocker"," unsichtbare Toolbars" + "Browser-Hijacker" von selbst installiert
    Log-Analyse und Auswertung - 16.11.2013 (21)
  6. "Antiviren Werbung" "Langsamer PC" "PC stürzt ab" Banner und Popups beim surfen
    Plagegeister aller Art und deren Bekämpfung - 05.11.2013 (28)
  7. "Deutsche Post(eMail-Anhang)" Alle "EXE(Programme)" werden blockiert "WIN 7 Defender"
    Plagegeister aller Art und deren Bekämpfung - 27.12.2012 (3)
  8. "The document has moved. Redirecting"+"Popup unten rechts"+"Nicht alle Links anklickbar"
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (38)
  9. Gerade GVU Trojaner mit Webcam "gehabt", ist es wirklich dank Malewarebytes weg? Wo ist die "Lücke"?
    Plagegeister aller Art und deren Bekämpfung - 10.08.2012 (23)
  10. Startseite fehlerhaft, stets "NatWest" (www.nwolb.com) Trojaner "Trojan.ZBotR.Gen" gefunden
    Log-Analyse und Auswertung - 02.04.2012 (28)
  11. Trojaner "Es besteht keine Internetverbindung" - "REATOGO X-PE Desktop" wird nicht angezeigt
    Plagegeister aller Art und deren Bekämpfung - 05.02.2012 (19)
  12. Öffentliches Netzwerk: Opera sendet/empfängt Daten an/von "Dani-PC", "Anne-PC", "PAULA-HP"...
    Netzwerk und Hardware - 02.05.2011 (14)
  13. Netzwerk: Opera sendet/empfängt Daten an/von "Dani-PC", "Anne-PC", "PAULA-HP"...
    Alles rund um Windows - 16.04.2011 (0)
  14. "Adware.Virtumonde"/"Downloader.MisleadApp"/"TR/VB.agt.4"/"NewDotNet.A.1350"/"Fakerec
    Plagegeister aller Art und deren Bekämpfung - 22.08.2008 (6)
  15. Beheben des Problems "kein Internet"/"rsvp32_2.dll"/"Can't load library from memory"
    Plagegeister aller Art und deren Bekämpfung - 25.03.2007 (22)
  16. ">"">><meta http-equiv="Refresh" content="0;url=http://askimizsonsuza.com/code/">"">
    Plagegeister aller Art und deren Bekämpfung - 04.09.2006 (4)
  17. eTrust fand "einen" Trojaner, danach AntiVir noch "vier"..!!??
    Plagegeister aller Art und deren Bekämpfung - 26.12.2005 (5)

Zum Thema Trojaner "Tencent"? - hallo, alle zusammen ich bin neu hier habe keine Ahnung von dem was ihr alle hier schreibt aber ich brauche eure Hilfe. i Ich glaube ich habe einen miesen Trojaner - Trojaner "Tencent"?...
Archiv
Du betrachtest: Trojaner "Tencent"? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.