Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Avast meldet sich alle 10 min

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 16.11.2016, 21:15   #1
maigoh
 
Avast meldet sich alle 10 min - Standard

Avast meldet sich alle 10 min



Hallo liebe Community,

ich bin hier neu und hatte bisher noch nie Probleme mit Viren (zumindest nicht bewusst).
Seit neustem bekomme ich auf Google Chrome immer wieder neue Suchmaschinen.
Ebenso meldet sich Avast alle 10 min. mit einer geblockten Bedrohung (siehe Bild).
Vielleicht könnt ihr mir weiterhelfen, vielen Dank bereits im Voraus!

Grüße

maigoh

Name:  avast.png
Hits: 230
Größe:  9,5 KB

Alt 17.11.2016, 13:13   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast meldet sich alle 10 min - Standard

Avast meldet sich alle 10 min



Hallo und


+++ WICHTIGER HINWEIS +++


Während der Analyse und Bereinigung nimmst du KEINERLEI Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache.
Auch veränderst du keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du AUSSCHLIESSLICH nur auf Anweisung!
Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben.

Gelesen und verstanden?




Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 17.11.2016, 14:04   #3
maigoh
 
Avast meldet sich alle 10 min - Standard

Avast meldet sich alle 10 min



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16-11-2016
durchgeführt von Marko (Administrator) auf DESKTOP-L90M10J (17-11-2016 14:00:02)
Gestartet von C:\Users\Marko\Downloads
Geladene Profile: Marko (Verfügbare Profile: defaultuser0 & Marko)
Platform: Windows 10 Education Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "C:\Program Files (x86)\Junemike\Application\chrome.exe" "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.23\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.15\AsusFanControlService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\SpeedFan\speedfan.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\Marko\AppData\Roaming\fibei\UvConverter.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Google Inc.) C:\Program Files (x86)\Junemike\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Junemike\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Junemike\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Junemike\Application\chrome.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTHlp.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
(Google Inc.) C:\Program Files (x86)\Junemike\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Junemike\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Junemike\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Junemike\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Junemike\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Junemike\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8822016 2016-06-02] (Realtek Semiconductor)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [528384 2015-11-10] (Greenshot)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25673776 2016-11-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKU\S-1-5-21-1238477326-3089224063-801030621-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKLM\...\Providers\1j1fojm4: C:\NVIDIA\\local64spl.dll [142848 2016-11-11] ()
HKLM\...\Providers\1uat87x6: C:\1\local64spl.dll [142848 2016-11-11] ()
HKLM\...\Providers\2vflyvsv: C:\PerfLogs1\local64spl.dll [142848 2016-11-11] ()
HKLM\...\Providers\58au7lb2: C:\PerfLogs\\local64spl.dll [142848 2016-11-11] ()
HKLM\...\Providers\9ltlgijf: C:\GOG Games\\local64spl.dll [142848 2016-11-11] ()
HKLM\...\Providers\9s2cl85n: C:\PerfLogs\\local64spl.dll [142848 2016-11-11] ()
HKLM\...\Providers\9taq5u1o: C:\GOG Games1\local64spl.dll [142848 2016-11-11] ()
HKLM\...\Providers\a2s00fue: C:\GOG Games\\local64spl.dll [142848 2016-11-11] ()
HKLM\...\Providers\bydjexra: C:\NVIDIA1\local64spl.dll [142848 2016-11-11] ()
HKLM\...\Providers\d3vgnye4: C:\GOG Games1\local64spl.dll [142848 2016-11-11] ()
HKLM\...\Providers\dmxmdfkr: C:\1\local64spl.dll [142848 2016-11-11] ()
HKLM\...\Providers\h45hywrj: C:\NVIDIA1\local64spl.dll [142848 2016-11-11] ()
HKLM\...\Providers\hd38jvdk: C:\PerfLogs1\local64spl.dll [142848 2016-11-11] ()
HKLM\...\Providers\icrm5pah: C:\Program Files1\local64spl.dll [142848 2016-11-11] ()
HKLM\...\Providers\kby6d23c: C:\Program Files\\local64spl.dll
HKLM\...\Providers\nd7vy07x: C:\Program Files1\local64spl.dll [142848 2016-11-11] ()
HKLM\...\Providers\s4u04jjm: C:\Program Files\\local64spl.dll
HKLM\...\Providers\sr4n38mw: C:\\local64spl.dll
HKLM\...\Providers\srx6nl94: C:\\local64spl.dll
HKLM\...\Providers\wdkndb67: C:\NVIDIA\\local64spl.dll [142848 2016-11-11] ()
ShellExecuteHooks:  - {FD2052F8-9EBE-11E6-B429-64006A5CFC23} - C:\Users\Marko\AppData\Roaming\Dlosarecertain\Thgergh.dll Keine Datei [ ]
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-11-12] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{587e26f8-8698-4bde-9c1b-6796a5fd35a8}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amisites.com/?type=hp&ts=1479323251&z=7020dfb47958802734d87fdgbzdmftccfo1cbobwao&from=che0812&uid=SamsungXSSDX850XEVOX500GB_S2RBNX0H769289L
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amisites.com/?type=hp&ts=1479323251&z=7020dfb47958802734d87fdgbzdmftccfo1cbobwao&from=che0812&uid=SamsungXSSDX850XEVOX500GB_S2RBNX0H769289L
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=1479323251&z=7020dfb47958802734d87fdgbzdmftccfo1cbobwao&from=che0812&uid=SamsungXSSDX850XEVOX500GB_S2RBNX0H769289L&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=1479323251&z=7020dfb47958802734d87fdgbzdmftccfo1cbobwao&from=che0812&uid=SamsungXSSDX850XEVOX500GB_S2RBNX0H769289L&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.amisites.com/?type=hp&ts=1479323251&z=7020dfb47958802734d87fdgbzdmftccfo1cbobwao&from=che0812&uid=SamsungXSSDX850XEVOX500GB_S2RBNX0H769289L
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.amisites.com/?type=hp&ts=1479323251&z=7020dfb47958802734d87fdgbzdmftccfo1cbobwao&from=che0812&uid=SamsungXSSDX850XEVOX500GB_S2RBNX0H769289L
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=1479323251&z=7020dfb47958802734d87fdgbzdmftccfo1cbobwao&from=che0812&uid=SamsungXSSDX850XEVOX500GB_S2RBNX0H769289L&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=1479323251&z=7020dfb47958802734d87fdgbzdmftccfo1cbobwao&from=che0812&uid=SamsungXSSDX850XEVOX500GB_S2RBNX0H769289L&q={searchTerms}
HKU\S-1-5-21-1238477326-3089224063-801030621-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amisites.com/?type=hp&ts=1479323251&z=7020dfb47958802734d87fdgbzdmftccfo1cbobwao&from=che0812&uid=SamsungXSSDX850XEVOX500GB_S2RBNX0H769289L
HKU\S-1-5-21-1238477326-3089224063-801030621-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.amisites.com/?type=hp&ts=1479323251&z=7020dfb47958802734d87fdgbzdmftccfo1cbobwao&from=che0812&uid=SamsungXSSDX850XEVOX500GB_S2RBNX0H769289L
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1479323251&z=7020dfb47958802734d87fdgbzdmftccfo1cbobwao&from=che0812&uid=SamsungXSSDX850XEVOX500GB_S2RBNX0H769289L&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1479323251&z=7020dfb47958802734d87fdgbzdmftccfo1cbobwao&from=che0812&uid=SamsungXSSDX850XEVOX500GB_S2RBNX0H769289L&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1479323251&z=7020dfb47958802734d87fdgbzdmftccfo1cbobwao&from=che0812&uid=SamsungXSSDX850XEVOX500GB_S2RBNX0H769289L&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1479323251&z=7020dfb47958802734d87fdgbzdmftccfo1cbobwao&from=che0812&uid=SamsungXSSDX850XEVOX500GB_S2RBNX0H769289L&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1238477326-3089224063-801030621-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1479323251&z=7020dfb47958802734d87fdgbzdmftccfo1cbobwao&from=che0812&uid=SamsungXSSDX850XEVOX500GB_S2RBNX0H769289L&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1238477326-3089224063-801030621-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1479323251&z=7020dfb47958802734d87fdgbzdmftccfo1cbobwao&from=che0812&uid=SamsungXSSDX850XEVOX500GB_S2RBNX0H769289L&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-08] (Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-08] (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-21] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-21] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-21] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-21] (Microsoft Corporation)

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-1238477326-3089224063-801030621-1001 -> hxxp://www.amisites.com/?type=hp&ts=1479323251&z=7020dfb47958802734d87fdgbzdmftccfo1cbobwao&from=che0812&uid=SamsungXSSDX850XEVOX500GB_S2RBNX0H769289L

FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-11-12]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-11-12]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-12] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.amisites.com/?type=hp&ts=1479323251&z=7020dfb47958802734d87fdgbzdmftccfo1cbobwao&from=che0812&uid=SamsungXSSDX850XEVOX500GB_S2RBNX0H769289L
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.amisites.com/?type=hp&ts=1479323251&z=7020dfb47958802734d87fdgbzdmftccfo1cbobwao&from=che0812&uid=SamsungXSSDX850XEVOX500GB_S2RBNX0H769289L" 
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.amisites.com/search/?type=ds&ts=1479323251&z=7020dfb47958802734d87fdgbzdmftccfo1cbobwao&from=che0812&uid=SamsungXSSDX850XEVOX500GB_S2RBNX0H769289L&q={searchTerms}
CHR DefaultSearchKeyword: ChromeDefaultData -> amisites
CHR Profile: C:\Users\Marko\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-11-16] <==== ACHTUNG
CHR Extension: (Google Präsentationen) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-03]
CHR Extension: (Google Docs) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-03]
CHR Extension: (Google Drive) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-03]
CHR Extension: (YouTube) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-03]
CHR Extension: (Adblock Plus) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-27]
CHR Extension: (Google Tabellen) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-03]
CHR Extension: (Google Docs Offline) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-03]
CHR Extension: (Citavi Picker) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ohgndokldibnndfnjnagojmheejlengn [2016-10-04]
CHR Extension: (Google Mail) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-03]
CHR Extension: (Chrome Media Router) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-27]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 Archer; C:\Program Files (x86)\WinArcher\Archer.dll [330240 2016-11-15] () [Datei ist nicht signiert]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2016-09-04] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.23\aaHMSvc.exe [963536 2016-04-18] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2016-09-04] () [Datei ist nicht signiert]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.15\AsusFanControlService.exe [419288 2016-10-07] (ASUSTeK Computer Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-11-12] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-11-12] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3291848 2016-10-08] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-20] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-20] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42096 2016-11-07] (Dropbox, Inc.)
R2 Ferbayrepecult; C:\Program Files (x86)\Themuckthegerch\Ferferrypekerkhlp.dll [278528 2016-11-10] () [Datei ist nicht signiert]
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [131024 2016-08-19] (Elex do Brasil Participações Ltda)
R2 MCSvc; C:\ProgramData\Microsoft\Blend\14.0\1033\ResourceCacher.dll [318976 2016-11-16] () [Datei ist nicht signiert]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [456640 2016-10-25] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [456640 2016-10-25] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-10-25] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2117128 2016-11-11] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2178576 2016-11-11] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 UvConv; C:\Users\Marko\AppData\Roaming\fibei\UvConverter.exe [393216 2016-11-15] () [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WinSAPSvc; C:\ProgramData\WinSAPSvc\WinSAP.dll [208384 2016-11-14] () [Datei ist nicht signiert]
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe [417792 2016-07-12] (Wondershare) [Datei ist nicht signiert]
S2 ed2kidle; "C:\Program Files (x86)\amuleC\ed2k.exe" -downloadwhenidle [X]
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Dr.Fone für iOS\DriverInstall.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
S3 ALSysIO; C:\Users\Marko\AppData\Local\Temp\ALSysIO64.sys [35320 2016-09-05] (Arthur Liberman)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2016-09-04] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2016-10-07] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2016-10-07] (MCCI Corporation)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-11-12] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-11-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-11-12] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [453192 2016-11-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-11-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-11-12] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-11-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-11-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-11-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-11-12] (AVAST Software)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [559080 2016-04-19] (Intel Corporation)
U4 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [55056 2016-05-23] (Elex do Brasil Participações Ltda)
S1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_848dea456d3c865e\nvlddmkm.sys [14159928 2016-10-26] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2016-10-25] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-09] ()
R3 SaiK0728; C:\Windows\system32\DRIVERS\SaiK0728.sys [129024 2008-01-21] (Saitek)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-17 14:00 - 2016-11-17 14:00 - 00031751 _____ C:\Users\Marko\Downloads\FRST.txt
2016-11-17 13:59 - 2016-11-17 14:00 - 00000000 ____D C:\FRST
2016-11-17 13:59 - 2016-11-17 13:59 - 02412032 _____ (Farbar) C:\Users\Marko\Downloads\FRST64.exe
2016-11-16 22:26 - 2016-11-16 22:26 - 00264406 _____ C:\Users\Marko\Downloads\9DTV48NK6SB20782908.pdf
2016-11-16 20:07 - 2016-11-16 20:07 - 00000003 _____ C:\Windows\SysWOW64\hoewmds
2016-11-16 20:07 - 2016-11-16 20:07 - 00000000 ____D C:\Windows\system32\log
2016-11-16 20:07 - 2016-11-16 20:07 - 00000000 ____D C:\Users\Marko\AppData\Roaming\fibei
2016-11-16 20:07 - 2016-11-16 20:07 - 00000000 ____D C:\Users\Marko\AppData\Roaming\Elex-tech
2016-11-16 20:07 - 2016-11-16 20:07 - 00000000 ____D C:\Users\Marko\AppData\Local\Junemike
2016-11-16 20:07 - 2016-11-16 20:07 - 00000000 ____D C:\Program Files (x86)\UvConverter
2016-11-16 20:07 - 2016-11-16 20:07 - 00000000 ____D C:\Program Files (x86)\Junemike
2016-11-16 20:07 - 2016-11-16 20:07 - 00000000 ____D C:\Program Files (x86)\Elex-tech
2016-11-16 20:07 - 2016-11-16 20:07 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2016-11-16 20:07 - 2016-11-16 20:07 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-11-16 20:07 - 2016-05-23 03:41 - 00055056 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2016-11-16 20:07 - 2016-05-19 07:42 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2016-11-15 21:06 - 2016-11-15 21:06 - 00000000 ____D C:\Program Files (x86)\bcz4grzc
2016-11-15 17:06 - 2016-11-15 17:06 - 00000000 ____D C:\Program Files (x86)\bc3esdka
2016-11-15 14:13 - 2016-11-15 22:13 - 00000000 ____D C:\Program Files (x86)\f09er35s
2016-11-15 13:06 - 2016-11-15 13:06 - 00000000 ____D C:\Program Files (x86)\icwwcr7g
2016-11-15 10:12 - 2016-11-16 20:07 - 00003540 _____ C:\Windows\System32\Tasks\ChelfNotify Task
2016-11-15 10:12 - 2016-11-16 20:07 - 00000000 ____D C:\ProgramData\ChelfNotify
2016-11-15 10:12 - 2016-11-15 10:12 - 00000000 ____D C:\ProgramData\WinSAPSvc
2016-11-15 10:12 - 2016-11-15 10:12 - 00000000 ____D C:\Program Files (x86)\WinArcher
2016-11-15 10:12 - 2016-11-15 10:12 - 00000000 ____D C:\Program Files (x86)\7nd2cv4q
2016-11-14 19:39 - 2016-11-14 19:39 - 00788484 _____ C:\Users\Marko\Desktop\Dario Logo.psd
2016-11-14 18:27 - 2016-11-14 18:27 - 09650057 _____ C:\Users\Marko\Desktop\makingasören1.psd
2016-11-14 18:10 - 2016-11-14 18:10 - 00000000 ____D C:\Users\Marko\AppData\Local\Tempzxpsign47fef14932ccb2c2
2016-11-14 18:09 - 2016-11-14 18:09 - 00000000 ____D C:\Users\Marko\AppData\Local\Tempzxpsigna929f60da5b46abc
2016-11-14 18:09 - 2016-11-14 18:09 - 00000000 ____D C:\Users\Marko\AppData\Local\Tempzxpsign84ad7ba70b391747
2016-11-14 18:09 - 2016-11-14 18:09 - 00000000 ____D C:\Users\Marko\AppData\Local\Tempzxpsign6909eb3266df88fb
2016-11-14 18:09 - 2016-11-14 18:09 - 00000000 ____D C:\Users\Marko\AppData\Local\Tempzxpsign5bb78fd823465593
2016-11-12 14:09 - 2016-11-12 14:12 - 00000000 ____D C:\AdwCleaner
2016-11-12 14:09 - 2016-11-12 14:09 - 03910208 _____ C:\Users\Marko\Downloads\adwcleaner_6.030.exe
2016-11-12 13:58 - 2016-11-12 14:18 - 00004042 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1478955532
2016-11-12 13:58 - 2016-11-12 14:18 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-11-12 13:58 - 2016-11-12 13:58 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-11-12 13:58 - 2016-11-12 13:58 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-11-12 13:58 - 2016-11-12 13:58 - 00453192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2016-11-12 13:58 - 2016-11-12 13:58 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-11-12 13:58 - 2016-11-12 13:58 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-11-12 13:58 - 2016-11-12 13:58 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-11-12 13:58 - 2016-11-12 13:58 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-11-12 13:58 - 2016-11-12 13:58 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-11-12 13:58 - 2016-11-12 13:58 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-11-12 13:58 - 2016-11-12 13:58 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-11-12 13:58 - 2016-11-12 13:58 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-11-12 13:58 - 2016-11-12 13:58 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-11-12 13:58 - 2016-11-12 13:58 - 00004004 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-11-12 13:58 - 2016-11-12 13:58 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premier.lnk
2016-11-12 13:58 - 2016-11-12 13:58 - 00001967 _____ C:\Users\Public\Desktop\Avast Premier.lnk
2016-11-12 13:58 - 2016-11-12 13:58 - 00001088 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-11-12 13:58 - 2016-11-12 13:58 - 00000000 ____D C:\Users\Marko\AppData\Roaming\AVAST Software
2016-11-12 13:57 - 2016-11-12 13:58 - 00000000 ____D C:\Program Files\AVAST Software
2016-11-12 13:57 - 2016-11-12 13:57 - 06306272 _____ (AVAST Software) C:\Users\Marko\Downloads\avast_premier_antivirus_setup_online.exe
2016-11-12 13:54 - 2016-11-12 13:54 - 06253536 _____ (AVAST Software) C:\Users\Marko\Downloads\avast123_free_antivirus_setup_online.exe
2016-11-12 13:50 - 2016-11-16 20:07 - 00002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-12 13:50 - 2016-11-16 20:07 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-12 13:50 - 2016-11-12 14:12 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-12 13:50 - 2016-11-12 14:12 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-12 13:50 - 2016-11-12 13:50 - 01065376 _____ (Google Inc.) C:\Users\Marko\Downloads\ChromeSetup.exe
2016-11-12 13:50 - 2016-11-12 13:50 - 00004198 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-11-12 13:50 - 2016-11-12 13:50 - 00003966 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-11-12 13:35 - 2016-09-01 11:24 - 00046352 ____N (zdengine) C:\Windows\system32\Drivers\zdwfp64.sys
2016-11-11 23:59 - 2016-11-11 23:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-11 23:20 - 2016-11-11 23:20 - 00000000 ____D C:\Program Files (x86)\mjity64q
2016-11-11 19:06 - 2016-11-12 11:55 - 00000000 ___HD C:\Program Files1
2016-11-11 19:06 - 2016-11-12 11:55 - 00000000 ___HD C:\PerfLogs1
2016-11-11 19:06 - 2016-11-12 11:55 - 00000000 ___HD C:\NVIDIA1
2016-11-11 19:06 - 2016-11-12 11:55 - 00000000 ___HD C:\GOG Games1
2016-11-11 19:06 - 2016-11-11 23:06 - 00000020 ____H C:\Program Files\local64spl.dll.ini
2016-11-11 19:06 - 2016-11-11 23:06 - 00000020 ____H C:\local64spl.dll.ini
2016-11-11 19:06 - 2016-11-11 23:06 - 00000000 ___HD C:\1
2016-11-11 12:04 - 2016-11-11 12:04 - 00191629 _____ C:\Users\Marko\Desktop\BURGER SPECIALS.pdf
2016-11-10 19:20 - 2016-11-10 19:20 - 00000306 __RSH C:\Users\Marko\ntuser.pol
2016-11-10 19:09 - 2016-11-10 19:09 - 00002084 __RSH C:\ProgramData\ntuser.pol
2016-11-10 19:08 - 2016-11-10 19:22 - 00000000 ____D C:\Windows\system32\SSL
2016-11-10 19:07 - 2016-11-12 13:58 - 00000000 ____D C:\ProgramData\AVAST Software
2016-11-10 19:07 - 2016-11-12 13:35 - 00364303 ____N (zdengine) C:\Windows\system32\zdengine64.dll
2016-11-10 19:07 - 2016-11-12 13:35 - 00301711 ____N (zdengine) C:\Windows\SysWOW64\zdengine.dll
2016-11-10 19:07 - 2016-11-10 19:07 - 00000000 ____D C:\ProgramData\Avira
2016-11-10 19:07 - 2016-11-10 19:07 - 00000000 ____D C:\ProgramData\Avg
2016-11-10 19:06 - 2016-11-16 18:57 - 00000000 ____D C:\Program Files (x86)\Themuckthegerch
2016-11-10 19:06 - 2016-11-12 11:55 - 00000000 ____D C:\Users\Marko\AppData\Roaming\Dlosarecertain
2016-11-10 19:06 - 2016-11-10 19:06 - 00006146 _____ C:\Windows\System32\Tasks\Pluperryarejotion Log
2016-11-10 19:06 - 2016-11-10 19:06 - 00003650 _____ C:\Windows\System32\Tasks\77cf4b3dfabc9e11de3765bb9c0b2422
2016-11-10 19:06 - 2016-11-10 19:06 - 00000000 ____D C:\Users\Marko\AppData\Local\Sheent
2016-11-10 19:04 - 2016-11-10 19:04 - 00001096 _____ C:\Users\Public\Desktop\Download Adobe InDesign...lnk
2016-11-10 19:01 - 2016-11-10 19:01 - 04657410 _____ C:\Users\Marko\Downloads\Adobe InDesign CC 2015 11.1.rar
2016-11-10 18:58 - 2016-11-10 19:06 - 01670686 _____ C:\Users\Marko\Downloads\Nicht bestätigt 491732.crdownload
2016-11-10 14:55 - 2016-11-10 14:55 - 00000000 ____D C:\Users\Marko\AppData\Roaming\PDAppFlex
2016-11-10 14:55 - 2016-11-10 14:55 - 00000000 ____D C:\Users\Marko\AppData\Local\Tempzxpsignca9cacf8088f361d
2016-11-10 14:55 - 2016-11-10 14:55 - 00000000 ____D C:\Users\Marko\AppData\Local\Tempzxpsign8a5057a12f0482ce
2016-11-10 14:04 - 2016-11-10 14:04 - 01973431 _____ C:\Windows\8c43bd3cd26a2cd7e26bc512ae7ee236.exe
2016-11-09 12:23 - 2016-11-09 12:23 - 00034483 _____ C:\Users\Marko\Downloads\Rechnung1.xlsx
2016-11-09 11:42 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-11-09 11:42 - 2016-11-02 13:01 - 00315744 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-09 11:42 - 2016-11-02 12:13 - 00773720 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-09 11:42 - 2016-11-02 12:12 - 00376672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2016-11-09 11:42 - 2016-11-02 12:12 - 00341344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-09 11:42 - 2016-11-02 12:10 - 02323728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-11-09 11:42 - 2016-11-02 12:09 - 02257104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-09 11:42 - 2016-11-02 12:08 - 00576408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-11-09 11:42 - 2016-11-02 12:08 - 00186424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
2016-11-09 11:42 - 2016-11-02 12:05 - 03892352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-11-09 11:42 - 2016-11-02 12:05 - 00959112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-11-09 11:42 - 2016-11-02 12:05 - 00951904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-11-09 11:42 - 2016-11-02 12:02 - 00682816 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-11-09 11:42 - 2016-11-02 12:02 - 00238056 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2016-11-09 11:42 - 2016-11-02 12:01 - 01263856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-09 11:42 - 2016-11-02 12:01 - 00545936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-11-09 11:42 - 2016-11-02 12:00 - 08156080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2016-11-09 11:42 - 2016-11-02 12:00 - 01274712 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-11-09 11:42 - 2016-11-02 11:49 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-09 11:42 - 2016-11-02 11:47 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-09 11:42 - 2016-11-02 11:46 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininetlui.dll
2016-11-09 11:42 - 2016-11-02 11:42 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2016-11-09 11:42 - 2016-11-02 11:40 - 00896512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontext.dll
2016-11-09 11:42 - 2016-11-02 11:39 - 00348672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2016-11-09 11:42 - 2016-11-02 11:37 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2016-11-09 11:42 - 2016-11-02 11:36 - 07626752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-11-09 11:42 - 2016-11-02 11:36 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2016-11-09 11:42 - 2016-11-02 11:33 - 12349952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-11-09 11:42 - 2016-11-02 11:33 - 03307520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-11-09 11:42 - 2016-11-02 11:31 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
2016-11-09 11:42 - 2016-11-02 11:31 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-09 11:42 - 2016-11-02 11:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2016-11-09 11:42 - 2016-11-02 11:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2016-11-09 11:42 - 2016-11-02 11:29 - 00884224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-09 11:42 - 2016-11-02 11:29 - 00336896 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 11:42 - 2016-11-02 11:29 - 00122368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NPSM.dll
2016-11-09 11:42 - 2016-11-02 11:28 - 04423680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-11-09 11:42 - 2016-11-02 11:28 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll
2016-11-09 11:42 - 2016-11-02 11:28 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2016-11-09 11:42 - 2016-11-02 11:28 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2016-11-09 11:42 - 2016-11-02 11:28 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chartv.dll
2016-11-09 11:42 - 2016-11-02 11:27 - 02458112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-11-09 11:42 - 2016-11-02 11:27 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2016-11-09 11:42 - 2016-11-02 11:27 - 00422400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2016-11-09 11:42 - 2016-11-02 11:26 - 02484736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2016-11-09 11:42 - 2016-11-02 11:26 - 00712192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2016-11-09 11:42 - 2016-11-02 11:26 - 00579072 _____ (Microsoft Corporation) C:\Windows\system32\ddraw.dll
2016-11-09 11:42 - 2016-11-02 11:26 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2016-11-09 11:42 - 2016-11-02 11:25 - 02998272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2016-11-09 11:42 - 2016-11-02 11:25 - 01556480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-11-09 11:42 - 2016-11-02 11:23 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-09 11:42 - 2016-11-02 11:22 - 13441024 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-11-09 11:42 - 2016-11-02 11:19 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\chartv.dll
2016-11-09 11:42 - 2016-11-02 11:19 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-09 11:42 - 2016-11-02 11:18 - 00836608 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
2016-11-09 11:42 - 2016-11-02 11:17 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2016-11-09 11:42 - 2016-11-02 11:16 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-11-09 11:42 - 2016-11-02 11:16 - 00881664 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-11-09 11:42 - 2016-11-02 11:16 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2016-11-09 11:42 - 2016-11-02 11:15 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2016-11-09 11:42 - 2016-11-02 11:14 - 01726976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-11-09 11:42 - 2016-11-02 09:20 - 00446896 _____ C:\Windows\system32\ApnDatabase.xml
2016-11-09 11:41 - 2016-11-02 12:22 - 01570672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-09 11:41 - 2016-11-02 12:22 - 00601712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-09 11:41 - 2016-11-02 12:20 - 00590960 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-11-09 11:41 - 2016-11-02 12:20 - 00378720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-09 11:41 - 2016-11-02 12:15 - 01051112 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-09 11:41 - 2016-11-02 12:15 - 00894096 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-11-09 11:41 - 2016-11-02 12:14 - 07816544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-09 11:41 - 2016-11-02 12:13 - 01883784 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-09 11:41 - 2016-11-02 12:13 - 01354320 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-09 11:41 - 2016-11-02 12:13 - 01173496 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-11-09 11:41 - 2016-11-02 12:13 - 00423776 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
2016-11-09 11:41 - 2016-11-02 12:12 - 02255712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-11-09 11:41 - 2016-11-02 12:08 - 00602464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-11-09 11:41 - 2016-11-02 12:08 - 00111968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-11-09 11:41 - 2016-11-02 12:05 - 20969928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-11-09 11:41 - 2016-11-02 12:05 - 06657176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-09 11:41 - 2016-11-02 12:05 - 00405856 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-09 11:41 - 2016-11-02 12:04 - 04312248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-11-09 11:41 - 2016-11-02 12:04 - 02678056 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-11-09 11:41 - 2016-11-02 12:04 - 00596832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2016-11-09 11:41 - 2016-11-02 12:03 - 02750936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-09 11:41 - 2016-11-02 12:03 - 00714592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-11-09 11:41 - 2016-11-02 12:02 - 00848736 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-11-09 11:41 - 2016-11-02 12:02 - 00148832 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-11-09 11:41 - 2016-11-02 12:01 - 01425000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2016-11-09 11:41 - 2016-11-02 12:01 - 01415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2016-11-09 11:41 - 2016-11-02 12:01 - 00276832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-09 11:41 - 2016-11-02 12:01 - 00092512 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-11-09 11:41 - 2016-11-02 12:00 - 22223968 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-11-09 11:41 - 2016-11-02 12:00 - 04130432 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-11-09 11:41 - 2016-11-02 12:00 - 01061968 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-11-09 11:41 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-11-09 11:41 - 2016-11-02 11:59 - 04673304 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-11-09 11:41 - 2016-11-02 11:56 - 01609920 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2016-11-09 11:41 - 2016-11-02 11:56 - 01572768 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2016-11-09 11:41 - 2016-11-02 11:56 - 01418312 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-09 11:41 - 2016-11-02 11:56 - 00628552 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-11-09 11:41 - 2016-11-02 11:56 - 00322912 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-09 11:41 - 2016-11-02 11:55 - 00048992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\iorate.sys
2016-11-09 11:41 - 2016-11-02 11:50 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2016-11-09 11:41 - 2016-11-02 11:49 - 00147968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2016-11-09 11:41 - 2016-11-02 11:48 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-09 11:41 - 2016-11-02 11:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-09 11:41 - 2016-11-02 11:48 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efsext.dll
2016-11-09 11:41 - 2016-11-02 11:47 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-11-09 11:41 - 2016-11-02 11:47 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BcastDVRHelper.dll
2016-11-09 11:41 - 2016-11-02 11:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppCapture.dll
2016-11-09 11:41 - 2016-11-02 11:45 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2016-11-09 11:41 - 2016-11-02 11:45 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BioFeedback.dll
2016-11-09 11:41 - 2016-11-02 11:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsensorgroup.dll
2016-11-09 11:41 - 2016-11-02 11:44 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 11:41 - 2016-11-02 11:44 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-11-09 11:41 - 2016-11-02 11:44 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthExt.dll
2016-11-09 11:41 - 2016-11-02 11:43 - 00731136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8.dll
2016-11-09 11:41 - 2016-11-02 11:43 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2016-11-09 11:41 - 2016-11-02 11:43 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-09 11:41 - 2016-11-02 11:43 - 00198144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FSClient.dll
2016-11-09 11:41 - 2016-11-02 11:43 - 00126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-11-09 11:41 - 2016-11-02 11:42 - 00866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2016-11-09 11:41 - 2016-11-02 11:42 - 00632832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2016-11-09 11:41 - 2016-11-02 11:42 - 00549376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenterCPL.dll
2016-11-09 11:41 - 2016-11-02 11:42 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2016-11-09 11:41 - 2016-11-02 11:42 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2016-11-09 11:41 - 2016-11-02 11:42 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 11:41 - 2016-11-02 11:41 - 00635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-09 11:41 - 2016-11-02 11:40 - 00548352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ddraw.dll
2016-11-09 11:41 - 2016-11-02 11:40 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\indexeddbserver.dll
2016-11-09 11:41 - 2016-11-02 11:39 - 00465920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2016-11-09 11:41 - 2016-11-02 11:39 - 00236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-09 11:41 - 2016-11-02 11:38 - 22563840 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-11-09 11:41 - 2016-11-02 11:38 - 00760832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2016-11-09 11:41 - 2016-11-02 11:37 - 19415040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-11-09 11:41 - 2016-11-02 11:36 - 19415552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-09 11:41 - 2016-11-02 11:36 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ErrorDetailsUpdate.dll
2016-11-09 11:41 - 2016-11-02 11:35 - 00336896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2016-11-09 11:41 - 2016-11-02 11:34 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-11-09 11:41 - 2016-11-02 11:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2016-11-09 11:41 - 2016-11-02 11:33 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-09 11:41 - 2016-11-02 11:32 - 00045056 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-09 11:41 - 2016-11-02 11:32 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\efsext.dll
2016-11-09 11:41 - 2016-11-02 11:31 - 03196416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2016-11-09 11:41 - 2016-11-02 11:31 - 01228288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-11-09 11:41 - 2016-11-02 11:31 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\BcastDVRHelper.dll
2016-11-09 11:41 - 2016-11-02 11:31 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-11-09 11:41 - 2016-11-02 11:31 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\ACPBackgroundManagerPolicy.dll
2016-11-09 11:41 - 2016-11-02 11:31 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-11-09 11:41 - 2016-11-02 11:31 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-11-09 11:41 - 2016-11-02 11:31 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\wininetlui.dll
2016-11-09 11:41 - 2016-11-02 11:30 - 12175360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-09 11:41 - 2016-11-02 11:30 - 09131008 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-11-09 11:41 - 2016-11-02 11:30 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2016-11-09 11:41 - 2016-11-02 11:30 - 00567296 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2016-11-09 11:41 - 2016-11-02 11:30 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BioFeedback.dll
2016-11-09 11:41 - 2016-11-02 11:30 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2016-11-09 11:41 - 2016-11-02 11:30 - 00134144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ErrorDetails.dll
2016-11-09 11:41 - 2016-11-02 11:29 - 07469056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-11-09 11:41 - 2016-11-02 11:29 - 03666432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-09 11:41 - 2016-11-02 11:29 - 01247232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-11-09 11:41 - 2016-11-02 11:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 11:41 - 2016-11-02 11:29 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\FSClient.dll
2016-11-09 11:41 - 2016-11-02 11:29 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\mfsensorgroup.dll
2016-11-09 11:41 - 2016-11-02 11:29 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-09 11:41 - 2016-11-02 11:29 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-11-09 11:41 - 2016-11-02 11:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-11-09 11:41 - 2016-11-02 11:28 - 06044160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-11-09 11:41 - 2016-11-02 11:28 - 00807424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-09 11:41 - 2016-11-02 11:28 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-11-09 11:41 - 2016-11-02 11:28 - 00690176 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2016-11-09 11:41 - 2016-11-02 11:28 - 00411136 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll
2016-11-09 11:41 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 11:41 - 2016-11-02 11:28 - 00321024 _____ (Microsoft Corporation) C:\Windows\system32\NetworkUXBroker.dll
2016-11-09 11:41 - 2016-11-02 11:28 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 11:41 - 2016-11-02 11:28 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2016-11-09 11:41 - 2016-11-02 11:28 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2016-11-09 11:41 - 2016-11-02 11:28 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\NetworkDesktopSettings.dll
2016-11-09 11:41 - 2016-11-02 11:28 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2016-11-09 11:41 - 2016-11-02 11:28 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-09 11:41 - 2016-11-02 11:28 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-09 11:41 - 2016-11-02 11:27 - 23677952 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-09 11:41 - 2016-11-02 11:27 - 00631296 _____ (Microsoft Corporation) C:\Windows\system32\WlanMediaManager.dll
2016-11-09 11:41 - 2016-11-02 11:27 - 00605184 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-11-09 11:41 - 2016-11-02 11:27 - 00580608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-11-09 11:41 - 2016-11-02 11:27 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2016-11-09 11:41 - 2016-11-02 11:27 - 00495104 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2016-11-09 11:41 - 2016-11-02 11:27 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\indexeddbserver.dll
2016-11-09 11:41 - 2016-11-02 11:26 - 02747392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-11-09 11:41 - 2016-11-02 11:26 - 01880576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-11-09 11:41 - 2016-11-02 11:26 - 01595392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-09 11:41 - 2016-11-02 11:26 - 01509376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-09 11:41 - 2016-11-02 11:26 - 00912896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2016-11-09 11:41 - 2016-11-02 11:26 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-11-09 11:41 - 2016-11-02 11:26 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2016-11-09 11:41 - 2016-11-02 11:26 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-11-09 11:41 - 2016-11-02 11:26 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-09 11:41 - 2016-11-02 11:26 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-11-09 11:41 - 2016-11-02 11:25 - 02256384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-09 11:41 - 2016-11-02 11:25 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2016-11-09 11:41 - 2016-11-02 11:25 - 00772608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-11-09 11:41 - 2016-11-02 11:25 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2016-11-09 11:41 - 2016-11-02 11:25 - 00541696 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2016-11-09 11:41 - 2016-11-02 11:25 - 00496128 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 11:41 - 2016-11-02 11:24 - 03778560 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-11-09 11:41 - 2016-11-02 11:24 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2016-11-09 11:41 - 2016-11-02 11:23 - 03106304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-11-09 11:41 - 2016-11-02 11:23 - 02356736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-09 11:41 - 2016-11-02 11:23 - 02104320 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2016-11-09 11:41 - 2016-11-02 11:23 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2016-11-09 11:41 - 2016-11-02 11:23 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetailsUpdate.dll
2016-11-09 11:41 - 2016-11-02 11:22 - 13081600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-09 11:41 - 2016-11-02 11:22 - 04749312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-11-09 11:41 - 2016-11-02 11:22 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2016-11-09 11:41 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2016-11-09 11:41 - 2016-11-02 11:21 - 05111296 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2016-11-09 11:41 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-11-09 11:41 - 2016-11-02 11:20 - 02273792 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-11-09 11:41 - 2016-11-02 11:20 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll
2016-11-09 11:41 - 2016-11-02 11:19 - 08127488 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-11-09 11:41 - 2016-11-02 11:19 - 08075776 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-11-09 11:41 - 2016-11-02 11:19 - 01586176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-11-09 11:41 - 2016-11-02 11:19 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-09 11:41 - 2016-11-02 11:19 - 00805888 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll
2016-11-09 11:41 - 2016-11-02 11:19 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\NPSM.dll
2016-11-09 11:41 - 2016-11-02 11:18 - 01690112 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2016-11-09 11:41 - 2016-11-02 11:18 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2016-11-09 11:41 - 2016-11-02 11:18 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2016-11-09 11:41 - 2016-11-02 11:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2016-11-09 11:41 - 2016-11-02 11:17 - 04746752 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-09 11:41 - 2016-11-02 11:17 - 01282048 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-11-09 11:41 - 2016-11-02 11:17 - 00982528 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-09 11:41 - 2016-11-02 11:17 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2016-11-09 11:41 - 2016-11-02 11:17 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-11-09 11:41 - 2016-11-02 11:16 - 04148736 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-11-09 11:41 - 2016-11-02 11:16 - 03400192 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2016-11-09 11:41 - 2016-11-02 11:16 - 03133440 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-11-09 11:41 - 2016-11-02 11:16 - 02688512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-11-09 11:41 - 2016-11-02 11:16 - 02669056 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-09 11:41 - 2016-11-02 11:16 - 02512384 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-11-09 11:41 - 2016-11-02 11:16 - 01779712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-09 11:41 - 2016-11-02 11:16 - 01637888 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-09 11:41 - 2016-11-02 11:16 - 01490944 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-09 11:41 - 2016-11-02 11:16 - 00770560 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-11-09 11:41 - 2016-11-02 11:16 - 00629248 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-11-09 11:41 - 2016-11-02 11:16 - 00579072 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2016-11-09 11:41 - 2016-11-02 11:16 - 00265728 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-11-09 11:41 - 2016-11-02 11:15 - 04708864 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-11-09 11:41 - 2016-11-02 11:15 - 03616768 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-11-09 11:41 - 2016-11-02 11:15 - 02611200 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2016-11-09 11:41 - 2016-11-02 11:15 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-11-09 11:41 - 2016-11-02 11:15 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2016-11-09 11:41 - 2016-11-02 11:15 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-11-09 11:41 - 2016-11-02 11:13 - 03496960 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-09 11:41 - 2016-11-02 11:13 - 03299840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2016-11-09 11:41 - 2016-11-02 11:13 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2016-11-09 11:41 - 2016-11-02 10:11 - 00788624 _____ C:\Windows\SysWOW64\locale.nls
2016-11-09 11:41 - 2016-11-02 10:11 - 00788624 _____ C:\Windows\system32\locale.nls
2016-11-09 11:41 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-11-07 23:49 - 2016-11-07 23:49 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2016-11-07 23:49 - 2016-11-07 23:49 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2016-11-07 23:49 - 2016-11-07 23:49 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2016-11-07 23:49 - 2016-11-07 23:49 - 00042096 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2016-11-06 00:11 - 2016-11-06 00:11 - 00001226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-11-06 00:11 - 2016-11-06 00:11 - 00001214 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2016-11-05 23:12 - 2016-11-05 23:12 - 00000000 ____D C:\Users\Marko\AppData\Local\Tempzxpsignb331d06b1abacc0d
2016-11-05 23:10 - 2016-11-05 23:10 - 00000000 ____D C:\Users\Marko\AppData\Roaming\NVIDIA
2016-11-05 23:10 - 2016-11-05 23:10 - 00000000 ____D C:\Users\Marko\AppData\Local\Tempzxpsigne9d49b52287ed9a2
2016-11-05 23:10 - 2016-11-05 23:10 - 00000000 ____D C:\Users\Marko\AppData\Local\Tempzxpsignbc8098d3387d9940
2016-11-05 13:41 - 2016-11-16 11:29 - 04362064 _____ C:\Users\Marko\Desktop\Abschlusspräsentation.pptx
2016-11-03 15:18 - 2016-11-10 19:07 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-11-03 15:18 - 2016-11-03 15:18 - 00004002 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-03 15:18 - 2016-11-03 15:18 - 00003974 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-03 15:18 - 2016-11-03 15:18 - 00003938 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-03 15:18 - 2016-11-03 15:18 - 00003912 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-03 15:18 - 2016-11-03 15:18 - 00003750 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-03 15:18 - 2016-11-03 15:18 - 00003708 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-03 15:18 - 2016-11-03 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-11-03 15:18 - 2016-10-25 21:19 - 01852352 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-11-03 15:18 - 2016-10-25 21:19 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-11-03 15:18 - 2016-10-25 21:19 - 01452480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-11-03 15:18 - 2016-10-25 21:19 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-11-03 15:18 - 2016-10-25 21:19 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-11-03 15:18 - 2016-10-25 21:17 - 06386232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-11-03 15:18 - 2016-10-25 21:17 - 02475968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-11-03 15:18 - 2016-10-25 21:17 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-11-03 15:18 - 2016-10-25 21:17 - 00548408 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-11-03 15:18 - 2016-10-25 21:17 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-11-03 15:18 - 2016-10-25 21:17 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-11-03 15:18 - 2016-10-25 21:17 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-11-03 15:18 - 2016-10-25 21:00 - 00134712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-11-03 15:18 - 2016-10-24 07:31 - 07507695 _____ C:\Windows\system32\nvcoproc.bin
2016-11-03 15:18 - 2016-09-09 19:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-11-03 15:18 - 2016-09-09 19:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2016-11-03 15:18 - 2016-09-09 19:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-11-03 15:18 - 2016-09-09 19:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2016-11-03 15:17 - 2016-11-16 18:58 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-03 15:17 - 2016-10-25 22:40 - 00215608 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-11-03 15:17 - 2016-10-25 22:40 - 00201664 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-11-03 15:17 - 2016-10-25 20:12 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2016-11-03 15:16 - 2016-10-26 02:09 - 00046024 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 40123840 _____ C:\Windows\system32\nvcompiler.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 35224632 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 34711096 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 28202040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 10912232 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 10782952 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 10332664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 09120512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 08913512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 08723968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 03927288 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 03468736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 02940352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 02574784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 01953336 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437570.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437570.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 01037248 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 00975296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 00943552 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 00897080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 00802768 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 00801560 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 00683640 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 00644112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 00642392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 00617696 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 00572888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 00438208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 00394704 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 00390200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 00384448 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 00348728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 00327224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-11-03 15:16 - 2016-10-25 22:40 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-11-03 15:16 - 2016-10-25 22:40 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2016-11-03 15:16 - 2016-10-25 21:19 - 00104384 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-11-03 15:16 - 2016-10-25 21:19 - 00094144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-11-03 15:16 - 2016-10-25 21:19 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-11-03 15:09 - 2016-11-03 15:13 - 391438192 _____ (NVIDIA Corporation) C:\Users\Marko\Downloads\375.70-desktop-win10-64bit-international-whql.exe
2016-11-03 15:07 - 2016-11-03 15:19 - 00000000 ____D C:\Users\Marko\Documents\Battlefield 1
2016-11-03 15:05 - 2016-11-03 15:05 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
2016-11-02 13:18 - 2016-11-02 13:20 - 00000000 ____D C:\Users\Marko\Desktop\Word
2016-11-01 12:18 - 2016-10-15 05:48 - 00498952 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2016-11-01 12:18 - 2016-10-15 05:37 - 00063328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2016-11-01 12:18 - 2016-10-15 05:26 - 01990648 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-11-01 12:18 - 2016-10-15 05:26 - 01472536 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-11-01 12:18 - 2016-10-15 05:26 - 00811416 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2016-11-01 12:18 - 2016-10-15 05:26 - 00691080 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2016-11-01 12:18 - 2016-10-15 05:22 - 01461200 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-11-01 12:18 - 2016-10-15 05:18 - 00749920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2016-11-01 12:18 - 2016-10-15 05:15 - 01557808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2016-11-01 12:18 - 2016-10-15 05:01 - 01631232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2016-11-01 12:18 - 2016-10-15 04:57 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-11-01 12:18 - 2016-10-15 04:56 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2016-11-01 12:18 - 2016-10-15 04:55 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Flights.dll
2016-11-01 12:18 - 2016-10-15 04:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2016-11-01 12:18 - 2016-10-15 04:53 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-01 12:18 - 2016-10-15 04:52 - 06285312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2016-11-01 12:18 - 2016-10-15 04:50 - 17188352 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-11-01 12:18 - 2016-10-15 04:50 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Bluetooth.dll
2016-11-01 12:18 - 2016-10-15 04:49 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-11-01 12:18 - 2016-10-15 04:48 - 01323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2016-11-01 12:18 - 2016-10-15 04:47 - 01113600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2016-11-01 12:18 - 2016-10-15 04:47 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2016-11-01 12:18 - 2016-10-15 04:46 - 00471552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-11-01 12:18 - 2016-10-15 04:45 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2016-11-01 12:18 - 2016-10-15 04:44 - 00747008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RemoteNaturalLanguage.dll
2016-11-01 12:18 - 2016-10-15 04:44 - 00470016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-11-01 12:18 - 2016-10-15 04:43 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\energy.dll
2016-11-01 12:18 - 2016-10-15 04:42 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-11-01 12:18 - 2016-10-15 04:42 - 00459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-11-01 12:18 - 2016-10-15 04:41 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsiwmi.dll
2016-11-01 12:18 - 2016-10-15 04:38 - 01993216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-11-01 12:18 - 2016-10-15 04:38 - 00913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2016-11-01 12:18 - 2016-10-15 04:37 - 01643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2016-11-01 12:18 - 2016-10-15 04:36 - 02290176 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-11-01 12:18 - 2016-10-15 04:35 - 00701952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2016-11-01 12:18 - 2016-10-15 04:31 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2016-11-01 12:18 - 2016-08-27 06:12 - 00244816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-11-01 12:17 - 2016-10-15 05:51 - 02186896 _____ (Microsoft Corporation) C:\Windows\system32\hevcdecoder.dll
2016-11-01 12:17 - 2016-10-15 05:51 - 01637728 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-11-01 12:17 - 2016-10-15 05:51 - 01235296 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-11-01 12:17 - 2016-10-15 05:51 - 00595296 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-11-01 12:17 - 2016-10-15 05:51 - 00584032 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-11-01 12:17 - 2016-10-15 05:51 - 00322912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-11-01 12:17 - 2016-10-15 05:51 - 00283488 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2016-11-01 12:17 - 2016-10-15 05:51 - 00232800 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-11-01 12:17 - 2016-10-15 05:51 - 00137568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-11-01 12:17 - 2016-10-15 05:51 - 00078688 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-11-01 12:17 - 2016-10-15 05:43 - 01356352 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2016-11-01 12:17 - 2016-10-15 05:41 - 05622088 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-11-01 12:17 - 2016-10-15 05:38 - 00500064 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-11-01 12:17 - 2016-10-15 05:38 - 00409952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-11-01 12:17 - 2016-10-15 05:34 - 01969912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll
2016-11-01 12:17 - 2016-10-15 05:33 - 00455040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2016-11-01 12:17 - 2016-10-15 05:31 - 02827864 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-11-01 12:17 - 2016-10-15 05:31 - 02190688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-11-01 12:17 - 2016-10-15 05:31 - 00658272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-11-01 12:17 - 2016-10-15 05:31 - 00402272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-11-01 12:17 - 2016-10-15 05:30 - 01851696 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-11-01 12:17 - 2016-10-15 05:30 - 00557408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-11-01 12:17 - 2016-10-15 05:30 - 00509280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-11-01 12:17 - 2016-10-15 05:30 - 00341936 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-11-01 12:17 - 2016-10-15 05:29 - 02913104 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-11-01 12:17 - 2016-10-15 05:29 - 01267504 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-11-01 12:17 - 2016-10-15 05:29 - 00908640 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2016-11-01 12:17 - 2016-10-15 05:29 - 00335712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-11-01 12:17 - 2016-10-15 05:29 - 00079200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2016-11-01 12:17 - 2016-10-15 05:26 - 01694712 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2016-11-01 12:17 - 2016-10-15 05:26 - 01600632 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-11-01 12:17 - 2016-10-15 05:26 - 00160096 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.dll
2016-11-01 12:17 - 2016-10-15 05:25 - 00882680 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2016-11-01 12:17 - 2016-10-15 05:25 - 00742704 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-11-01 12:17 - 2016-10-15 05:21 - 02537824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-11-01 12:17 - 2016-10-15 05:21 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-11-01 12:17 - 2016-10-15 05:21 - 00584032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-11-01 12:17 - 2016-10-15 05:21 - 00292872 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2016-11-01 12:17 - 2016-10-15 05:20 - 02276736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-11-01 12:17 - 2016-10-15 05:19 - 00272720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-11-01 12:17 - 2016-10-15 05:18 - 02166232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-11-01 12:17 - 2016-10-15 05:18 - 01556712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-11-01 12:17 - 2016-10-15 05:18 - 00846560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-11-01 12:17 - 2016-10-15 05:15 - 01853776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-11-01 12:17 - 2016-10-15 05:15 - 01123368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-11-01 12:17 - 2016-10-15 05:15 - 00687936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2016-11-01 12:17 - 2016-10-15 05:11 - 01435896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-11-01 12:17 - 2016-10-15 05:10 - 00254656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpeffects.dll
2016-11-01 12:17 - 2016-10-15 05:06 - 05685760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-11-01 12:17 - 2016-10-15 05:05 - 07216640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-11-01 12:17 - 2016-10-15 05:00 - 01631232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-11-01 12:17 - 2016-10-15 05:00 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2016-11-01 12:17 - 2016-10-15 05:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-11-01 12:17 - 2016-10-15 05:00 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stdole2.tlb
2016-11-01 12:17 - 2016-10-15 04:59 - 00272384 _____ (Microsoft Corporation) C:\Windows\system32\mfksproxy.dll
2016-11-01 12:17 - 2016-10-15 04:59 - 00187904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfksproxy.dll
2016-11-01 12:17 - 2016-10-15 04:59 - 00130560 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2016-11-01 12:17 - 2016-10-15 04:59 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\stdole2.tlb
2016-11-01 12:17 - 2016-10-15 04:58 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xboxgip.sys
2016-11-01 12:17 - 2016-10-15 04:57 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2016-11-01 12:17 - 2016-10-15 04:57 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpdxm.dll
2016-11-01 12:17 - 2016-10-15 04:57 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2016-11-01 12:17 - 2016-10-15 04:56 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\esentutl.exe
2016-11-01 12:17 - 2016-10-15 04:56 - 00327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2016-11-01 12:17 - 2016-10-15 04:56 - 00306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esentutl.exe
2016-11-01 12:17 - 2016-10-15 04:56 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-11-01 12:17 - 2016-10-15 04:56 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\AudioSrvPolicyManager.dll
2016-11-01 12:17 - 2016-10-15 04:56 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFi.dll
2016-11-01 12:17 - 2016-10-15 04:56 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2016-11-01 12:17 - 2016-10-15 04:56 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll
2016-11-01 12:17 - 2016-10-15 04:56 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\HttpsDataSource.dll
2016-11-01 12:17 - 2016-10-15 04:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\OnDemandConnRouteHelper.dll
2016-11-01 12:17 - 2016-10-15 04:55 - 00329216 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2016-11-01 12:17 - 2016-10-15 04:55 - 00265728 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2016-11-01 12:17 - 2016-10-15 04:55 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-11-01 12:17 - 2016-10-15 04:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFi.dll
2016-11-01 12:17 - 2016-10-15 04:55 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll
2016-11-01 12:17 - 2016-10-15 04:54 - 00717312 _____ (Microsoft Corporation) C:\Windows\system32\taskbarcpl.dll
2016-11-01 12:17 - 2016-10-15 04:54 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2016-11-01 12:17 - 2016-10-15 04:54 - 00410112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2016-11-01 12:17 - 2016-10-15 04:54 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2016-11-01 12:17 - 2016-10-15 04:54 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingFolder.dll
2016-11-01 12:17 - 2016-10-15 04:54 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoplay.dll
2016-11-01 12:17 - 2016-10-15 04:54 - 00102912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpshell.dll
2016-11-01 12:17 - 2016-10-15 04:53 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-11-01 12:17 - 2016-10-15 04:52 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-11-01 12:17 - 2016-10-15 04:52 - 00410624 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2016-11-01 12:17 - 2016-10-15 04:52 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2016-11-01 12:17 - 2016-10-15 04:52 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2016-11-01 12:17 - 2016-10-15 04:52 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2016-11-01 12:17 - 2016-10-15 04:51 - 13868544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-11-01 12:17 - 2016-10-15 04:51 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2016-11-01 12:17 - 2016-10-15 04:51 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2016-11-01 12:17 - 2016-10-15 04:50 - 02716672 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-11-01 12:17 - 2016-10-15 04:50 - 02333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-11-01 12:17 - 2016-10-15 04:50 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-11-01 12:17 - 2016-10-15 04:50 - 00310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2016-11-01 12:17 - 2016-10-15 04:50 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2016-11-01 12:17 - 2016-10-15 04:50 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2016-11-01 12:17 - 2016-10-15 04:49 - 01913344 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2016-11-01 12:17 - 2016-10-15 04:49 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-11-01 12:17 - 2016-10-15 04:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2016-11-01 12:17 - 2016-10-15 04:49 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-11-01 12:17 - 2016-10-15 04:49 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-11-01 12:17 - 2016-10-15 04:48 - 01554944 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2016-11-01 12:17 - 2016-10-15 04:48 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2016-11-01 12:17 - 2016-10-15 04:47 - 07792640 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-11-01 12:17 - 2016-10-15 04:47 - 04612608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2016-11-01 12:17 - 2016-10-15 04:47 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-11-01 12:17 - 2016-10-15 04:46 - 03287552 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2016-11-01 12:17 - 2016-10-15 04:46 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-11-01 12:17 - 2016-10-15 04:45 - 01790464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2016-11-01 12:17 - 2016-10-15 04:45 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.MediaPlayer.dll
2016-11-01 12:17 - 2016-10-15 04:44 - 00636928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-11-01 12:17 - 2016-10-15 04:44 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.exe
2016-11-01 12:17 - 2016-10-15 04:43 - 02748928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2016-11-01 12:17 - 2016-10-15 04:43 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2016-11-01 12:17 - 2016-10-15 04:43 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\iscsiwmi.dll
2016-11-01 12:17 - 2016-10-15 04:42 - 06108672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-11-01 12:17 - 2016-10-15 04:42 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll
2016-11-01 12:17 - 2016-10-15 04:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.exe
2016-11-01 12:17 - 2016-10-15 04:41 - 07654912 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-11-01 12:17 - 2016-10-15 04:41 - 05376000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-11-01 12:17 - 2016-10-15 04:41 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-11-01 12:17 - 2016-10-15 04:41 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2016-11-01 12:17 - 2016-10-15 04:39 - 04474368 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2016-11-01 12:17 - 2016-10-15 04:39 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-11-01 12:17 - 2016-10-15 04:39 - 01005568 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll
2016-11-01 12:17 - 2016-10-15 04:39 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-11-01 12:17 - 2016-10-15 04:39 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-11-01 12:17 - 2016-10-15 04:39 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll
2016-11-01 12:17 - 2016-10-15 04:39 - 00631296 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2016-11-01 12:17 - 2016-10-15 04:39 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Geolocation.dll
2016-11-01 12:17 - 2016-10-15 04:38 - 00675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2016-11-01 12:17 - 2016-10-15 04:37 - 03733504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2016-11-01 12:17 - 2016-10-15 04:37 - 01980416 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-01 12:17 - 2016-10-15 04:37 - 01029632 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-11-01 12:17 - 2016-10-15 04:37 - 00715264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-11-01 12:17 - 2016-10-15 04:37 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-11-01 12:17 - 2016-10-15 04:37 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\cmifw.dll
2016-11-01 12:17 - 2016-10-15 04:36 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2016-11-01 12:17 - 2016-10-15 04:36 - 00983040 _____ (Microsoft Corporation) C:\Windows\system32\RemoteNaturalLanguage.dll
2016-11-01 12:17 - 2016-10-15 04:36 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2016-11-01 12:17 - 2016-10-15 04:36 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-11-01 12:17 - 2016-10-15 04:36 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2016-11-01 12:17 - 2016-10-15 04:36 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2016-11-01 12:17 - 2016-10-15 04:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2016-11-01 12:17 - 2016-10-15 04:36 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmifw.dll
2016-11-01 12:17 - 2016-10-15 04:35 - 03054080 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-11-01 12:17 - 2016-10-15 04:35 - 02708992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-11-01 12:17 - 2016-10-15 04:35 - 02315264 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-11-01 12:17 - 2016-10-15 04:35 - 02005504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-11-01 12:17 - 2016-10-15 04:35 - 00905216 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-11-01 12:17 - 2016-10-15 04:35 - 00760832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-11-01 12:17 - 2016-10-15 04:35 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2016-11-01 12:17 - 2016-10-15 04:34 - 02476544 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-11-01 12:17 - 2016-10-15 04:34 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-11-01 12:17 - 2016-10-15 04:34 - 00936448 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-11-01 12:17 - 2016-10-15 04:32 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-11-01 12:17 - 2016-09-10 14:21 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\capimg.sys
2016-11-01 12:17 - 2016-08-06 05:17 - 00619368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-10-27 17:47 - 2016-10-27 17:47 - 00000000 ____D C:\Users\Marko\AppData\Local\Tempzxpsigne26076621272bf25
2016-10-27 17:47 - 2016-10-27 17:47 - 00000000 ____D C:\Users\Marko\AppData\Local\Tempzxpsignc6bbe926608f2387
2016-10-27 17:47 - 2016-10-27 17:47 - 00000000 ____D C:\Users\Marko\AppData\Local\Tempzxpsign3dc452737736e6a5
2016-10-25 15:56 - 2016-10-25 15:56 - 00000000 ____D C:\Users\Marko\AppData\Roaming\MathWorks
2016-10-25 15:31 - 2016-10-25 15:31 - 00003848 _____ C:\Windows\System32\Tasks\MATLAB R2016b Startup Accelerator
2016-10-25 15:31 - 2016-10-25 15:31 - 00000578 _____ C:\Windows\Tasks\MATLAB R2016b Startup Accelerator.job
2016-10-25 15:31 - 2016-10-25 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2016b
2016-10-25 15:31 - 2016-10-25 15:31 - 00000000 ____D C:\ProgramData\MathWorks
2016-10-25 15:18 - 2016-10-25 15:18 - 00000000 ____D C:\Users\Marko\Downloads\MathWorks
2016-10-25 15:14 - 2016-10-25 15:14 - 00000000 ____D C:\Program Files\MATLAB
2016-10-25 15:13 - 2016-10-25 15:13 - 97975128 _____ C:\Users\Marko\Downloads\matlab_R2016b_win64.exe
2016-10-25 15:13 - 2016-10-25 15:13 - 00000000 ____D C:\Users\Marko\Downloads\_temp_matlab_R2016b_win64
2016-10-22 22:44 - 2016-10-22 22:44 - 00000000 ____D C:\Users\Marko\AppData\Local\Tempzxpsignffbe7a11447fee71
2016-10-22 22:42 - 2016-10-22 22:42 - 00000000 ____D C:\Users\Marko\AppData\Local\Tempzxpsign8a87f9c6493adb3c
2016-10-22 22:42 - 2016-10-22 22:42 - 00000000 ____D C:\Users\Marko\AppData\Local\Tempzxpsign7ae05fba91275dd8
2016-10-20 16:57 - 2016-10-20 16:57 - 00000000 ____D C:\Users\Marko\.QtWebEngineProcess
2016-10-20 16:57 - 2016-10-20 16:57 - 00000000 ____D C:\Users\Marko\.Origin

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-17 13:59 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\AppReadiness
2016-11-17 13:58 - 2016-09-03 19:22 - 00000000 ____D C:\Windows\system32\SleepStudy
2016-11-16 19:04 - 2016-09-03 13:31 - 03948970 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-16 19:04 - 2016-07-16 23:57 - 01829872 _____ C:\Windows\system32\perfh007.dat
2016-11-16 19:04 - 2016-07-16 23:57 - 00472384 _____ C:\Windows\system32\perfc007.dat
2016-11-16 19:01 - 2016-10-02 17:26 - 00004170 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6C97B98B-77FD-476C-BECE-022C7300BBA8}
2016-11-16 18:58 - 2016-10-06 23:22 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-11-16 18:57 - 2016-09-03 19:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-16 11:41 - 2016-09-03 15:05 - 00003142 _____ C:\Windows\System32\Tasks\MSIAfterburner
2016-11-16 11:38 - 2016-10-08 16:35 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2016-11-16 11:29 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-16 11:28 - 2016-09-19 20:53 - 00000000 ____D C:\Users\Marko\AppData\Local\Adobe
2016-11-16 11:26 - 2016-09-03 13:53 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2016-11-16 11:26 - 2016-09-03 13:53 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2016-11-16 11:25 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\LiveKernelReports
2016-11-16 11:25 - 2016-07-16 12:45 - 00000000 ____D C:\Windows\INF
2016-11-16 00:15 - 2016-09-03 13:57 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-14 19:45 - 2016-09-19 21:03 - 00000000 ___RD C:\Users\Marko\Creative Cloud Files
2016-11-14 19:45 - 2016-09-19 21:03 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-11-12 14:12 - 2016-07-16 07:04 - 00262144 _____ C:\Windows\system32\config\BBI
2016-11-12 13:50 - 2016-09-03 13:52 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-12 13:49 - 2016-09-03 13:47 - 00000000 ____D C:\Users\Marko\AppData\Local\CrashDumps
2016-11-12 13:28 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\NDF
2016-11-12 12:47 - 2016-09-03 13:29 - 00000000 ____D C:\Users\Marko
2016-11-12 11:55 - 2016-09-14 16:02 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-11-12 11:55 - 2016-09-13 20:43 - 00000000 ____D C:\GOG Games
2016-11-12 11:55 - 2016-09-03 13:42 - 00000000 ____D C:\NVIDIA
2016-11-12 11:55 - 2016-07-16 12:47 - 00000000 ____D C:\PerfLogs
2016-11-12 00:59 - 2016-09-03 14:03 - 00000000 ____D C:\Users\Marko\AppData\Roaming\Origin
2016-11-12 00:00 - 2016-09-20 16:31 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-11-11 14:54 - 2016-09-04 10:56 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-11-11 14:54 - 2016-09-03 14:02 - 00000000 ____D C:\ProgramData\Origin
2016-11-11 14:53 - 2016-09-04 10:57 - 00000000 ____D C:\Users\Marko\AppData\Local\Battle.net
2016-11-11 14:53 - 2016-09-03 14:02 - 00000000 ____D C:\Program Files (x86)\Origin
2016-11-10 19:41 - 2016-09-03 13:31 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-10 19:27 - 2016-10-07 12:17 - 00000000 ____D C:\Program Files (x86)\Intel
2016-11-10 19:20 - 2016-09-20 16:31 - 00001244 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-11-10 19:20 - 2016-09-20 16:31 - 00001240 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-11-10 19:09 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\GroupPolicy
2016-11-10 19:07 - 2016-09-10 20:14 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-11-10 19:07 - 2016-09-03 13:30 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-11-10 19:06 - 2016-10-07 12:18 - 00000000 ____D C:\Program Files (x86)\ASM104xUSB3
2016-11-10 19:06 - 2016-09-28 20:45 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2016-11-10 19:06 - 2016-09-27 13:34 - 00000000 ____D C:\Program Files (x86)\Citavi 5
2016-11-10 19:06 - 2016-09-19 20:55 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-11-10 19:06 - 2016-09-18 14:11 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-11-10 19:06 - 2016-09-18 14:11 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-11-10 19:06 - 2016-09-18 01:16 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-11-10 19:06 - 2016-09-18 01:11 - 00000000 ____D C:\Program Files (x86)\Wondershare
2016-11-10 19:06 - 2016-09-18 00:46 - 00000000 ____D C:\Program Files (x86)\iMobie
2016-11-10 19:06 - 2016-09-18 00:02 - 00000000 ____D C:\Program Files (x86)\Anvsoft
2016-11-10 19:06 - 2016-09-14 15:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-11-10 19:06 - 2016-09-10 22:30 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-11-10 19:06 - 2016-09-10 22:30 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-11-10 19:06 - 2016-09-04 16:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-10 19:06 - 2016-09-04 14:27 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-11-10 19:06 - 2016-09-04 13:21 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-11-10 19:06 - 2016-09-04 13:21 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-11-10 19:06 - 2016-09-04 11:03 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-11-10 19:06 - 2016-09-03 20:10 - 00000000 ____D C:\Program Files (x86)\CMAK
2016-11-10 19:06 - 2016-07-16 12:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-11-10 19:06 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-11-10 19:06 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-11-10 19:06 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-11-10 19:06 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-11-09 22:09 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\rescache
2016-11-09 21:44 - 2016-09-20 16:31 - 00004304 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2016-11-09 21:44 - 2016-09-20 16:31 - 00004072 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2016-11-09 17:50 - 2016-09-03 13:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-09 17:35 - 2016-09-03 19:22 - 00340240 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-09 17:34 - 2016-07-16 12:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-11-09 17:34 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-11-09 17:34 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\oobe
2016-11-09 17:34 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\migwiz
2016-11-09 17:34 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\ShellExperiences
2016-11-09 17:34 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\bcastdvr
2016-11-09 12:24 - 2016-09-03 13:30 - 00000000 ____D C:\Users\Marko\AppData\Local\Packages
2016-11-09 12:06 - 2016-07-16 12:36 - 00000000 ____D C:\Windows\CbsTemp
2016-11-09 12:05 - 2016-09-03 19:18 - 00000000 ____D C:\Windows\system32\MRT
2016-11-09 12:03 - 2016-09-03 19:18 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-09 11:38 - 2016-09-22 13:27 - 00000000 ____D C:\Users\Marko\Desktop\Photoshop
2016-11-09 11:28 - 2016-09-17 14:04 - 00000000 ____D C:\Users\Marko\AppData\Local\Greenshot
2016-11-03 23:26 - 2016-09-03 13:47 - 00000000 ____D C:\Users\Marko\AppData\Local\NVIDIA Corporation
2016-11-03 15:19 - 2016-09-03 13:30 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-11-03 15:18 - 2016-09-03 13:31 - 00000000 ____D C:\Users\Marko\AppData\Local\NVIDIA
2016-11-03 15:18 - 2016-09-03 13:30 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-03 15:18 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\Help
2016-11-03 15:07 - 2016-09-03 14:02 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-11-03 14:41 - 2016-09-03 14:03 - 00000000 ____D C:\Users\Marko\AppData\Local\Origin
2016-11-02 12:33 - 2016-07-16 12:47 - 00015425 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2016-11-02 12:33 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\appraiser
2016-11-02 12:33 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-11-01 12:29 - 2016-09-04 13:03 - 00000000 ____D C:\Users\Marko\AppData\Local\ElevatedDiagnostics
2016-11-01 12:10 - 2016-09-03 15:43 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-11-01 12:02 - 2016-09-03 13:52 - 00000000 ____D C:\Users\Marko\AppData\Local\Google
2016-10-29 00:56 - 2016-07-16 12:49 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-29 00:56 - 2016-07-16 12:49 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-26 02:09 - 2016-08-26 23:30 - 01595456 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2016-10-26 02:09 - 2016-08-26 23:30 - 00212936 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-10-25 22:40 - 2016-09-23 19:42 - 00042296 _____ C:\Windows\system32\nvinfo.pb
2016-10-23 04:10 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-11-11 19:06 - 2016-11-11 23:06 - 0000020 ____H () C:\Program Files\local64spl.dll.ini
2016-09-04 14:33 - 2016-09-04 14:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Marko\AppData\Local\Temp\libeay32.dll
C:\Users\Marko\AppData\Local\Temp\msvcr120.dll
C:\Users\Marko\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Marko\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Marko\AppData\Local\Temp\nvStInst.exe
C:\Users\Marko\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Marko\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Marko\AppData\Local\Temp\sfareca00001.dll
C:\Users\Marko\AppData\Local\Temp\sfareca00002.dll
C:\Users\Marko\AppData\Local\Temp\sfextra.dll
C:\Users\Marko\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-11-13 19:44

==================== Ende von FRST.txt ============================
         
__________________

Alt 17.11.2016, 14:05   #4
maigoh
 
Avast meldet sich alle 10 min - Standard

Avast meldet sich alle 10 min



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16-11-2016
durchgeführt von Marko (17-11-2016 14:00:19)
Gestartet von C:\Users\Marko\Downloads
Windows 10 Education Version 1607 (X64) (2016-09-03 12:29:03)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1238477326-3089224063-801030621-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1238477326-3089224063-801030621-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1238477326-3089224063-801030621-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-1238477326-3089224063-801030621-501 - Limited - Disabled)
Marko (S-1-5-21-1238477326-3089224063-801030621-1001 - Administrator - Enabled) => C:\Users\Marko

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Avast Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe InDesign CC 2015 (HKLM-x32\...\{DBFD0312-6E55-1014-8952-E78D43BC0147}) (Version: 11.4.1.102 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0_1) (Version: 17.0.1 - Adobe Systems Incorporated)
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.33.1 - Asmedia Technology)
Asus Sonic Suite Plugins (x32 Version: 2.1.2501 - ASUSTeKcomputer.Inc) Hidden
Avast Premier (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.9.53998 - Electronic Arts)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty: Infinite Warfare (HKLM\...\Steam App 292730) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM\...\Steam App 10190) (Version:  - Infinity Ward)
Citavi 5  (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.4.0.2 - Swiss Academic Software)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.29 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 14.4.19 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.57.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Greenshot 1.2.8.12 (HKLM\...\Greenshot_is1) (Version: 1.2.8.12 - Greenshot)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
MATLAB R2016b (HKLM\...\Matlab R2016b) (Version: 9.1 - MathWorks)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7369.2038 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
NahimicSettingsConfigurator (Version: 2.1.2501 - ASUSTeKcomputer.Inc) Hidden
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.0.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.0.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.2.2.60207 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7836 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0330 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
Sonic Studio Plugin (Version: 2.1.2501 - ASUSTeKcomputer.Inc) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.10.0.0 - GOG.com)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.67 - Samsung Electronics CO., LTD.)
YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version:  - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ACHTUNG

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1238477326-3089224063-801030621-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-6306D3D7D4EA}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1238477326-3089224063-801030621-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {24AA9A08-0043-4D3A-B44A-EE65B74D91C3} - System32\Tasks\77cf4b3dfabc9e11de3765bb9c0b2422 => Rundll32.exe "C:\Program Files (x86)\Samsung\3s801p.dll",e62dc6c6547f46bda862da2d05af6862 <==== ACHTUNG
Task: {2CB9BE25-D3C0-46C2-8697-B7D7676A3149} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {39571C63-59B5-4873-8C8D-98A03EB94DFC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-20] (Dropbox, Inc.)
Task: {39C4CEA1-7814-4C70-B594-44A43C02D968} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-11-12] (AVAST Software)
Task: {4BE2324A-93FD-438E-9F4A-8F09C6E0EDFD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-12] (Google Inc.)
Task: {5ACE5233-95CE-40CF-B804-7C85183C8312} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {6353C359-E8AF-4341-9052-7AC1CA3A2E5D} - System32\Tasks\ChelfNotify Task => C:\ProgramData\ChelfNotify\BrowserUpdate.exe [2016-06-30] (Tencent) <==== ACHTUNG
Task: {79E2A3B5-8704-4E6A-B979-357AE5545098} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-08] (Microsoft Corporation)
Task: {835BAC21-3B07-44AC-9CF2-D3FD04B4008C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {8C9A984C-5886-49C7-9E2A-E34F6BDF12CB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-08] (Microsoft Corporation)
Task: {9DB6FC5F-B5AA-4B60-AF0B-6B1DB60349EC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-10-25] (NVIDIA Corporation)
Task: {9F31B0CE-EFFA-4483-98C9-E0F6DD1B0DFE} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-12-09] ()
Task: {A89B82C7-02DF-4BAC-B5E1-05785AEB9631} - System32\Tasks\MATLAB R2016b Startup Accelerator => C:\Program Files\MATLAB\R2016b\bin\win64\MATLABStartupAccelerator.exe [2016-07-22] ()
Task: {B5CB22E3-F7B9-40D5-9302-FA6B27AE520E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-12] (Google Inc.)
Task: {BB06F67A-6D34-4F90-A404-3F941555946C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-20] (Dropbox, Inc.)
Task: {CED281C9-03A4-48C1-B024-0581CD9C4F65} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-L90M10J-Marko => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {DDDAE7D3-2035-47B2-96A0-50F56431FF95} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-10-25] (NVIDIA Corporation)
Task: {E9FD4A2D-836C-4242-8C18-F62900B7A199} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {F53F4BEC-8FA2-4AEA-AB1B-C512414615A1} - System32\Tasks\Pluperryarejotion Log => C:\Program Files (x86)\Themuckthegerch\arerpiph.exe [2016-11-10] (Glarysoft Ltd)
Task: {FBEEAF12-AF65-4EEB-B94D-095C9D203FE8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-10-09] (Microsoft Corporation)
Task: {FE89B47A-F8A9-4991-8DE5-82C9243DA36B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {FF81F1B7-2F75-44FD-8A1C-08F94294DD83} - System32\Tasks\SafeZone scheduled Autoupdate 1478955532 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2016b Startup Accelerator.job => C:\Program Files\MATLAB\R2016b\bin\win64\MATLABStartupAccelerator.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Marko\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Junemike\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Junemike\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Junemike\Application\chrome.exe (Google Inc.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-10-01 16:08 - 2016-09-15 18:25 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-09-14 16:02 - 2015-03-12 03:43 - 00022528 _____ () C:\Windows\System32\us00alm.dll
2016-11-11 19:06 - 2016-11-11 23:06 - 00142848 ____H () C:\1\local64spl.dll
2016-11-11 19:06 - 2016-11-11 23:06 - 00142848 ____H () C:\GOG Games\local64spl.dll
2016-11-11 19:06 - 2016-11-11 23:06 - 00142848 ____H () C:\GOG Games1\local64spl.dll
2016-11-11 19:06 - 2016-11-11 23:06 - 00142848 ____H () C:\NVIDIA\local64spl.dll
2016-11-11 19:06 - 2016-11-11 23:06 - 00142848 ____H () C:\NVIDIA1\local64spl.dll
2016-11-11 19:06 - 2016-11-11 23:06 - 00142848 ____H () C:\PerfLogs\local64spl.dll
2016-11-11 19:06 - 2016-11-11 23:06 - 00142848 ____H () C:\PerfLogs1\local64spl.dll
2016-11-11 19:06 - 2016-11-11 23:06 - 00142848 ____H () C:\Program Files1\local64spl.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-04 14:31 - 2016-09-04 14:26 - 01360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2016-09-04 14:31 - 2016-09-04 14:31 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2016-11-03 15:18 - 2016-10-25 21:19 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-03 15:18 - 2016-10-25 21:19 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-03 15:18 - 2016-10-25 21:19 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-11-03 15:18 - 2016-10-25 21:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-11-23 17:44 - 2015-11-23 17:44 - 00403456 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
2015-12-09 08:59 - 2015-12-09 08:59 - 00580296 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2016-10-01 16:08 - 2016-09-15 18:25 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-09-04 13:31 - 2016-09-04 13:31 - 01864384 _____ () C:\Users\Marko\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-09-16 21:02 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-09 11:41 - 2016-11-02 11:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 11:41 - 2016-11-02 11:30 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2015-12-02 10:19 - 2015-12-02 10:19 - 00205000 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
2015-11-23 17:43 - 2015-11-23 17:43 - 00026112 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
2015-11-23 17:44 - 2015-11-23 17:44 - 00088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2016-06-02 09:22 - 2016-06-02 09:22 - 00105312 _____ () C:\Windows\SYSTEM32\audioLibVc.dll
2016-06-29 19:01 - 2016-06-29 19:01 - 08166536 _____ () C:\Program Files (x86)\SpeedFan\speedfan.exe
2016-09-01 17:12 - 2016-09-01 17:12 - 00236856 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2016-11-05 04:41 - 2016-11-05 04:41 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-11-05 04:41 - 2016-11-05 04:41 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-11-05 04:41 - 2016-11-05 04:41 - 41608704 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-11-16 20:07 - 2016-11-15 16:13 - 00393216 _____ () C:\Users\Marko\AppData\Roaming\fibei\UvConverter.exe
2016-11-09 11:41 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 11:41 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 11:41 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 11:41 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 11:41 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-12 13:58 - 2016-11-12 13:58 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-11-16 18:58 - 2016-11-16 18:58 - 03129808 _____ () C:\Program Files\AVAST Software\Avast\defs\16111601\algo.dll
2016-11-12 13:58 - 2016-11-12 13:58 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-11-17 13:59 - 2016-11-17 13:59 - 03129808 _____ () C:\Program Files\AVAST Software\Avast\defs\16111700\algo.dll
2016-11-15 10:12 - 2016-11-15 07:59 - 00330240 _____ () c:\program files (x86)\winarcher\archer.dll
2016-11-10 19:06 - 2016-11-10 19:06 - 00278528 _____ () c:\program files (x86)\themuckthegerch\ferferrypekerkhlp.dll
2016-09-04 14:31 - 2016-11-16 18:57 - 00037160 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2016-09-04 14:31 - 2016-09-04 14:26 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2016-11-15 10:12 - 2016-11-14 04:35 - 00208384 _____ () c:\programdata\winsapsvc\winsap.dll
2016-10-20 16:56 - 2016-11-11 14:53 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2016-11-03 15:18 - 2016-10-25 21:19 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-23 17:43 - 2015-11-23 17:43 - 00356864 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll
2015-12-07 17:43 - 2015-12-07 17:43 - 00057856 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2015-12-07 17:43 - 2015-12-07 17:43 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2015-12-07 17:44 - 2015-12-07 17:44 - 00225792 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2015-12-07 17:43 - 2015-12-07 17:43 - 00357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2015-12-07 17:44 - 2015-12-07 17:44 - 00657408 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2015-11-23 17:43 - 2015-11-23 17:43 - 00056832 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2015-11-23 17:43 - 2015-11-23 17:43 - 00071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2015-11-23 17:43 - 2015-11-23 17:43 - 00353792 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2016-09-04 13:31 - 2016-09-04 13:31 - 01383616 _____ () C:\Users\Marko\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-09-04 13:31 - 2016-09-04 13:31 - 00118976 _____ () C:\Users\Marko\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2016-11-12 13:58 - 2016-11-12 13:58 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-11-16 11:26 - 2016-11-16 18:58 - 00158720 _____ () C:\Users\Marko\AppData\Local\Temp\sfareca00001.dll
2016-10-06 23:22 - 2016-11-16 18:58 - 00192512 _____ () C:\Users\Marko\AppData\Local\Temp\sfamcc00001.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-11-16 20:07 - 2016-11-16 03:40 - 00318976 _____ () c:\programdata\microsoft\blend\14.0\1033\resourcecacher.dll
2016-11-16 20:07 - 2016-10-20 09:47 - 01819240 _____ () C:\Program Files (x86)\Junemike\Application\libglesv2.dll
2016-11-16 20:07 - 2016-10-20 09:47 - 00093288 _____ () C:\Program Files (x86)\Junemike\Application\libegl.dll
2016-11-16 20:16 - 2016-10-28 09:36 - 17772736 _____ () C:\Users\Marko\AppData\Local\Junemike\User Data\PepperFlash\23.0.0.207\pepflashplayer.dll
2016-11-16 20:07 - 2016-05-23 03:37 - 00179200 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll
2016-11-16 20:07 - 2016-05-23 03:37 - 00065696 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll
2016-10-02 14:32 - 2016-10-21 05:23 - 03593408 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\gfx.dll
2016-10-02 14:32 - 2016-10-21 05:22 - 00249536 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\IEAWSDC.DLL

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 12:47 - 2016-07-16 12:45 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1238477326-3089224063-801030621-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-1238477326-3089224063-801030621-1001\...\StartupApproved\Run: => "Steam"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{27DE6760-CDE0-499F-8E01-BC7853933367}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{13567A34-EBA1-4F2D-9151-4483A6667331}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1B365D66-19F3-4213-9731-CA1768E39807}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{78453104-C494-40D2-8C4D-7EC5A5FF0E67}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{153E39FA-E342-49BF-841A-6B8513154072}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{70177B29-3A30-445B-9746-968D49D950A2}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{7C7BD3A6-59D9-4AB6-AD32-13AF1350BBE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{803DDDE6-8238-4CDE-9AA8-04A88F870DA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{74B7A44B-8A36-4438-ADD3-2CD3D036EA5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{765BE280-B1B8-4D33-A452-6D22F372EF17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{55A1BE68-55E2-4077-940B-9483A47E6E60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{87C2DE85-1548-4511-AD3F-DD8211E6F49A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{63FF8834-8A58-469D-8456-E449646ABF34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B8DA8D3C-D6CD-4254-9EED-50ECCAB5B368}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D4F180FE-A75C-40DC-BE90-0CC29CA526C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0B1FD9F7-F67B-41BA-BDD2-C2CE0076A303}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B7457C26-962C-48BD-AB77-DFE194DE2304}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8110D6DA-0E4E-4C13-B070-2EA9A09B90D2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{93F2F776-451F-4C87-8320-8798A017DCCA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E798CDC1-3C4F-4068-BEF1-3D34D427AC47}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{42287F43-B0BF-4B46-A689-D7C1F21C9FD8}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{40EFBAB0-1A5B-4E3C-AF66-4A717C018BCF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{9DA0C2D6-4625-4807-9BF4-198A954BAB0F}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
FirewallRules: [{C1436BCD-E276-4A90-8563-81CDE14A87E7}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
FirewallRules: [TCP Query User{92E80477-BCF3-4425-9247-354D2060FC2B}C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe
FirewallRules: [UDP Query User{A4C741D5-54F4-4AFC-BFC0-F08D3B033683}C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe
FirewallRules: [{D8DD91EC-C79F-4EC5-B801-95EAC5BE921E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{AF952CE7-DF0D-4936-99AC-39B9A9C3A593}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{248498B3-BDB5-4966-A625-F224F52252C6}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{37B21143-6A7E-4321-9D9C-161494F0AA5A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{D74D883D-BA58-4C49-8711-63D8203F6AC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{487F12FA-CAAC-4316-937B-70F4E289E905}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{98B8DADA-7705-46ED-9F65-58FD337B252E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DC329F9B-6615-4AFF-BDF6-57850A06E2B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CD7BFD11-79F9-4492-8FEF-E87BA2525815}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{56D8FAC5-7733-481C-A3FE-83736AC35AD4}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty - Infinite Warfare\iw7_ship.exe
FirewallRules: [{77687ED0-F947-41F3-985F-74AE0B3C91EC}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty - Infinite Warfare\iw7_ship.exe
FirewallRules: [{070AC9A5-9B5B-49DF-941E-82C48DEFEAF3}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{A3AB89F0-EEB9-49F2-AF31-B315DAFCF548}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{006073B9-C5BF-4598-834F-C9BC700E1D60}] => (Allow) C:\Program Files (x86)\Junemike\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

10-11-2016 19:27:43 Removed XTUPackage
12-11-2016 13:37:07 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210
16-11-2016 20:08:24 Removed amuleC

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/16/2016 08:08:42 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: DESKTOP-L90M10J)
Description: Die Anwendung oder der Dienst "ed2k idle service" konnte nicht neu gestartet werden.

Error: (11/16/2016 08:08:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/16/2016 08:08:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.

Error: (11/16/2016 06:58:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WsAppService.exe, Version: 2.2.4.1, Zeitstempel: 0x5784a857
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.14393.321, Zeitstempel: 0x57f4c4f0
Ausnahmecode: 0xe053534f
Fehleroffset: 0x0000000000017788
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xWsAppService.exe0
Pfad der fehlerhaften Anwendung: WsAppService.exe1
Pfad des fehlerhaften Moduls: WsAppService.exe2
Berichtskennung: WsAppService.exe3
Vollständiger Name des fehlerhaften Pakets: WsAppService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WsAppService.exe5

Error: (11/16/2016 06:57:58 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.

Error: (11/12/2016 02:12:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WsAppService.exe, Version: 2.2.4.1, Zeitstempel: 0x5784a857
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.14393.321, Zeitstempel: 0x57f4c4f0
Ausnahmecode: 0xe053534f
Fehleroffset: 0x0000000000017788
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xWsAppService.exe0
Pfad der fehlerhaften Anwendung: WsAppService.exe1
Pfad des fehlerhaften Moduls: WsAppService.exe2
Berichtskennung: WsAppService.exe3
Vollständiger Name des fehlerhaften Pakets: WsAppService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WsAppService.exe5

Error: (11/12/2016 02:12:54 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.

Error: (11/12/2016 01:59:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.

Error: (11/12/2016 01:58:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll".
Die abhängige Assemblierung "Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/12/2016 01:49:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x1bd4
Startzeit der fehlerhaften Anwendung: 0x01d23ce33ded0349
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: c7de35be-8967-45e1-b0e9-14683b0a7689
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge


Systemfehler:
=============
Error: (11/17/2016 12:06:54 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/16/2016 08:20:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "YAC Kit Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (11/16/2016 08:08:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ed2k idle service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/16/2016 08:07:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "YAC Kit Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (11/16/2016 08:07:35 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "UvConv" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (11/16/2016 08:07:27 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "ed2k idle service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (11/16/2016 06:58:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Wondershare Application Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/16/2016 06:58:06 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/16/2016 06:57:57 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎16.‎11.‎2016 um 00:12:48 unerwartet heruntergefahren.

Error: (11/16/2016 11:26:24 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2016-11-16 22:04:28.583
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-13 16:17:32.012
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-12 13:53:50.812
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-12 13:51:31.021
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-12 13:49:33.788
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-11 12:04:08.841
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-11-10 19:01:24.769
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-10 19:01:24.768
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-10 19:01:24.209
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-10 19:01:24.208
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 16314.7 MB
Verfügbarer physikalischer RAM: 12782.79 MB
Summe virtueller Speicher: 18746.7 MB
Verfügbarer virtueller Speicher: 14507.03 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:232.89 GB) (Free:37.36 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (System-reserviert) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: () (Removable) (Total:57.82 GB) (Free:20.89 GB) FAT32
Drive g: (Volume) (Fixed) (Total:465.27 GB) (Free:393.25 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 66984B4A)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 7224777E)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 57.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 17.11.2016, 14:19   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast meldet sich alle 10 min - Standard

Avast meldet sich alle 10 min



Zitat:
Windows 10 Education
Was issen das für Rechner?

Privat? Oder wurde der von der Schule gestellt und der gehört dir nicht?

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.11.2016, 14:23   #6
maigoh
 
Avast meldet sich alle 10 min - Standard

Avast meldet sich alle 10 min



das ist mein Rechner, wieso ist das verwunderlich? Ist da etwas drauf was nicht drauf sein sollte?

Alt 17.11.2016, 14:24   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast meldet sich alle 10 min - Standard

Avast meldet sich alle 10 min



Ich habs extra zitiert. Einfach mal lesen.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.11.2016, 14:24   #8
maigoh
 
Avast meldet sich alle 10 min - Standard

Avast meldet sich alle 10 min



Tut mir leid, auf dem Handy nicht gesehen! Bin Student und die Lizenz über die uni bezogen

Alt 17.11.2016, 14:28   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast meldet sich alle 10 min - Standard

Avast meldet sich alle 10 min



Ok, dann hab ich richtig vermutet


1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers




2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.11.2016, 15:26   #10
maigoh
 
Avast meldet sich alle 10 min - Standard

Avast meldet sich alle 10 min



Teil 1
Code:
ATTFilter
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 10.0.9200 Windows 10 x64

Account is Administrative

Internet Explorer version: 11.447.14393.0

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, G:\ DRIVE_FIXED
CPU speed: 4.008000 GHz
Memory total: 17107206144, free: 13795590144

Downloaded database version: v2016.11.17.08
Downloaded database version: v2016.10.31.01
Downloaded database version: v2016.09.21.01
=======================================
Initializing...
Driver version: 0.3.0.4
------------ Kernel report ------------
     11/17/2016 14:46:33
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\ksecdd.sys
\SystemRoot\System32\drivers\clipsp.sys
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\System32\drivers\ntosext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\cng.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\system32\drivers\WindowsTrustedRT.sys
\SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\system32\drivers\CEA.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\System32\Drivers\NTFS.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\drivers\wfplwfs.sys
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volume.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\iorate.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\filecrypt.sys
\SystemRoot\system32\drivers\tbs.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\drivers\aswKbd.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\drivers\vwififlt.sys
\SystemRoot\System32\drivers\pacer.sys
\SystemRoot\system32\drivers\aswNetSec.sys
\SystemRoot\system32\drivers\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\gpuenergydrv.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\SysWow64\drivers\AsUpIO.sys
\SystemRoot\SysWow64\drivers\AsIO.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
\SystemRoot\System32\drivers\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_848dea456d3c865e\nvlddmkm.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\portcls.sys
\SystemRoot\System32\drivers\drmk.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\system32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\TeeDriverW8x64.sys
\SystemRoot\System32\drivers\asmtxhci.sys
\SystemRoot\System32\drivers\serial.sys
\SystemRoot\System32\drivers\serenum.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\acpipagr.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\drivers\asmthub3.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SaiK0728.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\win32kfull.sys
\SystemRoot\System32\win32kbase.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_storahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\dxgmms2.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\wcifs.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\storqosflt.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\drivers\wcnfs.sys
\SystemRoot\System32\drivers\registry.sys
\SystemRoot\system32\drivers\mslldp.sys
\SystemRoot\system32\drivers\lltdio.sys
\SystemRoot\system32\drivers\rspndr.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\system32\drivers\mmcss.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\??\C:\Windows\SysWoW64\speedfan.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\System32\drivers\condrv.sys
\??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
\??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys
\SystemRoot\system32\DRIVERS\iSafeNetFilter.sys
\??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys
\SystemRoot\System32\drivers\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\System32\drivers\WpdUpFltr.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\rassstp.sys
\SystemRoot\System32\DRIVERS\NDProxy.sys
\SystemRoot\System32\drivers\AgileVpn.sys
\SystemRoot\System32\drivers\rasl2tp.sys
\SystemRoot\System32\drivers\raspptp.sys
\SystemRoot\System32\DRIVERS\raspppoe.sys
\SystemRoot\System32\DRIVERS\ndistapi.sys
\SystemRoot\System32\drivers\ndiswan.sys
\SystemRoot\system32\DRIVERS\e1d65x64.sys
\SystemRoot\System32\drivers\umpass.sys
\SystemRoot\System32\drivers\WSDPrint.sys
\SystemRoot\system32\DRIVERS\WSDScan.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2016.11.17.08
  rootkit: v2016.10.31.01

<<<2>>>
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffd38368962060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffd3836884aae0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffd38368962060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xffffd38367702c40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffd38367700e40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffd38367705060, DeviceName: \Device\00000039\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File C:\WINDOWS\SYSTEM32\drivers\iSafeKrnlBoot.sys will be destroyed
Infected: C:\WINDOWS\SYSTEM32\drivers\iSafeKrnlBoot.sys --> [FraudTool.YAC]
File C:\WINDOWS\SYSTEM32\drivers\iSafeNetFilter.sys will be destroyed
Infected: C:\WINDOWS\SYSTEM32\drivers\iSafeNetFilter.sys --> [FraudTool.YAC]
File C:\WINDOWS\SYSTEM32\drivers\zdwfp64.sys will be destroyed
Infected: C:\WINDOWS\SYSTEM32\drivers\zdwfp64.sys --> [PUP.Optional.Komodia]
Done!
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffd38368963060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffd3836884cae0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffd38368963060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffd38367702e40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffd38367701e40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffd38367707060, DeviceName: \Device\00000038\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 66984B4A

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 1024000
    Partition is bootable
    Partition file system is NTFS

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1026048  Numsec = 975742976
    Partition is not bootable
    Partition file system is NTFS

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
Drive 1
This is a System drive
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 7224777E

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2  Numsec = 488397166
    Partition is bootable
    Partition file system is NTFS

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 1 (1-1-488377168-488397168)...
Kernel read failed: 1
Done!
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xffffd38371217060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffd3836e138ae0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffd38371217060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
DevicePointer: 0xffffd38370bd3060, DeviceName: \Device\0000007c\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 0

Partition information:

    Partition 0 type is Other (0xc)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 32  Numsec = 121307104
    Partition is not bootable
    Partition file system is FAT32

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 62109253632 bytes
Sector size: 512 bytes

Done!
Infected: C:\Program Files (x86)\WinArcher\Archer.dll --> [Adware.Elex]
Infected: C:\Program Files (x86)\WinArcher\Archer.dll --> [Adware.Elex]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeTHlp.exe --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeTHlp.exe --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafebs.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafebs.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafebs.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafebase.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafebase.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafebase.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafepxy.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafepxy.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafepxy.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafepxy.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafepxy.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iImportLib.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iImportLib.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iImportLib.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iImportLib.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iImportLib.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isaferpt.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isaferpt.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isaferpt.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isaferpt.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafemc.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafemc.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafemc.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\curlpp.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\curlpp.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\curlpp.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\curlpp.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\curlpp.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe --> [FraudTool.YAC]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\iSafeService --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSvc.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSvc.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafeupbiz.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafeupbiz.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iCommu.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iCommu.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iCommu.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iCommu.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\ipcproxy.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\ipcproxy.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSvc2.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSvc2.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeAdless.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeAdless.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafenpf.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafenpf.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlCall.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlCall.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMonCall.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMonCall.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iCommon.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iCommon.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iTpNodisturb.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iTpNodisturb.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iTPProtect.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iTPProtect.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iTPDesk.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iTPDesk.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iTPFloaty.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iTPFloaty.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iTPPush.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iTPPush.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iTPMsgCenter.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iTPMsgCenter.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iTPAutoClean.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iTPAutoClean.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys --> [FraudTool.YAC]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\iSafeKrnlKit --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys --> [FraudTool.YAC]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\iSafeKrnl --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys --> [FraudTool.YAC]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\iSafeKrnlMon --> [FraudTool.YAC]
Infected: C:\Users\Marko\AppData\Local\Temp\_@383F.tmp --> [FraudTool.YAC]
Infected: C:\Users\Marko\AppData\Local\Temp\_@3840.tmp --> [FraudTool.YAC]
Infected: C:\Users\Marko\AppData\Local\Temp\_@3841.tmp --> [FraudTool.YAC]
Infected: C:\Users\Marko\AppData\Local\Temp\_@3842.tmp --> [FraudTool.YAC]
Infected: C:\Users\Marko\AppData\Local\Temp\_@3843.tmp --> [FraudTool.YAC]
Infected: C:\Users\Marko\AppData\Local\Temp\_@3853.tmp --> [FraudTool.YAC]
Infected: C:\Users\Marko\AppData\Local\Temp\_@3854.tmp --> [FraudTool.YAC]
Infected: C:\Users\Marko\AppData\Local\Temp\_@3855.tmp --> [FraudTool.YAC]
Infected: C:\Users\Marko\AppData\Local\Temp\32855813-D4D2-494E-87F7-E3AC334220CE\wadiagopilesve.ru_World.exe --> [Adware.HPDefender]
File "C:\Windows\System32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.dat" is sparse (flags = 32768)
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\1j1fojm4|Name --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\1J1FOJM4 --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\1uat87x6|Name --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\1UAT87X6 --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\2vflyvsv|Name --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\2VFLYVSV --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\58au7lb2|Name --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\58AU7LB2 --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\9ltlgijf|Name --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\9LTLGIJF --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\9s2cl85n|Name --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\9S2CL85N --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\9taq5u1o|Name --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\9TAQ5U1O --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\a2s00fue|Name --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\A2S00FUE --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\bydjexra|Name --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\BYDJEXRA --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\d3vgnye4|Name --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\D3VGNYE4 --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\dmxmdfkr|Name --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\DMXMDFKR --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\h45hywrj|Name --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\H45HYWRJ --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\hd38jvdk|Name --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\HD38JVDK --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\icrm5pah|Name --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\ICRM5PAH --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\kby6d23c|Name --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\KBY6D23C --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\nd7vy07x|Name --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\ND7VY07X --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\s4u04jjm|Name --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\S4U04JJM --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\sr4n38mw|Name --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\SR4N38MW --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\srx6nl94|Name --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\SRX6NL94 --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\wdkndb67|Name --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\WDKNDB67 --> [Adware.Sasquor.SPL]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\iSafeKrnl|ImagePath --> [FraudTool.YAC]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\iSafeKrnlKit|ImagePath --> [FraudTool.YAC]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\iSafeKrnlMon|ImagePath --> [FraudTool.YAC]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ISAFEKRNLBOOT|ImagePath --> [FraudTool.YAC]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ISAFEKRNLBOOT --> [FraudTool.YAC]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ISAFENETFILTER|ImagePath --> [FraudTool.YAC]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ISAFENETFILTER --> [FraudTool.YAC]
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ISAFESERVICE|ImagePath --> [FraudTool.YAC]
Infected: C:\Users\Marko\AppData\Roaming\Elex-tech\YAC --> [FraudTool.YAC]
Infected: C:\Users\Marko\AppData\Roaming\Elex-tech\YAC\preference.ini --> [FraudTool.YAC]
Infected: C:\Users\Marko\AppData\Roaming\Elex-tech\YAC\proxyUpdate.ini --> [FraudTool.YAC]
Infected: C:\Users\Marko\AppData\Roaming\Elex-tech\YAC\iDesk --> [FraudTool.YAC]
Infected: C:\Users\Marko\AppData\Roaming\Elex-tech\YAC\iDesk\desk.ini --> [FraudTool.YAC]
Infected: C:\Users\Marko\AppData\Roaming\Elex-tech\YAC\log --> [FraudTool.YAC]
Infected: C:\Users\Marko\AppData\Roaming\Elex-tech\YAC\log\install.log --> [FraudTool.YAC]
Infected: C:\Users\Marko\AppData\Roaming\Elex-tech\YAC\log\iSafeTray.log --> [FraudTool.YAC]
Infected: C:\Users\Marko\AppData\Roaming\Elex-tech\YAC\log\logreport.log --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafembp.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iddmgr.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iDesk.exe --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\ipcdl.exe --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafe.exe --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafeadfv.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafetbv.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeTHlp64.exe --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iStart.exe --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafemclv.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafemgc.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeMon.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeMon64.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafemoptv.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafemsmv.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeNetFilter.sys --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafesmgr.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafesopt.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafesptv.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafesv.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\libcurl.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\libcurl.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\libcurl.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\libcurl.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\libcurl.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\libeay32.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\libeay32.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\libeay32.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\libeay32.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\libeay32.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\libpng.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\libpng.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\libpng.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\main --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\msvcp110.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\msvcp110.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\msvcp110.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\msvcp110.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\msvcp110.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\msvcr110.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\msvcr110.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\msvcr110.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\msvcr110.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\msvcr110.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\ouilibx.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\ouilibx.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\ouilibx.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\sqlite3.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\sqlite3.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\sqlite3.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\sqlite3.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\sqlite3.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\sqlite3x64.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\ssleay32.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\ssleay32.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\ssleay32.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\ssleay32.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\ssleay32.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\uninstall.exe --> [FraudTool.YAC]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\iSafe --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\uninstall.inst --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeBugReport.exe --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafechlp.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafeclc.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafeclcv.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeDisp.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlBoot.sys --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlCall64.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlShell.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\isafemadwc.dll --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\cfg --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\cfg\ccc.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\cfg\customscan.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\cfg\dbucg.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\cfg\hyperscan.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\cfg\isafe.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\cfg\quickscan.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\cfg\scanfilter.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\cfg\ucg.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\cfg\updatedb.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\adb.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\bas.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\bts.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\bwd.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\cls.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\clx.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\eas.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\ess.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\fst.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\gcs.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\gcx.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\hs.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\mic.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\nlu.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\plx.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\rms.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\sta.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\stu.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\tbc.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\uis.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\was.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\data\ysm.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\engine --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\engine\cache --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\engine\cache\index.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\engine\defs --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\engine\defs\bs.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\engine\defs\sr.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\engine\defs\vn.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\engine\defs\ws.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\engine\quarantine --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\engine\trustzone --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\font --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\font\segoeui.ttf --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\font\segoeuib.ttf --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\AdBlock_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\adwclean_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\bugreport.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\clean_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\clean_scanfilter_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\common_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\dsk_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\fblang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\iSafeRKScanShell.lang --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\iSafeSet_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\Lottery_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\NewVirusScan_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\new_clean_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\optimize_lang2.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\PCClinicUI_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\plugin_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\SafeProtect_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\shell.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\softmgr_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\startup_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\taskhelper_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\ToolBox_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\tray2_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\trayplugin_appstore_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\trayplugin_desk_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\trayplugin_feedback_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\trayplugin_floaty_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\trayplugin_nodisturb_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\trayplugin_protect_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\trayplugin_startupassist_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\lang\uninstall_lang.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\log --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\log\bugreport.LOG --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\log\ipcdl.log --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\log\ipcproxy.log --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\log\iSafeBS.log --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\log\iSafeKrnlCall.log --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\log\iSafeKrnlMonCall.log --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\log\iSafeSvc.LOG --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\log\iSafeSvc2.LOG --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\log\iSafeTaskHelper.LOG --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\log\iSafeTHlp64.LOG --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\pfdatapfdata --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\pfdatapfdata\SSL --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2 --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\edit_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\AdblockToggle.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\adb_set.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\adb_set_gray.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\adb_set_hide.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\adb_set_hide_gray.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\adb_set_show.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\adb_set_show_gray.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\Add.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\Beta.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\check.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\Delete.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\FilterDesc.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\FilterDesc_gray.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\lock_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\LogDetail.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\LogDetail_gray.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\opt_arrow_down.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\popup_menu_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\popup_menu_itemskin.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\Resource.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\unlocked_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\WhiteList.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\WhiteList_gray.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\layout\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\layout\default\AdBlockView.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\style\Style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\about_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\activity.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\activity_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\appstore_new.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\appstore_refresh.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\BG.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\btn_set.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\check_checked.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\check_indeterminate.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\check_uncheck.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\cm_iconlist.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\combo_browser_dropdown_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\connecting_anim.gif --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\dbup_dlg_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\dbup_dlg_bk_arrow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\dbup_dlg_onekey_up_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\dbup_dlg_reboot_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\head_checked.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\head_indeteminate.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\head_unchecked.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_adblock.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_adw_clean.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_appstore.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_avira.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_deep_clean.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_exam.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_netmon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_optimize.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_protect.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_recovery.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_softmgr.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_toolbox.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_virusscan.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\if_block.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\if_prompt.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\if_question.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\if_warning.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\language_selected_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\like.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\like_count.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\line1.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\line2.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\listctrlbtn.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\menu_bkg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\menu_bkg2.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\menu_item_over.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\menu_nation_iconlist.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\msgbox_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\number_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\number_bg2.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\pop_sys_button2.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\pop_sys_close.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\progressbar_anim.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\progressbar_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\progressbar_image.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\language_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\menu_setting_over.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\recovery.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\startmenu_deepclean.ico --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\resource.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\setting.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\setting_img_list.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\slidebutton_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\small_dl.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\small_download.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\small_new.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\small_progress.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\small_progress_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\special_line.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\sub_toggle_btn.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\sys_imglist.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\tab_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\updatedlg_ok_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\update_check.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\update_cheking.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\update_chk_err.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\update_chk_ok.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\update_client_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\update_downlodaing.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\update_error.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\update_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\update_latest.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\update_server_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\vscroll.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\wifi_logo.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\bk_bag.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\bk_green.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\bk_orange.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\bk_red.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\btn_repair.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_adblock_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_back_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_cancel.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_do.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_number_0.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_health_number_normal.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_health_number_pressed.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_health_plus_normal.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_number_hover.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_number_hover_red.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_number_normal.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_number_normal_red.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_number_pressed.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_number_pressed_red.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_ok_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_plus_normal.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_rubbish_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_rubbish_icon_warning.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_safe_protect_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_safe_protect_icon_warning.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_scanning_mid.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_scanning_pic.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_scanning_small.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_softmgr_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_softmgr_icon_warning.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_sys_opt_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_sys_opt_icon_warning.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_tip_wnd_arrow_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_tip_wnd_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_tip_wnd_bk2.png --> [FraudTool.YAC]
         

Alt 17.11.2016, 15:28   #11
maigoh
 
Avast meldet sich alle 10 min - Standard

Avast meldet sich alle 10 min



Teil 2
Code:
ATTFilter
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_type_btn_bottom_line.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_unit_bn.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_unit_gb.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_unit_health_bn.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_unit_health_kn.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_unit_health_mn.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_unit_kb.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_unit_kn.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_unit_mb.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_vscroll.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\green_right.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\icon_big_home.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\manual_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\manual_item.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\number_big_green.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\number_big_red.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\number_big_red2.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\opt_arrow_down.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\opt_arrow_up.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\right_green.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\score_none.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\warning_blue.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\warning_gray.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\warning_red.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\warning_yellow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\yellow_wrong.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_health_number_hover.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_unit_mn.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\ignore_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout\new --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout\new\aboutdlg.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout\new\dbupdatedlg.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout\new\DemoApp.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout\new\language_select.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout\new\maindlg.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout\new\msgbox.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout\new\slide_button_wnd.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout\new\tipwnd.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout\new\updatedlg.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\app\style\style_new.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\resource.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\crash_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\detail_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\error_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\input.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\reset_yac_btn_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\send_btn_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\smell_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\sorry_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\sucess_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\vscroll.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\wait.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\waitting_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\wait_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\layout\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\layout\default\detailwnd.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\layout\default\mainwnd.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\style\style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_quick_clean_iconlist.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_res.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_advance_item_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_advance_item_bk2.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_adware_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_auto_clean_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_clean_smile_face.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_full_scan_virus_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_junk_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_list_header_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_plugin_can_delete.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_plugin_can_disable.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_plugin_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_plugin_normal.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_plugin_type_iconlist.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_privacy_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_quickclean_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_registry_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_reg_iconlist.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_rubbish_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_scan_check.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_scan_detail_dlg_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_share_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_sysmenu_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_trace_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\opt_new_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\opt_rightkeymenu_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\opt_sendto_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res\clean_pop_button_open.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res\clean_button_bk1.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res\clean_button_bk2.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res\clean_button_bk3.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res\clean_button_bk4.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res\clean_button_bk5.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res\clean_button_bk6.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res\clean_pop_box_select_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res\clean_pop_default_image.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res\clean_pop_eye_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res\clean_pop_file_browser.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res\clean_pop_path_edit.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res\clean_pop_progress_animate.gif --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res\clean_pop_tipwnd_warnning.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res\clean_togbtn_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res\cl_combo_skin.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res\cl_down_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res\cl_menu_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res\cl_menu_item_over.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res\cl_up_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\layout\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\layout\default\NewCleanPFSettingDlg.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\layout\default\NewCleanPopDlg.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\layout\default\NewCleanView.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\layout\default\ScanDetailDlg.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\layout\default\Tipswnd.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\style\clean_style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\head_unchecked.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\msgbox_close_btn.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\arrow_down.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\arrow_up.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\check_checked.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\check_indeterminate.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\check_uncheck.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\close_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\color_blue_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\color_green_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\color_red_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\color_yellow_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\common_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\common_dlg_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\common_faq_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\common_res.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\common_tip_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\feedback_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\head_checked.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\head_indeteminate.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\if_block.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\if_prompt.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\if_question.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\if_warning.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\min_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\msgbox2_button_blue.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\msgbox2_button_green.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\msgbox2_warning.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\msgbox_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\msgbox_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\nation_icon_list.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\progressbar_anim.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\progressbar_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\progressbar_image.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\pvb_line.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\pvb_skin.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\scanview_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\scan_check.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\scan_complete.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\scan_scanning.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\scan_warning.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\switch_button_off.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\switch_button_on.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\toggle_btn_pop_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default\vscroll.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\layout\msgbox.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\layout\msgbox2.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\common\style\common_style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\fb_file_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\close_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\fb_add_file_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\fb_add_file_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\fb_btn_bk1.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\fb_btn_bk2.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\fb_complete_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\fb_ctrl_close_btn.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\fb_edit_skin.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\fb_file_ctrl_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\fb_live_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\fb_msgbox_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\fb_msgbox_warning.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\fb_pay_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\fb_problem_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\fb_report_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\fb_suggestion_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\fb_tip_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\fb_wait_anim.gif --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\fb_warning_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\fb_yac_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\resource.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default\tab_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\layout\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\layout\default\feedback_view.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\layout\default\mainwnd2.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\layout\default\msgbox.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\style\style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\desk_bkg_list.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\desk_bkg --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\desk_bkg\desk_bkg_1.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\desk_bkg\desk_bkg_2.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\desk_bkg\desk_bkg_3.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\desk_bkg\desk_bkg_4.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\desk_bkg\desk_bkg_5.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\desk_bkg\desk_bkg_default.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\foldericon --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\foldericon\app.ico --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\foldericon\file.ico --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\foldericon\folder.ico --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\foldericon\picture.ico --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\add_list_over.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\add_list_til_line.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\app.ico --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\arrange_arrow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\arrow_left.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\arrow_right.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\btn_accelerate_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\button_delete.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\button_selected.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\check_checked.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\check_uncheck.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\cloud_flash.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\combo_skin.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\combo_skin_op.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\customize.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\default_file.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\delete_button.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_all_import.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_bkg_default.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_btn_dkg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_button_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_close.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_cmd_list.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_default_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_dlg_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_edit_light.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_fbar.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_import_arrow_left.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_import_arrow_right.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_import_button_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_import_gridctrl_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_import_icon_add_other.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_import_icon_list_add.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_list.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_loading.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_main_panel_edge.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_menu.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_more.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_pc.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_plus_import_bkg_a.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_plus_import_bkg_b.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_power_off.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_power_off_light.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_power_off_unlight.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_skin.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\edit_skin.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\edit_skin_op.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\file.ico --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\focus_next.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\focus_prev.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\folder.ico --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\icon_adblock_18-18.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\icon_adblock_22-22.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\deskbtnbk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_edit.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\desk_list_light.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\icon_arrange.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\menu_noad.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\new_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\pic-info.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\icon_Tip.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\idesk_pre_view.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\idesk_pre_view_a.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\import_scroll.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\improve_arrow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\large_add_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\line-foot.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\list_scroll.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\logo_small.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\menuitem_selbk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\menu_accelerate.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\menu_arrow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\menu_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\menu_close.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\menu_help.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\menu_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\menu_import.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\menu_open.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\menu_quit.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\menu_restore.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\menu_sendto.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\menu_set.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\monitor_button_next.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\monitor_button_pre.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\mousechoose.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\mypc_bkg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\new_icon_large.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\new_icon_small.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\new_icon_xp.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\normal_button_close.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\nothing.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\PageBtnBkg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\PageBtnBkg_focus.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\PageNavigate.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\pic-error.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\pic-question.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\pic-warning.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\picture.ico --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\plus_action_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\resource.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\search_box.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\search_button.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\search_close.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\selected.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\shutdown_button_bkg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\shutdown_more_button_bkg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\start_button_hover.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\start_panel_bkg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\start_shutdown_arrow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\switch_style.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\sys_ctrl_panel.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\sys_imglist.bmp --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\sys_local_driver.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\sys_lock.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\sys_menu_bkg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\sys_net_connect.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\sys_recycle.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\sys_restart.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\sys_sleep.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tips_button_close.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\title_bar.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\user_account_default.bmp --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\vscroll.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\WIN7_bjSmall_X.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\WIN7_bjSmall_Y.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\WIN7_bj_X.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\WIN7_bj_Y.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\win8_desk_16_over.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\win8_desk_32_over.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\XP_bj_hover.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\XP_bj_normal.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\arrangedesktop --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\arrangedesktop\arrange_arrow_b.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\arrangedesktop\arrange_arrow_l.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\arrangedesktop\arrange_arrow_r.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\arrangedesktop\arrange_arrow_t.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\arrangedesktop\btn_close.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\arrangedesktop\btn_green_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\arrangedesktop\check_uncheck.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\arrangedesktop\main_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip\desk_tip_firstrun_bottom.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip\desk_tip_firstrun_left.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip\desk_tip_firstrun_right.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip\desk_tip_firstrun_top.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip\desk_tip_introduce_bottom.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip\desk_tip_introduce_left.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip\desk_tip_introduce_right.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip\desk_tip_introduce_top.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip\tip_close.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip\tip_guide_add_focus.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip\tip_guide_arrow_bottom.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip\tip_guide_arrow_left.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip\tip_guide_arrow_right.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip\tip_guide_arrow_right_large.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip\tip_guide_browser_focus.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip\tip_guide_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip\tip_guide_focus_mask_point.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip\tip_guide_focus_mask_rect.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip\tip_guide_item_drag.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip\tip_guide_item_focus.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip\tip_point.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\layout\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\layout\default\add_shortcut_tip.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\layout\default\arrange_desktop.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\layout\default\desk_bkg.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\layout\default\desk_taskbar_help_tip1.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\layout\default\desk_taskbar_help_tip2.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\layout\default\main_import_icon.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\layout\default\main_panel.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\layout\default\main_setting.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\layout\default\main_start.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\layout\default\my_pc_menu.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\layout\default\plus_import_icon.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\layout\default\rename.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\layout\default\taskbar.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\style\style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\image\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\image\default\about.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\image\default\adb.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\image\default\bep.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\image\default\bth.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\image\default\check.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\image\default\dse.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\image\default\emailprotect.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\image\default\fw.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\image\default\general.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\image\default\iSafeSet_res.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\image\default\jfm.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\image\default\lang.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\image\default\lang_btn_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\image\default\nation_icon_list.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\layout\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\layout\default\iSafeSetView.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\style\iSafeSet_style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_indeterminate.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_arrow_down.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_arrow_up.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_button_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_close_button.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_loading.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_logo.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_minimum_button.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_num.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_num_percent.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_num_white.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_picture_brush.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_picture_complete.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_picture_dl_brush.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_picture_dl_complete.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_picture_dl_start.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_picture_install_brush.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_picture_normal.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_picture_op_complete.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_picture_warning.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_point.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_res.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_select.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_speed_bar.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_unable.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_unit_b.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_unit_gb.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_unit_kb.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_unit_mb.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\new_clean_unselect.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean\vscroll.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\layout\newclean --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\layout\newclean\NewCleanDlg.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\layout\newclean\tipsWnd.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\style\new_clean_style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2 --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\opt_combo_bk_top.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\optimize_btn_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\optimize_empty.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\optimize_restore_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\opt_appsvc_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\opt_arrow_down_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\opt_arrow_up_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\opt_boottime_nodata_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\opt_combo.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\opt_combo_bk_bottom.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\opt_combo_dropdown_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\opt_menu_item_over.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\opt_startup_app_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\opt_sysmenu_def_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\opt_syssvc_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\opt_taskschedule_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\opt_type_iconlist.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\opt_vert_line.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\pop_OptDlg_BG.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\resource.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\st_green.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\st_orange.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\st_red.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default\syssvc_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\layout\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\layout\default\OptimizeView.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\layout\default\optimize_popdlg.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\style\style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\plugin --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\plugin\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\plugin\image\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\plugin\image\default\plugin_res.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\plugin\image\default\plug_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\plugin\image\default\plug_norm.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\plugin\image\default\plug_sec_level.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\plugin\image\default\plug_should_del.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\plugin\image\default\plug_should_dis.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\plugin\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\plugin\layout\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\plugin\layout\default\PluginView.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\plugin\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\plugin\style\plugin_style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\empty.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\locked_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\bing_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\blank_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\bo.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\bp.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\bw.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\cdbh.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\cdsh.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\check.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\chph.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\chrome_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\cseh.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\dp.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\edit_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\edit_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\edit_skin.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\exam_dlg_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\exam_radio_checked.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\exam_radio_unchecked.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\firefix_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\fr.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\google_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\google_small.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\ie_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\iph.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\lastsession_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\lock_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\oh.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\opera_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\opt.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\opt_vert_line.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\popup_menu_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\popup_menu_itemskin.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\pop_OptDlg_BG.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\pop_toggle_btn_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\pwb.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\query_btn_safe.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\SafeProtect_res.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\savebtn_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\syssvc_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\to.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\tp.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\tw.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\unlocked_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\yac_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\yahoo_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default\yahoo_small.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\layout\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\layout\default\examdlg.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\layout\default\SafeProtectView.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\layout\default\SafeProtect_popdlg.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\style\SafeProtect_style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm2_check_arrow_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm2_close_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm2_collapse_arrow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm2_expand_arrow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm2_folder_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm2_opt_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm2_progbar_anim_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm2_progbar_indicator.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm2_progbar_indicator_green.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm2_search_box_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm2_search_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm2_software_def_ico_48.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm2_step_found.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm2_step_nofound.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm2_uninst_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm2_vscroll.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm2_warning_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm2_whirling_pic.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm_common_btn_bk1.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm_common_btn_bk2.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm_menu_bkg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm_menu_item_over.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm_remain_ctrl_iconlist.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm_software_def_ico_20.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\sm_warning_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default\softmgr_res.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\layout\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\layout\default\SoftMgrView.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\layout\default\SoftMgrView2.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\layout\default\softmgr_guide.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\layout\default\softmgr_guide2.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\layout\default\softmgr_result.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\style\softmgr_style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\image\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\image\default\resource.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\image\default\res --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\image\default\res\bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\image\default\res\btn_bg_1.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\image\default\res\btn_bg_2.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\image\default\res\smell_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\image\default\res\sorry_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\image\default\res\taskhlp_ac_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\image\default\res\taskhlp_ac_iconlist.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\image\default\res\vscroll.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\image\default\res\wait.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\image\default\res\wait_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\layout\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\layout\default\autoclean_guide.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\layout\default\softuninstallwnd.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\style\style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\ToolBox --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\ToolBox\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\ToolBox\image\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\ToolBox\image\default\Resource.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\ToolBox\image\default\tb_close.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\ToolBox\image\default\tb_default.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\ToolBox\image\default\tb_download.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\ToolBox\image\default\tb_new.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\ToolBox\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\ToolBox\layout\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\ToolBox\layout\default\ToolBoxView.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\ToolBox\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\ToolBox\style\Style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2 --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\image\if_block.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\image\if_prompt.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\image\if_warning.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\image\notify_bk_dang.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\image\notify_bk_safe.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\image\notify_bk_warning.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\image\pop_sys_close.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\image\query_bk_dang.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\image\query_bk_safe.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\image\query_bk_warning.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\image\query_btn_dang.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\image\query_btn_safe.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\image\query_btn_warning.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\image\resource.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\image\traymenu_dlg_bk2.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\image\vscroll.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\layout\traydlg.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\layout\pop --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\layout\pop\tippop.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\style\style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Appstore --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback\image\adblock_guide_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback\image\ad_arrow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback\image\pic_ad_off1.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback\image\pic_ad_off2.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback\image\pic_ad_on1.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback\image\pic_ad_on2.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback\image\resource.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback\image\rubbish.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback\image\traymenu_iconlist.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback\layout\adblockguide.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback\layout\cleartrash.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback\layout\strongUnist.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback\layout\traydlg.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback\style\style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\testspeed_arrow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\arrowdown_green.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\arrowup_orange.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\clean_junk_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\default_program_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\download.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\download_gray.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\floattray_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\flow_number.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\flow_unit.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\IPicon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\menu_bkg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\menu_item_over.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\pop_memory_btn_green_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\pop_memory_btn_yellow_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\pop_network_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\resource.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\speed_number.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\speed_unit.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\sys_imglist.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\testspeed_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\testspeed_light.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\testspeed_light1.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\test_speed_download.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\test_speed_upload.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\trayfloatarrow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\trayfloatnetbtnico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\traymenu_iconlist.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\upload.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\upload_gray.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\upload_gray_mark.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\yaclogo.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\trayF_float_tips_left.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\trayF_float_tips_right.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_anim_acc_circle_list_blue.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_anim_acc_circle_list_orange.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_anim_acc_circle_list_red.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_anim_dec_circle_list_orange.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_anim_dec_circle_list_red.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_anim_left_bk_blue.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_anim_left_bk_orange.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_anim_left_bk_red.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_anim_right_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_anim_round_bk_blue.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_anim_round_bk_orange.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_anim_round_bk_red.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_anim_shadow_bk_blue.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_anim_shadow_bk_orange.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_anim_shadow_bk_red.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_anim_whirling_blue.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_anim_whirling_orange.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_btn_close_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_menu_iconlist.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_net_down_arrow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_net_flow_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_net_up_arrow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_numer.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_percent_bk_blue.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_percent_bk_orange.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_percent_bk_red.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_shadow_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_shadow_sh_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_speed_test_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_tip_arrow_left.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_tip_arrow_rb.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_tip_arrow_rb_red.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_tip_arrow_right.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_tip_arrow_rt.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_tip_arrow_rt_red.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_tip_close_btn.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_tip_go_btn_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_tip_wnd_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_tip_wnd_bk_red.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_rope_btn_bk_gl.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_rope_btn_bk_roulette.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_swing_anim_bk_gl.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_swing_anim_bk_roulette.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_throw_anim_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_throw_anim_round_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_anim_dec_circle_list_blue.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_anim_whirling_red.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float\tray_float_shadow_sv_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\layout\floatplugin.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\layout\floattipwnd.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\layout\floattipwnd_hide.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\layout\swing_anim.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\layout\throwdlg.xml --> [FraudTool.YAC]
         

Alt 17.11.2016, 15:30   #12
maigoh
 
Avast meldet sich alle 10 min - Standard

Avast meldet sich alle 10 min



Teil 3
Code:
ATTFilter
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\layout\traydlg.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\layout\trayfloaty2.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\layout\trayfloatypop2.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\layout\trayfloatypop2_bottom.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\layout\trayTaskbar.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\layout\trayTaskbar_wifi.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\style\style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\foldericon --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\foldericon\app.ico --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\foldericon\file.ico --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\foldericon\folder.ico --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\foldericon\picture.ico --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\image\idesk_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\image\resource.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\image\traymenu_iconlist.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\image\arrangedesktop --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\image\arrangedesktop\app.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\image\arrangedesktop\btn_cancel.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\image\arrangedesktop\btn_close.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\image\arrangedesktop\btn_green_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\image\arrangedesktop\file.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\image\arrangedesktop\folder.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\image\arrangedesktop\logo_small.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\image\arrangedesktop\main_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\image\arrangedesktop\picture.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\image\arrangedesktop\yac_logo.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\layout\arrange_desktop.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\layout\traydlg.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\style\style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\MsgCenter --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\MsgCenter\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\MsgCenter\layout\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\MsgCenter\layout\default\MsgCenterDlg.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\MsgCenter\resouce --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\MsgCenter\resouce\default --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\MsgCenter\resouce\default\close.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\MsgCenter\resouce\default\logo.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\MsgCenter\resouce\default\Msg_BG.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\MsgCenter\resouce\default\Resource.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\MsgCenter\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\MsgCenter\style\Style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Nodisturb --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Nodisturb\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Nodisturb\image\pop_startup_slow_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Nodisturb\image\pop_startup_warning_button.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Nodisturb\image\resource.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Nodisturb\image\traymenu_iconlist.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Nodisturb\image\traymenu_pop_cancel_btn2.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Nodisturb\image\traymenu_pop_ico_query.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Nodisturb\image\tray_radio_checked.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Nodisturb\image\tray_radio_unchecked.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Nodisturb\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Nodisturb\layout\traydlg.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Nodisturb\layout\traymenupop.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Nodisturb\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Nodisturb\style\style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\bing_16_16.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\chrome_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\combo_browser2.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\combo_browser_dropdown_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\combo_pop_modify.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\combo_pop_modify2.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\combo_pop_modify_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\combo_skin4.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\firefix_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\google_16_16.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\ie_16_16.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\ie_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\isafe_16.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\pop_startup_slow_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\pop_startup_warning_button.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\resource.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\traymenu_iconlist.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\traymenu_pop_cancel_btn2.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\traymenu_pop_ico_query.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\tray_radio_checked.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\tray_radio_unchecked.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image\yahoo_16_16.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\layout\accesslink.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\layout\blockblacklist.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\layout\lock_guide.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\layout\querymodify.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\layout\querymodify2.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\layout\traydlg.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\layout\traymenupop.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\style\style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\blue.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\close.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\Location_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\new_left.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\new_right.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\pop_assistant_blue_number.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\pop_assistant_yellow_number.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\pop_startupass_comb_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\pop_startupass_vscoll.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\pop_startup_fast_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\pop_startup_slow_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\pop_startup_warning_button.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\pop_sys_close.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\pop_sys_Setting.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\pop_sys_star.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\resource.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_anim_expand_bk_blue.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_anim_expand_bk_yellow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_char_m.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_char_percent.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_char_s.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_close_btn_blue.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_close_btn_yellow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_combo_drop_bk_blue.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_combo_drop_bk_yellow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_combo_skin_blue.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_combo_skin_yellow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_itemhover_bk_blue.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_itemhover_bk_yellow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_location_blue.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_location_yellow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_news_line_blue.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_news_line_yellow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_number.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_number_fuzzy.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_optimize_btn.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_redpoint_large.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_redpoint_middle.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_redpoint_small.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_time_late_night_blue.jpg --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_time_late_night_yellow.jpg --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_time_morning_blue.jpg --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_time_morning_yellow.jpg --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_time_nightfall_blue.jpg --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_time_nightfall_yellow.jpg --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_time_noon_blue.jpg --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_vscoll_blue.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_vscoll_yellow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_weather_cloudy_blue.jpg --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_weather_cloudy_yellow.jpg --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_weather_icon_large.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_weather_icon_small.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_weather_line_blue.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_weather_line_yellow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_weather_rain_blue.jpg --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\pop_startup_nomall_button.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_time_noon_yellow.jpg --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_weather_rain_yellow.jpg --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_weather_snow_blue.jpg --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_weather_snow_yellow.jpg --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_weather_thunder_blue.jpg --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_weather_thunder_yellow.jpg --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\sa_yac_logo.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\weather_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image\yellow.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\layout\daily_news.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\layout\startup_assist.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\layout\startup_assist_2.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\layout\startup_assist_3.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\layout\startup_assist_weather.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\style\style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\exam_tip_wnd_arrow_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\inst_cover_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninstall_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninst_func_up.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\av_authority_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\combo_list.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\custom_check.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\custom_uncheck.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\dl_inst_antymal_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\dl_inst_clean_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\dl_inst_optimize_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\dl_inst_protect_icon.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\exam_tip_wnd_bk2.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\ico_app.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\ico_face.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\ico_upgrade.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\install_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\install_combo_skin.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\install_logo.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\install_prog_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\install_prog_meter.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\open_dir.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\popup_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\resource.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\soft_cof_button_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\soft_remove_button_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninstall_pic_1.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninstall_pic_2.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninstall_pic_3.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninstall_pic_4.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninstall_pic_5.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninstall_pic_6.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninstall_pic_7.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninst_acc.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninst_btn_bg1.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninst_btn_bg2.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninst_clean.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninst_complete.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninst_cry.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninst_func1.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninst_func3.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninst_func_intr.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninst_input.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninst_progress.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninst_prog_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninst_protect.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\uninst_spliter.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\upgrade_bg.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\upgrade_prog_bk.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\upgrade_prog_meter.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\vscroll.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image\yac_side_ico.png --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\layout --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\layout\cover.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\layout\install.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\layout\uninstallpro.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\layout\uninstall_logo_fade.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\layout\upgrade.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\style --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\style\style.xml --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\update --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\update\0 --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\update\1 --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\update\temp --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\update\temp\dlcfg.ini --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\update\temp\upcfg.ini --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\user --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\user\sie.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\user\softcache2.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\user\svc2.dat --> [FraudTool.YAC]
Infected: C:\Program Files (x86)\Elex-tech\YAC\user\svc2_com.dat --> [FraudTool.YAC]
Scan finished
Creating System Restore point...
Cleaning up...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 10.0.14393 Windows 10 x64

Account is Administrative

Internet Explorer version: 11.447.14393.0

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, G:\ DRIVE_FIXED
CPU speed: 4.008000 GHz
Memory total: 17107206144, free: 14521020416

=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 10.0.9200 Windows 10 x64

Account is Administrative

Internet Explorer version: 11.447.14393.0

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, G:\ DRIVE_FIXED
CPU speed: 4.008000 GHz
Memory total: 17107206144, free: 15317635072

=======================================
Initializing...
Driver version: 0.3.0.4
------------ Kernel report ------------
     11/17/2016 15:03:00
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\ksecdd.sys
\SystemRoot\System32\drivers\clipsp.sys
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\System32\drivers\ntosext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\cng.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\system32\drivers\WindowsTrustedRT.sys
\SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\drivers\imofugc.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\system32\drivers\CEA.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\System32\Drivers\NTFS.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\drivers\wfplwfs.sys
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volume.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\iorate.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\filecrypt.sys
\SystemRoot\system32\drivers\tbs.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\drivers\aswKbd.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\drivers\vwififlt.sys
\SystemRoot\System32\drivers\pacer.sys
\SystemRoot\system32\drivers\aswNetSec.sys
\SystemRoot\system32\drivers\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\gpuenergydrv.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\SysWow64\drivers\AsUpIO.sys
\SystemRoot\SysWow64\drivers\AsIO.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
\SystemRoot\System32\drivers\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_848dea456d3c865e\nvlddmkm.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\portcls.sys
\SystemRoot\System32\drivers\drmk.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\system32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\TeeDriverW8x64.sys
\SystemRoot\System32\drivers\asmtxhci.sys
\SystemRoot\System32\drivers\serial.sys
\SystemRoot\System32\drivers\serenum.sys
\SystemRoot\system32\DRIVERS\e1d65x64.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\acpipagr.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_storahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\asmthub3.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\win32kfull.sys
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\win32kbase.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\drivers\USBSTOR.SYS
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SaiK0728.sys
\SystemRoot\System32\drivers\dxgmms2.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\wcifs.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\storqosflt.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\drivers\wcnfs.sys
\SystemRoot\System32\drivers\registry.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\System32\drivers\WpdUpFltr.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\rspndr.sys
\SystemRoot\system32\drivers\lltdio.sys
\SystemRoot\system32\drivers\mslldp.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\system32\drivers\mmcss.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\SysWoW64\speedfan.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\drivers\WSDPrint.sys
\SystemRoot\system32\DRIVERS\WSDScan.sys
\SystemRoot\System32\drivers\umpass.sys
\SystemRoot\System32\drivers\condrv.sys
\??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2016.11.17.08
  rootkit: v2016.10.31.01

<<<2>>>
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffcf084d749060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffcf084d60dae0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffcf084d749060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xffffcf084d51f590, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffcf084d519e40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffcf084d51e060, DeviceName: \Device\00000039\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffcf084d74a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffcf084d60fae0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffcf084d74a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffcf084d51f790, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffcf084d51ae40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffcf084d521060, DeviceName: \Device\00000038\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 66984B4A

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 1024000
    Partition is bootable
    Partition file system is NTFS

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1026048  Numsec = 975742976
    Partition is not bootable
    Partition file system is NTFS

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
Drive 1
This is a System drive
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 7224777E

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2  Numsec = 488397166
    Partition is bootable
    Partition file system is NTFS

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xffffcf084edaf060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffcf084edb6040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffcf084edaf060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
DevicePointer: 0xffffcf084edb5060, DeviceName: \Device\0000004d\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 0

Partition information:

    Partition 0 type is Other (0xc)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 32  Numsec = 121307104
    Partition is not bootable
    Partition file system is FAT32

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 62109253632 bytes
Sector size: 512 bytes

Done!
File "C:\Windows\System32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.dat" is sparse (flags = 32768)
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-1026048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-2-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-2-0-32-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removal finished
         
TDSSKiller Teil1
Code:
ATTFilter
15:15:15.0832 0x21b8  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
15:15:23.0479 0x21b8  ============================================================
15:15:23.0479 0x21b8  Current date / time: 2016/11/17 15:15:23.0479
15:15:23.0479 0x21b8  SystemInfo:
15:15:23.0479 0x21b8  
15:15:23.0479 0x21b8  OS Version: 10.0.14393 ServicePack: 0.0
15:15:23.0479 0x21b8  Product type: Workstation
15:15:23.0479 0x21b8  ComputerName: DESKTOP-L90M10J
15:15:23.0479 0x21b8  UserName: Marko
15:15:23.0479 0x21b8  Windows directory: C:\Windows
15:15:23.0479 0x21b8  System windows directory: C:\Windows
15:15:23.0479 0x21b8  Running under WOW64
15:15:23.0479 0x21b8  Processor architecture: Intel x64
15:15:23.0479 0x21b8  Number of processors: 8
15:15:23.0479 0x21b8  Page size: 0x1000
15:15:23.0479 0x21b8  Boot type: Normal boot
15:15:23.0479 0x21b8  CodeIntegrityOptions = 0x00000001
15:15:23.0479 0x21b8  ============================================================
15:15:23.0603 0x21b8  KLMD registered as C:\Windows\system32\drivers\56091211.sys
15:15:23.0603 0x21b8  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.447, osProperties = 0x19
15:15:23.0688 0x21b8  System UUID: {6B149E7E-B37E-5F59-4987-4C62B73D5173}
15:15:23.0862 0x21b8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:15:23.0863 0x21b8  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:15:23.0866 0x21b8  Drive \Device\Harddisk2\DR2 - Size: 0xE76000000 ( 57.84 Gb ), SectorSize: 0x200, Cylinders: 0x1D7F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:15:23.0867 0x21b8  ============================================================
15:15:23.0867 0x21b8  \Device\Harddisk0\DR0:
15:15:23.0867 0x21b8  MBR partitions:
15:15:23.0867 0x21b8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
15:15:23.0867 0x21b8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0x3A28A800
15:15:23.0867 0x21b8  \Device\Harddisk1\DR1:
15:15:23.0867 0x21b8  MBR partitions:
15:15:23.0867 0x21b8  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x2, BlocksNum 0x1D1C596E
15:15:23.0867 0x21b8  \Device\Harddisk2\DR2:
15:15:23.0868 0x21b8  MBR partitions:
15:15:23.0868 0x21b8  \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x73AFFE0
15:15:23.0868 0x21b8  ============================================================
15:15:23.0869 0x21b8  C: <-> \Device\Harddisk1\DR1\Partition1
15:15:23.0869 0x21b8  D: <-> \Device\Harddisk0\DR0\Partition1
15:15:23.0870 0x21b8  G: <-> \Device\Harddisk0\DR0\Partition2
15:15:23.0870 0x21b8  ============================================================
15:15:23.0870 0x21b8  Initialize success
15:15:23.0870 0x21b8  ============================================================
15:15:55.0054 0x1c08  ============================================================
15:15:55.0054 0x1c08  Scan started
15:15:55.0054 0x1c08  Mode: Manual; SigCheck; TDLFS; 
15:15:55.0054 0x1c08  ============================================================
15:15:55.0054 0x1c08  KSN ping started
15:15:55.0238 0x1c08  KSN ping finished: true
15:15:56.0422 0x1c08  ================ Scan system memory ========================
15:15:56.0422 0x1c08  System memory - ok
15:15:56.0422 0x1c08  ================ Scan services =============================
15:15:56.0441 0x1c08  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
15:15:56.0468 0x1c08  1394ohci - ok
15:15:56.0473 0x1c08  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\Windows\system32\drivers\3ware.sys
15:15:56.0480 0x1c08  3ware - ok
15:15:56.0491 0x1c08  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:15:56.0506 0x1c08  ACPI - ok
15:15:56.0508 0x1c08  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\Windows\System32\drivers\AcpiDev.sys
15:15:56.0515 0x1c08  AcpiDev - ok
15:15:56.0519 0x1c08  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
15:15:56.0526 0x1c08  acpiex - ok
15:15:56.0528 0x1c08  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
15:15:56.0534 0x1c08  acpipagr - ok
15:15:56.0537 0x1c08  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
15:15:56.0543 0x1c08  AcpiPmi - ok
15:15:56.0545 0x1c08  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
15:15:56.0551 0x1c08  acpitime - ok
15:15:56.0565 0x1c08  [ 8532B30A054D83614A90D24AD61A29DF, 959C74C63AF7F4E5588C705FBF08EA7A8749268BC28819879ED53AB7A3410B74 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
15:15:56.0577 0x1c08  AdobeUpdateService - ok
15:15:56.0594 0x1c08  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
15:15:56.0614 0x1c08  ADP80XX - ok
15:15:56.0624 0x1c08  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD             C:\Windows\system32\drivers\afd.sys
15:15:56.0638 0x1c08  AFD - ok
15:15:56.0666 0x1c08  [ 021D06851E7AFF5C314039DF813608F3, 081B14840F4AD428B4407AA2E639369A45D174D9507BD107F33FE3A94FB8F8EC ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
15:15:56.0694 0x1c08  AGSService - ok
15:15:56.0700 0x1c08  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
15:15:56.0711 0x1c08  ahcache - ok
15:15:56.0719 0x1c08  [ 4BFB41025FA1C37205EDEEFDE36F7771, EA171520C0C8DAFA3D656EC4815393F77096C1E22EC9F39756B52D1565483102 ] AiChargerPlus   C:\Windows\syswow64\drivers\AiChargerPlus.sys
15:15:56.0724 0x1c08  AiChargerPlus - ok
15:15:56.0727 0x1c08  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\Windows\System32\AJRouter.dll
15:15:56.0734 0x1c08  AJRouter - ok
15:15:56.0736 0x1c08  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\Windows\System32\alg.exe
15:15:56.0745 0x1c08  ALG - ok
15:15:56.0753 0x1c08  [ 23CB92EE5654BA92619D796E3AC7DB86, DD4536B55F021990DDAD8864F9BAECCDE40B2B532F6FB0D6CF9EB1A6B112A983 ] ALSysIO         C:\Users\Marko\AppData\Local\Temp\ALSysIO64.sys
15:15:56.0759 0x1c08  ALSysIO - ok
15:15:56.0765 0x1c08  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
15:15:56.0774 0x1c08  AmdK8 - ok
15:15:56.0777 0x1c08  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
15:15:56.0786 0x1c08  AmdPPM - ok
15:15:56.0789 0x1c08  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:15:56.0795 0x1c08  amdsata - ok
15:15:56.0800 0x1c08  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:15:56.0809 0x1c08  amdsbs - ok
15:15:56.0811 0x1c08  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:15:56.0817 0x1c08  amdxata - ok
15:15:56.0821 0x1c08  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\Windows\system32\drivers\appid.sys
15:15:56.0829 0x1c08  AppID - ok
15:15:56.0832 0x1c08  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:15:56.0846 0x1c08  AppIDSvc - ok
15:15:56.0849 0x1c08  [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo         C:\Windows\System32\appinfo.dll
15:15:56.0859 0x1c08  Appinfo - ok
15:15:56.0863 0x1c08  [ 885888F8AAD89108A5EE2D0174690220, 9B148C117EBE400F40BF7F32B66B20AA4628BA9E233D707DFA2EB4A8A65E7C52 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:15:56.0867 0x1c08  Apple Mobile Device Service - ok
15:15:56.0869 0x1c08  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\Windows\system32\drivers\applockerfltr.sys
15:15:56.0879 0x1c08  applockerfltr - ok
15:15:56.0883 0x1c08  [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:15:56.0893 0x1c08  AppMgmt - ok
15:15:56.0902 0x1c08  [ 21DC11DA29484AE026E536F2EA7E79E5, 6E17B679494CB293DE13DFA18F79A9DFAFEEBAAE41943F95B5E1AE0720A5CA26 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
15:15:56.0919 0x1c08  AppReadiness - ok
15:15:56.0931 0x1c08  [ 6010A920FDE5BFE4EA056F9736FBDC06, F55F68D5AD1F272BC285E716E02090C62FC87476DD6CE7ABA6BE7EF8EF6178DE ] AppVClient      C:\Windows\system32\AppVClient.exe
15:15:56.0949 0x1c08  AppVClient - ok
15:15:56.0953 0x1c08  [ B66ED2CB37F7E4696A51612AFBA08834, 70BA67AF7F1290E3145B873B53516F138E50D8AAC80CD00CBA66467ABC6643CB ] AppvStrm        C:\Windows\system32\drivers\AppvStrm.sys
15:15:56.0960 0x1c08  AppvStrm - ok
15:15:56.0965 0x1c08  [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr       C:\Windows\system32\drivers\AppvVemgr.sys
15:15:56.0973 0x1c08  AppvVemgr - ok
15:15:56.0977 0x1c08  [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs         C:\Windows\system32\drivers\AppvVfs.sys
15:15:56.0984 0x1c08  AppvVfs - ok
15:15:57.0012 0x1c08  [ F9F4CFCB3845EABF81A654001C80854C, 2CB7BED0A838585903056E41D46C2604B5EECA3B6C673497A22BFFCAE7986C5F ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
15:15:57.0059 0x1c08  AppXSvc - ok
15:15:57.0067 0x1c08  Archer - ok
15:15:57.0070 0x1c08  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:15:57.0077 0x1c08  arcsas - ok
15:15:57.0090 0x1c08  [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
15:15:57.0105 0x1c08  asComSvc - ok
15:15:57.0118 0x1c08  [ 43A8C7A3FBDF14D36CC4A604C43139BC, 3445119038E5A1E2B107A941F8EA52B0D6CE91F6AF2A2F4128BA386BF3DF11D3 ] asHmComSvc      C:\Program Files (x86)\ASUS\AAHM\1.00.23\aaHMSvc.exe
15:15:57.0133 0x1c08  asHmComSvc - ok
15:15:57.0135 0x1c08  [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
15:15:57.0139 0x1c08  AsIO - ok
15:15:57.0143 0x1c08  [ A750BB0FA32D1CC1E0FC740F09BBA3FD, B068F97AD7B47FD224946B98E0F067217A7D8BB8107160EB671F323CFFB3EF06 ] asmthub3        C:\Windows\System32\drivers\asmthub3.sys
15:15:57.0148 0x1c08  asmthub3 - ok
15:15:57.0155 0x1c08  [ 3054586B131D04D2E8796806CA581361, C650A4D93A79FB6F389D727E55CB0A8784600AFA8AE46E47998B4ED244B8F09A ] asmtxhci        C:\Windows\System32\drivers\asmtxhci.sys
15:15:57.0163 0x1c08  asmtxhci - ok
15:15:57.0181 0x1c08  [ 37F7DD839A711B5706B1264F4D8D4BDC, C949A7BB236C6C03E197EF7F9A6DF53E34EC35D925034351B5FD5D7DB62A770E ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
15:15:57.0213 0x1c08  AsSysCtrlService - detected UnsignedFile.Multi.Generic ( 1 )
15:15:57.0247 0x1c08  Detect skipped due to KSN trusted
15:15:57.0247 0x1c08  AsSysCtrlService - ok
15:15:57.0250 0x1c08  [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] AsUpIO          C:\Windows\syswow64\drivers\AsUpIO.sys
15:15:57.0257 0x1c08  AsUpIO - ok
15:15:57.0271 0x1c08  [ 8B18DE4E8D649CFBFBFBC67C1AA13C57, E6FACE3BF363AE82105B63771DCA502DB82B188EC090086C7F960CE37A28E9E1 ] AsusFanControlService C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.15\AsusFanControlService.exe
15:15:57.0286 0x1c08  AsusFanControlService - ok
15:15:57.0290 0x1c08  [ A5E4CDB420540095D1293C874B5F89AA, EBC082FF94872537649F00D91AF22E0AFB4D538ACDB4731C9A95D209C7B144FD ] ASUSFILTER      C:\Windows\syswow64\drivers\ASUSFILTER.sys
15:15:57.0295 0x1c08  ASUSFILTER - ok
15:15:57.0299 0x1c08  [ 9B480B472D6826E7257C90E2D0EE2954, C52C198602D180011A9345AE6F108EC4B1FD91234AF2E6296B2E39C1888B0D4D ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
15:15:57.0306 0x1c08  aswHwid - ok
15:15:57.0309 0x1c08  [ 06362BBA1347CBA0996F4B39BB1D8353, 0C6B7B085F13FB7C71E2AF481CD216C6ACB63577DC7E2793182F734378C141DA ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
15:15:57.0314 0x1c08  aswKbd - ok
15:15:57.0317 0x1c08  [ 1BB00571CC2C78463ABD7E9C32970758, BF523468754CB1628D66F28B06FAF7C545C5724801B04888517A2FB4BF9582BF ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
15:15:57.0322 0x1c08  aswMonFlt - ok
15:15:57.0329 0x1c08  [ 75325BC6BE15471331FFCEEC14E1DA03, 68A9DC2C4518DBAD54E60B7C89F713DD9FD287D42CFC75700D44A5B8CA4AED0F ] aswNetSec       C:\Windows\system32\drivers\aswNetSec.sys
15:15:57.0337 0x1c08  aswNetSec - ok
15:15:57.0341 0x1c08  [ 7010B57D708DA5C9686A5923EE621776, 5A554B8941C156EC341C602F34679A7475802B19EE6A99AA29AE2628A123ECB1 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
15:15:57.0345 0x1c08  aswRdr - ok
15:15:57.0348 0x1c08  [ 937885085BFE5BD08EC1BC0245DD203B, 6DDD89245EEA3B8106C5F2EB6FA8CF525F3B42AA7032276DE78953E06FE7F4B4 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
15:15:57.0352 0x1c08  aswRvrt - ok
15:15:57.0366 0x1c08  [ 0B6352251C5D84130DF4252D33D266C2, C6A2E0074A7FCFB5799949431F5660B9AF6441001EA9B609F7B3900F4007EBD0 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
15:15:57.0381 0x1c08  aswSnx - ok
15:15:57.0390 0x1c08  [ 28213B34725B18387CC1B8C3D73858A1, D86113D89C62F090B393B68B522581248AEF3568F8FD0FF86B3625F2E6DD4DB8 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
15:15:57.0400 0x1c08  aswSP - ok
15:15:57.0404 0x1c08  [ 9C58B6E9663D0A76D00D83E43C765BDF, 3F474932E77318CD450A3A9C89667D2B26A7E3FAB9AA95D97FF3B1979623A7F2 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
15:15:57.0409 0x1c08  aswStm - ok
15:15:57.0414 0x1c08  [ D60D9201739400F0FBDB9E36A3212D91, 01A17516AB7F4D2C72E2DC51F7B49D1C4F50F564992F78A71E73821D7F8220E7 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
15:15:57.0422 0x1c08  aswVmm - ok
15:15:57.0424 0x1c08  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\Windows\System32\drivers\asyncmac.sys
15:15:57.0431 0x1c08  AsyncMac - ok
15:15:57.0433 0x1c08  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:15:57.0439 0x1c08  atapi - ok
15:15:57.0444 0x1c08  [ 2DC3D53FFA0D10EB8C911AE2DB7BF4CF, 8E0A4B5D610D487A216E70396A99ACC1BEA12C46A6681B1A39CD0FD01EDD406A ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
15:15:57.0457 0x1c08  AudioEndpointBuilder - ok
15:15:57.0470 0x1c08  [ 7B993290E7691C446C16A56A431669BA, 004551934E27E9FC1A939C9BD1DEB850A216CBED9B18CB3317920F5656D9F6BF ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:15:57.0494 0x1c08  Audiosrv - ok
15:15:57.0500 0x1c08  [ F4E0580B5789474385E7ACB189C4AF2C, DB5BE2C852AC102AB8EB186362E582E250B843BA52B3B71AF08A5FDA8A6F91AF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:15:57.0506 0x1c08  avast! Antivirus - ok
15:15:57.0510 0x1c08  [ CAA9BB913356E9FD56761C9352B7054B, E810C6EE0673BEBCF9C74223D120589E8441CB1B74D25A7E10554B6EA96D6909 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
15:15:57.0516 0x1c08  avast! Firewall - ok
15:15:57.0520 0x1c08  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:15:57.0529 0x1c08  AxInstSV - ok
15:15:57.0538 0x1c08  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:15:57.0551 0x1c08  b06bdrv - ok
15:15:57.0554 0x1c08  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
15:15:57.0561 0x1c08  BasicDisplay - ok
15:15:57.0564 0x1c08  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
15:15:57.0570 0x1c08  BasicRender - ok
15:15:57.0573 0x1c08  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\Windows\System32\drivers\bcmfn.sys
15:15:57.0580 0x1c08  bcmfn - ok
15:15:57.0582 0x1c08  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
15:15:57.0588 0x1c08  bcmfn2 - ok
15:15:57.0594 0x1c08  [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:15:57.0608 0x1c08  BDESVC - ok
15:15:57.0610 0x1c08  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\Windows\system32\drivers\Beep.sys
15:15:57.0616 0x1c08  Beep - ok
15:15:57.0628 0x1c08  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\Windows\System32\bfe.dll
15:15:57.0649 0x1c08  BFE - ok
15:15:57.0665 0x1c08  [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS            C:\Windows\System32\qmgr.dll
15:15:57.0692 0x1c08  BITS - ok
15:15:57.0700 0x1c08  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:15:57.0708 0x1c08  Bonjour Service - ok
15:15:57.0711 0x1c08  [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:15:57.0720 0x1c08  bowser - ok
15:15:57.0730 0x1c08  [ 2447BD15B41298622CC662249CD0F496, 013A326D2E3BF68D654BBABE2F1E5DF0FF0A153A4B95D570EE28F9BC0F5A78C3 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
15:15:57.0751 0x1c08  BrokerInfrastructure - ok
15:15:57.0755 0x1c08  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\Windows\System32\browser.dll
15:15:57.0763 0x1c08  Browser - ok
15:15:57.0766 0x1c08  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
15:15:57.0773 0x1c08  BthAvrcpTg - ok
15:15:57.0775 0x1c08  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
15:15:57.0783 0x1c08  BthHFEnum - ok
15:15:57.0785 0x1c08  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
15:15:57.0792 0x1c08  bthhfhid - ok
15:15:57.0798 0x1c08  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
15:15:57.0810 0x1c08  BthHFSrv - ok
15:15:57.0813 0x1c08  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
15:15:57.0821 0x1c08  BTHMODEM - ok
15:15:57.0825 0x1c08  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\Windows\system32\bthserv.dll
15:15:57.0834 0x1c08  bthserv - ok
15:15:57.0836 0x1c08  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\Windows\System32\drivers\buttonconverter.sys
15:15:57.0843 0x1c08  buttonconverter - ok
15:15:57.0846 0x1c08  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\Windows\System32\drivers\capimg.sys
15:15:57.0855 0x1c08  CapImg - ok
15:15:57.0858 0x1c08  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:15:57.0866 0x1c08  cdfs - ok
15:15:57.0873 0x1c08  [ B737F6FB33A6F79BCBC293A5B32C1C4E, B2EAF621052A4CBEE78208ECF1AC9286BD1EB431019372254E442319308112F8 ] CDPSvc          C:\Windows\System32\CDPSvc.dll
15:15:57.0887 0x1c08  CDPSvc - ok
15:15:57.0894 0x1c08  [ 2531EF3423A9FE1692005A41907E3BE3, 4E7D3E216937305B73CBCC5031F513CEC38F4FEFE3F2291DED5F37641221CCA0 ] CDPUserSvc      C:\Windows\System32\CDPUserSvc.dll
15:15:57.0906 0x1c08  CDPUserSvc - ok
15:15:57.0912 0x1c08  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\Windows\System32\drivers\cdrom.sys
15:15:57.0921 0x1c08  cdrom - ok
15:15:57.0925 0x1c08  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:15:57.0936 0x1c08  CertPropSvc - ok
15:15:57.0942 0x1c08  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\Windows\system32\drivers\cht4sx64.sys
15:15:57.0952 0x1c08  cht4iscsi - ok
15:15:57.0978 0x1c08  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\Windows\System32\drivers\cht4vx64.sys
15:15:58.0011 0x1c08  cht4vbd - ok
15:15:58.0015 0x1c08  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\Windows\System32\drivers\circlass.sys
15:15:58.0022 0x1c08  circlass - ok
15:15:58.0028 0x1c08  [ 39591D8510CEC3BA6ED4330EE689B791, E827DEA20AB338308D6E4EEFEF551088088B77CD10BF08C8BE568090E04172E2 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
15:15:58.0038 0x1c08  CLFS - ok
15:15:58.0082 0x1c08  [ 2FFC3A679CF4FF05AA762E2B8D095574, 5CA2B9898E7493AF71B7D3A35FFB5D9F072DD0381AF89B0F47158895FBF58772 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
15:15:58.0125 0x1c08  ClickToRunSvc - ok
15:15:58.0138 0x1c08  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\Windows\System32\ClipSVC.dll
15:15:58.0153 0x1c08  ClipSVC - ok
15:15:58.0156 0x1c08  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\Windows\System32\drivers\registry.sys
15:15:58.0163 0x1c08  clreg - ok
15:15:58.0168 0x1c08  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
15:15:58.0175 0x1c08  CmBatt - ok
15:15:58.0184 0x1c08  [ 3E502EB1701CF54CF237B6250FBE38EA, E63F6F45D3990ACBCA96003F67C83697BA5B74B89F972C5E9CC45F90D05519FF ] CNG             C:\Windows\system32\Drivers\cng.sys
15:15:58.0198 0x1c08  CNG - ok
15:15:58.0200 0x1c08  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\Windows\system32\DRIVERS\cnghwassist.sys
15:15:58.0206 0x1c08  cnghwassist - ok
15:15:58.0213 0x1c08  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
15:15:58.0220 0x1c08  CompositeBus - ok
15:15:58.0222 0x1c08  COMSysApp - ok
15:15:58.0224 0x1c08  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\Windows\system32\drivers\condrv.sys
15:15:58.0230 0x1c08  condrv - ok
15:15:58.0241 0x1c08  [ 03DCC01047713690E312B013C60881AE, B98174222DDFDA2A31BAC4795D99FA07D1D03107ABDB27BF5069FAFBBF00D278 ] CoreMessagingRegistrar C:\Windows\system32\coremessaging.dll
15:15:58.0257 0x1c08  CoreMessagingRegistrar - ok
15:15:58.0261 0x1c08  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:15:58.0270 0x1c08  CryptSvc - ok
15:15:58.0278 0x1c08  [ 03214883D52FAD46573233852344C72C, 63DCCDD895EB804D205ABB8EA381B34FB0879D09E4D0EB0B28F9B2BB1024BAB7 ] CSC             C:\Windows\system32\drivers\csc.sys
15:15:58.0294 0x1c08  CSC - ok
15:15:58.0305 0x1c08  [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService      C:\Windows\System32\cscsvc.dll
15:15:58.0324 0x1c08  CscService - ok
15:15:58.0327 0x1c08  [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam             C:\Windows\system32\drivers\dam.sys
15:15:58.0333 0x1c08  dam - ok
15:15:58.0337 0x1c08  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
15:15:58.0342 0x1c08  dbupdate - ok
15:15:58.0345 0x1c08  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
15:15:58.0349 0x1c08  dbupdatem - ok
15:15:58.0351 0x1c08  dbx - ok
15:15:58.0354 0x1c08  [ 62C2617E1927776851B108717166BBA4, 5ED905AD21D2BA4308561BDFD2868A15A1F2062DFE1D28689D4082700C85500A ] DbxSvc          C:\Windows\system32\DbxSvc.exe
15:15:58.0365 0x1c08  DbxSvc - ok
15:15:58.0393 0x1c08  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:15:58.0427 0x1c08  DcomLaunch - ok
15:15:58.0431 0x1c08  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\Windows\system32\dcpsvc.dll
15:15:58.0445 0x1c08  DcpSvc - ok
15:15:58.0453 0x1c08  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:15:58.0471 0x1c08  defragsvc - ok
15:15:58.0479 0x1c08  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\Windows\system32\das.dll
15:15:58.0493 0x1c08  DeviceAssociationService - ok
15:15:58.0496 0x1c08  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
15:15:58.0509 0x1c08  DeviceInstall - ok
15:15:58.0511 0x1c08  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\Windows\system32\DevQueryBroker.dll
15:15:58.0519 0x1c08  DevQueryBroker - ok
15:15:58.0522 0x1c08  [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
15:15:58.0531 0x1c08  Dfsc - ok
15:15:58.0537 0x1c08  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:15:58.0550 0x1c08  Dhcp - ok
15:15:58.0554 0x1c08  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
15:15:58.0562 0x1c08  diagnosticshub.standardcollector.service - ok
15:15:58.0587 0x1c08  [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack       C:\Windows\system32\diagtrack.dll
15:15:58.0629 0x1c08  DiagTrack - ok
15:15:58.0633 0x1c08  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\Windows\system32\drivers\disk.sys
15:15:58.0639 0x1c08  disk - ok
15:15:58.0646 0x1c08  [ 44A5CAF4E736BCD4360015BB3B841179, 8CD74620C3E163FF998CA8C09A999FED5C9EFDC88D07493192A57032D18CA973 ] DmEnrollmentSvc C:\Windows\system32\Windows.Internal.Management.dll
15:15:58.0661 0x1c08  DmEnrollmentSvc - ok
15:15:58.0664 0x1c08  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
15:15:58.0671 0x1c08  dmvsc - ok
15:15:58.0673 0x1c08  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\Windows\system32\dmwappushsvc.dll
15:15:58.0684 0x1c08  dmwappushservice - ok
15:15:58.0689 0x1c08  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:15:58.0701 0x1c08  Dnscache - ok
15:15:58.0706 0x1c08  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\Windows\System32\dot3svc.dll
15:15:58.0718 0x1c08  dot3svc - ok
15:15:58.0722 0x1c08  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\Windows\system32\dps.dll
15:15:58.0732 0x1c08  DPS - ok
15:15:58.0734 0x1c08  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\Windows\system32\DRIVERS\drmkaud.sys
15:15:58.0739 0x1c08  drmkaud - ok
15:15:58.0744 0x1c08  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
15:15:58.0758 0x1c08  DsmSvc - ok
15:15:58.0761 0x1c08  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\Windows\System32\DsSvc.dll
15:15:58.0772 0x1c08  DsSvc - ok
15:15:58.0799 0x1c08  [ 125C83C44EEE61E2ED5893F23AEF0FC9, D6599AFFA1A554124AEF6862C69027F9FF9B343362091439866641A1CFB0E76A ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:15:58.0835 0x1c08  DXGKrnl - ok
15:15:58.0845 0x1c08  [ E063D7568233B6B007A6B18BE3751861, A0352D03B5B73EB219E57B9550D3D7CE41D07A70D8ED43E3AC2BBCE1E6684CE2 ] e1dexpress      C:\Windows\system32\DRIVERS\e1d65x64.sys
15:15:58.0858 0x1c08  e1dexpress - ok
15:15:58.0867 0x1c08  [ 83E4A14F851341C933C3235BFB882ECA, 152EDEF6B566D010FE519FE4B046050A5281069B48AFF8A2395D7D2BD0519701 ] e1iexpress      C:\Windows\System32\drivers\e1i63x64.sys
15:15:58.0882 0x1c08  e1iexpress - ok
15:15:58.0886 0x1c08  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\Windows\System32\eapsvc.dll
15:15:58.0898 0x1c08  EapHost - ok
15:15:58.0939 0x1c08  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:15:58.0990 0x1c08  ebdrv - ok
15:15:58.0993 0x1c08  ed2kidle - ok
15:15:58.0996 0x1c08  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS             C:\Windows\System32\lsass.exe
15:15:59.0003 0x1c08  EFS - ok
15:15:59.0006 0x1c08  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
15:15:59.0012 0x1c08  EhStorClass - ok
15:15:59.0015 0x1c08  [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
15:15:59.0022 0x1c08  EhStorTcgDrv - ok
15:15:59.0026 0x1c08  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\Windows\System32\embeddedmodesvc.dll
15:15:59.0036 0x1c08  embeddedmode - ok
15:15:59.0042 0x1c08  [ B4264DEF962801CDB83C008DE30758D1, 57886688102BE727450BA45932044A5A389B5822A0C1C08C2AFFBA380F70C3F3 ] EntAppSvc       C:\Windows\system32\EnterpriseAppMgmtSvc.dll
15:15:59.0057 0x1c08  EntAppSvc - ok
15:15:59.0059 0x1c08  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
15:15:59.0065 0x1c08  ErrDev - ok
15:15:59.0074 0x1c08  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\Windows\system32\es.dll
15:15:59.0089 0x1c08  EventSystem - ok
15:15:59.0095 0x1c08  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\Windows\system32\drivers\exfat.sys
15:15:59.0108 0x1c08  exfat - ok
15:15:59.0114 0x1c08  [ C077AA74EDDAF69985EB27597BCB342A, 8CE48D37E39A6DFA3C8E959CA92A49029100446DC40044EE009D55FB9CDE378A ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:15:59.0124 0x1c08  fastfat - ok
15:15:59.0135 0x1c08  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\Windows\system32\fxssvc.exe
15:15:59.0153 0x1c08  Fax - ok
15:15:59.0156 0x1c08  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\Windows\System32\drivers\fdc.sys
15:15:59.0163 0x1c08  fdc - ok
15:15:59.0165 0x1c08  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:15:59.0174 0x1c08  fdPHost - ok
15:15:59.0176 0x1c08  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\Windows\system32\fdrespub.dll
15:15:59.0185 0x1c08  FDResPub - ok
15:15:59.0190 0x1c08  [ CC3AFB5FC34E5533C6A3A261EA46B45D, 99BE380E09BA1C85BBB895B5D0855C592FAD7EDE0835F6F083704F88616D6363 ] Ferbayrepecult  C:\Program Files (x86)\Themuckthegerch\Ferferrypekerkhlp.dll
15:15:59.0198 0x1c08  Ferbayrepecult - detected UnsignedFile.Multi.Generic ( 1 )
15:15:59.0339 0x1c08  Ferbayrepecult ( UnsignedFile.Multi.Generic ) - warning
15:15:59.0429 0x1c08  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\Windows\system32\fhsvc.dll
15:15:59.0471 0x1c08  fhsvc - ok
15:15:59.0477 0x1c08  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\Windows\system32\drivers\filecrypt.sys
15:15:59.0493 0x1c08  FileCrypt - ok
15:15:59.0498 0x1c08  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:15:59.0507 0x1c08  FileInfo - ok
15:15:59.0510 0x1c08  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:15:59.0522 0x1c08  Filetrace - ok
15:15:59.0524 0x1c08  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
15:15:59.0532 0x1c08  flpydisk - ok
15:15:59.0538 0x1c08  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:15:59.0549 0x1c08  FltMgr - ok
15:15:59.0598 0x1c08  [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache       C:\Windows\system32\FntCache.dll
15:15:59.0638 0x1c08  FontCache - ok
15:15:59.0641 0x1c08  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:15:59.0646 0x1c08  FontCache3.0.0.0 - ok
15:15:59.0658 0x1c08  [ 8B52024D3A5C3A12F1C4D75D30A976C5, 982F1C783966C9A6D255AA7DBAB6D225EBE0050A36176B8DE85E8ADBFE17FDF1 ] FrameServer     C:\Windows\system32\FrameServer.dll
15:15:59.0680 0x1c08  FrameServer - ok
15:15:59.0683 0x1c08  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:15:59.0689 0x1c08  FsDepends - ok
15:15:59.0691 0x1c08  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:15:59.0696 0x1c08  Fs_Rec - ok
15:15:59.0706 0x1c08  [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:15:59.0720 0x1c08  fvevol - ok
15:15:59.0722 0x1c08  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
15:15:59.0729 0x1c08  gencounter - ok
15:15:59.0731 0x1c08  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\Windows\System32\drivers\genericusbfn.sys
15:15:59.0738 0x1c08  genericusbfn - ok
15:15:59.0742 0x1c08  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
15:15:59.0749 0x1c08  GPIOClx0101 - ok
15:15:59.0766 0x1c08  [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:15:59.0795 0x1c08  gpsvc - ok
15:15:59.0797 0x1c08  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\Windows\system32\drivers\gpuenergydrv.sys
15:15:59.0804 0x1c08  GpuEnergyDrv - ok
15:15:59.0807 0x1c08  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:15:59.0812 0x1c08  gupdate - ok
15:15:59.0815 0x1c08  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:15:59.0820 0x1c08  gupdatem - ok
15:15:59.0827 0x1c08  [ 217230B984AB2954E2FA5E36578D7B08, BB7B79EA7501A28EB2A0303FDF66FB9D59D567994C25A1523CD6D2081C403AF6 ] HdAudAddService C:\Windows\system32\DRIVERS\HdAudio.sys
15:15:59.0841 0x1c08  HdAudAddService - ok
15:15:59.0844 0x1c08  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
15:15:59.0851 0x1c08  HDAudBus - ok
15:15:59.0853 0x1c08  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
15:15:59.0859 0x1c08  HidBatt - ok
15:15:59.0862 0x1c08  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\Windows\System32\drivers\hidbth.sys
15:15:59.0870 0x1c08  HidBth - ok
15:15:59.0872 0x1c08  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
15:15:59.0879 0x1c08  hidi2c - ok
15:15:59.0882 0x1c08  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\Windows\System32\drivers\hidinterrupt.sys
15:15:59.0887 0x1c08  hidinterrupt - ok
15:15:59.0890 0x1c08  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr           C:\Windows\System32\drivers\hidir.sys
15:15:59.0897 0x1c08  HidIr - ok
15:15:59.0899 0x1c08  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv         C:\Windows\system32\hidserv.dll
15:15:59.0907 0x1c08  hidserv - ok
15:15:59.0909 0x1c08  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
15:15:59.0916 0x1c08  HidUsb - ok
15:15:59.0922 0x1c08  [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:15:59.0934 0x1c08  HomeGroupListener - ok
15:15:59.0942 0x1c08  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:15:59.0959 0x1c08  HomeGroupProvider - ok
15:15:59.0961 0x1c08  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:15:59.0967 0x1c08  HpSAMD - ok
15:15:59.0982 0x1c08  [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:16:00.0002 0x1c08  HTTP - ok
15:16:00.0006 0x1c08  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\Windows\System32\hvhostsvc.dll
15:16:00.0014 0x1c08  HvHost - ok
15:16:00.0017 0x1c08  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice       C:\Windows\system32\drivers\hvservice.sys
15:16:00.0023 0x1c08  hvservice - ok
15:16:00.0025 0x1c08  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:16:00.0030 0x1c08  hwpolicy - ok
15:16:00.0032 0x1c08  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
15:16:00.0038 0x1c08  hyperkbd - ok
15:16:00.0042 0x1c08  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
15:16:00.0050 0x1c08  i8042prt - ok
15:16:00.0052 0x1c08  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\Windows\System32\drivers\iagpio.sys
15:16:00.0059 0x1c08  iagpio - ok
15:16:00.0062 0x1c08  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\Windows\System32\drivers\iai2c.sys
15:16:00.0070 0x1c08  iai2c - ok
15:16:00.0072 0x1c08  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys
15:16:00.0080 0x1c08  iaLPSS2i_GPIO2 - ok
15:16:00.0084 0x1c08  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\Windows\System32\drivers\iaLPSS2i_I2C.sys
15:16:00.0089 0x1c08  iaLPSS2i_I2C - ok
15:16:00.0092 0x1c08  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
15:16:00.0096 0x1c08  iaLPSSi_GPIO - ok
15:16:00.0099 0x1c08  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
15:16:00.0107 0x1c08  iaLPSSi_I2C - ok
15:16:00.0118 0x1c08  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
15:16:00.0132 0x1c08  iaStorAV - ok
15:16:00.0139 0x1c08  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:16:00.0150 0x1c08  iaStorV - ok
15:16:00.0158 0x1c08  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus           C:\Windows\System32\drivers\ibbus.sys
15:16:00.0170 0x1c08  ibbus - ok
15:16:00.0174 0x1c08  [ E54BFAB1679CCFBE2C28AD18BE9D0E5F, DAFFCFEBDADEE43FE657FFFFCFADA2F7AE62FCB29915540F620FDC0041A99CD1 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
15:16:00.0181 0x1c08  ICCS - ok
15:16:00.0183 0x1c08  [ 3B529CA6E6537E89547B4815FCE95A76, 5FCC3D3EFFA50EEEFA38B6137580AFEDC7C3D56BA1BB44658D9CD6AA60A1B4FF ] ICCWDT          C:\Windows\System32\drivers\ICCWDT.sys
15:16:00.0187 0x1c08  ICCWDT - ok
15:16:00.0192 0x1c08  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\Windows\System32\tetheringservice.dll
15:16:00.0203 0x1c08  icssvc - ok
15:16:00.0217 0x1c08  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:16:00.0240 0x1c08  IKEEXT - ok
15:16:00.0243 0x1c08  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd     C:\Windows\System32\drivers\IndirectKmd.sys
15:16:00.0250 0x1c08  IndirectKmd - ok
15:16:00.0311 0x1c08  [ 08A2E765F066DA6957D8CA66C6CBFD1B, 9B3DCAF78BF53B60FB8F92B2E5C994FBC4006082FE114A26009F7CEB10735EE2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:16:00.0374 0x1c08  IntcAzAudAddService - ok
15:16:00.0378 0x1c08  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\Windows\system32\drivers\intelide.sys
15:16:00.0384 0x1c08  intelide - ok
15:16:00.0386 0x1c08  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\Windows\system32\drivers\intelpep.sys
15:16:00.0392 0x1c08  intelpep - ok
15:16:00.0395 0x1c08  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
15:16:00.0404 0x1c08  intelppm - ok
15:16:00.0406 0x1c08  [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate          C:\Windows\system32\drivers\iorate.sys
15:16:00.0412 0x1c08  iorate - ok
15:16:00.0414 0x1c08  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:16:00.0422 0x1c08  IpFilterDriver - ok
15:16:00.0436 0x1c08  [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:16:00.0460 0x1c08  iphlpsvc - ok
15:16:00.0463 0x1c08  [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
15:16:00.0470 0x1c08  IPMIDRV - ok
15:16:00.0474 0x1c08  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:16:00.0484 0x1c08  IPNAT - ok
15:16:00.0494 0x1c08  [ 16A6D49E7698FC6F1730D3FF9F5561A8, 860D2601BA3A71C81A6B21F4D92A5E9C47772C9DE0F047D49000FA4A484D7932 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:16:00.0505 0x1c08  iPod Service - ok
15:16:00.0508 0x1c08  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\Windows\system32\drivers\irda.sys
15:16:00.0517 0x1c08  irda - ok
15:16:00.0519 0x1c08  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:16:00.0526 0x1c08  IRENUM - ok
15:16:00.0528 0x1c08  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon           C:\Windows\System32\irmon.dll
15:16:00.0536 0x1c08  irmon - ok
15:16:00.0538 0x1c08  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:16:00.0544 0x1c08  isapnp - ok
15:16:00.0549 0x1c08  [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
15:16:00.0558 0x1c08  iScsiPrt - ok
15:16:00.0561 0x1c08  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
15:16:00.0566 0x1c08  kbdclass - ok
15:16:00.0569 0x1c08  [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
15:16:00.0576 0x1c08  kbdhid - ok
15:16:00.0578 0x1c08  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic           C:\Windows\System32\drivers\kdnic.sys
15:16:00.0585 0x1c08  kdnic - ok
15:16:00.0588 0x1c08  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso          C:\Windows\system32\lsass.exe
15:16:00.0594 0x1c08  KeyIso - ok
15:16:00.0598 0x1c08  [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:16:00.0605 0x1c08  KSecDD - ok
15:16:00.0608 0x1c08  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:16:00.0616 0x1c08  KSecPkg - ok
15:16:00.0618 0x1c08  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:16:00.0628 0x1c08  ksthunk - ok
15:16:00.0634 0x1c08  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:16:00.0649 0x1c08  KtmRm - ok
15:16:00.0654 0x1c08  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:16:00.0668 0x1c08  LanmanServer - ok
15:16:00.0674 0x1c08  [ B581907FD94F1FF148BF695331F67612, 05D1FFA456557A291566D788B8DE2485552E361EC3C0F63EA1A710BE940A5398 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:16:00.0687 0x1c08  LanmanWorkstation - ok
15:16:00.0690 0x1c08  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc           C:\Windows\System32\lfsvc.dll
15:16:00.0699 0x1c08  lfsvc - ok
15:16:00.0701 0x1c08  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\Windows\system32\LicenseManagerSvc.dll
15:16:00.0709 0x1c08  LicenseManager - ok
15:16:00.0712 0x1c08  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\Windows\system32\drivers\lltdio.sys
15:16:00.0719 0x1c08  lltdio - ok
15:16:00.0724 0x1c08  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:16:00.0736 0x1c08  lltdsvc - ok
15:16:00.0739 0x1c08  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:16:00.0747 0x1c08  lmhosts - ok
15:16:00.0751 0x1c08  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:16:00.0758 0x1c08  LSI_SAS - ok
15:16:00.0761 0x1c08  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i       C:\Windows\system32\drivers\lsi_sas2i.sys
15:16:00.0767 0x1c08  LSI_SAS2i - ok
15:16:00.0771 0x1c08  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i       C:\Windows\system32\drivers\lsi_sas3i.sys
15:16:00.0777 0x1c08  LSI_SAS3i - ok
15:16:00.0780 0x1c08  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
15:16:00.0786 0x1c08  LSI_SSS - ok
15:16:00.0796 0x1c08  [ 06276381A0797FD417E7068C1210FA06, 204144E9792216F952CED869ECB6B26FB466BF730B8A73FA4799B1EBC1A630AB ] LSM             C:\Windows\System32\lsm.dll
15:16:00.0815 0x1c08  LSM - ok
15:16:00.0819 0x1c08  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:16:00.0829 0x1c08  luafv - ok
15:16:00.0832 0x1c08  [ ED5B42D75F3DEE93040B3930DA9F3009, E919DA20E46FE1C81CB76090B799DD858DD4771DB0EBDE4545DB4681A0AFFE8E ] MapsBroker      C:\Windows\System32\moshost.dll
15:16:00.0841 0x1c08  MapsBroker - ok
15:16:00.0848 0x1c08  [ 489AD4F59217EBA859EB7129874DC8E3, 7E36CA117F09771018E2BBF657CE15E6C1AB6ACDC531732D313F40B36D9C7CD9 ] MCSvc           C:\ProgramData\Microsoft\Blend\14.0\1033\ResourceCacher.dll
15:16:00.0856 0x1c08  MCSvc - detected UnsignedFile.Multi.Generic ( 1 )
15:16:00.0927 0x1c08  MCSvc ( UnsignedFile.Multi.Generic ) - warning
15:16:01.0014 0x1c08  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas         C:\Windows\system32\drivers\megasas.sys
15:16:01.0037 0x1c08  megasas - ok
15:16:01.0043 0x1c08  [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i       C:\Windows\system32\drivers\MegaSas2i.sys
15:16:01.0058 0x1c08  megasas2i - ok
15:16:01.0069 0x1c08  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\Windows\system32\drivers\megasr.sys
15:16:01.0085 0x1c08  megasr - ok
15:16:01.0090 0x1c08  [ 8EC6459491D8508BBA5E3CEC5C930914, E01AEE2E6F569429BC5582AEB63A2CB288499A878B0806D21CC9D78F00E0B284 ] MEIx64          C:\Windows\System32\drivers\TeeDriverW8x64.sys
15:16:01.0099 0x1c08  MEIx64 - ok
15:16:01.0102 0x1c08  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\Windows\System32\MessagingService.dll
15:16:01.0110 0x1c08  MessagingService - ok
15:16:01.0124 0x1c08  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\Windows\System32\drivers\mlx4_bus.sys
15:16:01.0141 0x1c08  mlx4_bus - ok
15:16:01.0144 0x1c08  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS           C:\Windows\system32\drivers\mmcss.sys
15:16:01.0151 0x1c08  MMCSS - ok
15:16:01.0153 0x1c08  [ D842ADDB5911945D51F61A0B1C8F36E3, 5EB93A1FD2D2D9FAB6121356E1AB18F2ADE9550D3033274AF7CA8F7FD51E59ED ] Modem           C:\Windows\system32\drivers\modem.sys
15:16:01.0161 0x1c08  Modem - ok
15:16:01.0163 0x1c08  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor         C:\Windows\System32\drivers\monitor.sys
15:16:01.0170 0x1c08  monitor - ok
15:16:01.0172 0x1c08  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
15:16:01.0178 0x1c08  mouclass - ok
15:16:01.0180 0x1c08  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\Windows\System32\drivers\mouhid.sys
15:16:01.0187 0x1c08  mouhid - ok
15:16:01.0190 0x1c08  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:16:01.0196 0x1c08  mountmgr - ok
15:16:01.0199 0x1c08  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:16:01.0207 0x1c08  mpsdrv - ok
15:16:01.0220 0x1c08  [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:16:01.0243 0x1c08  MpsSvc - ok
15:16:01.0247 0x1c08  [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:16:01.0256 0x1c08  MRxDAV - ok
15:16:01.0264 0x1c08  [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:16:01.0275 0x1c08  mrxsmb - ok
15:16:01.0280 0x1c08  [ 200E4A385F5F370D8866BAE25B0D9D32, 114AD45000A0C74EAE26C3075BBFEF80B9386C69D58CE4436CAFCF13613EAEFA ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:16:01.0292 0x1c08  mrxsmb10 - ok
15:16:01.0296 0x1c08  [ F7C22604CD8AFB9AF1C1E3CE39A5A09F, 3F7B39336F8A72525C667D45C9300CA6D017BDE17A6E23EF794BA59D2F3C78F3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:16:01.0304 0x1c08  mrxsmb20 - ok
15:16:01.0308 0x1c08  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\Windows\system32\drivers\bridge.sys
15:16:01.0316 0x1c08  MsBridge - ok
15:16:01.0320 0x1c08  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC           C:\Windows\System32\msdtc.exe
15:16:01.0330 0x1c08  MSDTC - ok
15:16:01.0333 0x1c08  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:16:01.0341 0x1c08  Msfs - ok
15:16:01.0343 0x1c08  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
15:16:01.0349 0x1c08  msgpiowin32 - ok
15:16:01.0351 0x1c08  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:16:01.0357 0x1c08  mshidkmdf - ok
15:16:01.0359 0x1c08  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
15:16:01.0366 0x1c08  mshidumdf - ok
15:16:01.0368 0x1c08  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:16:01.0373 0x1c08  msisadrv - ok
15:16:01.0377 0x1c08  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:16:01.0387 0x1c08  MSiSCSI - ok
15:16:01.0388 0x1c08  msiserver - ok
15:16:01.0390 0x1c08  [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV         C:\Windows\system32\DRIVERS\MSKSSRV.sys
15:16:01.0400 0x1c08  MSKSSRV - ok
15:16:01.0403 0x1c08  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\Windows\system32\drivers\mslldp.sys
15:16:01.0410 0x1c08  MsLldp - ok
15:16:01.0412 0x1c08  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\Windows\system32\DRIVERS\MSPCLOCK.sys
15:16:01.0422 0x1c08  MSPCLOCK - ok
15:16:01.0424 0x1c08  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM           C:\Windows\system32\DRIVERS\MSPQM.sys
15:16:01.0433 0x1c08  MSPQM - ok
15:16:01.0440 0x1c08  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:16:01.0451 0x1c08  MsRPC - ok
15:16:01.0455 0x1c08  [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt        C:\Windows\system32\drivers\mssecflt.sys
15:16:01.0463 0x1c08  MsSecFlt - ok
15:16:01.0465 0x1c08  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
15:16:01.0471 0x1c08  mssmbios - ok
15:16:01.0473 0x1c08  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE           C:\Windows\system32\DRIVERS\MSTEE.sys
15:16:01.0482 0x1c08  MSTEE - ok
15:16:01.0484 0x1c08  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
15:16:01.0491 0x1c08  MTConfig - ok
15:16:01.0494 0x1c08  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:16:01.0501 0x1c08  Mup - ok
15:16:01.0504 0x1c08  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
15:16:01.0509 0x1c08  mvumis - ok
15:16:01.0519 0x1c08  [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:16:01.0534 0x1c08  NativeWifiP - ok
15:16:01.0539 0x1c08  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\Windows\System32\ncasvc.dll
15:16:01.0550 0x1c08  NcaSvc - ok
15:16:01.0555 0x1c08  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\Windows\System32\ncbservice.dll
15:16:01.0569 0x1c08  NcbService - ok
15:16:01.0572 0x1c08  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
15:16:01.0585 0x1c08  NcdAutoSetup - ok
15:16:01.0593 0x1c08  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\Windows\System32\drivers\ndfltr.sys
15:16:01.0600 0x1c08  ndfltr - ok
15:16:01.0619 0x1c08  [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:16:01.0640 0x1c08  NDIS - ok
15:16:01.0643 0x1c08  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap         C:\Windows\system32\drivers\ndiscap.sys
15:16:01.0650 0x1c08  NdisCap - ok
15:16:01.0653 0x1c08  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\Windows\system32\drivers\NdisImPlatform.sys
15:16:01.0664 0x1c08  NdisImPlatform - ok
15:16:01.0666 0x1c08  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:16:01.0676 0x1c08  NdisTapi - ok
15:16:01.0679 0x1c08  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio         C:\Windows\system32\drivers\ndisuio.sys
15:16:01.0686 0x1c08  Ndisuio - ok
15:16:01.0688 0x1c08  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
15:16:01.0695 0x1c08  NdisVirtualBus - ok
15:16:01.0699 0x1c08  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan         C:\Windows\System32\drivers\ndiswan.sys
15:16:01.0712 0x1c08  NdisWan - ok
15:16:01.0716 0x1c08  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
15:16:01.0728 0x1c08  ndiswanlegacy - ok
15:16:01.0731 0x1c08  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy         C:\Windows\system32\DRIVERS\NDProxy.sys
15:16:01.0741 0x1c08  ndproxy - ok
15:16:01.0744 0x1c08  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
15:16:01.0756 0x1c08  Ndu - ok
15:16:01.0759 0x1c08  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\Windows\system32\drivers\NetAdapterCx.sys
15:16:01.0766 0x1c08  NetAdapterCx - ok
15:16:01.0769 0x1c08  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS         C:\Windows\system32\drivers\netbios.sys
15:16:01.0775 0x1c08  NetBIOS - ok
15:16:01.0780 0x1c08  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:16:01.0792 0x1c08  NetBT - ok
15:16:01.0794 0x1c08  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon        C:\Windows\system32\lsass.exe
15:16:01.0801 0x1c08  Netlogon - ok
15:16:01.0806 0x1c08  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\Windows\System32\netman.dll
15:16:01.0818 0x1c08  Netman - ok
15:16:01.0827 0x1c08  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\Windows\System32\netprofmsvc.dll
15:16:01.0844 0x1c08  netprofm - ok
15:16:01.0849 0x1c08  [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc     C:\Windows\System32\NetSetupSvc.dll
15:16:01.0861 0x1c08  NetSetupSvc - ok
15:16:01.0866 0x1c08  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
         

Alt 17.11.2016, 15:31   #13
maigoh
 
Avast meldet sich alle 10 min - Standard

Avast meldet sich alle 10 min



TDSSKiller Teil2 (letzter Teil)
Code:
ATTFilter
15:16:01.0873 0x1c08  NetTcpPortSharing - ok
15:16:01.0880 0x1c08  [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc      C:\Windows\System32\NgcCtnrSvc.dll
15:16:01.0893 0x1c08  NgcCtnrSvc - ok
15:16:01.0906 0x1c08  [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc          C:\Windows\system32\ngcsvc.dll
15:16:01.0931 0x1c08  NgcSvc - ok
15:16:01.0938 0x1c08  [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:16:01.0952 0x1c08  NlaSvc - ok
15:16:01.0955 0x1c08  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:16:01.0963 0x1c08  Npfs - ok
15:16:01.0965 0x1c08  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
15:16:01.0971 0x1c08  npsvctrig - ok
15:16:01.0974 0x1c08  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi             C:\Windows\system32\nsisvc.dll
15:16:01.0981 0x1c08  nsi - ok
15:16:01.0983 0x1c08  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:16:01.0990 0x1c08  nsiproxy - ok
15:16:02.0019 0x1c08  [ DB69C6DA8B3DDFDC547D455CA23A8250, AE495CEB18924C8B21F7F150FF17CD00880F2E222D7B5155661798E0535D63C4 ] NTFS            C:\Windows\system32\drivers\NTFS.sys
15:16:02.0055 0x1c08  NTFS - ok
15:16:02.0058 0x1c08  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\Windows\system32\drivers\Null.sys
15:16:02.0064 0x1c08  Null - ok
15:16:02.0072 0x1c08  [ 2F35D14522207092C09F57B0242FD650, C13E9A15BEEB1CF331B81D90526C6D824E88259AF066E7D5BE34AD798F33334C ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
15:16:02.0080 0x1c08  NvContainerLocalSystem - ok
15:16:02.0087 0x1c08  [ 2F35D14522207092C09F57B0242FD650, C13E9A15BEEB1CF331B81D90526C6D824E88259AF066E7D5BE34AD798F33334C ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
15:16:02.0096 0x1c08  NvContainerNetworkService - ok
15:16:02.0101 0x1c08  [ 64DA1993B1973F049C1347DA1B05185E, 2A04E263DB13751D033E2F9B9518820CF4942EEAFA5A32488570EEB699EE2A96 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
15:16:02.0107 0x1c08  NVHDA - ok
15:16:02.0123 0x1c08  [ 5409D41DFB0EAB63511FE7889B2A687E, 32E8D8622798B8F16002EE617200F0172A98D984A925F6550A1E352ACFA0BDDF ] NVIDIA Wireless Controller Service C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
15:16:02.0139 0x1c08  NVIDIA Wireless Controller Service - ok
15:16:02.0348 0x1c08  [ 76ECA562B95DB26C64BEC14BB188A3F6, B4DB40D391B227393EEC13659C64B03499632FD11A75E5183BE8A0C8F3C9688B ] nvlddmkm        C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_848dea456d3c865e\nvlddmkm.sys
15:16:02.0512 0x1c08  nvlddmkm - ok
15:16:02.0523 0x1c08  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:16:02.0530 0x1c08  nvraid - ok
15:16:02.0534 0x1c08  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:16:02.0541 0x1c08  nvstor - ok
15:16:02.0543 0x1c08  [ 37527CCD2AAF5192D825084339CA964E, B1BE990411BA80D1F9E9F86F82F2B2762F87A5C028FB79A60DB325FAFE89D059 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
15:16:02.0547 0x1c08  NvStreamKms - ok
15:16:02.0549 0x1c08  [ 66B4D2AA9C733A40B1C673402E99A7D0, DD4297CCB3527C95E52132271C296D277FC4C5FB59731AF25FCC19A523A8D20C ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
15:16:02.0553 0x1c08  nvvad_WaveExtensible - ok
15:16:02.0559 0x1c08  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\Windows\System32\APHostService.dll
15:16:02.0572 0x1c08  OneSyncSvc - ok
15:16:02.0602 0x1c08  [ 03500C343CEF835CAD0B62C8726A4C62, 76F4C5A3F81F7B59BA8062512773EB30A123288BF9DE515840B510F1E6C42E62 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
15:16:02.0630 0x1c08  Origin Client Service - ok
15:16:02.0658 0x1c08  [ 9E569623B98A37D5C1B4A6DAF2B16529, A09838AA316CA969EF5C066A6BF7D49F3DC532A01F4CEF2D66122F1234938CF3 ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
15:16:02.0686 0x1c08  Origin Web Helper Service - ok
15:16:02.0692 0x1c08  [ 63511820A101C1C5DB95B9ECFFEDA089, AD517FFE1FFD103FF1F371A0406CA8CDCAD762CE4DDC829759BE1914F4DF0675 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:16:02.0698 0x1c08  ose - ok
15:16:02.0704 0x1c08  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:16:02.0718 0x1c08  p2pimsvc - ok
15:16:02.0725 0x1c08  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\Windows\system32\p2psvc.dll
15:16:02.0743 0x1c08  p2psvc - ok
15:16:02.0751 0x1c08  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport         C:\Windows\System32\drivers\parport.sys
15:16:02.0772 0x1c08  Parport - ok
15:16:02.0777 0x1c08  [ 9DB326B54C03EF2892E7551D8B354036, 64CD77E8A4425E80CFB61DEE33C1A677A4044C6FC0614D74B20BDDD7C5D5334D ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:16:02.0790 0x1c08  partmgr - ok
15:16:02.0800 0x1c08  [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:16:02.0813 0x1c08  PcaSvc - ok
15:16:02.0820 0x1c08  [ 101CC1FD8D48ED1EF71F0840158D0E6D, A944D70DE230E3FBD8B371EF3BED1FCD12AAFD56945A8F5C44994AF13283FCCD ] pci             C:\Windows\system32\drivers\pci.sys
15:16:02.0829 0x1c08  pci - ok
15:16:02.0831 0x1c08  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\Windows\system32\drivers\pciide.sys
15:16:02.0837 0x1c08  pciide - ok
15:16:02.0840 0x1c08  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:16:02.0846 0x1c08  pcmcia - ok
15:16:02.0849 0x1c08  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:16:02.0855 0x1c08  pcw - ok
15:16:02.0858 0x1c08  [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc             C:\Windows\system32\drivers\pdc.sys
15:16:02.0864 0x1c08  pdc - ok
15:16:02.0875 0x1c08  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:16:02.0897 0x1c08  PEAUTH - ok
15:16:02.0922 0x1c08  [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:16:02.0965 0x1c08  PeerDistSvc - ok
15:16:02.0969 0x1c08  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i       C:\Windows\system32\drivers\percsas2i.sys
15:16:02.0974 0x1c08  percsas2i - ok
15:16:02.0977 0x1c08  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i       C:\Windows\system32\drivers\percsas3i.sys
15:16:02.0983 0x1c08  percsas3i - ok
15:16:02.0991 0x1c08  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:16:02.0999 0x1c08  PerfHost - ok
15:16:03.0013 0x1c08  [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc        C:\Windows\System32\PhoneService.dll
15:16:03.0034 0x1c08  PhoneSvc - ok
15:16:03.0039 0x1c08  [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\Windows\System32\PimIndexMaintenance.dll
15:16:03.0050 0x1c08  PimIndexMaintenanceSvc - ok
15:16:03.0070 0x1c08  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla             C:\Windows\system32\pla.dll
15:16:03.0104 0x1c08  pla - ok
15:16:03.0108 0x1c08  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:16:03.0121 0x1c08  PlugPlay - ok
15:16:03.0123 0x1c08  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:16:03.0131 0x1c08  PNRPAutoReg - ok
15:16:03.0137 0x1c08  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:16:03.0151 0x1c08  PNRPsvc - ok
15:16:03.0158 0x1c08  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:16:03.0172 0x1c08  PolicyAgent - ok
15:16:03.0176 0x1c08  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power           C:\Windows\system32\umpo.dll
15:16:03.0187 0x1c08  Power - ok
15:16:03.0190 0x1c08  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\Windows\System32\drivers\raspptp.sys
15:16:03.0201 0x1c08  PptpMiniport - ok
15:16:03.0243 0x1c08  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
15:16:03.0308 0x1c08  PrintNotify - ok
15:16:03.0313 0x1c08  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor       C:\Windows\System32\drivers\processr.sys
15:16:03.0322 0x1c08  Processor - ok
15:16:03.0329 0x1c08  [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:16:03.0344 0x1c08  ProfSvc - ok
15:16:03.0348 0x1c08  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\Windows\system32\drivers\pacer.sys
15:16:03.0355 0x1c08  Psched - ok
15:16:03.0361 0x1c08  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE           C:\Windows\system32\qwave.dll
15:16:03.0373 0x1c08  QWAVE - ok
15:16:03.0376 0x1c08  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:16:03.0383 0x1c08  QWAVEdrv - ok
15:16:03.0385 0x1c08  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:16:03.0392 0x1c08  RasAcd - ok
15:16:03.0395 0x1c08  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn     C:\Windows\System32\drivers\AgileVpn.sys
15:16:03.0406 0x1c08  RasAgileVpn - ok
15:16:03.0411 0x1c08  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\Windows\System32\rasauto.dll
15:16:03.0427 0x1c08  RasAuto - ok
15:16:03.0430 0x1c08  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\Windows\System32\drivers\rasl2tp.sys
15:16:03.0441 0x1c08  Rasl2tp - ok
15:16:03.0451 0x1c08  [ 3C0A10FFC3CB95D249CA64D62BC912EF, 8A75398EF3FF4BBE822031B3D1C63BFC75ABE11AB35BC0451DFF3B1D56477D97 ] RasMan          C:\Windows\System32\rasmans.dll
15:16:03.0470 0x1c08  RasMan - ok
15:16:03.0473 0x1c08  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:16:03.0481 0x1c08  RasPppoe - ok
15:16:03.0484 0x1c08  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\Windows\System32\drivers\rassstp.sys
15:16:03.0494 0x1c08  RasSstp - ok
15:16:03.0502 0x1c08  [ EDAF0E161BE98CCC4FC9671481600745, 50DB73C341086E346F6EF57E40A7C3A8F6279E5EBB53A67F9B71B7877EB75734 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:16:03.0512 0x1c08  rdbss - ok
15:16:03.0516 0x1c08  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
15:16:03.0522 0x1c08  rdpbus - ok
15:16:03.0526 0x1c08  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:16:03.0535 0x1c08  RDPDR - ok
15:16:03.0539 0x1c08  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:16:03.0545 0x1c08  RdpVideoMiniport - ok
15:16:03.0550 0x1c08  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:16:03.0559 0x1c08  rdyboost - ok
15:16:03.0572 0x1c08  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\Windows\system32\drivers\ReFSv1.sys
15:16:03.0590 0x1c08  ReFSv1 - ok
15:16:03.0599 0x1c08  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:16:03.0615 0x1c08  RemoteAccess - ok
15:16:03.0619 0x1c08  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:16:03.0632 0x1c08  RemoteRegistry - ok
15:16:03.0642 0x1c08  [ FA62C4E1D753B489832DD0A7033665EE, BB0B59ABC79CEFA949632179239D711944C29E93EBCE60E629DE75AF2C3268B2 ] RetailDemo      C:\Windows\system32\RDXService.dll
15:16:03.0661 0x1c08  RetailDemo - ok
15:16:03.0665 0x1c08  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc           C:\Windows\System32\RMapi.dll
15:16:03.0675 0x1c08  RmSvc - ok
15:16:03.0679 0x1c08  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:16:03.0687 0x1c08  RpcEptMapper - ok
15:16:03.0690 0x1c08  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\Windows\system32\locator.exe
15:16:03.0697 0x1c08  RpcLocator - ok
15:16:03.0710 0x1c08  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs           C:\Windows\system32\rpcss.dll
15:16:03.0734 0x1c08  RpcSs - ok
15:16:03.0738 0x1c08  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\Windows\system32\drivers\rspndr.sys
15:16:03.0745 0x1c08  rspndr - ok
15:16:03.0747 0x1c08  [ 24061B0958874C1CB2A5A8E9D25482D4, F84F8173242B95F9F3C4FEA99B5555B33F9CE37CA8188B643871D261CB081496 ] RTCore64        C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
15:16:03.0751 0x1c08  RTCore64 - ok
15:16:03.0753 0x1c08  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
15:16:03.0759 0x1c08  s3cap - ok
15:16:03.0763 0x1c08  [ 476BAA3EEBE9DB94BF6BDFAF46747E5D, 6E8FB06225341989B88C1F554800724F5DFE16A359C3E019CA63D6C2FAA22F72 ] SaiK0728        C:\Windows\system32\DRIVERS\SaiK0728.sys
15:16:03.0771 0x1c08  SaiK0728 - ok
15:16:03.0774 0x1c08  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs           C:\Windows\system32\lsass.exe
15:16:03.0780 0x1c08  SamSs - ok
15:16:03.0783 0x1c08  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:16:03.0790 0x1c08  sbp2port - ok
15:16:03.0795 0x1c08  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:16:03.0808 0x1c08  SCardSvr - ok
15:16:03.0813 0x1c08  [ 9EE060D6560FFBFBDB2ED5D6ED192294, 14387B69CD26D12BE31A23251B6AA8EDFC4D6CDE4FA558F0950DE91D2DD03946 ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
15:16:03.0825 0x1c08  ScDeviceEnum - ok
15:16:03.0828 0x1c08  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:16:03.0836 0x1c08  scfilter - ok
15:16:03.0849 0x1c08  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\Windows\system32\schedsvc.dll
15:16:03.0876 0x1c08  Schedule - ok
15:16:03.0880 0x1c08  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\Windows\system32\drivers\scmbus.sys
15:16:03.0886 0x1c08  scmbus - ok
15:16:03.0889 0x1c08  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\Windows\System32\drivers\scmdisk0101.sys
15:16:03.0898 0x1c08  scmdisk0101 - ok
15:16:03.0902 0x1c08  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:16:03.0913 0x1c08  SCPolicySvc - ok
15:16:03.0918 0x1c08  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus           C:\Windows\System32\drivers\sdbus.sys
15:16:03.0927 0x1c08  sdbus - ok
15:16:03.0931 0x1c08  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:16:03.0941 0x1c08  SDRSVC - ok
15:16:03.0944 0x1c08  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
15:16:03.0951 0x1c08  sdstor - ok
15:16:03.0953 0x1c08  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\Windows\system32\seclogon.dll
15:16:03.0961 0x1c08  seclogon - ok
15:16:03.0964 0x1c08  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\Windows\System32\sens.dll
15:16:03.0973 0x1c08  SENS - ok
15:16:03.0974 0x1c08  Sense - ok
15:16:03.0992 0x1c08  [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\Windows\System32\SensorDataService.exe
15:16:04.0023 0x1c08  SensorDataService - ok
15:16:04.0030 0x1c08  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService   C:\Windows\system32\SensorService.dll
15:16:04.0045 0x1c08  SensorService - ok
15:16:04.0050 0x1c08  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:16:04.0061 0x1c08  SensrSvc - ok
15:16:04.0063 0x1c08  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
15:16:04.0070 0x1c08  SerCx - ok
15:16:04.0073 0x1c08  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
15:16:04.0081 0x1c08  SerCx2 - ok
15:16:04.0084 0x1c08  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\Windows\System32\drivers\serenum.sys
15:16:04.0090 0x1c08  Serenum - ok
15:16:04.0093 0x1c08  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\Windows\System32\drivers\serial.sys
15:16:04.0101 0x1c08  Serial - ok
15:16:04.0103 0x1c08  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\Windows\System32\drivers\sermouse.sys
15:16:04.0109 0x1c08  sermouse - ok
15:16:04.0118 0x1c08  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\Windows\system32\sessenv.dll
15:16:04.0133 0x1c08  SessionEnv - ok
15:16:04.0135 0x1c08  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
15:16:04.0142 0x1c08  sfloppy - ok
15:16:04.0150 0x1c08  [ 832E933AA8DB9FD4733B96D8B6484D3F, 3A8E3D7ECA192EEE154CB568073B7211FDA06078EFC3BC7E961563A1BFDD0CAA ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:16:04.0167 0x1c08  SharedAccess - ok
15:16:04.0177 0x1c08  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:16:04.0199 0x1c08  ShellHWDetection - ok
15:16:04.0203 0x1c08  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\Windows\system32\Windows.SharedPC.AccountManager.dll
15:16:04.0215 0x1c08  shpamsvc - ok
15:16:04.0217 0x1c08  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:16:04.0223 0x1c08  SiSRaid2 - ok
15:16:04.0226 0x1c08  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:16:04.0232 0x1c08  SiSRaid4 - ok
15:16:04.0234 0x1c08  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost         C:\Windows\System32\smphost.dll
15:16:04.0242 0x1c08  smphost - ok
15:16:04.0252 0x1c08  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\Windows\system32\SmsRouterSvc.dll
15:16:04.0270 0x1c08  SmsRouter - ok
15:16:04.0274 0x1c08  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:16:04.0283 0x1c08  SNMPTRAP - ok
15:16:04.0292 0x1c08  [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport       C:\Windows\system32\drivers\spaceport.sys
15:16:04.0304 0x1c08  spaceport - ok
15:16:04.0308 0x1c08  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
15:16:04.0314 0x1c08  SpbCx - ok
15:16:04.0321 0x1c08  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\SysWoW64\speedfan.sys
15:16:04.0327 0x1c08  speedfan - ok
15:16:04.0338 0x1c08  [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler         C:\Windows\System32\spoolsv.exe
15:16:04.0361 0x1c08  Spooler - ok
15:16:04.0426 0x1c08  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\Windows\system32\sppsvc.exe
15:16:04.0510 0x1c08  sppsvc - ok
15:16:04.0520 0x1c08  [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:16:04.0533 0x1c08  srv - ok
15:16:04.0544 0x1c08  [ 1312896CAE6AF0D4557DB7B37283C116, 9E3701DBBF0F45368A217549A7DFDA2543C4AB3AC9CCF65A73E1FE27CC4A278E ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:16:04.0563 0x1c08  srv2 - ok
15:16:04.0568 0x1c08  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:16:04.0581 0x1c08  srvnet - ok
15:16:04.0702 0x1c08  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:16:04.0771 0x1c08  SSDPSRV - ok
15:16:04.0784 0x1c08  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:16:04.0810 0x1c08  SstpSvc - ok
15:16:04.0947 0x1c08  [ FD881B87C853EB2F0B8B7B5CC71D6FE3, 780038C203C9277C366794302D90BC0AE75568863F1FB7044197BA20D798E4BA ] StateRepository C:\Windows\system32\windows.staterepository.dll
15:16:05.0027 0x1c08  StateRepository - ok
15:16:05.0059 0x1c08  [ 90E22D7CDE08E07446D238A569BCAB7C, 3D4F413D0B0C9CF28D06E0476F24AC6441C8678DF786D9971B39C91C9F9B8020 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:16:05.0079 0x1c08  Steam Client Service - ok
15:16:05.0084 0x1c08  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:16:05.0090 0x1c08  stexstor - ok
15:16:05.0109 0x1c08  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\Windows\System32\wiaservc.dll
15:16:05.0151 0x1c08  stisvc - ok
15:16:05.0155 0x1c08  [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci        C:\Windows\system32\drivers\storahci.sys
15:16:05.0162 0x1c08  storahci - ok
15:16:05.0166 0x1c08  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:16:05.0172 0x1c08  storflt - ok
15:16:05.0177 0x1c08  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\Windows\system32\drivers\stornvme.sys
15:16:05.0184 0x1c08  stornvme - ok
15:16:05.0188 0x1c08  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\Windows\system32\drivers\storqosflt.sys
15:16:05.0198 0x1c08  storqosflt - ok
15:16:05.0218 0x1c08  [ 6C982BC7E4DB161530A0D831718D7113, B0FAEACC91023031E53A161ECEFCF62764C96B8705E9089B4A7B4F7A2F3B6BAA ] StorSvc         C:\Windows\system32\storsvc.dll
15:16:05.0232 0x1c08  StorSvc - ok
15:16:05.0235 0x1c08  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\Windows\system32\drivers\storufs.sys
15:16:05.0240 0x1c08  storufs - ok
15:16:05.0243 0x1c08  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:16:05.0248 0x1c08  storvsc - ok
15:16:05.0250 0x1c08  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\Windows\system32\svsvc.dll
15:16:05.0260 0x1c08  svsvc - ok
15:16:05.0262 0x1c08  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\Windows\System32\drivers\swenum.sys
15:16:05.0268 0x1c08  swenum - ok
15:16:05.0275 0x1c08  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\Windows\System32\swprv.dll
15:16:05.0293 0x1c08  swprv - ok
15:16:05.0296 0x1c08  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\Windows\System32\drivers\Synth3dVsc.sys
15:16:05.0303 0x1c08  Synth3dVsc - ok
15:16:05.0317 0x1c08  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\Windows\system32\sysmain.dll
15:16:05.0345 0x1c08  SysMain - ok
15:16:05.0352 0x1c08  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
15:16:05.0366 0x1c08  SystemEventsBroker - ok
15:16:05.0370 0x1c08  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:16:05.0381 0x1c08  TabletInputService - ok
15:16:05.0386 0x1c08  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:16:05.0400 0x1c08  TapiSrv - ok
15:16:05.0432 0x1c08  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:16:05.0472 0x1c08  Tcpip - ok
15:16:05.0503 0x1c08  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6          C:\Windows\system32\drivers\tcpip.sys
15:16:05.0543 0x1c08  Tcpip6 - ok
15:16:05.0548 0x1c08  [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:16:05.0555 0x1c08  tcpipreg - ok
15:16:05.0560 0x1c08  [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:16:05.0566 0x1c08  tdx - ok
15:16:05.0569 0x1c08  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
15:16:05.0574 0x1c08  terminpt - ok
15:16:05.0589 0x1c08  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\Windows\System32\termsrv.dll
15:16:05.0615 0x1c08  TermService - ok
15:16:05.0618 0x1c08  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\Windows\system32\themeservice.dll
15:16:05.0631 0x1c08  Themes - ok
15:16:05.0636 0x1c08  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\Windows\system32\TieringEngineService.exe
15:16:05.0651 0x1c08  TieringEngineService - ok
15:16:05.0660 0x1c08  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\Windows\system32\tileobjserver.dll
15:16:05.0678 0x1c08  tiledatamodelsvc - ok
15:16:05.0683 0x1c08  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\Windows\System32\TimeBrokerServer.dll
15:16:05.0694 0x1c08  TimeBrokerSvc - ok
15:16:05.0699 0x1c08  [ 3D04046C468AD2868A093925B5E2AA0A, 44696259BEF49AC200DEE146DE0E4375B0CD09F9356CCFA22BD7AD8B53E48658 ] TPM             C:\Windows\System32\drivers\tpm.sys
15:16:05.0707 0x1c08  TPM - ok
15:16:05.0710 0x1c08  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\Windows\System32\trkwks.dll
15:16:05.0720 0x1c08  TrkWks - ok
15:16:05.0723 0x1c08  [ AF343840E793BE63A9C646760BE8F2CD, 483FE55873A01DB7ACEC99B6823DAACC9EA7C67D36C6F12698113B31A7D5B8BE ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:16:05.0732 0x1c08  TrustedInstaller - ok
15:16:05.0735 0x1c08  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\Windows\system32\drivers\TsUsbFlt.sys
15:16:05.0743 0x1c08  tsusbflt - ok
15:16:05.0745 0x1c08  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
15:16:05.0752 0x1c08  TsUsbGD - ok
15:16:05.0755 0x1c08  [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
15:16:05.0764 0x1c08  tsusbhub - ok
15:16:05.0768 0x1c08  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\Windows\System32\drivers\tunnel.sys
15:16:05.0777 0x1c08  tunnel - ok
15:16:05.0780 0x1c08  [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate    C:\Windows\system32\tzautoupdate.dll
15:16:05.0790 0x1c08  tzautoupdate - ok
15:16:05.0793 0x1c08  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
15:16:05.0799 0x1c08  UASPStor - ok
15:16:05.0802 0x1c08  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\Windows\system32\Drivers\UcmCx.sys
15:16:05.0810 0x1c08  UcmCx0101 - ok
15:16:05.0813 0x1c08  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\Windows\system32\Drivers\UcmTcpciCx.sys
15:16:05.0821 0x1c08  UcmTcpciCx0101 - ok
15:16:05.0824 0x1c08  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\Windows\System32\drivers\UcmUcsi.sys
15:16:05.0831 0x1c08  UcmUcsi - ok
15:16:05.0836 0x1c08  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\Windows\system32\drivers\ucx01000.sys
15:16:05.0844 0x1c08  Ucx01000 - ok
15:16:05.0847 0x1c08  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\Windows\system32\drivers\udecx.sys
15:16:05.0854 0x1c08  UdeCx - ok
15:16:05.0860 0x1c08  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:16:05.0874 0x1c08  udfs - ok
15:16:05.0877 0x1c08  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
15:16:05.0882 0x1c08  UEFI - ok
15:16:05.0885 0x1c08  [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver  C:\Windows\system32\drivers\UevAgentDriver.sys
15:16:05.0890 0x1c08  UevAgentDriver - ok
15:16:05.0908 0x1c08  [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\Windows\system32\AgentService.exe
15:16:05.0937 0x1c08  UevAgentService - ok
15:16:05.0943 0x1c08  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\Windows\system32\drivers\ufx01000.sys
15:16:05.0952 0x1c08  Ufx01000 - ok
15:16:05.0955 0x1c08  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\Windows\System32\drivers\UfxChipidea.sys
15:16:05.0963 0x1c08  UfxChipidea - ok
15:16:05.0967 0x1c08  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\Windows\System32\drivers\ufxsynopsys.sys
15:16:05.0974 0x1c08  ufxsynopsys - ok
15:16:05.0978 0x1c08  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:16:05.0988 0x1c08  UI0Detect - ok
15:16:05.0991 0x1c08  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\Windows\System32\drivers\umbus.sys
15:16:05.0998 0x1c08  umbus - ok
15:16:06.0001 0x1c08  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\Windows\System32\drivers\umpass.sys
15:16:06.0007 0x1c08  UmPass - ok
15:16:06.0013 0x1c08  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:16:06.0026 0x1c08  UmRdpService - ok
15:16:06.0043 0x1c08  [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc     C:\Windows\System32\unistore.dll
15:16:06.0073 0x1c08  UnistoreSvc - ok
15:16:06.0082 0x1c08  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\Windows\System32\upnphost.dll
15:16:06.0101 0x1c08  upnphost - ok
15:16:06.0104 0x1c08  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\Windows\System32\drivers\urschipidea.sys
15:16:06.0109 0x1c08  UrsChipidea - ok
15:16:06.0112 0x1c08  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\Windows\system32\drivers\urscx01000.sys
15:16:06.0118 0x1c08  UrsCx01000 - ok
15:16:06.0120 0x1c08  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\Windows\System32\drivers\urssynopsys.sys
15:16:06.0126 0x1c08  UrsSynopsys - ok
15:16:06.0129 0x1c08  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
15:16:06.0137 0x1c08  USBAAPL64 - ok
15:16:06.0141 0x1c08  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
15:16:06.0148 0x1c08  usbccgp - ok
15:16:06.0152 0x1c08  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\Windows\System32\drivers\usbcir.sys
15:16:06.0160 0x1c08  usbcir - ok
15:16:06.0163 0x1c08  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
15:16:06.0170 0x1c08  usbehci - ok
15:16:06.0178 0x1c08  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
15:16:06.0190 0x1c08  usbhub - ok
15:16:06.0199 0x1c08  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
15:16:06.0212 0x1c08  USBHUB3 - ok
15:16:06.0215 0x1c08  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
15:16:06.0222 0x1c08  usbohci - ok
15:16:06.0224 0x1c08  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
15:16:06.0231 0x1c08  usbprint - ok
15:16:06.0234 0x1c08  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\Windows\System32\drivers\usbser.sys
15:16:06.0242 0x1c08  usbser - ok
15:16:06.0246 0x1c08  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
15:16:06.0253 0x1c08  USBSTOR - ok
15:16:06.0255 0x1c08  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
15:16:06.0262 0x1c08  usbuhci - ok
15:16:06.0269 0x1c08  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
15:16:06.0279 0x1c08  USBXHCI - ok
15:16:06.0300 0x1c08  [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc     C:\Windows\System32\userdataservice.dll
15:16:06.0336 0x1c08  UserDataSvc - ok
15:16:06.0353 0x1c08  [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager     C:\Windows\System32\usermgr.dll
15:16:06.0380 0x1c08  UserManager - ok
15:16:06.0389 0x1c08  [ C75B1B48BCAADEB0275C1EBE2EAE742D, 19875B87BDB23E5B60D6D3173FDF7A7634E81E43501529A56FFCCEE21B7E3B71 ] UsoSvc          C:\Windows\system32\usocore.dll
15:16:06.0407 0x1c08  UsoSvc - ok
15:16:06.0415 0x1c08  [ 3341B39E9FC85340B9895D6C0BB0792C, 7A81F710EBA27AA82C57D5A839ECED4E19E155B0B1BC5DA30171F8F184EEF521 ] UvConv          C:\Users\Marko\AppData\Roaming\fibei\UvConverter.exe
15:16:06.0425 0x1c08  UvConv - detected UnsignedFile.Multi.Generic ( 1 )
15:16:06.0720 0x1c08  UvConv ( UnsignedFile.Multi.Generic ) - warning
15:16:06.0815 0x1c08  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\Windows\system32\lsass.exe
15:16:06.0839 0x1c08  VaultSvc - ok
15:16:06.0847 0x1c08  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:16:06.0858 0x1c08  vdrvroot - ok
15:16:06.0873 0x1c08  [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds             C:\Windows\System32\vds.exe
15:16:06.0896 0x1c08  vds - ok
15:16:06.0901 0x1c08  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
15:16:06.0909 0x1c08  VerifierExt - ok
15:16:06.0920 0x1c08  [ 46ADD0CD4473AAEF1C68266A803F704D, D521E46891253884CF8285E864FAE63F2E8E0974AD8D2EB4D910E8A35350844F ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
15:16:06.0935 0x1c08  vhdmp - ok
15:16:06.0938 0x1c08  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\Windows\System32\drivers\vhf.sys
15:16:06.0945 0x1c08  vhf - ok
15:16:06.0948 0x1c08  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:16:06.0956 0x1c08  vmbus - ok
15:16:06.0958 0x1c08  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
15:16:06.0965 0x1c08  VMBusHID - ok
15:16:06.0967 0x1c08  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid           C:\Windows\System32\drivers\vmgid.sys
15:16:06.0974 0x1c08  vmgid - ok
15:16:06.0980 0x1c08  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\Windows\System32\icsvc.dll
15:16:06.0992 0x1c08  vmicguestinterface - ok
15:16:06.0997 0x1c08  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat   C:\Windows\System32\icsvc.dll
15:16:07.0010 0x1c08  vmicheartbeat - ok
15:16:07.0015 0x1c08  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\Windows\System32\icsvc.dll
15:16:07.0027 0x1c08  vmickvpexchange - ok
15:16:07.0033 0x1c08  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv         C:\Windows\System32\icsvcext.dll
15:16:07.0047 0x1c08  vmicrdv - ok
15:16:07.0052 0x1c08  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\Windows\System32\icsvc.dll
15:16:07.0064 0x1c08  vmicshutdown - ok
15:16:07.0070 0x1c08  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\Windows\System32\icsvc.dll
15:16:07.0081 0x1c08  vmictimesync - ok
15:16:07.0088 0x1c08  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession   C:\Windows\System32\icsvc.dll
15:16:07.0100 0x1c08  vmicvmsession - ok
15:16:07.0106 0x1c08  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss         C:\Windows\System32\icsvcext.dll
15:16:07.0119 0x1c08  vmicvss - ok
15:16:07.0122 0x1c08  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:16:07.0128 0x1c08  volmgr - ok
15:16:07.0134 0x1c08  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:16:07.0144 0x1c08  volmgrx - ok
15:16:07.0151 0x1c08  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:16:07.0162 0x1c08  volsnap - ok
15:16:07.0164 0x1c08  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\Windows\system32\drivers\volume.sys
15:16:07.0170 0x1c08  volume - ok
15:16:07.0173 0x1c08  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\Windows\System32\drivers\vpci.sys
15:16:07.0179 0x1c08  vpci - ok
15:16:07.0183 0x1c08  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:16:07.0190 0x1c08  vsmraid - ok
15:16:07.0211 0x1c08  [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS             C:\Windows\system32\vssvc.exe
15:16:07.0246 0x1c08  VSS - ok
15:16:07.0253 0x1c08  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
15:16:07.0262 0x1c08  VSTXRAID - ok
15:16:07.0265 0x1c08  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:16:07.0272 0x1c08  vwifibus - ok
15:16:07.0275 0x1c08  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\Windows\system32\drivers\vwififlt.sys
15:16:07.0282 0x1c08  vwififlt - ok
15:16:07.0291 0x1c08  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time         C:\Windows\system32\w32time.dll
15:16:07.0308 0x1c08  W32Time - ok
15:16:07.0311 0x1c08  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
15:16:07.0318 0x1c08  WacomPen - ok
15:16:07.0326 0x1c08  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService   C:\Windows\system32\WalletService.dll
15:16:07.0341 0x1c08  WalletService - ok
15:16:07.0345 0x1c08  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
15:16:07.0356 0x1c08  wanarp - ok
15:16:07.0358 0x1c08  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:16:07.0369 0x1c08  wanarpv6 - ok
15:16:07.0389 0x1c08  [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine        C:\Windows\system32\wbengine.exe
15:16:07.0425 0x1c08  wbengine - ok
15:16:07.0438 0x1c08  [ 7C4FAE7A8D55C897E5AE681B245A005F, 7E1E6299579BF02E89C5B828A1C19A43FF4E1F43D46D058F8DC0A8E6421C86A7 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:16:07.0483 0x1c08  WbioSrvc - ok
15:16:07.0488 0x1c08  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs           C:\Windows\system32\drivers\wcifs.sys
15:16:07.0498 0x1c08  wcifs - ok
15:16:07.0511 0x1c08  [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
15:16:07.0535 0x1c08  Wcmsvc - ok
15:16:07.0544 0x1c08  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:16:07.0560 0x1c08  wcncsvc - ok
15:16:07.0563 0x1c08  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs           C:\Windows\system32\drivers\wcnfs.sys
15:16:07.0571 0x1c08  wcnfs - ok
15:16:07.0573 0x1c08  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
15:16:07.0579 0x1c08  WdBoot - ok
15:16:07.0592 0x1c08  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:16:07.0607 0x1c08  Wdf01000 - ok
15:16:07.0613 0x1c08  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
15:16:07.0622 0x1c08  WdFilter - ok
15:16:07.0625 0x1c08  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:16:07.0637 0x1c08  WdiServiceHost - ok
15:16:07.0639 0x1c08  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:16:07.0651 0x1c08  WdiSystemHost - ok
15:16:07.0662 0x1c08  [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi         C:\Windows\system32\DRIVERS\wdiwifi.sys
15:16:07.0681 0x1c08  wdiwifi - ok
15:16:07.0686 0x1c08  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
15:16:07.0692 0x1c08  WdNisDrv - ok
15:16:07.0694 0x1c08  WdNisSvc - ok
15:16:07.0699 0x1c08  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient       C:\Windows\System32\webclnt.dll
15:16:07.0713 0x1c08  WebClient - ok
15:16:07.0717 0x1c08  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:16:07.0730 0x1c08  Wecsvc - ok
15:16:07.0733 0x1c08  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
15:16:07.0742 0x1c08  WEPHOSTSVC - ok
15:16:07.0745 0x1c08  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:16:07.0759 0x1c08  wercplsupport - ok
15:16:07.0763 0x1c08  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:16:07.0774 0x1c08  WerSvc - ok
15:16:07.0778 0x1c08  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS         C:\Windows\system32\drivers\wfplwfs.sys
15:16:07.0785 0x1c08  WFPLWFS - ok
15:16:07.0789 0x1c08  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\Windows\System32\wiarpc.dll
15:16:07.0798 0x1c08  WiaRpc - ok
15:16:07.0801 0x1c08  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:16:07.0807 0x1c08  WIMMount - ok
15:16:07.0808 0x1c08  WinDefend - ok
15:16:07.0815 0x1c08  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\Windows\system32\drivers\WindowsTrustedRT.sys
15:16:07.0821 0x1c08  WindowsTrustedRT - ok
15:16:07.0824 0x1c08  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys
15:16:07.0829 0x1c08  WindowsTrustedRTProxy - ok
15:16:07.0842 0x1c08  [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
15:16:07.0865 0x1c08  WinHttpAutoProxySvc - ok
15:16:07.0868 0x1c08  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\Windows\System32\drivers\winmad.sys
15:16:07.0874 0x1c08  WinMad - ok
15:16:07.0880 0x1c08  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:16:07.0892 0x1c08  Winmgmt - ok
15:16:07.0949 0x1c08  [ A26570B4A21AD6F4D597148D3C22274E, 594BD3B9B9B4027E5A7025CAB715378FB565FC5E00A0315A2EC3A6EFBC9CC72E ] WinRM           C:\Windows\system32\WsmSvc.dll
15:16:08.0009 0x1c08  WinRM - ok
15:16:08.0017 0x1c08  WinSAPSvc - ok
15:16:08.0023 0x1c08  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\Windows\System32\drivers\WinUSB.SYS
15:16:08.0030 0x1c08  WINUSB - ok
15:16:08.0033 0x1c08  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\Windows\System32\drivers\winverbs.sys
15:16:08.0039 0x1c08  WinVerbs - ok
15:16:08.0049 0x1c08  [ ECD999D8412A3473C26B118F89DB9908, 5FB9B93E4B5482CCFF01D805DFA386FD8D3441BC81E7BD5DF89EE3078FD724F3 ] wisvc           C:\Windows\system32\flightsettings.dll
15:16:08.0067 0x1c08  wisvc - ok
15:16:08.0098 0x1c08  [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc         C:\Windows\System32\wlansvc.dll
15:16:08.0147 0x1c08  WlanSvc - ok
15:16:08.0175 0x1c08  [ 8CBA7957D7F7B48C0D396E40AA2FBCDA, 15B0B46B0C6B90350948BA4780C0AADC16FD1754F56D14F5F5C23560190EFAFF ] wlidsvc         C:\Windows\system32\wlidsvc.dll
15:16:08.0222 0x1c08  wlidsvc - ok
15:16:08.0226 0x1c08  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
15:16:08.0232 0x1c08  WmiAcpi - ok
15:16:08.0238 0x1c08  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:16:08.0248 0x1c08  wmiApSrv - ok
15:16:08.0250 0x1c08  WMPNetworkSvc - ok
15:16:08.0255 0x1c08  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof             C:\Windows\system32\drivers\Wof.sys
15:16:08.0263 0x1c08  Wof - ok
15:16:08.0288 0x1c08  [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
15:16:08.0329 0x1c08  workfolderssvc - ok
15:16:08.0333 0x1c08  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:16:08.0344 0x1c08  WPDBusEnum - ok
15:16:08.0346 0x1c08  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
15:16:08.0352 0x1c08  WpdUpFltr - ok
15:16:08.0357 0x1c08  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\Windows\system32\WpnService.dll
15:16:08.0370 0x1c08  WpnService - ok
15:16:08.0373 0x1c08  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\Windows\System32\WpnUserService.dll
15:16:08.0382 0x1c08  WpnUserService - ok
15:16:08.0386 0x1c08  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:16:08.0393 0x1c08  ws2ifsl - ok
15:16:08.0400 0x1c08  [ 5B3148291D750B03CD812DB79BD666AF, 03BAB66B9434CA2F35604B1123C0F7CC7A5E67F920D0993574C368179E8C9560 ] WsAppService    C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe
15:16:08.0424 0x1c08  WsAppService - detected UnsignedFile.Multi.Generic ( 1 )
15:16:09.0453 0x1c08  Detect skipped due to KSN trusted
15:16:09.0453 0x1c08  WsAppService - ok
15:16:09.0474 0x1c08  [ FF190115CBA067F58C981F0A9F43ABDF, C90353C748C02DB38B561C250682E12C82985A6F7ED7D497AF5DE10EC243FCBA ] wscsvc          C:\Windows\System32\wscsvc.dll
15:16:09.0508 0x1c08  wscsvc - ok
15:16:09.0513 0x1c08  [ 696EC2EAA2A42A137CCBB9A84D6917C0, 424089F4F373962AF8357C5D4D43F35948989BE3F58EAD3690F565F4C1BBC66F ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
15:16:09.0523 0x1c08  WSDPrintDevice - ok
15:16:09.0524 0x1c08  WsDrvInst - ok
15:16:09.0527 0x1c08  [ 46E4A69825A7554A5DB784A55F8AD203, 7F347054FCDD5DEF93083D420E56EBE5EEBBAE2BD2FED9B2E75E85149DE52780 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
15:16:09.0534 0x1c08  WSDScan - ok
15:16:09.0536 0x1c08  WSearch - ok
15:16:09.0567 0x1c08  [ 6BA66FE47BFAF223AEE6C98F28EB4D8E, 3B380329594DAD5BB50301F5A8A912BF6121788F395133C70C893879F68450FB ] wuauserv        C:\Windows\system32\wuaueng.dll
15:16:09.0616 0x1c08  wuauserv - ok
15:16:09.0620 0x1c08  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:16:09.0628 0x1c08  WudfPf - ok
15:16:09.0633 0x1c08  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\Windows\system32\drivers\WudfRd.sys
15:16:09.0644 0x1c08  WUDFRd - ok
15:16:09.0647 0x1c08  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:16:09.0657 0x1c08  wudfsvc - ok
15:16:09.0662 0x1c08  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
15:16:09.0672 0x1c08  WUDFWpdFs - ok
15:16:09.0677 0x1c08  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
15:16:09.0687 0x1c08  WUDFWpdMtp - ok
15:16:09.0704 0x1c08  [ E231728BC515A4B85543AF74A1FEDFCB, 5D250D7D789B5BB56BFA2E7A109BCEB3686B7636C54D89F4E9804101D145C955 ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:16:09.0736 0x1c08  WwanSvc - ok
15:16:09.0752 0x1c08  [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager  C:\Windows\System32\XblAuthManager.dll
15:16:09.0778 0x1c08  XblAuthManager - ok
15:16:09.0795 0x1c08  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\Windows\System32\XblGameSave.dll
15:16:09.0824 0x1c08  XblGameSave - ok
15:16:09.0830 0x1c08  [ C1E85B4FB08B4CCF16841B165910148B, AB33A6630BFC0E230BA464F721DD4ABB7DF79DF2D81C9C7366CC0BA2251F09F3 ] xboxgip         C:\Windows\System32\drivers\xboxgip.sys
15:16:09.0841 0x1c08  xboxgip - ok
15:16:09.0856 0x1c08  [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc   C:\Windows\system32\XboxNetApiSvc.dll
15:16:09.0886 0x1c08  XboxNetApiSvc - ok
15:16:09.0889 0x1c08  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid       C:\Windows\System32\drivers\xinputhid.sys
15:16:09.0896 0x1c08  xinputhid - ok
15:16:09.0900 0x1c08  ================ Scan global ===============================
15:16:09.0902 0x1c08  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\Windows\system32\basesrv.dll
15:16:09.0906 0x1c08  [ C509CCD23B086DFC9EAF86E280043672, BF431DC1C618BAF0CB67976C5A8BCCDC3F3CB266F83C614D605BA559BA8EDFD8 ] C:\Windows\system32\winsrv.dll
15:16:09.0912 0x1c08  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\Windows\system32\sxssrv.dll
15:16:09.0920 0x1c08  [ 133390D061D94917125DC666DA67ECD0, 69D6FFF3E0A0C4D77A62B4D71E1E3A8D10D93C46782A1B05F0EC4B8919C384B9 ] C:\Windows\system32\services.exe
15:16:09.0926 0x1c08  [ Global ] - ok
15:16:09.0926 0x1c08  ================ Scan MBR ==================================
15:16:09.0929 0x1c08  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:16:09.0958 0x1c08  \Device\Harddisk0\DR0 - ok
15:16:09.0960 0x1c08  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:16:10.0006 0x1c08  \Device\Harddisk1\DR1 - ok
15:16:10.0010 0x1c08  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
15:16:10.0083 0x1c08  \Device\Harddisk2\DR2 - ok
15:16:10.0084 0x1c08  ================ Scan VBR ==================================
15:16:10.0089 0x1c08  [ CEF6718A4468B9EFC71A796C5D281045 ] \Device\Harddisk0\DR0\Partition1
15:16:10.0092 0x1c08  \Device\Harddisk0\DR0\Partition1 - ok
15:16:10.0095 0x1c08  [ 10B656C2E1054652BC235878636E1CF4 ] \Device\Harddisk0\DR0\Partition2
15:16:10.0098 0x1c08  \Device\Harddisk0\DR0\Partition2 - ok
15:16:10.0103 0x1c08  [ ADF7721018CB63E139547B3767080745 ] \Device\Harddisk1\DR1\Partition1
15:16:10.0106 0x1c08  \Device\Harddisk1\DR1\Partition1 - ok
15:16:10.0112 0x1c08  [ 0ECA88B362229E22EEA8FD21753BAF4B ] \Device\Harddisk2\DR2\Partition1
15:16:10.0113 0x1c08  \Device\Harddisk2\DR2\Partition1 - ok
15:16:10.0114 0x1c08  ================ Scan generic autorun ======================
15:16:10.0247 0x1c08  [ F3C19FDBD73584B40C676087418AA36D, D081DD4F09B62B8163413DE4FF03A6578382BEECF0861FFCF7378FC7FA6A3D87 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
15:16:10.0348 0x1c08  RTHDVCPL - ok
15:16:10.0359 0x1c08  [ 93787FF75E6323CF1D5467CA119CF76D, 9CBD2B9BF44FCE78AA87FD7A26A65AEE9DD04C43991142528F57FF9A0E2FC4A4 ] C:\Program Files\Greenshot\Greenshot.exe
15:16:10.0371 0x1c08  Greenshot - detected UnsignedFile.Multi.Generic ( 1 )
15:16:10.0498 0x1c08  Detect skipped due to KSN trusted
15:16:10.0498 0x1c08  Greenshot - ok
15:16:10.0512 0x1c08  [ 9C3F26DCA9142F16ED3D7EE8AB4E417D, 867AD96CB5738266E5BC93E424EA1673881C5F5FBF19C7B699F800C7206CA929 ] C:\Program Files\iTunes\iTunesHelper.exe
15:16:10.0539 0x1c08  iTunesHelper - ok
15:16:10.0553 0x1c08  [ 48515EEA1608ECD83FE26C7490460F59, C7C552D13ED12B4165FDE45F69E170D4F18B746D84B3B08E7254AAF8D9671D0C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
15:16:10.0570 0x1c08  AdobeAAMUpdater-1.0 - ok
15:16:10.0572 0x1c08  [ C7645D43451C6D94D87F4D07BDE59C89, 495BBA47FC43EE23054FCD419F2F00457162D1C04296900C6AEA551102A810F3 ] C:\Windows\system32\rundll32.exe
15:16:10.0586 0x1c08  ShadowPlay - ok
15:16:10.0616 0x1c08  [ 7D5E8D5BDF324718BBC91DF02D830317, AA6A8B0536C14A7D11FDFFA5F980E90059F6C3BE99DE57503EC58DEA022C5398 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
15:16:10.0647 0x1c08  Adobe Creative Cloud - ok
15:16:10.0651 0x1c08  Dropbox - ok
15:16:10.0786 0x1c08  [ CE99AA11D0274BE5BDEF3991508852E9, C129B50010508603C6F2CDB4442ACA4E7FC6CD44DBDB6153D5E1D37E1BC32036 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
15:16:10.0895 0x1c08  AvastUI.exe - ok
15:16:11.0030 0x1c08  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
15:16:11.0134 0x1c08  OneDriveSetup - ok
15:16:11.0265 0x1c08  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
15:16:11.0369 0x1c08  OneDriveSetup - ok
15:16:11.0475 0x1c08  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
15:16:11.0578 0x1c08  OneDriveSetup - ok
15:16:11.0593 0x1c08  [ 1D7DD340E13DF9585EABB849CFC3E11B, 31CCD9753402DC030C641214B4ECB48A757BCD9F427A143A88745C62EFF87766 ] C:\Users\Marko\AppData\Local\Microsoft\OneDrive\OneDrive.exe
15:16:11.0606 0x1c08  OneDrive - ok
15:16:11.0664 0x1c08  [ D2CE6EA0E9F641D7153462D40C6B4193, 3AAE5239F951E29497D759326BDC23E19644B763DC5661CA4E4980418195C37D ] C:\Program Files (x86)\Steam\steam.exe
15:16:11.0701 0x1c08  Steam - ok
15:16:11.0703 0x1c08  Waiting for KSN requests completion. In queue: 246
15:16:11.0834 0x234c  Object required for P2P: [ D2CE6EA0E9F641D7153462D40C6B4193 ] C:\Program Files (x86)\Steam\steam.exe
15:16:12.0066 0x234c  Object send P2P result: true
15:16:12.0732 0x1c08  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
15:16:12.0733 0x1c08  AV detected via SS2: Avast Antivirus, C:\Program Files\AVAST Software\Avast\wsc_proxy.exe ( 12.3.3154.0 ), 0x41000 ( enabled : updated )
15:16:12.0736 0x1c08  FW detected via SS2: Avast Antivirus, C:\Program Files\AVAST Software\Avast\wsc_proxy.exe ( 12.3.3154.0 ), 0x41010 ( enabled )
15:16:12.0826 0x1c08  ============================================================
15:16:12.0826 0x1c08  Scan finished
15:16:12.0826 0x1c08  ============================================================
15:16:12.0843 0x1b0c  Detected object count: 3
15:16:12.0843 0x1b0c  Actual detected object count: 3
15:16:42.0673 0x1b0c  Ferbayrepecult ( UnsignedFile.Multi.Generic ) - skipped by user
15:16:42.0673 0x1b0c  Ferbayrepecult ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:16:42.0673 0x1b0c  MCSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:16:42.0673 0x1b0c  MCSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:16:42.0673 0x1b0c  UvConv ( UnsignedFile.Multi.Generic ) - skipped by user
15:16:42.0673 0x1b0c  UvConv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:16:55.0601 0x1748  Deinitialize success
         

Alt 17.11.2016, 16:02   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast meldet sich alle 10 min - Standard

Avast meldet sich alle 10 min



Bitte das richtige Log bon MBAR posten. Und auch beachten was zu tun ist, wenn MBAR fündig wurde.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.11.2016, 16:09   #15
maigoh
 
Avast meldet sich alle 10 min - Standard

Avast meldet sich alle 10 min



Teil 1
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.11.17.08
  rootkit: v2016.10.31.01

Windows 10 x64 NTFS
Internet Explorer 11.447.14393.0
Marko :: DESKTOP-L90M10J [administrator]

17.11.2016 14:46:37
mbar-log-2016-11-17 (14-46-37).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 322488
Time elapsed: 7 minute(s), 

Memory Processes Detected: 4
C:\Program Files (x86)\Elex-tech\YAC\iSafeTHlp.exe (FraudTool.YAC) -> 8396 -> Delete on reboot. [550740812d6d7abc72e62c98798713ed]
C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe (FraudTool.YAC) -> 2144 -> Delete on reboot. [1c405968f7a31422c09802c258a815eb]
C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe (FraudTool.YAC) -> 8760 -> Delete on reboot. [bf9dc001584240f6d97f1fa5e61ab54b]
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe (FraudTool.YAC) -> 8488 -> Delete on reboot. [91cbccf557433ff71c3c7d47b64ac33d]

Memory Modules Detected: 73
C:\Program Files (x86)\WinArcher\Archer.dll (Adware.Elex) -> Delete on reboot. [500c9c25c7d35ed89f0021b5d82bf907]
C:\Program Files (x86)\Elex-tech\YAC\isafebs.dll (FraudTool.YAC) -> Delete on reboot. [de7ee4ddefaba3933325a024a65ae61a]
C:\Program Files (x86)\Elex-tech\YAC\isafebs.dll (FraudTool.YAC) -> Delete on reboot. [de7ee4ddefaba3933325a024a65ae61a]
C:\Program Files (x86)\Elex-tech\YAC\isafebase.dll (FraudTool.YAC) -> Delete on reboot. [4e0eedd456444ceaf1679430b94747b9]
C:\Program Files (x86)\Elex-tech\YAC\isafebase.dll (FraudTool.YAC) -> Delete on reboot. [4e0eedd456444ceaf1679430b94747b9]
C:\Program Files (x86)\Elex-tech\YAC\isafepxy.dll (FraudTool.YAC) -> Delete on reboot. [97c56f52dbbfa98d67f1863e808040c0]
C:\Program Files (x86)\Elex-tech\YAC\isafepxy.dll (FraudTool.YAC) -> Delete on reboot. [97c56f52dbbfa98d67f1863e808040c0]
C:\Program Files (x86)\Elex-tech\YAC\isafepxy.dll (FraudTool.YAC) -> Delete on reboot. [97c56f52dbbfa98d67f1863e808040c0]
C:\Program Files (x86)\Elex-tech\YAC\isafepxy.dll (FraudTool.YAC) -> Delete on reboot. [97c56f52dbbfa98d67f1863e808040c0]
C:\Program Files (x86)\Elex-tech\YAC\iImportLib.dll (FraudTool.YAC) -> Delete on reboot. [c29a754c8b0f102653059c28e917f60a]
C:\Program Files (x86)\Elex-tech\YAC\iImportLib.dll (FraudTool.YAC) -> Delete on reboot. [c29a754c8b0f102653059c28e917f60a]
C:\Program Files (x86)\Elex-tech\YAC\iImportLib.dll (FraudTool.YAC) -> Delete on reboot. [c29a754c8b0f102653059c28e917f60a]
C:\Program Files (x86)\Elex-tech\YAC\iImportLib.dll (FraudTool.YAC) -> Delete on reboot. [c29a754c8b0f102653059c28e917f60a]
C:\Program Files (x86)\Elex-tech\YAC\isaferpt.dll (FraudTool.YAC) -> Delete on reboot. [44187f4253476bcb75e31ea6a65a5da3]
C:\Program Files (x86)\Elex-tech\YAC\isaferpt.dll (FraudTool.YAC) -> Delete on reboot. [44187f4253476bcb75e31ea6a65a5da3]
C:\Program Files (x86)\Elex-tech\YAC\isaferpt.dll (FraudTool.YAC) -> Delete on reboot. [44187f4253476bcb75e31ea6a65a5da3]
C:\Program Files (x86)\Elex-tech\YAC\isafemc.dll (FraudTool.YAC) -> Delete on reboot. [62fa249dfaa048eeef69f9cb2ad6d62a]
C:\Program Files (x86)\Elex-tech\YAC\isafemc.dll (FraudTool.YAC) -> Delete on reboot. [62fa249dfaa048eeef69f9cb2ad6d62a]
C:\Program Files (x86)\Elex-tech\YAC\curlpp.dll (FraudTool.YAC) -> Delete on reboot. [3428cef3900a201677e1507440c0fc04]
C:\Program Files (x86)\Elex-tech\YAC\curlpp.dll (FraudTool.YAC) -> Delete on reboot. [3428cef3900a201677e1507440c0fc04]
C:\Program Files (x86)\Elex-tech\YAC\curlpp.dll (FraudTool.YAC) -> Delete on reboot. [3428cef3900a201677e1507440c0fc04]
C:\Program Files (x86)\Elex-tech\YAC\curlpp.dll (FraudTool.YAC) -> Delete on reboot. [3428cef3900a201677e1507440c0fc04]
C:\Program Files (x86)\Elex-tech\YAC\iSvc.dll (FraudTool.YAC) -> Delete on reboot. [4e0ec5fc8317f3434711b70de11f45bb]
C:\Program Files (x86)\Elex-tech\YAC\isafeupbiz.dll (FraudTool.YAC) -> Delete on reboot. [c498af12227894a24c0c933125dba060]
C:\Program Files (x86)\Elex-tech\YAC\iCommu.dll (FraudTool.YAC) -> Delete on reboot. [1943d7ea1189e4522434259f768a20e0]
C:\Program Files (x86)\Elex-tech\YAC\iCommu.dll (FraudTool.YAC) -> Delete on reboot. [1943d7ea1189e4522434259f768a20e0]
C:\Program Files (x86)\Elex-tech\YAC\iCommu.dll (FraudTool.YAC) -> Delete on reboot. [1943d7ea1189e4522434259f768a20e0]
C:\Program Files (x86)\Elex-tech\YAC\ipcproxy.dll (FraudTool.YAC) -> Delete on reboot. [5dffc001b9e1d0660a4e586c6c946b95]
C:\Program Files (x86)\Elex-tech\YAC\iSvc2.dll (FraudTool.YAC) -> Delete on reboot. [3a224f722c6ec5716bed2a9a38c8c53b]
C:\Program Files (x86)\Elex-tech\YAC\iSafeAdless.dll (FraudTool.YAC) -> Delete on reboot. [1646249d7228290da1b7c9fb659be61a]
C:\Program Files (x86)\Elex-tech\YAC\iSafenpf.dll (FraudTool.YAC) -> Delete on reboot. [560614adddbd84b2d088497bdc241ce4]
C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlCall.dll (FraudTool.YAC) -> Delete on reboot. [74e8457ccdcd1d19b6a2a71d0cf49c64]
C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMonCall.dll (FraudTool.YAC) -> Delete on reboot. [4b11467b4a503105c692269e6f9134cc]
C:\Program Files (x86)\Elex-tech\YAC\iCommon.dll (FraudTool.YAC) -> Delete on reboot. [a2ba655ca9f14de97ade695b53adaf51]
C:\Program Files (x86)\Elex-tech\YAC\iTpNodisturb.dll (FraudTool.YAC) -> Delete on reboot. [4d0f9e2319811e181c3c477d718f49b7]
C:\Program Files (x86)\Elex-tech\YAC\iTPProtect.dll (FraudTool.YAC) -> Delete on reboot. [2735aa17a5f5df5778e0b212659b8878]
C:\Program Files (x86)\Elex-tech\YAC\iTPDesk.dll (FraudTool.YAC) -> Delete on reboot. [0e4e625f7b1f74c2e77107bd966a33cd]
C:\Program Files (x86)\Elex-tech\YAC\iTPFloaty.dll (FraudTool.YAC) -> Delete on reboot. [015b427f5941a1950157a91b877956aa]
C:\Program Files (x86)\Elex-tech\YAC\iTPPush.dll (FraudTool.YAC) -> Delete on reboot. [df7d536eedad3cfab0a88a3a0df3c13f]
C:\Program Files (x86)\Elex-tech\YAC\iTPMsgCenter.dll (FraudTool.YAC) -> Delete on reboot. [95c715ac8515ee48d484903414ec60a0]
C:\Program Files (x86)\Elex-tech\YAC\iTPAutoClean.dll (FraudTool.YAC) -> Delete on reboot. [d28a9a2773274fe7b3a5b50f04fc5fa1]
C:\Program Files (x86)\Elex-tech\YAC\libcurl.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\libcurl.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\libcurl.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\libcurl.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\libeay32.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\libeay32.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\libeay32.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\libeay32.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\libpng.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\libpng.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\msvcp110.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\msvcp110.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\msvcp110.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\msvcp110.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\msvcr110.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\msvcr110.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\msvcr110.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\msvcr110.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\ouilibx.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\ouilibx.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\sqlite3.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\sqlite3.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\sqlite3.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\sqlite3.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\ssleay32.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\ssleay32.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\ssleay32.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\ssleay32.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]

Registry Keys Detected: 27
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\iSafeService (FraudTool.YAC) -> Delete on reboot. [1c405968f7a31422c09802c258a815eb]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\iSafeKrnlKit (FraudTool.YAC) -> Delete on reboot. [223a5b6685151026e375566e7987bd43]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\iSafeKrnl (FraudTool.YAC) -> Delete on reboot. [421af1d0a7f36accdc7c7f45b64ae61a]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\iSafeKrnlMon (FraudTool.YAC) -> Delete on reboot. [500ce5dcf0aab680bc9c606440c010f0]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\1J1FOJM4 (Adware.Sasquor.SPL) -> Delete on reboot. [322ae3def3a755e1fc32883e41c2c23e]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\1UAT87X6 (Adware.Sasquor.SPL) -> Delete on reboot. [2933b60bd9c1092df13df2d4c93a41bf]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\2VFLYVSV (Adware.Sasquor.SPL) -> Delete on reboot. [fc6006bbe7b39e986ac402c411f28e72]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\58AU7LB2 (Adware.Sasquor.SPL) -> Delete on reboot. [f06cbe03bbdf1a1cbb7356703dc620e0]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\9LTLGIJF (Adware.Sasquor.SPL) -> Delete on reboot. [0557cef3f7a3a19581ad5670d3308080]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\9S2CL85N (Adware.Sasquor.SPL) -> Delete on reboot. [e47888398317b08651dd3a8cc53e7a86]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\9TAQ5U1O (Adware.Sasquor.SPL) -> Delete on reboot. [5804f3ce9901280e1e1066602ad939c7]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\A2S00FUE (Adware.Sasquor.SPL) -> Delete on reboot. [f06c20a12674d75f3cf2af1715ee5da3]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\BYDJEXRA (Adware.Sasquor.SPL) -> Delete on reboot. [7be1c2ff6d2d58dedb534284d62d956b]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\D3VGNYE4 (Adware.Sasquor.SPL) -> Delete on reboot. [2b315170d5c5072f7ab47d494cb79d63]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\DMXMDFKR (Adware.Sasquor.SPL) -> Delete on reboot. [83d94c750892bc7a2509388e9370639d]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\H45HYWRJ (Adware.Sasquor.SPL) -> Delete on reboot. [c9939f220f8b043276b8ab1b867dd52b]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\HD38JVDK (Adware.Sasquor.SPL) -> Delete on reboot. [d686566bf8a2c86e30fed3f300037d83]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\ICRM5PAH (Adware.Sasquor.SPL) -> Delete on reboot. [035909b86b2f3cfab07e6165bd464db3]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\KBY6D23C (Adware.Sasquor.SPL) -> Delete on reboot. [0656ffc24456b185e24c9a2c00030ff1]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\ND7VY07X (Adware.Sasquor.SPL) -> Delete on reboot. [2d2fe4dd1d7d56e0240a41850af940c0]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\S4U04JJM (Adware.Sasquor.SPL) -> Delete on reboot. [48145c656832ec4a4de19d2910f305fb]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\SR4N38MW (Adware.Sasquor.SPL) -> Delete on reboot. [29331fa287137fb74ee07155798a4bb5]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\SRX6NL94 (Adware.Sasquor.SPL) -> Delete on reboot. [8cd0fcc5fd9dde58c5695e68ea1905fb]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\WDKNDB67 (Adware.Sasquor.SPL) -> Delete on reboot. [db81d5ec3565cc6a83ab3393e320ab55]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ISAFEKRNLBOOT (FraudTool.YAC) -> Delete on reboot. [6defc3fecad0b87e8c066772ad54ad53]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ISAFENETFILTER (FraudTool.YAC) -> Delete on reboot. [a4b8b110bddd270f40532aafd32e6b95]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\iSafe (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]

Registry Values Detected: 26
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\1j1fojm4|Name (Adware.Sasquor.SPL) -> Data: C:\NVIDIA\\local64spl.dll -> Delete on reboot. [322ae3def3a755e1fc32883e41c2c23e]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\1uat87x6|Name (Adware.Sasquor.SPL) -> Data: C:\1\local64spl.dll -> Delete on reboot. [2933b60bd9c1092df13df2d4c93a41bf]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\2vflyvsv|Name (Adware.Sasquor.SPL) -> Data: C:\PerfLogs1\local64spl.dll -> Delete on reboot. [fc6006bbe7b39e986ac402c411f28e72]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\58au7lb2|Name (Adware.Sasquor.SPL) -> Data: C:\PerfLogs\\local64spl.dll -> Delete on reboot. [f06cbe03bbdf1a1cbb7356703dc620e0]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\9ltlgijf|Name (Adware.Sasquor.SPL) -> Data: C:\GOG Games\\local64spl.dll -> Delete on reboot. [0557cef3f7a3a19581ad5670d3308080]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\9s2cl85n|Name (Adware.Sasquor.SPL) -> Data: C:\PerfLogs\\local64spl.dll -> Delete on reboot. [e47888398317b08651dd3a8cc53e7a86]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\9taq5u1o|Name (Adware.Sasquor.SPL) -> Data: C:\GOG Games1\local64spl.dll -> Delete on reboot. [5804f3ce9901280e1e1066602ad939c7]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\a2s00fue|Name (Adware.Sasquor.SPL) -> Data: C:\GOG Games\\local64spl.dll -> Delete on reboot. [f06c20a12674d75f3cf2af1715ee5da3]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\bydjexra|Name (Adware.Sasquor.SPL) -> Data: C:\NVIDIA1\local64spl.dll -> Delete on reboot. [7be1c2ff6d2d58dedb534284d62d956b]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\d3vgnye4|Name (Adware.Sasquor.SPL) -> Data: C:\GOG Games1\local64spl.dll -> Delete on reboot. [2b315170d5c5072f7ab47d494cb79d63]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\dmxmdfkr|Name (Adware.Sasquor.SPL) -> Data: C:\1\local64spl.dll -> Delete on reboot. [83d94c750892bc7a2509388e9370639d]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\h45hywrj|Name (Adware.Sasquor.SPL) -> Data: C:\NVIDIA1\local64spl.dll -> Delete on reboot. [c9939f220f8b043276b8ab1b867dd52b]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\hd38jvdk|Name (Adware.Sasquor.SPL) -> Data: C:\PerfLogs1\local64spl.dll -> Delete on reboot. [d686566bf8a2c86e30fed3f300037d83]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\icrm5pah|Name (Adware.Sasquor.SPL) -> Data: C:\Program Files1\local64spl.dll -> Delete on reboot. [035909b86b2f3cfab07e6165bd464db3]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\kby6d23c|Name (Adware.Sasquor.SPL) -> Data: C:\Program Files\\local64spl.dll -> Delete on reboot. [0656ffc24456b185e24c9a2c00030ff1]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\nd7vy07x|Name (Adware.Sasquor.SPL) -> Data: C:\Program Files1\local64spl.dll -> Delete on reboot. [2d2fe4dd1d7d56e0240a41850af940c0]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\s4u04jjm|Name (Adware.Sasquor.SPL) -> Data: C:\Program Files\\local64spl.dll -> Delete on reboot. [48145c656832ec4a4de19d2910f305fb]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\sr4n38mw|Name (Adware.Sasquor.SPL) -> Data: C:\\local64spl.dll -> Delete on reboot. [29331fa287137fb74ee07155798a4bb5]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\srx6nl94|Name (Adware.Sasquor.SPL) -> Data: C:\\local64spl.dll -> Delete on reboot. [8cd0fcc5fd9dde58c5695e68ea1905fb]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\wdkndb67|Name (Adware.Sasquor.SPL) -> Data: C:\NVIDIA\\local64spl.dll -> Delete on reboot. [db81d5ec3565cc6a83ab3393e320ab55]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\iSafeKrnl|ImagePath (FraudTool.YAC) -> Data: \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys -> Delete on reboot. [5ffd249d2d6dd660aee35782e21fa957]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\iSafeKrnlKit|ImagePath (FraudTool.YAC) -> Data: \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys -> Delete on reboot. [b4a8d2ef6c2e2610bcd5cd0c26dbec14]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\iSafeKrnlMon|ImagePath (FraudTool.YAC) -> Data: \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys -> Delete on reboot. [d18b269b425886b05d346c6d3cc57b85]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ISAFEKRNLBOOT|ImagePath (FraudTool.YAC) -> Data: system32\DRIVERS\iSafeKrnlBoot.sys -> Delete on reboot. [6defc3fecad0b87e8c066772ad54ad53]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ISAFENETFILTER|ImagePath (FraudTool.YAC) -> Data: system32\DRIVERS\iSafeNetFilter.sys -> Delete on reboot. [a4b8b110bddd270f40532aafd32e6b95]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ISAFESERVICE|ImagePath (FraudTool.YAC) -> Data: C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe -> Delete on reboot. [213b4978fe9c96a0e7ade5f47e839c64]

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 163
C:\Users\Marko\AppData\Roaming\Elex-tech\YAC (FraudTool.YAC) -> Delete on reboot. [e5770fb2dcbe9a9c9924d7e32dd4d729]
C:\Users\Marko\AppData\Roaming\Elex-tech\YAC\iDesk (FraudTool.YAC) -> Delete on reboot. [e5770fb2dcbe9a9c9924d7e32dd4d729]
C:\Users\Marko\AppData\Roaming\Elex-tech\YAC\log (FraudTool.YAC) -> Delete on reboot. [e5770fb2dcbe9a9c9924d7e32dd4d729]
C:\Program Files (x86)\Elex-tech\YAC (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\cfg (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\engine (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\engine\cache (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\engine\defs (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\engine\quarantine (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\engine\trustzone (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\font (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\log (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\pfdatapfdata (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\pfdatapfdata\SSL (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2 (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\layout\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout\new (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\layout\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_pop_res (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\layout\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\common (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\common\image\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\common\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\common\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\image\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\layout\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\fbSkin\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\desk_bkg (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\foldericon (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\arrangedesktop (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\image\default\tip (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\layout\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\iDesk\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\image\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\layout\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\iSafeSet\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\image\newclean (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\layout\newclean (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\NewClean\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2 (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\image\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\layout\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\optimize2\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\plugin (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\plugin\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\plugin\image\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\plugin\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\plugin\layout\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\plugin\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\image\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\layout\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\SafeProtect\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\image\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\layout\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\softmgr\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\image\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\image\default\res (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\layout\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\TaskHelper\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\ToolBox (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\ToolBox\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\ToolBox\image\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\ToolBox\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\ToolBox\layout\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\ToolBox\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2 (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\layout\pop (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\tray2\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Appstore (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Feedback\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\image\float (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Floaty\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\foldericon (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\image\arrangedesktop (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\iDesk\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\MsgCenter (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\MsgCenter\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\MsgCenter\layout\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\MsgCenter\resouce (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\MsgCenter\resouce\default (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\MsgCenter\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Nodisturb (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Nodisturb\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Nodisturb\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Nodisturb\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\Protect\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\trayplugin\StartupAssist\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\image (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\layout (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\uninstall\style (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\update (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\update\0 (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\update\1 (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\update\temp (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\user (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]

Files Detected: 1214
C:\WINDOWS\SYSTEM32\drivers\iSafeKrnlBoot.sys (FraudTool.YAC) -> Delete on reboot. [fab2eba07369bf3c6db33469b5b36fcb]
C:\WINDOWS\SYSTEM32\drivers\iSafeNetFilter.sys (FraudTool.YAC) -> Delete on reboot. [9fb02fba90f6af59537a30c3db9777c8]
C:\WINDOWS\SYSTEM32\drivers\zdwfp64.sys (PUP.Optional.Komodia) -> Delete on reboot. [a767ff3670b7349e961687c29ea9054e]
C:\Program Files (x86)\WinArcher\Archer.dll (Adware.Elex) -> Delete on reboot. [500c9c25c7d35ed89f0021b5d82bf907]
C:\Program Files (x86)\Elex-tech\YAC\iSafeTHlp.exe (FraudTool.YAC) -> Delete on reboot. [550740812d6d7abc72e62c98798713ed]
C:\Program Files (x86)\Elex-tech\YAC\isafebs.dll (FraudTool.YAC) -> Delete on reboot. [de7ee4ddefaba3933325a024a65ae61a]
C:\Program Files (x86)\Elex-tech\YAC\isafebase.dll (FraudTool.YAC) -> Delete on reboot. [4e0eedd456444ceaf1679430b94747b9]
C:\Program Files (x86)\Elex-tech\YAC\isafepxy.dll (FraudTool.YAC) -> Delete on reboot. [97c56f52dbbfa98d67f1863e808040c0]
C:\Program Files (x86)\Elex-tech\YAC\iImportLib.dll (FraudTool.YAC) -> Delete on reboot. [c29a754c8b0f102653059c28e917f60a]
C:\Program Files (x86)\Elex-tech\YAC\isaferpt.dll (FraudTool.YAC) -> Delete on reboot. [44187f4253476bcb75e31ea6a65a5da3]
C:\Program Files (x86)\Elex-tech\YAC\isafemc.dll (FraudTool.YAC) -> Delete on reboot. [62fa249dfaa048eeef69f9cb2ad6d62a]
C:\Program Files (x86)\Elex-tech\YAC\curlpp.dll (FraudTool.YAC) -> Delete on reboot. [3428cef3900a201677e1507440c0fc04]
C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe (FraudTool.YAC) -> Delete on reboot. [1c405968f7a31422c09802c258a815eb]
C:\Program Files (x86)\Elex-tech\YAC\iSvc.dll (FraudTool.YAC) -> Delete on reboot. [4e0ec5fc8317f3434711b70de11f45bb]
C:\Program Files (x86)\Elex-tech\YAC\isafeupbiz.dll (FraudTool.YAC) -> Delete on reboot. [c498af12227894a24c0c933125dba060]
C:\Program Files (x86)\Elex-tech\YAC\iCommu.dll (FraudTool.YAC) -> Delete on reboot. [1943d7ea1189e4522434259f768a20e0]
C:\Program Files (x86)\Elex-tech\YAC\ipcproxy.dll (FraudTool.YAC) -> Delete on reboot. [5dffc001b9e1d0660a4e586c6c946b95]
C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe (FraudTool.YAC) -> Delete on reboot. [bf9dc001584240f6d97f1fa5e61ab54b]
C:\Program Files (x86)\Elex-tech\YAC\iSvc2.dll (FraudTool.YAC) -> Delete on reboot. [3a224f722c6ec5716bed2a9a38c8c53b]
C:\Program Files (x86)\Elex-tech\YAC\iSafeAdless.dll (FraudTool.YAC) -> Delete on reboot. [1646249d7228290da1b7c9fb659be61a]
C:\Program Files (x86)\Elex-tech\YAC\iSafenpf.dll (FraudTool.YAC) -> Delete on reboot. [560614adddbd84b2d088497bdc241ce4]
C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlCall.dll (FraudTool.YAC) -> Delete on reboot. [74e8457ccdcd1d19b6a2a71d0cf49c64]
C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMonCall.dll (FraudTool.YAC) -> Delete on reboot. [4b11467b4a503105c692269e6f9134cc]
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe (FraudTool.YAC) -> Delete on reboot. [91cbccf557433ff71c3c7d47b64ac33d]
C:\Program Files (x86)\Elex-tech\YAC\iCommon.dll (FraudTool.YAC) -> Delete on reboot. [a2ba655ca9f14de97ade695b53adaf51]
C:\Program Files (x86)\Elex-tech\YAC\iTpNodisturb.dll (FraudTool.YAC) -> Delete on reboot. [4d0f9e2319811e181c3c477d718f49b7]
C:\Program Files (x86)\Elex-tech\YAC\iTPProtect.dll (FraudTool.YAC) -> Delete on reboot. [2735aa17a5f5df5778e0b212659b8878]
C:\Program Files (x86)\Elex-tech\YAC\iTPDesk.dll (FraudTool.YAC) -> Delete on reboot. [0e4e625f7b1f74c2e77107bd966a33cd]
C:\Program Files (x86)\Elex-tech\YAC\iTPFloaty.dll (FraudTool.YAC) -> Delete on reboot. [015b427f5941a1950157a91b877956aa]
C:\Program Files (x86)\Elex-tech\YAC\iTPPush.dll (FraudTool.YAC) -> Delete on reboot. [df7d536eedad3cfab0a88a3a0df3c13f]
C:\Program Files (x86)\Elex-tech\YAC\iTPMsgCenter.dll (FraudTool.YAC) -> Delete on reboot. [95c715ac8515ee48d484903414ec60a0]
C:\Program Files (x86)\Elex-tech\YAC\iTPAutoClean.dll (FraudTool.YAC) -> Delete on reboot. [d28a9a2773274fe7b3a5b50f04fc5fa1]
C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys (FraudTool.YAC) -> Delete on reboot. [223a5b6685151026e375566e7987bd43]
C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys (FraudTool.YAC) -> Delete on reboot. [421af1d0a7f36accdc7c7f45b64ae61a]
C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys (FraudTool.YAC) -> Delete on reboot. [500ce5dcf0aab680bc9c606440c010f0]
C:\Users\Marko\AppData\Local\Temp\_@383F.tmp (FraudTool.YAC) -> Delete on reboot. [302ca120d1c92214ee69cff5ec14c53b]
C:\Users\Marko\AppData\Local\Temp\_@3840.tmp (FraudTool.YAC) -> Delete on reboot. [aeaea71a3268be784e0ad8ec8c74f40c]
C:\Users\Marko\AppData\Local\Temp\_@3841.tmp (FraudTool.YAC) -> Delete on reboot. [154750715545b77f38200fb5a759b54b]
C:\Users\Marko\AppData\Local\Temp\_@3842.tmp (FraudTool.YAC) -> Delete on reboot. [78e4625f83177abc0256b50f5ba54bb5]
C:\Users\Marko\AppData\Local\Temp\_@3843.tmp (FraudTool.YAC) -> Delete on reboot. [2d2fdde44357c2743226fdc72dd3f10f]
C:\Users\Marko\AppData\Local\Temp\_@3853.tmp (FraudTool.YAC) -> Delete on reboot. [4c10ae135e3c76c0c098c4005fa1fe02]
C:\Users\Marko\AppData\Local\Temp\_@3854.tmp (FraudTool.YAC) -> Delete on reboot. [abb1229f0496a88e96c2f1d3659bed13]
C:\Users\Marko\AppData\Local\Temp\_@3855.tmp (FraudTool.YAC) -> Delete on reboot. [65f73190405a82b45404f7cda25e6c94]
C:\Users\Marko\AppData\Local\Temp\32855813-D4D2-494E-87F7-E3AC334220CE\wadiagopilesve.ru_World.exe (Adware.HPDefender) -> Delete on reboot. [cd8faa178a10fb3b0db69d316f949e62]
C:\Users\Marko\AppData\Roaming\Elex-tech\YAC\preference.ini (FraudTool.YAC) -> Delete on reboot. [e5770fb2dcbe9a9c9924d7e32dd4d729]
C:\Users\Marko\AppData\Roaming\Elex-tech\YAC\proxyUpdate.ini (FraudTool.YAC) -> Delete on reboot. [e5770fb2dcbe9a9c9924d7e32dd4d729]
C:\Users\Marko\AppData\Roaming\Elex-tech\YAC\iDesk\desk.ini (FraudTool.YAC) -> Delete on reboot. [e5770fb2dcbe9a9c9924d7e32dd4d729]
C:\Users\Marko\AppData\Roaming\Elex-tech\YAC\log\install.log (FraudTool.YAC) -> Delete on reboot. [e5770fb2dcbe9a9c9924d7e32dd4d729]
C:\Users\Marko\AppData\Roaming\Elex-tech\YAC\log\iSafeTray.log (FraudTool.YAC) -> Delete on reboot. [e5770fb2dcbe9a9c9924d7e32dd4d729]
C:\Users\Marko\AppData\Roaming\Elex-tech\YAC\log\logreport.log (FraudTool.YAC) -> Delete on reboot. [e5770fb2dcbe9a9c9924d7e32dd4d729]
C:\Program Files (x86)\Elex-tech\YAC\isafembp.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\iddmgr.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\iDesk.exe (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\ipcdl.exe (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\iSafe.exe (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\isafeadfv.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\isafetbv.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\iSafeTHlp64.exe (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\iStart.exe (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\isafemclv.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\isafemgc.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\iSafeMon.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\iSafeMon64.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\isafemoptv.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\isafemsmv.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\iSafeNetFilter.sys (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\isafesmgr.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\isafesopt.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\isafesptv.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\isafesv.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\libcurl.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\libeay32.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\libpng.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\main (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\msvcp110.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\msvcr110.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\ouilibx.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\sqlite3.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\sqlite3x64.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\ssleay32.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\uninstall.exe (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\uninstall.inst (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\iSafeBugReport.exe (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\isafechlp.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\isafeclc.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\isafeclcv.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\iSafeDisp.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlBoot.sys (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlCall64.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlShell.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\isafemadwc.dll (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\cfg\ccc.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\cfg\customscan.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\cfg\dbucg.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\cfg\hyperscan.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\cfg\isafe.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\cfg\quickscan.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\cfg\scanfilter.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\cfg\ucg.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\cfg\updatedb.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\adb.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\bas.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\bts.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\bwd.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\cls.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\clx.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\eas.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\ess.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\fst.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\gcs.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\gcx.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\hs.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\mic.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\nlu.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\plx.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\rms.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\sta.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\stu.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\tbc.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\uis.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\was.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\data\ysm.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\engine\cache\index.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\engine\defs\bs.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\engine\defs\sr.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\engine\defs\vn.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\engine\defs\ws.dat (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\font\segoeui.ttf (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\font\segoeuib.ttf (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\AdBlock_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\adwclean_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\bugreport.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\clean_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\clean_scanfilter_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\common_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\dsk_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\fblang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\iSafeRKScanShell.lang (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\iSafeSet_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\Lottery_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\NewVirusScan_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\new_clean_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\optimize_lang2.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\PCClinicUI_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\plugin_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\SafeProtect_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\shell.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\softmgr_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\startup_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\taskhelper_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\ToolBox_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\tray2_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\trayplugin_appstore_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\trayplugin_desk_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\trayplugin_feedback_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\trayplugin_floaty_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\trayplugin_nodisturb_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\trayplugin_protect_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\trayplugin_startupassist_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\lang\uninstall_lang.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\log\bugreport.LOG (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\log\ipcdl.log (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\log\ipcproxy.log (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\log\iSafeBS.log (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\log\iSafeKrnlCall.log (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\log\iSafeKrnlMonCall.log (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\log\iSafeSvc.LOG (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\log\iSafeSvc2.LOG (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\log\iSafeTaskHelper.LOG (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\log\iSafeTHlp64.LOG (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\edit_bg.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\AdblockToggle.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\adb_set.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\adb_set_gray.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\adb_set_hide.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\adb_set_hide_gray.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\adb_set_show.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\adb_set_show_gray.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\Add.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\Beta.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\check.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\Delete.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\FilterDesc.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\FilterDesc_gray.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\lock_ico.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\LogDetail.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\LogDetail_gray.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\opt_arrow_down.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\popup_menu_bk.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\popup_menu_itemskin.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\Resource.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\unlocked_ico.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\WhiteList.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\image\default\WhiteList_gray.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\layout\default\AdBlockView.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\AdBlock\style\Style.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\about_bg.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\activity.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\activity_bk.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\appstore_new.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\appstore_refresh.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\BG.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\btn_set.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\check_checked.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\check_indeterminate.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\check_uncheck.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\cm_iconlist.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\combo_browser_dropdown_bk.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\connecting_anim.gif (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\dbup_dlg_bk.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\dbup_dlg_bk_arrow.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\dbup_dlg_onekey_up_btn_bk.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\dbup_dlg_reboot_btn_bk.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\head_checked.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\head_indeteminate.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\head_unchecked.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_adblock.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_adw_clean.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_appstore.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_avira.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_deep_clean.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_exam.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_netmon.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_optimize.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_protect.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_recovery.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_softmgr.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_toolbox.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\icon_virusscan.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\if_block.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\if_prompt.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\if_question.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\if_warning.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\language_selected_bk.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\like.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\like_count.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\line1.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\line2.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\listctrlbtn.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\menu_bkg.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\menu_bkg2.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\menu_item_over.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\menu_nation_iconlist.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\msgbox_bk.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\number_bg.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\number_bg2.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\pop_sys_button2.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\pop_sys_close.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\progressbar_anim.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\progressbar_bk.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\progressbar_image.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\language_btn_bk.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\menu_setting_over.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\recovery.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\startmenu_deepclean.ico (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\resource.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\setting.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\setting_img_list.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\slidebutton_bg.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\small_dl.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\small_download.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\small_new.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\small_progress.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\small_progress_bk.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\special_line.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\sub_toggle_btn.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\sys_imglist.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\tab_bg.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\updatedlg_ok_btn_bk.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\update_check.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\update_cheking.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\update_chk_err.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\update_chk_ok.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\update_client_icon.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\update_downlodaing.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\update_error.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\update_icon.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\update_latest.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\update_server_icon.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\vscroll.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\wifi_logo.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\bk_bag.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\bk_green.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\bk_orange.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\bk_red.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\btn_repair.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_adblock_icon.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_back_btn_bk.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_cancel.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_do.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_number_0.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_health_number_normal.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_health_number_pressed.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_health_plus_normal.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_number_hover.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_number_hover_red.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_number_normal.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_number_normal_red.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_number_pressed.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_number_pressed_red.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_ok_icon.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_plus_normal.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_rubbish_icon.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_rubbish_icon_warning.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_safe_protect_icon.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_safe_protect_icon_warning.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_scanning_mid.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_scanning_pic.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_scanning_small.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_softmgr_icon.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_softmgr_icon_warning.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_sys_opt_icon.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_sys_opt_icon_warning.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_tip_wnd_arrow_bk.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_tip_wnd_bk.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_tip_wnd_bk2.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_type_btn_bottom_line.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_unit_bn.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_unit_gb.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_unit_health_bn.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_unit_health_kn.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_unit_health_mn.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_unit_kb.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_unit_kn.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_unit_mb.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_vscroll.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\green_right.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\icon_big_home.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\manual_icon.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\manual_item.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\number_big_green.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\number_big_red.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\number_big_red2.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\opt_arrow_down.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\opt_arrow_up.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\right_green.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\score_none.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\warning_blue.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\warning_gray.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\warning_red.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\warning_yellow.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\yellow_wrong.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_result_health_number_hover.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\exam_unit_mn.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\image\new\exam\ignore_icon.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout\new\aboutdlg.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout\new\dbupdatedlg.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout\new\DemoApp.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout\new\language_select.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout\new\maindlg.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout\new\msgbox.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout\new\slide_button_wnd.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout\new\tipwnd.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\layout\new\updatedlg.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\app\style\style_new.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\resource.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\bg.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\crash_ico.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\detail_bg.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\error_ico.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\input.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\reset_yac_btn_bg.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\send_btn_bg.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\smell_ico.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\sorry_ico.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\sucess_ico.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\vscroll.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\wait.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\waitting_ico.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\image\default\res\wait_ico.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\layout\default\detailwnd.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\layout\default\mainwnd.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\bugreport\style\style.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_quick_clean_iconlist.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\clean_res.xml (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_advance_item_bk.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_advance_item_bk2.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_adware_icon.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_auto_clean_ico.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_clean_smile_face.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_full_scan_virus_btn_bk.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_junk_icon.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_list_header_bk.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_plugin_can_delete.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_plugin_can_disable.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_plugin_icon.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_plugin_normal.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_plugin_type_iconlist.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_privacy_icon.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_quickclean_ico.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_registry_ico.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_reg_iconlist.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_rubbish_ico.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_scan_check.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_scan_detail_dlg_bk.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
C:\Program Files (x86)\Elex-tech\YAC\skin2\clean\image\default\cl_share_btn_bk.png (FraudTool.YAC) -> Delete on reboot. [dc80368b861451e5fbc3506a26db7a86]
         

Antwort

Themen zu Avast meldet sich alle 10 min
avast, bedrohung, bereits, bewusst, bild, chrome, community, geblockten, google, google chrome, immer wieder, liebe, melde, meldet, min, neu, neue, nicht, probleme, suchmaschine, vielen dank, viren, weiterhelfen



Ähnliche Themen: Avast meldet sich alle 10 min


  1. Avast meldet Virus
    Log-Analyse und Auswertung - 29.01.2015 (22)
  2. Avast meldet virus
    Plagegeister aller Art und deren Bekämpfung - 22.12.2014 (5)
  3. Windows 7: Avast meldet URL:Mal
    Plagegeister aller Art und deren Bekämpfung - 26.09.2014 (31)
  4. Win32:Evo-gen (Susp) wenn ich ein bestimmtes Programm öffne meldet sich Avast
    Log-Analyse und Auswertung - 24.07.2014 (7)
  5. Avast meldet alle 15 minuten URL:Mal Infektion
    Plagegeister aller Art und deren Bekämpfung - 28.06.2014 (9)
  6. Avast meldet Malware
    Plagegeister aller Art und deren Bekämpfung - 25.04.2014 (14)
  7. Avast meldet Malware!
    Plagegeister aller Art und deren Bekämpfung - 17.04.2014 (8)
  8. AVAST meldet Agent-CDG
    Log-Analyse und Auswertung - 10.10.2013 (13)
  9. Avast meldet "neues Netzwerk gefunden" und aswMBR hängt sich auf
    Plagegeister aller Art und deren Bekämpfung - 18.09.2013 (5)
  10. Avast meldet 3 Archivbomben
    Log-Analyse und Auswertung - 19.09.2012 (7)
  11. Avast meldet URL:Mal fehler
    Log-Analyse und Auswertung - 18.09.2012 (1)
  12. avast meldet yabector-B
    Plagegeister aller Art und deren Bekämpfung - 22.06.2011 (9)
  13. newport.cn (Vollversion) Warnung alle 2 Min von Avast
    Log-Analyse und Auswertung - 15.09.2010 (2)
  14. Avast alle 2 Minuten - newporto.cn/cgi-bin/options.cgi?
    Plagegeister aller Art und deren Bekämpfung - 16.08.2010 (15)
  15. Avast meldet Win32Trojan-gen
    Log-Analyse und Auswertung - 27.12.2008 (1)
  16. Windows: Benutzer meldet sich alle 3 Sekunden ab!
    Log-Analyse und Auswertung - 18.07.2008 (0)

Zum Thema Avast meldet sich alle 10 min - Hallo liebe Community, ich bin hier neu und hatte bisher noch nie Probleme mit Viren (zumindest nicht bewusst). Seit neustem bekomme ich auf Google Chrome immer wieder neue Suchmaschinen. Ebenso - Avast meldet sich alle 10 min...
Archiv
Du betrachtest: Avast meldet sich alle 10 min auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.