Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
unerwünschte Werbung, Tools lassen sich nicht löschen

unerwünschte Werbung, Tools lassen sich nicht löschen


Log-Analyse und Auswertung: unerwünschte Werbung, Tools lassen sich nicht löschen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 13.04.2014, 22:04   #1
Kingoflove
 
unerwünschte Werbung, Tools lassen sich nicht löschen - Standard

unerwünschte Werbung, Tools lassen sich nicht löschen


Sobald ich ins Netz gehe, kommen Werbeseiten und Search Tools lassen sich nicht löschen. Zur Deinstallation finde ich sie nicht.

Hier mein erster Log:
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-04-2014
Ran by Admins-Mo (administrator) on ADMINS on 13-04-2014 22:58:20
Running from C:\Users\Admins-Mo\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe
() C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe
() C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
() C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
() C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\WINDOWS\system32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(VoipConnect) C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe
() C:\Users\Admins-Mo\AppData\Local\Viber\Viber.exe
(Microsoft Corporation) C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(VoipStunt) C:\Program Files (x86)\VoipStunt.com\VoipStunt\VoipStunt.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] => C:\Program Files\elantech\etdctrl.exe [2876304 2013-01-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => c:\program files\realtek\audio\hda\ravcpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => c:\program files\realtek\audio\hda\ravbg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => c:\windows\system32\logilda.dll [1425208 2013-12-13] (Logitech, Inc.)
HKLM\...\Run: [BtPreLoad] => c:\program files (x86)\qualcomm atheros\bluetooth suite\btpreload.exe [64640 2012-11-09] ()
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [391152 2014-01-29] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\WINDOWS\system32\hkcmd.exe [771568 2014-01-29] (Intel Corporation)
HKLM\...\Run: [Persistence] => C:\WINDOWS\system32\igfxpers.exe [770544 2014-01-29] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [RadioController] => c:\program files (x86)\radiocontroller\rfbtnhelper.exe [111216 2013-10-22] (Dritek System Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => c:\program files (x86)\symantec\norton online backup\nobuclient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => c:\program files (x86)\samsung\kies\kiestrayagent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => c:\program files (x86)\quicktime\qttask.exe [98304 2013-12-03] (Apple Computer, Inc.)
HKLM-x32\...\Run: [mcui_exe] => "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [Dolby Home Theater v4] => c:\dolby pcee4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [819984 2014-03-13] (BlueStack Systems, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Facebook Update] => c:\users\admins-mo\appdata\local\facebook\update\facebookupdate.exe [138096 2013-12-09] (Facebook Inc.)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [PowerVoip] => C:\Program Files (x86)\PowerVoip.com\PowerVoip\PowerVoip.exe [19759936 2014-03-16] (PowerVoip)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [VoipBuster] => C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe [19753792 2014-03-10] (VoipBuster)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Browser Infrastructure Helper] => c:\users\admins-mo\appdata\local\smartbar\application\quickshare.exe [20248 2013-10-31] (Smartbar)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Spotify Web Helper] => c:\program files (x86)\spotify\data\spotifywebhelper.exe [1193176 2013-10-22] ()
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [AcerCloud] => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [18223872 2013-12-06] (Acer Incorporated)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [VoipConnect] => C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe [19772736 2014-02-20] (VoipConnect)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Viber] => C:\Users\Admins-Mo\AppData\Local\Viber\Viber.exe [936456 2013-12-02] ()
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-14] (Samsung)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [1489920 2014-02-27] (Informer Technologies, Inc.)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [VoipStunt] => C:\Program Files (x86)\VoipStunt.com\VoipStunt\VoipStunt.exe [19768640 2014-02-11] (VoipStunt)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\MountPoints2: {aeb970f5-53ed-11e3-be89-9c2a701c0468} - "E:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\MountPoints2: {b0c3d931-919c-11e3-bea7-089e0174c6f8} - "E:\LGAutoRun.exe" 
HKU\S-1-5-21-3624291485-3201753239-2019657463-1008\...\RunOnce: [RegAutoPlay] - C:\Windows\regedit.exe [151552 2013-08-22] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs: ,C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [157504 2014-02-22] (Amazon Inc.)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: ,C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: ,C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL [141120 2014-02-22] (Amazon Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214&type=default&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214&type=default&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKLM - {9749E983-BF9A-43ED-BEB0-F582059ED9AF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}
SearchScopes: HKLM-x32 - {9749E983-BF9A-43ED-BEB0-F582059ED9AF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ie-21&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_ie_ds_&query={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites1202&cd=2XzuyEtN2Y1L1Qzuzy0CtB0AyBtDtC0CtDyEyCzztAyB0F0FtN0D0Tzu0SyBtBtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=2072919560&ir=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214&type=default&q={searchTerms}
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKCU - {9749E983-BF9A-43ED-BEB0-F582059ED9AF} URL = 
SearchScopes: HKCU - {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ie-21&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_ie_ds_&query={searchTerms}
BHO: Feven 1.5 - {11111111-1111-1111-1111-110311851132} - C:\Program Files (x86)\Feven 1.5\Feven 1.5-bho64.dll (Feven)
BHO: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll (Amazon Inc.)
BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Feven 1.5 - {11111111-1111-1111-1111-110311851132} - C:\Program Files (x86)\Feven 1.5\Feven 1.5-bho.dll No File
BHO-x32: No Name - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - No File
BHO-x32: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll ()
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 83.169.184.33 83.169.184.97 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default
FF user.js: detected! => C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\user.js
FF NewTab: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_ff_nt_
FF DefaultSearchEngine: Amazon 
FF SearchEngineOrder.1: Amazon 
FF SelectedSearchEngine: Amazon 
FF Homepage: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_ff_sp_
FF Keyword.URL: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ff-21&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_ff_ab_&query=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Admins-Mo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\searchplugins\amazon.xml
FF SearchPlugin: C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Widget context - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2013-12-13]
FF Extension: Feven 1.5 - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com [2014-01-03]
FF Extension: Quick Start - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\quick_start@gmail.com [2014-04-13]
FF Extension: Amazon 1Button App for Firefox - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\abb@amazon.com.xpi [2014-01-31]
FF Extension: NoScript - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-01-03]
FF Extension: Adblock Plus - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-07]
FF Extension: Adblock Edge - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-02-07]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF [2013-12-16]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\extensions\quick_start@gmail.com [2014-04-13]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-12]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=sc&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214

Chrome: 
=======
CHR HomePage: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_cr_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_cr_sp_
CHR DefaultSearchKeyword: amazon.de
CHR DefaultSearchProvider: Amazon
CHR DefaultSearchURL: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_cr_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-cr-21&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_cr_ds_&query={searchTerms}
CHR DefaultNewTabURL: 
CHR Extension: (Feven 1.5) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\baodmgdpdoelldjmkhknbolcldnfjegg [2014-01-03]
CHR Extension: (Adblock Plus) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-03]
CHR Extension: (AdBlock) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-03]
CHR Extension: (Lightning Newtab) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2014-02-26]
CHR Extension: (Google Wallet) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-07]
CHR Extension: (Extended Protection) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-26]
CHR Extension: (Amazon 1Button App for Chrome) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2014-03-14]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\ADMINS~1\AppData\Local\mysearchdial-speeddial.crx [2013-12-24]
CHR HKCU\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-bds-amzn.crx [2014-01-31]
CHR HKCU\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\ADMINS~1\AppData\Local\mysearchdial-speeddial.crx [2013-12-24]
CHR HKLM-x32\...\Chrome\Extension: [ieadcoanfjloocmfafkebdnfefmohngj] - C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx [2013-12-24]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2013-12-05]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\Exts\Chrome.crx [2014-01-25]
CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26]
CHR HKLM-x32\...\Chrome\Extension: [oohfajmmkkdjdoaoncnnbgfoomiakgbd] - C:\Program Files (x86)\AntiBrowserSpy\Addons\Chrome.crx [2013-12-16]
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\ADMINS~1\AppData\Local\mysearchdial-speeddial.crx [2013-12-24]

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [231040 2012-11-09] (Qualcomm Atheros Commnucations)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-12-06] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2211000 2014-03-30] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
R2 NIS; C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259728 2013-01-05] (NTI Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-10-22] (Dritek System INC.)
R2 Updater Service for AMZN; C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [222368 2013-03-21] ()
S3 USecuAppSvc; C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [345744 2012-11-12] (Acer Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [425104 2014-02-26] (Taiwan Shui Mu Chih Ching Technology Limited.)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [501904 2014-02-26] (Cherished Technololgy LIMITED)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-11-09] (Atheros)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\system32\DRIVERS\lgandnetndis64.sys [93696 2013-04-23] (LG Electronics Inc.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-09] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-16] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-16] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\IPSDefs\20140411.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20140412.008\ENG64.SYS [126040 2013-12-16] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20140412.008\EX64.SYS [2099288 2013-12-16] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-10-22] (Dritek System Inc.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-23] (DEVGURU Co., LTD.(www.devguru.co.kr))
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-17] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1501000.012\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-14] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-13 22:58 - 2014-04-13 22:58 - 00039374 _____ () C:\Users\Admins-Mo\Downloads\FRST.txt
2014-04-13 22:57 - 2014-04-13 22:57 - 00000000 ____D () C:\FRST
2014-04-13 22:52 - 2014-04-13 22:52 - 02157568 _____ (Farbar) C:\Users\Admins-Mo\Downloads\FRST64 (1).exe
2014-04-13 22:51 - 2014-04-13 22:51 - 02157568 _____ (Farbar) C:\Users\Admins-Mo\Downloads\FRST64.exe
2014-04-13 22:49 - 2014-04-13 22:49 - 00050477 _____ () C:\Users\Admins-Mo\Downloads\Defogger (1).exe
2014-04-13 22:48 - 2014-04-13 22:49 - 00000480 _____ () C:\Users\Admins-Mo\Downloads\defogger_disable.log
2014-04-13 22:48 - 2014-04-13 22:48 - 00050477 _____ () C:\Users\Admins-Mo\Downloads\Defogger.exe
2014-04-13 22:48 - 2014-04-13 22:48 - 00000000 _____ () C:\Users\Admins-Mo\defogger_reenable
2014-04-13 02:40 - 2014-04-13 02:40 - 00003151 _____ () C:\Users\Admins-Mo\Desktop\GeneratedFile
2014-04-12 19:03 - 2014-04-12 19:03 - 00000732 _____ () C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
2014-04-12 19:02 - 2014-01-29 20:04 - 07597040 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 02476976 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00906224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxstarter.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00845296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00771568 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00770544 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00755184 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIHotKeyMenu.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00530928 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00416240 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00397808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00397296 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00391152 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00279024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00153072 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2014-04-12 19:02 - 2014-01-22 15:57 - 00450520 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys
2014-04-12 19:02 - 2014-01-22 15:57 - 00182784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v3412.dll
2014-04-12 19:02 - 2014-01-22 15:54 - 00002944 _____ () C:\WINDOWS\system32\iglhxs64.vp
2014-04-12 19:02 - 2014-01-22 15:51 - 09081856 _____ (Intel Corporation) C:\WINDOWS\system32\igfxress.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 07885824 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 04221440 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2014-04-12 19:02 - 2014-01-22 15:51 - 02384896 _____ () C:\WINDOWS\system32\GfxRes.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00733184 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00624640 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdev.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00548864 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpph.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00527872 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrell.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00527360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrplk.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00527360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfra.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00527360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxresn.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00526848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrus.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00526848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdeu.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00526336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrom.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00526336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnld.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00526336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrita.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsky.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptg.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhun.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhrv.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcsy.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525312 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsve.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525312 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrslv.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525312 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfin.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00524800 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtrk.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00524800 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptb.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00524288 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnor.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00524288 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdan.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00523776 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtha.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00522240 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrheb.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00521728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrara.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00517632 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrjpn.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00516096 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrkor.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00514048 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcht.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00513536 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrchs.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00373760 _____ () C:\WINDOWS\system32\igdmd64.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00371200 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrenu.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00346624 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTMM.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00279040 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcpl.cpl
2014-04-12 19:02 - 2014-01-22 15:51 - 00267407 _____ () C:\WINDOWS\system32\Gfxres.th-TH.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00253466 _____ () C:\WINDOWS\system32\Gfxres.el-GR.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00243712 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdo.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00235401 _____ () C:\WINDOWS\system32\Gfxres.ru-RU.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00224256 _____ (Intel Corporation) C:\WINDOWS\system32\hccutils.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00222208 _____ () C:\WINDOWS\system32\igdde64.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00201128 _____ () C:\WINDOWS\system32\Gfxres.ar-SA.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00198725 _____ () C:\WINDOWS\system32\Gfxres.ja-JP.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00194560 _____ (Intel Corporation) C:\WINDOWS\system32\gfxSrvc.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00192758 _____ () C:\WINDOWS\system32\Gfxres.he-IL.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00180936 _____ () C:\WINDOWS\system32\Gfxres.ko-KR.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00180850 _____ () C:\WINDOWS\system32\Gfxres.it-IT.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00178473 _____ () C:\WINDOWS\system32\Gfxres.es-ES.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00178290 _____ () C:\WINDOWS\system32\Gfxres.fr-FR.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00178123 _____ () C:\WINDOWS\system32\Gfxres.de-DE.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00176838 _____ () C:\WINDOWS\system32\Gfxres.ro-RO.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00175862 _____ () C:\WINDOWS\system32\Gfxres.hu-HU.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00175571 _____ () C:\WINDOWS\system32\Gfxres.tr-TR.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00175067 _____ () C:\WINDOWS\system32\Gfxres.nl-NL.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00174802 _____ () C:\WINDOWS\system32\Gfxres.pl-PL.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00174269 _____ () C:\WINDOWS\system32\Gfxres.pt-BR.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00173792 _____ () C:\WINDOWS\system32\Gfxres.fi-FI.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00173276 _____ () C:\WINDOWS\system32\Gfxres.sk-SK.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00173059 _____ () C:\WINDOWS\system32\Gfxres.sv-SE.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00172833 _____ () C:\WINDOWS\system32\Gfxres.pt-PT.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00172554 _____ () C:\WINDOWS\system32\Gfxres.cs-CZ.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00171691 _____ () C:\WINDOWS\system32\Gfxres.hr-HR.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00168215 _____ () C:\WINDOWS\system32\Gfxres.sl-SI.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00166833 _____ () C:\WINDOWS\system32\Gfxres.nb-NO.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00166220 _____ () C:\WINDOWS\system32\Gfxres.da-DK.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00161534 _____ () C:\WINDOWS\system32\Gfxres.en-US.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00160256 _____ () C:\WINDOWS\system32\igdail64.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00154805 _____ () C:\WINDOWS\system32\Gfxres.zh-TW.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00152993 _____ () C:\WINDOWS\system32\Gfxres.zh-CN.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00012288 _____ ( ) C:\WINDOWS\system32\IGFXDEVLib.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 25971712 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 03224064 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 00493056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxdv32.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 00329216 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 00320512 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 00299520 _____ () C:\WINDOWS\SysWOW64\igdmd32.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 00182272 _____ () C:\WINDOWS\SysWOW64\igdde32.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 00142848 _____ () C:\WINDOWS\SysWOW64\igdail32.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 00025600 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2014-04-12 19:02 - 2014-01-22 15:44 - 20954112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2014-04-12 19:02 - 2014-01-22 15:44 - 02896384 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2014-04-12 19:02 - 2014-01-22 15:44 - 00290816 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2014-04-12 19:02 - 2014-01-22 15:44 - 00265216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 04011168 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 02065920 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 01815040 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 01450656 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00785568 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00644768 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00602272 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00344736 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00210592 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00177824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00163328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00155136 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00137728 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00133120 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00128672 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00094368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2014-04-12 18:57 - 2014-04-13 14:52 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-04-12 18:57 - 2014-04-12 19:02 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-04-12 18:57 - 2014-04-12 18:57 - 00001876 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-04-12 18:57 - 2014-04-12 18:57 - 00001783 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-04-12 18:57 - 2014-04-12 18:57 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-04-12 18:56 - 2014-04-12 18:56 - 10468704 _____ (BlueStack Systems Inc.) C:\Users\Admins-Mo\Downloads\BlueStacks-SplitInstaller_native.exe
2014-04-12 18:56 - 2014-04-12 18:56 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Bluestacks
2014-04-09 23:50 - 2014-04-09 23:50 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-04-09 23:40 - 2014-04-09 23:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-04-09 23:40 - 2014-04-09 23:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-04-09 23:40 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-09 23:40 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-04-09 23:40 - 2014-03-10 12:35 - 02008408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-04-09 23:40 - 2014-03-10 12:35 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-04-09 23:40 - 2014-03-06 11:19 - 01287576 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-04-09 23:40 - 2014-03-06 11:02 - 01109424 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-04-09 23:40 - 2014-03-06 08:17 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-04-09 23:40 - 2014-03-06 08:10 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-04-06 14:07 - 2014-04-06 14:07 - 14203232 _____ (AVM Berlin) C:\Users\Admins-Mo\Downloads\FRITZ.Box_Fon_WLAN_7240.05.54.recover-image.exe
2014-03-19 01:22 - 2014-01-08 03:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-19 01:22 - 2014-01-08 03:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-19 01:22 - 2014-01-08 03:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-19 01:22 - 2014-01-04 17:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-19 01:22 - 2014-01-04 17:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-19 01:22 - 2014-01-04 16:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-19 01:22 - 2014-01-04 15:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-19 01:22 - 2014-01-03 01:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-19 01:22 - 2014-01-03 01:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-19 01:22 - 2014-01-01 03:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-19 01:22 - 2014-01-01 03:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-19 01:22 - 2014-01-01 02:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-19 01:22 - 2014-01-01 02:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-19 01:22 - 2014-01-01 01:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-19 01:22 - 2014-01-01 01:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-19 01:22 - 2014-01-01 01:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-19 01:22 - 2013-12-31 01:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-19 01:22 - 2013-12-31 01:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-19 01:22 - 2013-12-31 01:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-19 01:22 - 2013-12-31 01:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-19 01:22 - 2013-12-31 01:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-19 01:22 - 2013-12-27 17:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-19 01:22 - 2013-12-27 10:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-19 01:22 - 2013-12-27 10:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-19 01:22 - 2013-12-27 10:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-19 01:22 - 2013-12-27 09:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-19 01:22 - 2013-12-27 09:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-19 01:22 - 2013-12-27 08:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-19 01:22 - 2013-12-21 09:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-19 01:22 - 2013-12-17 09:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-19 01:22 - 2013-12-14 08:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-19 01:22 - 2013-12-14 08:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-19 01:22 - 2013-12-13 12:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-19 01:22 - 2013-12-13 08:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-19 01:22 - 2013-12-13 07:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-19 01:22 - 2013-12-09 10:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-19 01:22 - 2013-12-09 06:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-17 14:51 - 2014-03-25 18:23 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\TeamViewer
2014-03-17 14:51 - 2014-03-17 14:51 - 05852336 _____ (TeamViewer GmbH) C:\Users\Admins-Mo\Downloads\TeamViewer_Setup_de (1).exe
2014-03-17 14:51 - 2014-03-17 14:51 - 00001146 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-03-17 14:51 - 2014-03-17 14:51 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-03-17 14:50 - 2014-03-17 14:50 - 05852336 _____ (TeamViewer GmbH) C:\Users\Admins-Mo\Downloads\TeamViewer_Setup_de.exe
2014-03-17 13:58 - 2014-03-17 13:58 - 06554768 _____ (Finarea S.A. Switzerland ) C:\Users\Admins-Mo\Downloads\setupVoipConnect (1).exe
2014-03-16 16:50 - 2014-03-16 16:50 - 00055858 _____ () C:\Users\Admins-Mo\Downloads\Adobe Premiere Pro CS4 Serial Keygen (1).rar
2014-03-16 16:49 - 2014-03-16 16:49 - 00055858 _____ () C:\Users\Admins-Mo\Downloads\Adobe Premiere Pro CS4 Serial Keygen .rar
2014-03-16 16:44 - 2014-03-16 16:44 - 00117362 _____ () C:\Users\Admins-Mo\Downloads\premiere_cs_avs_importer_1.0rc1_setup.exe
2014-03-16 16:44 - 2014-03-16 16:44 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Premiere CS AVS Importer
2014-03-16 16:44 - 2014-03-16 16:44 - 00000000 ____D () C:\Program Files (x86)\Premiere CS AVS Importer
2014-03-14 06:17 - 2014-02-22 14:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-14 06:17 - 2014-02-22 13:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe

==================== One Month Modified Files and Folders =======

2014-04-13 22:58 - 2014-04-13 22:58 - 00039374 _____ () C:\Users\Admins-Mo\Downloads\FRST.txt
2014-04-13 22:58 - 2014-04-13 22:57 - 00000000 ____D () C:\FRST
2014-04-13 22:58 - 2014-03-13 09:46 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Software Informer
2014-04-13 22:57 - 2014-02-26 12:40 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2014-04-13 22:55 - 2014-02-10 03:27 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\ViberPC
2014-04-13 22:55 - 2014-02-10 03:27 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Viber
2014-04-13 22:55 - 2013-11-17 01:16 - 00000000 ___RD () C:\Users\Admins-Mo\SkyDrive
2014-04-13 22:55 - 2013-11-07 13:36 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-13 22:53 - 2013-09-29 21:04 - 00020628 _____ () C:\WINDOWS\PFRO.log
2014-04-13 22:53 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-13 22:53 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-04-13 22:52 - 2014-04-13 22:52 - 02157568 _____ (Farbar) C:\Users\Admins-Mo\Downloads\FRST64 (1).exe
2014-04-13 22:51 - 2014-04-13 22:51 - 02157568 _____ (Farbar) C:\Users\Admins-Mo\Downloads\FRST64.exe
2014-04-13 22:49 - 2014-04-13 22:49 - 00050477 _____ () C:\Users\Admins-Mo\Downloads\Defogger (1).exe
2014-04-13 22:49 - 2014-04-13 22:48 - 00000480 _____ () C:\Users\Admins-Mo\Downloads\defogger_disable.log
2014-04-13 22:48 - 2014-04-13 22:48 - 00050477 _____ () C:\Users\Admins-Mo\Downloads\Defogger.exe
2014-04-13 22:48 - 2014-04-13 22:48 - 00000000 _____ () C:\Users\Admins-Mo\defogger_reenable
2014-04-13 22:48 - 2013-11-17 00:46 - 00000000 ____D () C:\Users\Admins-Mo
2014-04-13 22:48 - 2013-11-17 00:44 - 01744456 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-13 22:36 - 2014-01-03 01:40 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-04-13 22:12 - 2013-12-08 18:57 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-13 22:01 - 2013-11-07 13:36 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-13 22:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-13 21:34 - 2013-12-11 03:55 - 00776610 _____ () C:\WINDOWS\system32\perfh00C.dat
2014-04-13 21:34 - 2013-12-11 03:55 - 00422458 _____ () C:\WINDOWS\system32\perfh001.dat
2014-04-13 21:34 - 2013-12-11 03:55 - 00149292 _____ () C:\WINDOWS\system32\perfc00C.dat
2014-04-13 21:34 - 2013-12-11 03:55 - 00065162 _____ () C:\WINDOWS\system32\perfc001.dat
2014-04-13 21:34 - 2013-11-07 13:37 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3624291485-3201753239-2019657463-1002
2014-04-13 21:34 - 2013-09-30 06:14 - 03189766 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-13 21:34 - 2013-09-30 05:56 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-04-13 21:34 - 2013-09-30 05:56 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-04-13 21:27 - 2013-11-17 01:45 - 00003938 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A0A9D59D-020B-47E3-82BD-93C809A4CD40}
2014-04-13 21:11 - 2013-11-08 14:30 - 90655440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-04-13 21:11 - 2013-11-08 14:30 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-04-13 15:38 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-04-13 14:52 - 2014-04-12 18:57 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-04-13 14:36 - 2013-12-02 10:13 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-04-13 14:22 - 2014-01-29 18:02 - 00003112 _____ () C:\WINDOWS\System32\Tasks\RDReminder
2014-04-13 02:40 - 2014-04-13 02:40 - 00003151 _____ () C:\Users\Admins-Mo\Desktop\GeneratedFile
2014-04-12 19:04 - 2014-01-29 19:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-04-12 19:04 - 2014-01-29 19:06 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-04-12 19:03 - 2014-04-12 19:03 - 00000732 _____ () C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
2014-04-12 19:03 - 2013-11-17 00:44 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-04-12 19:03 - 2013-08-22 16:46 - 00029425 _____ () C:\WINDOWS\setupact.log
2014-04-12 19:02 - 2014-04-12 18:57 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-04-12 18:57 - 2014-04-12 18:57 - 00001876 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-04-12 18:57 - 2014-04-12 18:57 - 00001783 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-04-12 18:57 - 2014-04-12 18:57 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-04-12 18:57 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-04-12 18:56 - 2014-04-12 18:56 - 10468704 _____ (BlueStack Systems Inc.) C:\Users\Admins-Mo\Downloads\BlueStacks-SplitInstaller_native.exe
2014-04-12 18:56 - 2014-04-12 18:56 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Bluestacks
2014-04-12 18:26 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-04-12 18:00 - 2013-12-13 01:23 - 00000490 _____ () C:\WINDOWS\Tasks\ParetoLogic Registration3.job
2014-04-11 15:36 - 2014-02-26 12:40 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-11 15:36 - 2014-02-26 12:40 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-10 15:35 - 2014-01-29 18:02 - 00000314 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job
2014-04-10 03:07 - 2013-12-13 01:22 - 00000422 _____ () C:\WINDOWS\Tasks\PC Health Advisor Defrag.job
2014-04-10 01:02 - 2013-12-13 01:22 - 00000464 _____ () C:\WINDOWS\Tasks\ParetoLogic Update Version3.job
2014-04-09 23:50 - 2014-04-09 23:50 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-04-09 23:50 - 2013-08-22 16:46 - 00000178 _____ () C:\WINDOWS\setuperr.log
2014-04-09 23:40 - 2014-04-09 23:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-04-09 23:40 - 2014-04-09 23:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-04-09 17:03 - 2014-01-29 18:02 - 00000298 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2014-04-09 17:02 - 2014-01-29 18:02 - 00003038 _____ () C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_Updates
2014-04-09 17:02 - 2014-01-29 18:02 - 00003024 _____ () C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_MONTHLY
2014-04-08 02:49 - 2013-12-13 01:22 - 00000404 _____ () C:\WINDOWS\Tasks\PC Health Advisor.job
2014-04-06 14:07 - 2014-04-06 14:07 - 14203232 _____ (AVM Berlin) C:\Users\Admins-Mo\Downloads\FRITZ.Box_Fon_WLAN_7240.05.54.recover-image.exe
2014-04-06 09:32 - 2013-12-11 15:01 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-31 23:23 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:23 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-31 03:16 - 2014-04-09 23:40 - 23134208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-31 01:57 - 2014-04-09 23:40 - 17073152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-30 22:58 - 2013-12-02 13:46 - 00000000 ____D () C:\Program Files (x86)\AntiBrowserSpy
2014-03-29 12:11 - 2013-12-02 10:18 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Deployment
2014-03-28 16:56 - 2013-11-07 13:36 - 00004102 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-28 16:56 - 2013-11-07 13:36 - 00003866 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-28 16:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-28 15:12 - 2013-11-08 15:10 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\CrashDumps
2014-03-25 18:23 - 2014-03-17 14:51 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\TeamViewer
2014-03-25 18:17 - 2014-02-09 01:11 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\VoipConnect
2014-03-25 09:52 - 2013-11-07 13:31 - 00000000 ___RD () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-25 09:52 - 2013-11-07 13:31 - 00000000 ___RD () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-25 09:51 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-25 09:51 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\ar-SA
2014-03-25 09:51 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-03-19 17:19 - 2013-12-03 21:41 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Skype
2014-03-19 15:29 - 2013-12-14 06:13 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-03-19 00:05 - 2013-08-22 16:44 - 03086328 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-18 20:00 - 2013-12-16 21:52 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\vlc
2014-03-18 18:21 - 2013-12-16 21:52 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\dvdcss
2014-03-17 14:51 - 2014-03-17 14:51 - 05852336 _____ (TeamViewer GmbH) C:\Users\Admins-Mo\Downloads\TeamViewer_Setup_de (1).exe
2014-03-17 14:51 - 2014-03-17 14:51 - 00001146 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-03-17 14:51 - 2014-03-17 14:51 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-03-17 14:50 - 2014-03-17 14:50 - 05852336 _____ (TeamViewer GmbH) C:\Users\Admins-Mo\Downloads\TeamViewer_Setup_de.exe
2014-03-17 13:58 - 2014-03-17 13:58 - 06554768 _____ (Finarea S.A. Switzerland ) C:\Users\Admins-Mo\Downloads\setupVoipConnect (1).exe
2014-03-16 19:10 - 2013-12-03 15:42 - 00000000 ____D () C:\Users\Admins-Mo\Documents\Adobe
2014-03-16 19:10 - 2013-11-07 13:31 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Adobe
2014-03-16 16:50 - 2014-03-16 16:50 - 00055858 _____ () C:\Users\Admins-Mo\Downloads\Adobe Premiere Pro CS4 Serial Keygen (1).rar
2014-03-16 16:49 - 2014-03-16 16:49 - 00055858 _____ () C:\Users\Admins-Mo\Downloads\Adobe Premiere Pro CS4 Serial Keygen .rar
2014-03-16 16:49 - 2014-02-26 12:40 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\WinZipper
2014-03-16 16:44 - 2014-03-16 16:44 - 00117362 _____ () C:\Users\Admins-Mo\Downloads\premiere_cs_avs_importer_1.0rc1_setup.exe
2014-03-16 16:44 - 2014-03-16 16:44 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Premiere CS AVS Importer
2014-03-16 16:44 - 2014-03-16 16:44 - 00000000 ____D () C:\Program Files (x86)\Premiere CS AVS Importer
2014-03-16 14:31 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF

Files to move or delete:
====================
C:\Users\Admins-Mo\InstallUtil.resources.dll


Some content of TEMP:
====================
C:\Users\Admins-Mo\AppData\Local\Temp\35825uninstall.exe
C:\Users\Admins-Mo\AppData\Local\Temp\72engqbr.dll
C:\Users\Admins-Mo\AppData\Local\Temp\894.6314884537769_update.exe
C:\Users\Admins-Mo\AppData\Local\Temp\BackupSetup.exe
C:\Users\Admins-Mo\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pyl247B.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pyl8BF7.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pylA855.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pylA8B7.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pylBB9A.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pylCD8D.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pylCEAA.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pylD998.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\setup0533.exe
C:\Users\Admins-Mo\AppData\Local\Temp\setupproplusretail.x86.de-de_act_1_.exe
C:\Users\Admins-Mo\AppData\Local\Temp\Sqlite3.dll
C:\Users\Admins-Mo\AppData\Local\Temp\tvcwytg3.dll
C:\Users\Admins-Mo\AppData\Local\Temp\{1DE82EFE-4996-4A80-BECF-E0F51139760E}-34.0.1847.116_33.0.1750.154_chrome_updater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-12 12:55] - [2014-01-31 18:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02



LastRegBack: 2014-04-08 12:03

==================== End Of Log ============================
--- --- ---
 

Themen zu unerwünschte Werbung, Tools lassen sich nicht löschen
adobe, bluestacks, browser, converter, defender, desktop, explorer, flash player, google, helper.exe, home, homepage, iexplore.exe, kaspersky, keygen, launch, lightning, mozilla, newtab, object, quick_start, realtek, registry, security, services.exe, software, spotify web helper, svchost.exe, symantec, system, temp, unerwünschte werbung, werbung, windowsapps


« Hab Adware auf mein rechner und will die los werden | Windows 7 Run DLL Fehlermeldung nach Trojaner Entfernung »


Ähnliche Themen: unerwünschte Werbung, Tools lassen sich nicht löschen


  1. System läuft langsam, Browser bleiben hängen, unerwünschte Werbung trotz Adblock, Treffer von Spybot lassen sich nicht vollständig löschen
    Plagegeister aller Art und deren Bekämpfung - 04.10.2015 (18)
  2. BKA Trojaner verschlüsselte Bilder lassen sich nicht wieder herstellen mit Tools
    Plagegeister aller Art und deren Bekämpfung - 06.06.2015 (1)
  3. Pop ups lassen sich nicht löschen!
    Plagegeister aller Art und deren Bekämpfung - 05.02.2015 (19)
  4. Windows 7, Chrome : Probleme mit Werbung, Pop-Ups, Erweiterungen die sich nicht löschen lassen
    Plagegeister aller Art und deren Bekämpfung - 13.06.2014 (13)
  5. Programme lassen sich nicht mehr öffnen -> löschen sich bei Öffnungsversuch
    Plagegeister aller Art und deren Bekämpfung - 01.12.2011 (29)
  6. srvaju23.exe - Der Hund will sich nicht löschen lassen :/
    Plagegeister aller Art und deren Bekämpfung - 05.05.2010 (5)
  7. Regestrieeinträge lassen sich nicht löschen
    Log-Analyse und Auswertung - 19.04.2010 (6)
  8. yxzrok.dll, efcDWMca.dll lassen sich nicht löschen
    Log-Analyse und Auswertung - 27.03.2009 (21)
  9. unerwünschte System security lässt sich nicht löschen!
    Plagegeister aller Art und deren Bekämpfung - 02.01.2009 (4)
  10. Dateien IDX lassen sich nicht löschen
    Mülltonne - 18.08.2008 (0)
  11. 147 Trojaner die sich nicht löschen lassen!!!
    Plagegeister aller Art und deren Bekämpfung - 15.07.2007 (6)
  12. Trojaner lassen sich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 15.06.2007 (8)
  13. Dateien lassen sich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 05.08.2006 (1)
  14. Registryeinträge lassen sich nicht löschen!
    Plagegeister aller Art und deren Bekämpfung - 06.06.2006 (8)
  15. daten lassen sich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 21.04.2005 (6)
  16. Dateien lassen sich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 17.03.2005 (1)
  17. Redirects lassen sich nicht löschen
    Log-Analyse und Auswertung - 04.12.2004 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema unerwünschte Werbung, Tools lassen sich nicht löschen - Sobald ich ins Netz gehe, kommen Werbeseiten und Search Tools lassen sich nicht löschen. Zur Deinstallation finde ich sie nicht. Hier mein erster Log: FRST Logfile: Code: Alles auswählen Aufklappen - unerwünschte Werbung, Tools lassen sich nicht löschen...
Archiv
Du betrachtest: unerwünschte Werbung, Tools lassen sich nicht löschen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131