| |
| |||||||
Log-Analyse und Auswertung: unerwünschte Werbung, Tools lassen sich nicht löschenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
13.04.2014, 22:04
| #1 |
| |  unerwünschte Werbung, Tools lassen sich nicht löschen Sobald ich ins Netz gehe, kommen Werbeseiten und Search Tools lassen sich nicht löschen. Zur Deinstallation finde ich sie nicht. Hier mein erster Log: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-04-2014
Ran by Admins-Mo (administrator) on ADMINS on 13-04-2014 22:58:20
Running from C:\Users\Admins-Mo\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe
() C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe
() C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
() C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
() C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\WINDOWS\system32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(VoipConnect) C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe
() C:\Users\Admins-Mo\AppData\Local\Viber\Viber.exe
(Microsoft Corporation) C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(VoipStunt) C:\Program Files (x86)\VoipStunt.com\VoipStunt\VoipStunt.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] => C:\Program Files\elantech\etdctrl.exe [2876304 2013-01-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => c:\program files\realtek\audio\hda\ravcpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => c:\program files\realtek\audio\hda\ravbg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => c:\windows\system32\logilda.dll [1425208 2013-12-13] (Logitech, Inc.)
HKLM\...\Run: [BtPreLoad] => c:\program files (x86)\qualcomm atheros\bluetooth suite\btpreload.exe [64640 2012-11-09] ()
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [391152 2014-01-29] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\WINDOWS\system32\hkcmd.exe [771568 2014-01-29] (Intel Corporation)
HKLM\...\Run: [Persistence] => C:\WINDOWS\system32\igfxpers.exe [770544 2014-01-29] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [RadioController] => c:\program files (x86)\radiocontroller\rfbtnhelper.exe [111216 2013-10-22] (Dritek System Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => c:\program files (x86)\symantec\norton online backup\nobuclient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => c:\program files (x86)\samsung\kies\kiestrayagent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => c:\program files (x86)\quicktime\qttask.exe [98304 2013-12-03] (Apple Computer, Inc.)
HKLM-x32\...\Run: [mcui_exe] => "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [Dolby Home Theater v4] => c:\dolby pcee4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [819984 2014-03-13] (BlueStack Systems, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Facebook Update] => c:\users\admins-mo\appdata\local\facebook\update\facebookupdate.exe [138096 2013-12-09] (Facebook Inc.)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [PowerVoip] => C:\Program Files (x86)\PowerVoip.com\PowerVoip\PowerVoip.exe [19759936 2014-03-16] (PowerVoip)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [VoipBuster] => C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe [19753792 2014-03-10] (VoipBuster)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Browser Infrastructure Helper] => c:\users\admins-mo\appdata\local\smartbar\application\quickshare.exe [20248 2013-10-31] (Smartbar)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Spotify Web Helper] => c:\program files (x86)\spotify\data\spotifywebhelper.exe [1193176 2013-10-22] ()
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [AcerCloud] => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [18223872 2013-12-06] (Acer Incorporated)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [VoipConnect] => C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe [19772736 2014-02-20] (VoipConnect)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Viber] => C:\Users\Admins-Mo\AppData\Local\Viber\Viber.exe [936456 2013-12-02] ()
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-14] (Samsung)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [1489920 2014-02-27] (Informer Technologies, Inc.)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [VoipStunt] => C:\Program Files (x86)\VoipStunt.com\VoipStunt\VoipStunt.exe [19768640 2014-02-11] (VoipStunt)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\MountPoints2: {aeb970f5-53ed-11e3-be89-9c2a701c0468} - "E:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\MountPoints2: {b0c3d931-919c-11e3-bea7-089e0174c6f8} - "E:\LGAutoRun.exe"
HKU\S-1-5-21-3624291485-3201753239-2019657463-1008\...\RunOnce: [RegAutoPlay] - C:\Windows\regedit.exe [151552 2013-08-22] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs: ,C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [157504 2014-02-22] (Amazon Inc.)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: ,C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: ,C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL [141120 2014-02-22] (Amazon Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214&type=default&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214&type=default&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKLM - {9749E983-BF9A-43ED-BEB0-F582059ED9AF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}
SearchScopes: HKLM-x32 - {9749E983-BF9A-43ED-BEB0-F582059ED9AF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ie-21&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_ie_ds_&query={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites1202&cd=2XzuyEtN2Y1L1Qzuzy0CtB0AyBtDtC0CtDyEyCzztAyB0F0FtN0D0Tzu0SyBtBtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=2072919560&ir=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214&type=default&q={searchTerms}
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKCU - {9749E983-BF9A-43ED-BEB0-F582059ED9AF} URL =
SearchScopes: HKCU - {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ie-21&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_ie_ds_&query={searchTerms}
BHO: Feven 1.5 - {11111111-1111-1111-1111-110311851132} - C:\Program Files (x86)\Feven 1.5\Feven 1.5-bho64.dll (Feven)
BHO: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll (Amazon Inc.)
BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Feven 1.5 - {11111111-1111-1111-1111-110311851132} - C:\Program Files (x86)\Feven 1.5\Feven 1.5-bho.dll No File
BHO-x32: No Name - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - No File
BHO-x32: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll ()
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 83.169.184.33 83.169.184.97 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default
FF user.js: detected! => C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\user.js
FF NewTab: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_ff_nt_
FF DefaultSearchEngine: Amazon
FF SearchEngineOrder.1: Amazon
FF SelectedSearchEngine: Amazon
FF Homepage: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_ff_sp_
FF Keyword.URL: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ff-21&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_ff_ab_&query=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Admins-Mo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\searchplugins\amazon.xml
FF SearchPlugin: C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Widget context - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2013-12-13]
FF Extension: Feven 1.5 - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com [2014-01-03]
FF Extension: Quick Start - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\quick_start@gmail.com [2014-04-13]
FF Extension: Amazon 1Button App for Firefox - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\abb@amazon.com.xpi [2014-01-31]
FF Extension: NoScript - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-01-03]
FF Extension: Adblock Plus - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-07]
FF Extension: Adblock Edge - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-02-07]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF [2013-12-16]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\extensions\quick_start@gmail.com [2014-04-13]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-12]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=sc&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214
Chrome:
=======
CHR HomePage: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_cr_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_cr_sp_
CHR DefaultSearchKeyword: amazon.de
CHR DefaultSearchProvider: Amazon
CHR DefaultSearchURL: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_cr_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-cr-21&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_cr_ds_&query={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Feven 1.5) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\baodmgdpdoelldjmkhknbolcldnfjegg [2014-01-03]
CHR Extension: (Adblock Plus) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-03]
CHR Extension: (AdBlock) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-03]
CHR Extension: (Lightning Newtab) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2014-02-26]
CHR Extension: (Google Wallet) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-07]
CHR Extension: (Extended Protection) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-26]
CHR Extension: (Amazon 1Button App for Chrome) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2014-03-14]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\ADMINS~1\AppData\Local\mysearchdial-speeddial.crx [2013-12-24]
CHR HKCU\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-bds-amzn.crx [2014-01-31]
CHR HKCU\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\ADMINS~1\AppData\Local\mysearchdial-speeddial.crx [2013-12-24]
CHR HKLM-x32\...\Chrome\Extension: [ieadcoanfjloocmfafkebdnfefmohngj] - C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx [2013-12-24]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2013-12-05]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\Exts\Chrome.crx [2014-01-25]
CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26]
CHR HKLM-x32\...\Chrome\Extension: [oohfajmmkkdjdoaoncnnbgfoomiakgbd] - C:\Program Files (x86)\AntiBrowserSpy\Addons\Chrome.crx [2013-12-16]
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\ADMINS~1\AppData\Local\mysearchdial-speeddial.crx [2013-12-24]
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [231040 2012-11-09] (Qualcomm Atheros Commnucations)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-12-06] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2211000 2014-03-30] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
R2 NIS; C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259728 2013-01-05] (NTI Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-10-22] (Dritek System INC.)
R2 Updater Service for AMZN; C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [222368 2013-03-21] ()
S3 USecuAppSvc; C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [345744 2012-11-12] (Acer Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [425104 2014-02-26] (Taiwan Shui Mu Chih Ching Technology Limited.)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [501904 2014-02-26] (Cherished Technololgy LIMITED)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-11-09] (Atheros)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\system32\DRIVERS\lgandnetndis64.sys [93696 2013-04-23] (LG Electronics Inc.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-09] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-16] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-16] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\IPSDefs\20140411.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20140412.008\ENG64.SYS [126040 2013-12-16] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20140412.008\EX64.SYS [2099288 2013-12-16] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-10-22] (Dritek System Inc.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-23] (DEVGURU Co., LTD.(www.devguru.co.kr))
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-17] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1501000.012\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-14] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-13 22:58 - 2014-04-13 22:58 - 00039374 _____ () C:\Users\Admins-Mo\Downloads\FRST.txt
2014-04-13 22:57 - 2014-04-13 22:57 - 00000000 ____D () C:\FRST
2014-04-13 22:52 - 2014-04-13 22:52 - 02157568 _____ (Farbar) C:\Users\Admins-Mo\Downloads\FRST64 (1).exe
2014-04-13 22:51 - 2014-04-13 22:51 - 02157568 _____ (Farbar) C:\Users\Admins-Mo\Downloads\FRST64.exe
2014-04-13 22:49 - 2014-04-13 22:49 - 00050477 _____ () C:\Users\Admins-Mo\Downloads\Defogger (1).exe
2014-04-13 22:48 - 2014-04-13 22:49 - 00000480 _____ () C:\Users\Admins-Mo\Downloads\defogger_disable.log
2014-04-13 22:48 - 2014-04-13 22:48 - 00050477 _____ () C:\Users\Admins-Mo\Downloads\Defogger.exe
2014-04-13 22:48 - 2014-04-13 22:48 - 00000000 _____ () C:\Users\Admins-Mo\defogger_reenable
2014-04-13 02:40 - 2014-04-13 02:40 - 00003151 _____ () C:\Users\Admins-Mo\Desktop\GeneratedFile
2014-04-12 19:03 - 2014-04-12 19:03 - 00000732 _____ () C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
2014-04-12 19:02 - 2014-01-29 20:04 - 07597040 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 02476976 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00906224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxstarter.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00845296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00771568 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00770544 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00755184 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIHotKeyMenu.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00530928 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00416240 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00397808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00397296 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00391152 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00279024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00153072 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2014-04-12 19:02 - 2014-01-22 15:57 - 00450520 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys
2014-04-12 19:02 - 2014-01-22 15:57 - 00182784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v3412.dll
2014-04-12 19:02 - 2014-01-22 15:54 - 00002944 _____ () C:\WINDOWS\system32\iglhxs64.vp
2014-04-12 19:02 - 2014-01-22 15:51 - 09081856 _____ (Intel Corporation) C:\WINDOWS\system32\igfxress.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 07885824 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 04221440 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2014-04-12 19:02 - 2014-01-22 15:51 - 02384896 _____ () C:\WINDOWS\system32\GfxRes.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00733184 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00624640 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdev.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00548864 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpph.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00527872 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrell.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00527360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrplk.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00527360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfra.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00527360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxresn.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00526848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrus.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00526848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdeu.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00526336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrom.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00526336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnld.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00526336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrita.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsky.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptg.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhun.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhrv.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcsy.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525312 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsve.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525312 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrslv.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525312 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfin.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00524800 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtrk.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00524800 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptb.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00524288 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnor.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00524288 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdan.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00523776 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtha.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00522240 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrheb.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00521728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrara.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00517632 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrjpn.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00516096 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrkor.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00514048 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcht.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00513536 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrchs.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00373760 _____ () C:\WINDOWS\system32\igdmd64.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00371200 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrenu.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00346624 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTMM.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00279040 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcpl.cpl
2014-04-12 19:02 - 2014-01-22 15:51 - 00267407 _____ () C:\WINDOWS\system32\Gfxres.th-TH.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00253466 _____ () C:\WINDOWS\system32\Gfxres.el-GR.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00243712 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdo.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00235401 _____ () C:\WINDOWS\system32\Gfxres.ru-RU.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00224256 _____ (Intel Corporation) C:\WINDOWS\system32\hccutils.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00222208 _____ () C:\WINDOWS\system32\igdde64.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00201128 _____ () C:\WINDOWS\system32\Gfxres.ar-SA.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00198725 _____ () C:\WINDOWS\system32\Gfxres.ja-JP.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00194560 _____ (Intel Corporation) C:\WINDOWS\system32\gfxSrvc.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00192758 _____ () C:\WINDOWS\system32\Gfxres.he-IL.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00180936 _____ () C:\WINDOWS\system32\Gfxres.ko-KR.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00180850 _____ () C:\WINDOWS\system32\Gfxres.it-IT.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00178473 _____ () C:\WINDOWS\system32\Gfxres.es-ES.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00178290 _____ () C:\WINDOWS\system32\Gfxres.fr-FR.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00178123 _____ () C:\WINDOWS\system32\Gfxres.de-DE.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00176838 _____ () C:\WINDOWS\system32\Gfxres.ro-RO.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00175862 _____ () C:\WINDOWS\system32\Gfxres.hu-HU.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00175571 _____ () C:\WINDOWS\system32\Gfxres.tr-TR.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00175067 _____ () C:\WINDOWS\system32\Gfxres.nl-NL.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00174802 _____ () C:\WINDOWS\system32\Gfxres.pl-PL.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00174269 _____ () C:\WINDOWS\system32\Gfxres.pt-BR.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00173792 _____ () C:\WINDOWS\system32\Gfxres.fi-FI.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00173276 _____ () C:\WINDOWS\system32\Gfxres.sk-SK.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00173059 _____ () C:\WINDOWS\system32\Gfxres.sv-SE.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00172833 _____ () C:\WINDOWS\system32\Gfxres.pt-PT.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00172554 _____ () C:\WINDOWS\system32\Gfxres.cs-CZ.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00171691 _____ () C:\WINDOWS\system32\Gfxres.hr-HR.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00168215 _____ () C:\WINDOWS\system32\Gfxres.sl-SI.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00166833 _____ () C:\WINDOWS\system32\Gfxres.nb-NO.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00166220 _____ () C:\WINDOWS\system32\Gfxres.da-DK.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00161534 _____ () C:\WINDOWS\system32\Gfxres.en-US.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00160256 _____ () C:\WINDOWS\system32\igdail64.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00154805 _____ () C:\WINDOWS\system32\Gfxres.zh-TW.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00152993 _____ () C:\WINDOWS\system32\Gfxres.zh-CN.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00012288 _____ ( ) C:\WINDOWS\system32\IGFXDEVLib.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 25971712 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 03224064 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 00493056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxdv32.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 00329216 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 00320512 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 00299520 _____ () C:\WINDOWS\SysWOW64\igdmd32.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 00182272 _____ () C:\WINDOWS\SysWOW64\igdde32.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 00142848 _____ () C:\WINDOWS\SysWOW64\igdail32.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 00025600 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2014-04-12 19:02 - 2014-01-22 15:44 - 20954112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2014-04-12 19:02 - 2014-01-22 15:44 - 02896384 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2014-04-12 19:02 - 2014-01-22 15:44 - 00290816 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2014-04-12 19:02 - 2014-01-22 15:44 - 00265216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 04011168 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 02065920 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 01815040 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 01450656 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00785568 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00644768 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00602272 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00344736 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00210592 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00177824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00163328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00155136 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00137728 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00133120 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00128672 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00094368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2014-04-12 18:57 - 2014-04-13 14:52 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-04-12 18:57 - 2014-04-12 19:02 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-04-12 18:57 - 2014-04-12 18:57 - 00001876 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-04-12 18:57 - 2014-04-12 18:57 - 00001783 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-04-12 18:57 - 2014-04-12 18:57 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-04-12 18:56 - 2014-04-12 18:56 - 10468704 _____ (BlueStack Systems Inc.) C:\Users\Admins-Mo\Downloads\BlueStacks-SplitInstaller_native.exe
2014-04-12 18:56 - 2014-04-12 18:56 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Bluestacks
2014-04-09 23:50 - 2014-04-09 23:50 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-04-09 23:40 - 2014-04-09 23:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-04-09 23:40 - 2014-04-09 23:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-04-09 23:40 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-09 23:40 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-04-09 23:40 - 2014-03-10 12:35 - 02008408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-04-09 23:40 - 2014-03-10 12:35 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-04-09 23:40 - 2014-03-06 11:19 - 01287576 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-04-09 23:40 - 2014-03-06 11:02 - 01109424 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-04-09 23:40 - 2014-03-06 08:17 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-04-09 23:40 - 2014-03-06 08:10 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-04-06 14:07 - 2014-04-06 14:07 - 14203232 _____ (AVM Berlin) C:\Users\Admins-Mo\Downloads\FRITZ.Box_Fon_WLAN_7240.05.54.recover-image.exe
2014-03-19 01:22 - 2014-01-08 03:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-19 01:22 - 2014-01-08 03:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-19 01:22 - 2014-01-08 03:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-19 01:22 - 2014-01-04 17:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-19 01:22 - 2014-01-04 17:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-19 01:22 - 2014-01-04 16:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-19 01:22 - 2014-01-04 15:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-19 01:22 - 2014-01-03 01:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-19 01:22 - 2014-01-03 01:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-19 01:22 - 2014-01-01 03:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-19 01:22 - 2014-01-01 03:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-19 01:22 - 2014-01-01 02:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-19 01:22 - 2014-01-01 02:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-19 01:22 - 2014-01-01 01:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-19 01:22 - 2014-01-01 01:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-19 01:22 - 2014-01-01 01:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-19 01:22 - 2013-12-31 01:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-19 01:22 - 2013-12-31 01:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-19 01:22 - 2013-12-31 01:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-19 01:22 - 2013-12-31 01:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-19 01:22 - 2013-12-31 01:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-19 01:22 - 2013-12-27 17:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-19 01:22 - 2013-12-27 10:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-19 01:22 - 2013-12-27 10:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-19 01:22 - 2013-12-27 10:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-19 01:22 - 2013-12-27 09:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-19 01:22 - 2013-12-27 09:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-19 01:22 - 2013-12-27 08:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-19 01:22 - 2013-12-21 09:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-19 01:22 - 2013-12-17 09:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-19 01:22 - 2013-12-14 08:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-19 01:22 - 2013-12-14 08:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-19 01:22 - 2013-12-13 12:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-19 01:22 - 2013-12-13 08:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-19 01:22 - 2013-12-13 07:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-19 01:22 - 2013-12-09 10:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-19 01:22 - 2013-12-09 06:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-17 14:51 - 2014-03-25 18:23 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\TeamViewer
2014-03-17 14:51 - 2014-03-17 14:51 - 05852336 _____ (TeamViewer GmbH) C:\Users\Admins-Mo\Downloads\TeamViewer_Setup_de (1).exe
2014-03-17 14:51 - 2014-03-17 14:51 - 00001146 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-03-17 14:51 - 2014-03-17 14:51 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-03-17 14:50 - 2014-03-17 14:50 - 05852336 _____ (TeamViewer GmbH) C:\Users\Admins-Mo\Downloads\TeamViewer_Setup_de.exe
2014-03-17 13:58 - 2014-03-17 13:58 - 06554768 _____ (Finarea S.A. Switzerland ) C:\Users\Admins-Mo\Downloads\setupVoipConnect (1).exe
2014-03-16 16:50 - 2014-03-16 16:50 - 00055858 _____ () C:\Users\Admins-Mo\Downloads\Adobe Premiere Pro CS4 Serial Keygen (1).rar
2014-03-16 16:49 - 2014-03-16 16:49 - 00055858 _____ () C:\Users\Admins-Mo\Downloads\Adobe Premiere Pro CS4 Serial Keygen .rar
2014-03-16 16:44 - 2014-03-16 16:44 - 00117362 _____ () C:\Users\Admins-Mo\Downloads\premiere_cs_avs_importer_1.0rc1_setup.exe
2014-03-16 16:44 - 2014-03-16 16:44 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Premiere CS AVS Importer
2014-03-16 16:44 - 2014-03-16 16:44 - 00000000 ____D () C:\Program Files (x86)\Premiere CS AVS Importer
2014-03-14 06:17 - 2014-02-22 14:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-14 06:17 - 2014-02-22 13:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
==================== One Month Modified Files and Folders =======
2014-04-13 22:58 - 2014-04-13 22:58 - 00039374 _____ () C:\Users\Admins-Mo\Downloads\FRST.txt
2014-04-13 22:58 - 2014-04-13 22:57 - 00000000 ____D () C:\FRST
2014-04-13 22:58 - 2014-03-13 09:46 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Software Informer
2014-04-13 22:57 - 2014-02-26 12:40 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2014-04-13 22:55 - 2014-02-10 03:27 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\ViberPC
2014-04-13 22:55 - 2014-02-10 03:27 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Viber
2014-04-13 22:55 - 2013-11-17 01:16 - 00000000 ___RD () C:\Users\Admins-Mo\SkyDrive
2014-04-13 22:55 - 2013-11-07 13:36 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-13 22:53 - 2013-09-29 21:04 - 00020628 _____ () C:\WINDOWS\PFRO.log
2014-04-13 22:53 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-13 22:53 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-04-13 22:52 - 2014-04-13 22:52 - 02157568 _____ (Farbar) C:\Users\Admins-Mo\Downloads\FRST64 (1).exe
2014-04-13 22:51 - 2014-04-13 22:51 - 02157568 _____ (Farbar) C:\Users\Admins-Mo\Downloads\FRST64.exe
2014-04-13 22:49 - 2014-04-13 22:49 - 00050477 _____ () C:\Users\Admins-Mo\Downloads\Defogger (1).exe
2014-04-13 22:49 - 2014-04-13 22:48 - 00000480 _____ () C:\Users\Admins-Mo\Downloads\defogger_disable.log
2014-04-13 22:48 - 2014-04-13 22:48 - 00050477 _____ () C:\Users\Admins-Mo\Downloads\Defogger.exe
2014-04-13 22:48 - 2014-04-13 22:48 - 00000000 _____ () C:\Users\Admins-Mo\defogger_reenable
2014-04-13 22:48 - 2013-11-17 00:46 - 00000000 ____D () C:\Users\Admins-Mo
2014-04-13 22:48 - 2013-11-17 00:44 - 01744456 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-13 22:36 - 2014-01-03 01:40 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-04-13 22:12 - 2013-12-08 18:57 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-13 22:01 - 2013-11-07 13:36 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-13 22:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-13 21:34 - 2013-12-11 03:55 - 00776610 _____ () C:\WINDOWS\system32\perfh00C.dat
2014-04-13 21:34 - 2013-12-11 03:55 - 00422458 _____ () C:\WINDOWS\system32\perfh001.dat
2014-04-13 21:34 - 2013-12-11 03:55 - 00149292 _____ () C:\WINDOWS\system32\perfc00C.dat
2014-04-13 21:34 - 2013-12-11 03:55 - 00065162 _____ () C:\WINDOWS\system32\perfc001.dat
2014-04-13 21:34 - 2013-11-07 13:37 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3624291485-3201753239-2019657463-1002
2014-04-13 21:34 - 2013-09-30 06:14 - 03189766 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-13 21:34 - 2013-09-30 05:56 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-04-13 21:34 - 2013-09-30 05:56 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-04-13 21:27 - 2013-11-17 01:45 - 00003938 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A0A9D59D-020B-47E3-82BD-93C809A4CD40}
2014-04-13 21:11 - 2013-11-08 14:30 - 90655440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-04-13 21:11 - 2013-11-08 14:30 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-04-13 15:38 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-04-13 14:52 - 2014-04-12 18:57 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-04-13 14:36 - 2013-12-02 10:13 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-04-13 14:22 - 2014-01-29 18:02 - 00003112 _____ () C:\WINDOWS\System32\Tasks\RDReminder
2014-04-13 02:40 - 2014-04-13 02:40 - 00003151 _____ () C:\Users\Admins-Mo\Desktop\GeneratedFile
2014-04-12 19:04 - 2014-01-29 19:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-04-12 19:04 - 2014-01-29 19:06 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-04-12 19:03 - 2014-04-12 19:03 - 00000732 _____ () C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
2014-04-12 19:03 - 2013-11-17 00:44 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-04-12 19:03 - 2013-08-22 16:46 - 00029425 _____ () C:\WINDOWS\setupact.log
2014-04-12 19:02 - 2014-04-12 18:57 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-04-12 18:57 - 2014-04-12 18:57 - 00001876 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-04-12 18:57 - 2014-04-12 18:57 - 00001783 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-04-12 18:57 - 2014-04-12 18:57 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-04-12 18:57 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-04-12 18:56 - 2014-04-12 18:56 - 10468704 _____ (BlueStack Systems Inc.) C:\Users\Admins-Mo\Downloads\BlueStacks-SplitInstaller_native.exe
2014-04-12 18:56 - 2014-04-12 18:56 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Bluestacks
2014-04-12 18:26 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-04-12 18:00 - 2013-12-13 01:23 - 00000490 _____ () C:\WINDOWS\Tasks\ParetoLogic Registration3.job
2014-04-11 15:36 - 2014-02-26 12:40 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-11 15:36 - 2014-02-26 12:40 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-10 15:35 - 2014-01-29 18:02 - 00000314 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job
2014-04-10 03:07 - 2013-12-13 01:22 - 00000422 _____ () C:\WINDOWS\Tasks\PC Health Advisor Defrag.job
2014-04-10 01:02 - 2013-12-13 01:22 - 00000464 _____ () C:\WINDOWS\Tasks\ParetoLogic Update Version3.job
2014-04-09 23:50 - 2014-04-09 23:50 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-04-09 23:50 - 2013-08-22 16:46 - 00000178 _____ () C:\WINDOWS\setuperr.log
2014-04-09 23:40 - 2014-04-09 23:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-04-09 23:40 - 2014-04-09 23:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-04-09 17:03 - 2014-01-29 18:02 - 00000298 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2014-04-09 17:02 - 2014-01-29 18:02 - 00003038 _____ () C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_Updates
2014-04-09 17:02 - 2014-01-29 18:02 - 00003024 _____ () C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_MONTHLY
2014-04-08 02:49 - 2013-12-13 01:22 - 00000404 _____ () C:\WINDOWS\Tasks\PC Health Advisor.job
2014-04-06 14:07 - 2014-04-06 14:07 - 14203232 _____ (AVM Berlin) C:\Users\Admins-Mo\Downloads\FRITZ.Box_Fon_WLAN_7240.05.54.recover-image.exe
2014-04-06 09:32 - 2013-12-11 15:01 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-31 23:23 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:23 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-31 03:16 - 2014-04-09 23:40 - 23134208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-31 01:57 - 2014-04-09 23:40 - 17073152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-30 22:58 - 2013-12-02 13:46 - 00000000 ____D () C:\Program Files (x86)\AntiBrowserSpy
2014-03-29 12:11 - 2013-12-02 10:18 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Deployment
2014-03-28 16:56 - 2013-11-07 13:36 - 00004102 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-28 16:56 - 2013-11-07 13:36 - 00003866 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-28 16:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-28 15:12 - 2013-11-08 15:10 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\CrashDumps
2014-03-25 18:23 - 2014-03-17 14:51 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\TeamViewer
2014-03-25 18:17 - 2014-02-09 01:11 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\VoipConnect
2014-03-25 09:52 - 2013-11-07 13:31 - 00000000 ___RD () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-25 09:52 - 2013-11-07 13:31 - 00000000 ___RD () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-25 09:51 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-25 09:51 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\ar-SA
2014-03-25 09:51 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-03-19 17:19 - 2013-12-03 21:41 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Skype
2014-03-19 15:29 - 2013-12-14 06:13 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-03-19 00:05 - 2013-08-22 16:44 - 03086328 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-18 20:00 - 2013-12-16 21:52 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\vlc
2014-03-18 18:21 - 2013-12-16 21:52 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\dvdcss
2014-03-17 14:51 - 2014-03-17 14:51 - 05852336 _____ (TeamViewer GmbH) C:\Users\Admins-Mo\Downloads\TeamViewer_Setup_de (1).exe
2014-03-17 14:51 - 2014-03-17 14:51 - 00001146 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-03-17 14:51 - 2014-03-17 14:51 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-03-17 14:50 - 2014-03-17 14:50 - 05852336 _____ (TeamViewer GmbH) C:\Users\Admins-Mo\Downloads\TeamViewer_Setup_de.exe
2014-03-17 13:58 - 2014-03-17 13:58 - 06554768 _____ (Finarea S.A. Switzerland ) C:\Users\Admins-Mo\Downloads\setupVoipConnect (1).exe
2014-03-16 19:10 - 2013-12-03 15:42 - 00000000 ____D () C:\Users\Admins-Mo\Documents\Adobe
2014-03-16 19:10 - 2013-11-07 13:31 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Adobe
2014-03-16 16:50 - 2014-03-16 16:50 - 00055858 _____ () C:\Users\Admins-Mo\Downloads\Adobe Premiere Pro CS4 Serial Keygen (1).rar
2014-03-16 16:49 - 2014-03-16 16:49 - 00055858 _____ () C:\Users\Admins-Mo\Downloads\Adobe Premiere Pro CS4 Serial Keygen .rar
2014-03-16 16:49 - 2014-02-26 12:40 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\WinZipper
2014-03-16 16:44 - 2014-03-16 16:44 - 00117362 _____ () C:\Users\Admins-Mo\Downloads\premiere_cs_avs_importer_1.0rc1_setup.exe
2014-03-16 16:44 - 2014-03-16 16:44 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Premiere CS AVS Importer
2014-03-16 16:44 - 2014-03-16 16:44 - 00000000 ____D () C:\Program Files (x86)\Premiere CS AVS Importer
2014-03-16 14:31 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
Files to move or delete:
====================
C:\Users\Admins-Mo\InstallUtil.resources.dll
Some content of TEMP:
====================
C:\Users\Admins-Mo\AppData\Local\Temp\35825uninstall.exe
C:\Users\Admins-Mo\AppData\Local\Temp\72engqbr.dll
C:\Users\Admins-Mo\AppData\Local\Temp\894.6314884537769_update.exe
C:\Users\Admins-Mo\AppData\Local\Temp\BackupSetup.exe
C:\Users\Admins-Mo\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pyl247B.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pyl8BF7.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pylA855.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pylA8B7.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pylBB9A.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pylCD8D.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pylCEAA.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pylD998.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\setup0533.exe
C:\Users\Admins-Mo\AppData\Local\Temp\setupproplusretail.x86.de-de_act_1_.exe
C:\Users\Admins-Mo\AppData\Local\Temp\Sqlite3.dll
C:\Users\Admins-Mo\AppData\Local\Temp\tvcwytg3.dll
C:\Users\Admins-Mo\AppData\Local\Temp\{1DE82EFE-4996-4A80-BECF-E0F51139760E}-34.0.1847.116_33.0.1750.154_chrome_updater.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-12 12:55] - [2014-01-31 18:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02
LastRegBack: 2014-04-08 12:03
==================== End Of Log ============================
|
|
13.04.2014, 22:07
| #2 |
| | unerwünschte Werbung, Tools lassen sich nicht löschen Hier der zweite Log:
__________________Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2014 Ran by Admins-Mo at 2014-04-13 23:05:08 Running from C:\Users\Admins-Mo\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton Internet Security CBE (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton Internet Security CBE (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security CBE (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} ==================== Installed Programs ====================== clear.fi SDK - Video 2 (x32 Version: 2.1.2128 - CyberLink Corp.) Hidden clear.fi SDK- Movie 2 (x32 Version: 2.1.2112 - CyberLink Corp.) Hidden Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0077 - NTI Corporation) Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.03.2002 - Acer Incorporated) Acer Docs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 2.04.2001 - Acer) Acer Instant Update Service (HKLM\...\{8215A318-CC27-435E-B3EA-2E3443C8998C}) (Version: 1.00.3013 - Acer Incorporated) Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.04.2006.0 - Acer Incorporated) Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.04.2004.1 - Acer Incorporated) Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.04.2004 - Acer Incorporated) Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3011 - Acer Incorporated) Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated) Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2002 - Acer Incorporated) Acer Theft Shield (HKLM\...\{8ADB0CD2-4E5A-452F-BB3B-3A2984CAC749}) (Version: 1.01.3006 - Acer Incorporated) Acer USB Charge Manager (HKLM\...\{07E867C5-0C48-40FF-A013-DDAF4565AD47}) (Version: 2.00.3002 - Acer Incorporated) Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH) Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - ) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.) Adobe AIR (x32 Version: 1.1.0.5790 - Adobe Systems Inc.) Hidden Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe CS4 American English Speech Analysis Models (x32 Version: 1 - Adobe Systems Incorporated) Hidden Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden Adobe Encore CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Media Encoder CS4 Dolby (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Media Encoder CS4 Exporter (HKLM-x32\...\Adobe_5eba9bbdf1514a06b1a4c79a2920188) (Version: 1.0 - Adobe Systems Incorporated) Adobe Media Encoder CS4 Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Media Encoder CS4 Importer (HKLM-x32\...\Adobe_7774cb1e022c49962995a9014500066) (Version: 1.0 - Adobe Systems Incorporated) Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe OnLocation CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden Adobe Premiere Pro CS4 (HKLM-x32\...\Adobe_26b63376f4efc354dae41af6b5e3343) (Version: 4 - Adobe Systems Incorporated) Adobe Premiere Pro CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden Adobe Premiere Pro CS4 Functional Content (x32 Version: 4 - Adobe Systems Incorporated) Hidden Adobe Premiere Pro CS4 Third Party Content (HKLM-x32\...\Adobe_6e02d32c7e5a9d9fc86bc91618cafda) (Version: 4 - Adobe Systems Incorporated) Adobe Premiere Pro CS4 Third Party Content (x32 Version: 4 - Adobe Systems Incorporated) Hidden Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Amazon 1Button App (HKLM-x32\...\{893CB813-4179-4BFE-8D33-ABCC38816B48}) (Version: 1.0.6 - Amazon) Amazon 1Button App (HKLM-x32\...\Amazon Browser Settings) (Version: 3.0 - Amazon) AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 139 - Abelssoft) Backup Manager v4 (x32 Version: 4.0.0.0077 - NTI Corporation) Hidden BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3069 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{FE5ABB0E-EDEA-4023-B0FB-9DEA39A98D76}) (Version: 0.8.7.3069 - BlueStack Systems, Inc.) Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.) Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3318_45364 - CyberLink Corp.) CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3318_45364 - CyberLink Corp.) Hidden Dll-Files Fixer (HKLM-x32\...\Dll-Files Fixer_is1) (Version: 3.1.81 - Dll-Files.com) DMUninstaller (HKLM-x32\...\DMUninstaller) (Version: - ) <==== ATTENTION Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.13 - Dolby Laboratories Inc) Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.) Driver Magician 3.9 (HKLM-x32\...\Driver Magician_is1) (Version: - GoldSolution Software, Inc.) DzSoft PHP Editor 4.2.7 (HKLM-x32\...\DzSoftPhpEditor_is1) (Version: 4.2.7 - DzSoft Ltd) ETDWare PS/2-X64 11.6.19.204_WHQL (HKLM\...\Elantech) (Version: 11.6.19.204 - ELAN Microelectronic Corp.) Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited) Feven 1.5 (HKLM-x32\...\Feven 1.5) (Version: 1.31.153.1 - Feven) <==== ATTENTION Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.) Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden HID Monitor (HKLM-x32\...\{F548D9F4-D9D5-43EC-911C-753FB654D6C8}) (Version: 1.1.3 - Acer Incorporated) Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated) IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com) Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle) Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}) (Version: 12.0.1.340 - Kaspersky Lab) Kaspersky Security Scan (x32 Version: 12.0.1.340 - Kaspersky Lab) Hidden Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Acer Inc.) LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.14.20140117 - LG Electronics) LG SP USB Driver (HKLM-x32\...\{E2AE8456-CCFE-46C0-8629-71CC507660FC}) (Version: 1.0 - LG Electronics) LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.10.1.0 - LG Electronics) Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3006 - Acer Incorporated) Lollipop (HKCU\...\lollipop_01091743) (Version: - Lollipop Network, S.L.) <==== ATTENTION Microsoft Document Explorer 2005 (HKLM-x32\...\Microsoft Document Explorer 2005) (Version: - Microsoft Corporation) Microsoft Document Explorer 2005 (x32 Version: 8.0.50727.42 - Microsoft Corporation) Hidden Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4605.1003 - Microsoft Corporation) Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4605.1003 - Microsoft Corporation) Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Project MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Project Professional 2013 (HKLM-x32\...\Office15.PRJPROR) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Project Professional 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation) Microsoft Visio MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Visio Professional 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla) MSDN Library for Visual Studio 2005 (HKLM-x32\...\MSDN Library for Visual Studio 2005) (Version: 8.0.50727.236 - Microsoft) MSDN Library for Visual Studio 2005 (x32 Version: 8.0.50727.236 - Microsoft) Hidden MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - ) Norton Internet Security CBE (HKLM-x32\...\NIS) (Version: 21.1.0.18 - Symantec Corporation) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r - Symantec Corporation) Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9014 - NTI Corporation) NTI Media Maker 9 (x32 Version: 9.0.2.9014 - NTI Corporation) Hidden NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation) NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4605.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3202 - Acer) Opera Stable 20.0.1387.91 (HKLM-x32\...\Opera 20.0.1387.91) (Version: 20.0.1387.91 - Opera Software ASA) Oracle VM VirtualBox 4.3.2 (HKLM\...\{49C9FDFF-6056-4E8C-B9AF-B7B4D78023E2}) (Version: 4.3.2 - Oracle Corporation) Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Oxford Advanced Learner's Dictionary - 7th edition (HKLM-x32\...\OALD7) (Version: - ) Paragon Partition Manager™ 2014 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software) ParetoLogic PC Health Advisor (HKLM-x32\...\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}) (Version: 3.1.0.0 - ParetoLogic, Inc.) PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge) Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden PowerVoip (HKLM-x32\...\PowerVoip_is1) (Version: 4.13 build 738 - Finarea S.A. Switzerland) Premiere CS AVS Importer 1.0 (HKLM-x32\...\Premiere CS AVS Importer) (Version: 1.0 - ) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.214 - Qualcomm Atheros Communications) Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.30 - Qualcomm Atheros) QUICKfind (HKLM-x32\...\{593AFFA4-D08E-4272-BABB-420949D32A10}) (Version: - ) QuickShare (HKLM-x32\...\{F40711CD-60B3-45F5-85C5-F1AA400C1B6E}) (Version: 10.169.60.13223 - Linkury Inc.) <==== ATTENTION QuickTime (HKLM-x32\...\QuickTime) (Version: - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.28130 - Realtek Semiconductor Corp.) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.) Secure Download Manager (HKLM-x32\...\{E98D115E-D621-4723-8AF0-147BADA9A466}) (Version: 3.1.40 - Kivuto Solutions Inc.) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.) Software Informer 1.3.1061.0 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.) Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB) Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer) Viber (HKCU\...\Viber) (Version: 3.0.0.134193 - Viber Media Inc) Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation) VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN) VoipBuster (HKLM-x32\...\VoipBuster_is1) (Version: 4.13 build 738 - Finarea S.A. Switzerland) VoipConnect (HKLM-x32\...\VoipConnect_is1) (Version: 4.14 build 744 - Finarea S.A. Switzerland) VoipStunt (HKLM-x32\...\VoipStunt_is1) (Version: 4.14 build 745 - Finarea S.A. Switzerland) Weeny Free PDF to Image Converter 1.3 (HKLM-x32\...\Weeny Free PDF to Image Converter_is1) (Version: - Weeny Software) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.29 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION XAMPP (HKLM-x32\...\xampp) (Version: 1.8.2-3 - BitNami) ==================== Restore Points ========================= 28-03-2014 13:54:49 Geplanter Prüfpunkt 08-04-2014 10:09:54 Geplanter Prüfpunkt 13-04-2014 19:10:59 Windows Update ==================== Hosts content: ========================== 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {094FE9FB-206B-4AFD-AE12-C770FDDAA1B6} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-10-23] (Acer Incorporated) Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {104FFEA6-AB1F-4843-9E50-40BCC4853636} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-03-30] (Microsoft Corporation) Task: {1232BBBD-B168-4685-A781-F182DB551CEE} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-11-25] (Dll-FIles.Com) Task: {16BBE3E6-A1DF-4DCE-A39B-B5CF69B52D25} - System32\Tasks\AntiBrowserSpy - BrowserMask => C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2013-08-22] () Task: {1F85258B-FFCC-4935-A34C-E5E159C7F8B7} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated) Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {2580DCBE-610D-4760-B03A-E10A2E6EB1C8} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-23] () Task: {25B35B24-BD4A-4CD2-AF96-4FAFEBD6F079} - System32\Tasks\RDReminder => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-11-25] (Dll-FIles.Com) Task: {25EC6A61-9232-46DA-8D4D-76F36E196650} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation) Task: {2BFAD7A6-E43E-433B-A4BA-45F0844DEB20} - System32\Tasks\HIDMonitor => C:\Program Files\Acer Incorporated\HID Monitor\HIDMonitor.exe Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {344BEE1D-20E9-4704-B666-BB4A88C91382} - System32\Tasks\PC Health Advisor Defrag => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [2011-03-30] (ParetoLogic, Inc.) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {457DC2C4-D18B-4230-85E6-5CBA9FA46CDC} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation) Task: {47BC1BC5-1690-46FE-84BE-408373C42CFD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-07] (Google Inc.) Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {506B6EFE-222A-4D4C-82C2-56D62AA5AC8B} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-11-06] () Task: {5FD8B123-F20A-4670-8CE7-A836BD903436} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-04-13] (Microsoft Corporation) Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {701ACB63-1337-4060-98B4-806A6029F3FA} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2013-12-06] (Acer Incorporated) Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {7AF26D20-898D-47D9-B5E0-396341BF7CE3} - System32\Tasks\Theft Shield\AcerTheftShieldTask => C:\Program Files\Acer\Acer Theft Shield\USecuAppLauncher.exe [2012-11-12] (Acer Incorporated) Task: {7B821DEB-6DE4-45D0-8B42-53B01204A495} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation) Task: {7F1B7E21-4B00-4289-8FDA-FCF16726416D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated) Task: {7FE9E564-B21B-4F4D-8B03-CAE8F054FCE5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3624291485-3201753239-2019657463-1002Core => C:\Users\Admins-Mo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-09] (Facebook Inc.) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {88F1D010-00B0-4370-8729-5B72A320663B} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-09-20] (CyberLink) Task: {8BF5954F-978D-4A7B-9F30-AB73D7E71243} - System32\Tasks\PC Health Advisor => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [2011-03-30] (ParetoLogic, Inc.) Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {96ABC834-DA8B-487D-81BD-6C5A22272383} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-21] () Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {C3F1DC4A-9ED1-4A10-A591-A04A093F23A2} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2014-02-27] (Informer Technologies, Inc.) Task: {CBA26469-5307-4AB4-BC3D-9FB2B83FA394} - System32\Tasks\AntiBrowserSpy - SocialBlock - IEProxyCheck => C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe [2013-08-22] () Task: {CC3DDFDD-8D6C-437F-AA46-ACA53BE1EE79} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2011-03-30] (ParetoLogic Inc.) Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D6325223-8370-4AAC-BFB1-C3B2BE293925} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-04-12] (Microsoft Corporation) Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {DD268CBE-EFD8-43B0-9B75-3CD394312CA3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {DFB722A0-2D90-4479-8DD6-F7F539BB0D76} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-03-19] (Microsoft Corporation) Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {EBA2E9A4-422D-48B5-AD45-CEFBB86EF457} - System32\Tasks\AntiBrowserSpy - SocialBlock - IE => C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe [2013-08-22] () Task: {EFA3DB89-E3FF-4BEE-9A86-1E6AA5CCF63D} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns Task: {F1EF3B10-52BF-463D-8DBA-611E58A73412} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-23] () Task: {F6FEA415-F0A7-4E47-9523-D76E55FEA4A9} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-11-25] (Dll-FIles.Com) Task: {FAC7F6CA-0EB3-4EAB-8D66-2137AF7E3EC6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-03-19] (Microsoft Corporation) Task: {FB5124A6-844F-4F02-8A8C-24F394222894} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-07] (Google Inc.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3624291485-3201753239-2019657463-1002Core.job => C:\Users\Admins-Mo\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\ParetoLogic Registration3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe Task: C:\WINDOWS\Tasks\PC Health Advisor Defrag.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe Task: C:\WINDOWS\Tasks\PC Health Advisor.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe ==================== Loaded Modules (whitelisted) ============= 2013-09-05 03:36 - 2013-09-05 03:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2014-03-19 15:34 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2013-12-02 10:13 - 2014-03-25 13:21 - 00629928 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll 2013-03-21 20:24 - 2013-03-21 20:24 - 00222368 _____ () C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe 2012-08-23 14:02 - 2012-08-23 14:02 - 00030640 _____ () C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe 2013-12-02 13:46 - 2013-08-22 14:34 - 00769536 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe 2013-12-02 13:46 - 2013-08-22 14:39 - 00823312 _____ () C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe 2013-12-02 13:46 - 2013-08-22 14:39 - 00050192 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbSettings.dll 2013-12-02 13:46 - 2013-08-22 14:39 - 00861200 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyResources.dll 2013-12-02 13:46 - 2013-08-22 14:39 - 01323024 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyLibrary.dll 2013-12-02 13:46 - 2013-08-22 14:39 - 01406480 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbGui.dll 2013-12-02 13:46 - 2013-08-22 14:39 - 00015888 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbProcessManager.dll 2013-12-02 13:46 - 2013-08-22 14:39 - 00777728 _____ () C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe 2014-02-10 03:27 - 2013-12-02 15:12 - 00936456 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\Viber.exe 2012-08-23 00:04 - 2012-08-23 00:04 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe 2012-08-23 00:04 - 2012-08-23 00:04 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe 2013-10-10 23:48 - 2013-10-10 23:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll 2014-02-26 12:40 - 2014-02-26 12:40 - 00612496 _____ () C:\Program Files (x86)\WinZipper\sqlite3.dll 2013-12-21 14:15 - 2013-12-04 19:58 - 00090368 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll 2013-01-05 22:54 - 2013-01-05 22:54 - 00465976 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll 2013-01-05 22:54 - 2013-01-05 22:54 - 00126096 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll 2013-01-05 22:54 - 2013-01-05 22:54 - 00156304 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll 2013-01-05 22:54 - 2013-01-05 22:54 - 00118928 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll 2013-01-05 22:54 - 2013-01-05 22:54 - 01082000 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll 2013-01-05 22:54 - 2013-01-05 22:54 - 00052880 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll 2013-01-05 22:54 - 2013-01-05 22:54 - 00728208 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll 2012-08-23 14:02 - 2012-08-23 14:02 - 00034736 _____ () C:\Program Files (x86)\Acer Incorporated\HID Monitor\ElanTPAPI.dll 2012-12-07 16:15 - 2012-12-07 16:15 - 02126264 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll 2012-12-07 16:15 - 2012-12-07 16:15 - 07422392 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll 2012-12-07 16:15 - 2012-12-07 16:15 - 02453944 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll 2012-12-07 16:15 - 2012-12-07 16:15 - 01270200 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll 2012-12-07 16:15 - 2012-12-07 16:15 - 00192952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll 2012-12-07 16:15 - 2012-12-07 16:15 - 00795064 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll 2014-03-14 00:49 - 2014-03-14 00:49 - 14442496 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\libViber.dll 2014-03-14 00:49 - 2014-03-14 00:49 - 00098304 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\qfacebook.dll 2014-03-14 00:49 - 2014-03-14 00:49 - 00049152 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\libEGL.dll 2014-03-14 00:49 - 2014-03-14 00:49 - 00729088 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\libGLESv2.dll 2014-03-14 00:49 - 2014-03-14 00:49 - 00835584 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\platforms\qwindows.dll 2014-03-14 00:49 - 2014-03-14 00:49 - 00024576 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\imageformats\qgif.dll 2014-03-14 00:49 - 2014-03-14 00:49 - 00024576 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\imageformats\qico.dll 2014-03-14 00:49 - 2014-03-14 00:49 - 00212992 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\imageformats\qjpeg.dll 2014-03-14 00:49 - 2014-03-14 00:49 - 00221184 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\imageformats\qmng.dll 2014-03-14 00:49 - 2014-03-14 00:49 - 00016384 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\imageformats\qsvg.dll 2014-03-14 00:49 - 2014-03-14 00:49 - 00016384 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\imageformats\qtga.dll 2014-03-14 00:49 - 2014-03-14 00:49 - 00278528 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\imageformats\qtiff.dll 2014-03-14 00:49 - 2014-03-14 00:49 - 00016384 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\imageformats\qwbmp.dll 2014-03-14 00:49 - 2014-03-14 00:49 - 00622592 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\sqldrivers\qsqlite.dll 2014-03-14 00:49 - 2014-03-14 00:49 - 00032768 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\iconengines\qsvgicon.dll 2014-04-06 09:32 - 2014-04-02 13:19 - 00908640 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\libglesv2.dll 2014-04-06 09:32 - 2014-04-02 13:19 - 00108896 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\libegl.dll 2014-04-06 09:32 - 2014-04-02 13:19 - 00895328 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\ffmpegsumo.dll 2014-02-13 18:49 - 2014-02-13 18:49 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\8bb41c02a60ce86db6647822d966a691\PSIClient.ni.dll 2013-10-22 13:48 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\Admins-Mo\SkyDrive:ms-properties AlternateDataStreams: C:\ProgramData\Temp:373E1720 ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= Name: VirtualBox Host-Only Ethernet Adapter Description: VirtualBox Host-Only Ethernet Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Oracle Corporation Service: VBoxNetAdp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: vpnva Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (04/13/2014 11:00:11 PM) (Source: Application Hang) (User: ) Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1564 Startzeit: 01cf575aa5b634c2 Endzeit: 4294967295 Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe Berichts-ID: 99b016a3-c34e-11e3-bec7-089e0174c6f8 Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1 Error: (04/13/2014 10:55:25 PM) (Source: Perflib) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll4 Error: (04/13/2014 10:50:08 PM) (Source: Application Hang) (User: ) Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 236c Startzeit: 01cf57593e987453 Endzeit: 4294967295 Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe Berichts-ID: 32270ce0-c34d-11e3-bec6-089e0174c6f8 Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1 Error: (04/13/2014 10:40:18 PM) (Source: Application Hang) (User: ) Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 19ac Startzeit: 01cf5757df1b25dd Endzeit: 4294967295 Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe Berichts-ID: d2a5d5e0-c34b-11e3-bec6-089e0174c6f8 Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1 Error: (04/13/2014 10:35:08 PM) (Source: Application Hang) (User: ) Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 15e8 Startzeit: 01cf5754d7726d6d Endzeit: 4294967295 Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe Berichts-ID: 19a75a58-c34b-11e3-bec6-089e0174c6f8 Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1 Error: (04/13/2014 09:41:34 PM) (Source: Application Hang) (User: ) Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1064 Startzeit: 01cf574faa8fc45d Endzeit: 4294967295 Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe Berichts-ID: 9e1c3f29-c343-11e3-bec6-089e0174c6f8 Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1 Error: (04/13/2014 09:27:25 PM) (Source: Application Hang) (User: ) Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 13c4 Startzeit: 01cf574d8e642817 Endzeit: 4294967295 Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe Berichts-ID: a2d2bccb-c341-11e3-bec6-089e0174c6f8 Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1 Error: (04/13/2014 09:21:32 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest. Error: (04/13/2014 09:21:31 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest. Error: (04/13/2014 09:16:17 PM) (Source: Application Hang) (User: ) Description: Programm LiveComm.exe, Version 17.5.9600.20413 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1350 Startzeit: 01cf574c218a85d9 Endzeit: 4294967295 Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe Berichts-ID: 15cde160-c340-11e3-bec6-089e0174c6f8 Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1 System errors: ============= Error: (04/13/2014 10:53:46 PM) (Source: Ntfs) (User: ) Description: Auf dem Volume "\\?\Volume{b669fa6e-505f-4691-a861-b6971645ba6e}" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten. Error: (04/13/2014 10:53:29 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: %%1062 Error: (04/13/2014 10:31:18 PM) (Source: BTHUSB) (User: ) Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen. Error: (04/13/2014 09:23:52 PM) (Source: BTHUSB) (User: ) Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen. Error: (04/13/2014 09:21:16 PM) (Source: BTHUSB) (User: ) Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen. Error: (04/13/2014 02:23:58 PM) (Source: Schannel) (User: ADMINS) Description: Das vom Remoteserver erhaltene Zertifikat wurde von einer nicht vertrauenswürdigen Zertifizierungsstelle ausgestellt. Aus diesem Grund können keine der im Zertifikat enthalten Daten verifiziert werden. Fehler bei der SSL-Verbindungsanforderung. Die angehängten Daten enthalten das Serverzertifikat. Error: (04/13/2014 02:23:58 PM) (Source: Schannel) (User: ADMINS) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48. Der Windows-SChannel-Fehlerstatus lautet: 552. Error: (04/13/2014 02:22:37 PM) (Source: Schannel) (User: ADMINS) Description: Das vom Remoteserver erhaltene Zertifikat wurde von einer nicht vertrauenswürdigen Zertifizierungsstelle ausgestellt. Aus diesem Grund können keine der im Zertifikat enthalten Daten verifiziert werden. Fehler bei der SSL-Verbindungsanforderung. Die angehängten Daten enthalten das Serverzertifikat. Error: (04/13/2014 02:22:37 PM) (Source: Schannel) (User: ADMINS) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48. Der Windows-SChannel-Fehlerstatus lautet: 552. Error: (04/13/2014 02:22:01 PM) (Source: Schannel) (User: ADMINS) Description: Das vom Remoteserver erhaltene Zertifikat wurde von einer nicht vertrauenswürdigen Zertifizierungsstelle ausgestellt. Aus diesem Grund können keine der im Zertifikat enthalten Daten verifiziert werden. Fehler bei der SSL-Verbindungsanforderung. Die angehängten Daten enthalten das Serverzertifikat. Microsoft Office Sessions: ========================= Error: (04/13/2014 11:00:11 PM) (Source: Application Hang)(User: ) Description: LiveComm.exe17.5.9600.20461156401cf575aa5b634c24294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe99b016a3-c34e-11e3-bec7-089e0174c6f8microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (04/13/2014 10:55:25 PM) (Source: Perflib)(User: ) Description: BITSC:\Windows\System32\bitsperf.dll4 Error: (04/13/2014 10:50:08 PM) (Source: Application Hang)(User: ) Description: LiveComm.exe17.5.9600.20461236c01cf57593e9874534294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe32270ce0-c34d-11e3-bec6-089e0174c6f8microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (04/13/2014 10:40:18 PM) (Source: Application Hang)(User: ) Description: LiveComm.exe17.5.9600.2046119ac01cf5757df1b25dd4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exed2a5d5e0-c34b-11e3-bec6-089e0174c6f8microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (04/13/2014 10:35:08 PM) (Source: Application Hang)(User: ) Description: LiveComm.exe17.5.9600.2046115e801cf5754d7726d6d4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe19a75a58-c34b-11e3-bec6-089e0174c6f8microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (04/13/2014 09:41:34 PM) (Source: Application Hang)(User: ) Description: LiveComm.exe17.5.9600.20461106401cf574faa8fc45d4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe9e1c3f29-c343-11e3-bec6-089e0174c6f8microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (04/13/2014 09:27:25 PM) (Source: Application Hang)(User: ) Description: LiveComm.exe17.5.9600.2046113c401cf574d8e6428174294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exea2d2bccb-c341-11e3-bec6-089e0174c6f8microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (04/13/2014 09:21:32 PM) (Source: SideBySide)(User: ) Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe Error: (04/13/2014 09:21:31 PM) (Source: SideBySide)(User: ) Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe Error: (04/13/2014 09:16:17 PM) (Source: Application Hang)(User: ) Description: LiveComm.exe17.5.9600.20413135001cf574c218a85d94294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe15cde160-c340-11e3-bec6-089e0174c6f8microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 ==================== Memory info =========================== Percentage of memory in use: 58% Total physical RAM: 3911.27 MB Available physical RAM: 1623.7 MB Total Pagefile: 6087.27 MB Available Pagefile: 3322.11 MB Total Virtual: 131072 MB Available Virtual: 131071.75 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:217.32 GB) (Free:116.46 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 238 GB) (Disk ID: 4532D27D) Partition: GPT Partition Type. ==================== End Of Log ============================ |
|
18.04.2014, 17:30
| #3 |
| | unerwünschte Werbung, Tools lassen sich nicht löschen Wer kann mir helfen, unerwünschte Werbung und Tools wieder loszuwerden?
__________________ FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-04-2014 01
Ran by Admins-Mo (administrator) on ADMINS on 18-04-2014 18:27:57
Running from C:\Users\Admins-Mo\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Creative Island Media, LLC) C:\ProgramData\ZombieAlert\ZombieAlertService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe
() C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
() C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
() C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
() C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\WINDOWS\system32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Creative Island Media, LLC) C:\ProgramData\ZombieAlert\ZombieAlert.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(VoipConnect) C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
() C:\Users\Admins-Mo\AppData\Local\Viber\Viber.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(VoipStunt) C:\Program Files (x86)\VoipStunt.com\VoipStunt\VoipStunt.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(hxxp://yourfiledownloader.com) C:\Program Files (x86)\YourFileDownloader Updater\YourFileUpdater.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AcroTray.exe
() C:\Program Files (x86)\TowerTilt\bin\FilterApp_C64.exe
() C:\Program Files (x86)\TowerTilt\bin\TowerTilt.BrowserAdapter.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
() C:\Users\Admins-Mo\Downloads\Defogger (1).exe
() C:\Program Files\003\xmkysecqun64.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] => C:\Program Files\elantech\etdctrl.exe [2876304 2013-01-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => c:\program files\realtek\audio\hda\ravcpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => c:\program files\realtek\audio\hda\ravbg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => c:\windows\system32\logilda.dll [1425208 2013-12-13] (Logitech, Inc.)
HKLM\...\Run: [BtPreLoad] => c:\program files (x86)\qualcomm atheros\bluetooth suite\btpreload.exe [64640 2012-11-09] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [RadioController] => c:\program files (x86)\radiocontroller\rfbtnhelper.exe [111216 2013-10-22] (Dritek System Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => c:\program files (x86)\symantec\norton online backup\nobuclient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => c:\program files (x86)\samsung\kies\kiestrayagent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => c:\program files (x86)\quicktime\qttask.exe [98304 2013-12-03] (Apple Computer, Inc.)
HKLM-x32\...\Run: [mcui_exe] => "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [Dolby Home Theater v4] => c:\dolby pcee4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [819984 2014-03-13] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Runonce: [SpUninstallCleanUp] - REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f [X]
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Facebook Update] => c:\users\admins-mo\appdata\local\facebook\update\facebookupdate.exe [138096 2013-12-09] (Facebook Inc.)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [PowerVoip] => C:\Program Files (x86)\PowerVoip.com\PowerVoip\PowerVoip.exe [19759936 2014-03-16] (PowerVoip)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [VoipBuster] => C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe [19753792 2014-03-10] (VoipBuster)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Spotify Web Helper] => c:\program files (x86)\spotify\data\spotifywebhelper.exe [1193176 2013-10-22] ()
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [AcerCloud] => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [18223872 2013-12-06] (Acer Incorporated)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [VoipConnect] => C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe [19772736 2014-02-20] (VoipConnect)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Viber] => C:\Users\Admins-Mo\AppData\Local\Viber\Viber.exe [936456 2013-12-02] ()
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-14] (Samsung)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [1489920 2014-02-27] (Informer Technologies, Inc.)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [VoipStunt] => C:\Program Files (x86)\VoipStunt.com\VoipStunt\VoipStunt.exe [19768640 2014-02-11] (VoipStunt)
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\MountPoints2: {aeb970f5-53ed-11e3-be89-9c2a701c0468} - "E:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\MountPoints2: {b0c3d931-919c-11e3-bea7-089e0174c6f8} - "E:\LGAutoRun.exe"
HKU\S-1-5-21-3624291485-3201753239-2019657463-1008\...\RunOnce: [RegAutoPlay] - C:\Windows\regedit.exe [151552 2013-08-22] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs: , C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [157504 2014-02-22] (Amazon Inc.)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL [141120 2014-02-22] (Amazon Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_ie_sp_
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {9749E983-BF9A-43ED-BEB0-F582059ED9AF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {9749E983-BF9A-43ED-BEB0-F582059ED9AF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - {9749E983-BF9A-43ED-BEB0-F582059ED9AF} URL =
BHO: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll (Amazon Inc.)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - No File
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll ()
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 83.169.184.33 83.169.184.97 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default
FF user.js: detected! => C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\user.js
FF DefaultSearchEngine: Amazon
FF SearchEngineOrder.1: Amazon
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Admins-Mo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\searchplugins\amazon.xml
FF SearchPlugin: C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Widget context - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2013-12-13]
FF Extension: No Name - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\staged [2014-04-18]
FF Extension: NoScript - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-01-03]
FF Extension: Adblock Plus - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-07]
FF Extension: Adblock Edge - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-02-07]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF [2013-12-16]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-12]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-04-18]
Chrome:
=======
CHR HomePage: http:\/\/www.amazon.de\/gp\/bit\/amazonserp\/ref=bit_bds-p24_serp_cr_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_cr_sp_
CHR StartupUrls: "http:\/\/www.amazon.de\/gp\/bit\/amazonserp\/ref=bit_bds-p24_serp_cr_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_cr_sp_"],"startup_urls_migration_time":"13034552223913222"},"translate_accepted_count":{"en":0},"translate_blocked_languages":["de"],"translate_denied_count":{"en":13},"translate_whitelists"
CHR DefaultSearchKeyword: conduit.search
CHR DefaultSearchURL: http:\/\/www.amazon.de\/gp\/bit\/amazonserp\/ref=bit_bds-p24_serp_cr_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-cr-21&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_cr_ds_&query={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (No Name) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\baodmgdpdoelldjmkhknbolcldnfjegg [2014-01-03]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-03]
CHR Extension: (AdBlock) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-03]
CHR Extension: (No Name) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2014-02-26]
CHR Extension: (Google Wallet) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-07]
CHR Extension: (Extended Protection) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-26]
CHR Extension: (No Name) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2014-03-14]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\Exts\Chrome.crx [2014-01-25]
CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26]
CHR HKLM-x32\...\Chrome\Extension: [oohfajmmkkdjdoaoncnnbgfoomiakgbd] - C:\Program Files (x86)\AntiBrowserSpy\Addons\Chrome.crx [2013-12-16]
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [231040 2012-11-09] (Qualcomm Atheros Commnucations)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-12-06] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2211000 2014-03-30] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
R2 NIS; C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259728 2013-01-05] (NTI Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-10-22] (Dritek System INC.)
S3 USecuAppSvc; C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [345744 2012-11-12] (Acer Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 xmkysecqun64; C:\Program Files\003\xmkysecqun64.exe [706560 2014-04-17] ()
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-11-09] (Atheros)
R2 ZombieAlert; C:\ProgramData\ZombieAlert\ZombieAlert.exe [151416 2014-04-01] (Creative Island Media, LLC)
S2 Update TowerTilt; "C:\Program Files (x86)\TowerTilt\updateTowerTilt.exe" [X]
S2 Util TowerTilt; "C:\Program Files (x86)\TowerTilt\bin\utilTowerTilt.exe" [X]
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-09] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-16] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-16] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\IPSDefs\20140417.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-17] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20140418.004\ENG64.SYS [126040 2013-12-16] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20140418.004\EX64.SYS [2099288 2013-12-16] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-10-22] (Dritek System Inc.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-23] (DEVGURU Co., LTD.(www.devguru.co.kr))
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-17] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1501000.012\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-14] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61120 2014-04-18] (StdLib)
S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]
S3 andnetndis; \SystemRoot\system32\DRIVERS\lgandnetndis64.sys [X]
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-18 18:27 - 2014-04-18 18:27 - 02158592 _____ (Farbar) C:\Users\Admins-Mo\Downloads\FRST64.exe
2014-04-18 18:26 - 2014-04-18 18:26 - 00050477 _____ () C:\Users\Admins-Mo\Downloads\Defogger (1).exe
2014-04-18 18:25 - 2014-04-18 18:27 - 00000480 _____ () C:\Users\Admins-Mo\Downloads\defogger_disable.log
2014-04-18 18:25 - 2014-04-18 18:26 - 00000252 _____ () C:\Users\Admins-Mo\Downloads\defogger_enable.log
2014-04-18 18:25 - 2014-04-18 18:25 - 00050477 _____ () C:\Users\Admins-Mo\Downloads\Defogger.exe
2014-04-18 14:39 - 2014-04-18 14:39 - 00003112 _____ () C:\WINDOWS\System32\Tasks\{E5554CCA-7572-4312-8806-7CDEC6E3D5AB}
2014-04-18 14:17 - 2014-04-18 14:17 - 00061120 _____ (StdLib) C:\WINDOWS\system32\Drivers\wStLibG64.sys
2014-04-18 13:36 - 2014-04-18 13:36 - 00002124 _____ () C:\Users\Public\Desktop\Adobe FormsCentral.lnk
2014-04-18 13:36 - 2014-04-18 13:36 - 00002010 _____ () C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
2014-04-18 13:36 - 2014-04-18 13:36 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-04-18 13:33 - 2014-04-18 17:57 - 00004324 _____ () C:\Users\Admins-Mo\AppData\Local\fitenyjt.gss
2014-04-18 13:33 - 2014-04-17 15:54 - 00002048 _____ () C:\Users\Admins-Mo\AppData\Local\fitenyjt.gdb
2014-04-18 13:32 - 2014-04-18 13:32 - 00000784 _____ () C:\WINDOWS\KB893803v2.log
2014-04-18 13:30 - 2014-04-18 13:30 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\WinRAR
2014-04-18 13:28 - 2014-04-18 13:28 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-18 13:28 - 2014-04-18 13:28 - 00000000 ____D () C:\Program Files\WinRAR
2014-04-18 13:27 - 2014-04-18 13:27 - 01915576 _____ () C:\Users\Admins-Mo\Downloads\winrar-x64-51b2.exe
2014-04-18 12:56 - 2014-04-18 12:58 - 00000000 ____D () C:\Users\Admins-Mo\Adobe Reader v10.11 [32 & 64 Bit] - {RedDragon}
2014-04-18 12:56 - 2014-04-18 12:57 - 00000000 ____D () C:\Users\Admins-Mo\Adobe Reader v10.5.1 Full - {RedDragon}
2014-04-18 12:40 - 2014-04-18 12:40 - 00001915 _____ () C:\Users\Public\Desktop\HitsBlender.lnk
2014-04-18 12:40 - 2014-04-18 12:40 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\HitsBlender
2014-04-18 12:40 - 2014-04-18 12:40 - 00000000 ____D () C:\ProgramData\HitsBlender
2014-04-18 12:40 - 2014-04-18 12:40 - 00000000 ____D () C:\Program Files (x86)\HitsBlender
2014-04-18 12:39 - 2014-04-18 17:59 - 00000000 ____D () C:\Program Files (x86)\TowerTilt
2014-04-18 12:39 - 2014-04-18 15:02 - 00000298 _____ () C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
2014-04-18 12:39 - 2014-04-18 15:01 - 00003108 _____ () C:\WINDOWS\System32\Tasks\RegClean Pro
2014-04-18 12:39 - 2014-04-18 15:01 - 00001426 _____ () C:\Users\Admins-Mo\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-18 12:39 - 2014-04-18 14:39 - 00000000 ____D () C:\Program Files (x86)\YourFileDownloader
2014-04-18 12:39 - 2014-04-18 12:41 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\YourFileDownloader
2014-04-18 12:39 - 2014-04-18 12:39 - 00003136 _____ () C:\WINDOWS\System32\Tasks\YourFile DownloaderUpdate
2014-04-18 12:39 - 2014-04-18 12:39 - 00003032 _____ () C:\WINDOWS\System32\Tasks\RegClean Pro_UPDATES
2014-04-18 12:39 - 2014-04-18 12:39 - 00002876 _____ () C:\WINDOWS\System32\Tasks\RegClean Pro_DEFAULT
2014-04-18 12:39 - 2014-04-18 12:39 - 00001955 _____ () C:\Users\Public\Desktop\YourFile Downloader.lnk
2014-04-18 12:39 - 2014-04-18 12:39 - 00001030 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-04-18 12:39 - 2014-04-18 12:39 - 00000306 _____ () C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
2014-04-18 12:39 - 2014-04-18 12:39 - 00000004 _____ () C:\end
2014-04-18 12:39 - 2014-04-18 12:39 - 00000000 ____D () C:\Program Files (x86)\YourFileDownloader Updater
2014-04-18 12:39 - 2014-04-18 12:39 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-04-18 12:37 - 2014-04-18 12:38 - 06318336 _____ (hxxp://yourfiledownloader.com) C:\Users\Admins-Mo\Downloads\Adobe_Reader_Pro_Crack_downloader (1).exe
2014-04-18 12:37 - 2014-04-18 12:37 - 06318336 _____ (hxxp://yourfiledownloader.com) C:\Users\Admins-Mo\Downloads\Adobe_Reader_Pro_Crack_downloader.exe
2014-04-17 15:52 - 2014-04-17 15:52 - 00000000 _____ () C:\Users\Admins-Mo\Downloads\file_installer_downloader-b12aUubb.exe.opdownload
2014-04-17 15:51 - 2014-04-18 17:50 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-04-17 15:51 - 2014-04-18 12:33 - 00003120 _____ () C:\WINDOWS\System32\Tasks\Advanced System Protector_startup
2014-04-17 15:51 - 2014-04-17 15:51 - 00001181 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-04-17 15:51 - 2014-04-17 15:51 - 00000000 ____D () C:\ProgramData\Systweak
2014-04-17 15:51 - 2012-07-25 12:03 - 00016896 _____ () C:\WINDOWS\system32\sasnative64.exe
2014-04-17 15:50 - 2014-04-18 17:50 - 00000000 ____D () C:\ProgramData\ZombieAlert
2014-04-17 15:50 - 2014-04-18 15:02 - 00000306 _____ () C:\WINDOWS\Tasks\System Speedup_DEFAULT.job
2014-04-17 15:50 - 2014-04-18 15:01 - 00003132 _____ () C:\WINDOWS\System32\Tasks\System Speedup
2014-04-17 15:50 - 2014-04-18 12:39 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\systweak
2014-04-17 15:50 - 2014-04-18 12:35 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\System Speedup
2014-04-17 15:50 - 2014-04-17 15:50 - 00003332 _____ () C:\WINDOWS\System32\Tasks\Advanced System Protector
2014-04-17 15:50 - 2014-04-17 15:50 - 00003040 _____ () C:\WINDOWS\System32\Tasks\System Speedup_UPDATES
2014-04-17 15:50 - 2014-04-17 15:50 - 00002884 _____ () C:\WINDOWS\System32\Tasks\System Speedup_DEFAULT
2014-04-17 15:50 - 2014-04-17 15:50 - 00001054 _____ () C:\Users\Public\Desktop\System Speedup.lnk
2014-04-17 15:50 - 2014-04-17 15:50 - 00000314 _____ () C:\WINDOWS\Tasks\System Speedup_UPDATES.job
2014-04-17 15:50 - 2014-04-17 15:50 - 00000000 ____D () C:\Program Files (x86)\System Speedup
2014-04-17 15:50 - 2013-07-11 13:49 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\WINDOWS\system32\roboot64.exe
2014-04-17 15:49 - 2014-04-18 13:33 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Genesis
2014-04-17 15:49 - 2014-04-17 15:49 - 00000000 ____D () C:\Program Files\suprasavings
2014-04-17 15:49 - 2014-04-17 15:49 - 00000000 ____D () C:\Program Files\003
2014-04-17 15:48 - 2014-04-17 15:48 - 00503696 _____ (AppsInstaller) C:\Users\Admins-Mo\Downloads\File_installer.exe
2014-04-17 15:48 - 2014-04-17 15:48 - 00001691 _____ () C:\Users\Admins-Mo\Desktop\Continue File installer.lnk
2014-04-17 15:11 - 2014-04-17 15:11 - 02469824 _____ () C:\Users\Admins-Mo\Downloads\AdobeDownloadAssistant (1).exe
2014-04-17 15:11 - 2014-04-17 15:11 - 00001007 _____ () C:\Users\Public\Desktop\Adobe Download Assistant.lnk
2014-04-17 15:11 - 2014-04-17 15:11 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-04-17 15:11 - 2014-04-17 15:11 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-04-17 15:11 - 2014-04-17 15:11 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-04-17 15:11 - 2014-04-17 15:11 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant
2014-04-17 15:09 - 2014-04-17 15:09 - 02469824 _____ () C:\Users\Admins-Mo\Downloads\AdobeDownloadAssistant.exe
2014-04-17 15:07 - 2014-04-17 15:08 - 12481554 _____ () C:\Users\Admins-Mo\Downloads\3. Adobe Acrobat X Pro 10 Crack by MPT.rar
2014-04-17 14:28 - 2014-04-17 14:28 - 00019608 _____ () C:\Users\Admins-Mo\Downloads\596F2949BF936D4FDB2EF98AE74A32AE8C0104F3 (1).torrent
2014-04-17 14:25 - 2014-04-17 14:25 - 00019608 _____ () C:\Users\Admins-Mo\Downloads\596F2949BF936D4FDB2EF98AE74A32AE8C0104F3.torrent
2014-04-16 13:56 - 2014-04-16 13:56 - 06468743 _____ () C:\Users\Admins-Mo\Downloads\Lecture_1_-_Introduction_-_April-16.pptx
2014-04-16 12:35 - 2014-04-16 14:30 - 1193716557 _____ () C:\Users\Admins-Mo\Downloads\Cambridge-EnglishInUseCompleteCollectionBooks.zip
2014-04-16 12:16 - 2014-04-16 12:42 - 239165224 _____ () C:\Users\Admins-Mo\Downloads\Cambridge-EnglishPronunciationInUseintermediatewithAudioCd2003.zip
2014-04-15 14:58 - 2014-04-15 15:26 - 130487574 _____ () C:\Users\Admins-Mo\Downloads\MishaGlenny_2011G-480p.mp4
2014-04-15 14:18 - 2014-04-15 14:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-15 00:55 - 2014-04-17 14:56 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-15 00:55 - 2014-04-15 00:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 00:52 - 2014-04-15 00:52 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-04-15 00:51 - 2014-04-15 00:52 - 00000000 ____D () C:\AdwCleaner
2014-04-15 00:51 - 2014-04-15 00:51 - 01426178 _____ () C:\Users\Admins-Mo\Desktop\adwcleaner.exe
2014-04-13 22:58 - 2014-04-18 18:27 - 00033641 _____ () C:\Users\Admins-Mo\Downloads\FRST.txt
2014-04-13 22:57 - 2014-04-18 18:27 - 00000000 ____D () C:\FRST
2014-04-13 22:51 - 2014-04-13 22:51 - 02157568 _____ (Farbar) C:\Users\Admins-Mo\Desktop\FRST64.exe
2014-04-13 22:48 - 2014-04-18 18:26 - 00000000 _____ () C:\Users\Admins-Mo\defogger_reenable
2014-04-13 02:40 - 2014-04-13 02:40 - 00003151 _____ () C:\Users\Admins-Mo\Desktop\GeneratedFile
2014-04-12 19:03 - 2014-04-12 19:03 - 00000732 _____ () C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
2014-04-12 19:02 - 2014-01-29 20:04 - 07597040 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 02476976 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00906224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxstarter.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00845296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00771568 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00770544 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00755184 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIHotKeyMenu.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00530928 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00416240 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00397808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00397296 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00391152 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00279024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2014-04-12 19:02 - 2014-01-29 20:04 - 00153072 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2014-04-12 19:02 - 2014-01-22 15:57 - 00450520 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys
2014-04-12 19:02 - 2014-01-22 15:57 - 00182784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v3412.dll
2014-04-12 19:02 - 2014-01-22 15:54 - 00002944 _____ () C:\WINDOWS\system32\iglhxs64.vp
2014-04-12 19:02 - 2014-01-22 15:51 - 09081856 _____ (Intel Corporation) C:\WINDOWS\system32\igfxress.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 07885824 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 04221440 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2014-04-12 19:02 - 2014-01-22 15:51 - 02384896 _____ () C:\WINDOWS\system32\GfxRes.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00733184 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00624640 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdev.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00548864 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpph.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00527872 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrell.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00527360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrplk.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00527360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfra.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00527360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxresn.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00526848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrus.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00526848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdeu.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00526336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrom.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00526336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnld.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00526336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrita.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsky.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptg.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhun.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhrv.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcsy.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525312 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsve.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525312 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrslv.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00525312 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfin.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00524800 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtrk.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00524800 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptb.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00524288 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnor.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00524288 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdan.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00523776 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtha.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00522240 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrheb.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00521728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrara.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00517632 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrjpn.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00516096 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrkor.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00514048 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcht.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00513536 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrchs.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00373760 _____ () C:\WINDOWS\system32\igdmd64.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00371200 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrenu.lrc
2014-04-12 19:02 - 2014-01-22 15:51 - 00346624 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTMM.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00279040 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcpl.cpl
2014-04-12 19:02 - 2014-01-22 15:51 - 00267407 _____ () C:\WINDOWS\system32\Gfxres.th-TH.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00253466 _____ () C:\WINDOWS\system32\Gfxres.el-GR.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00243712 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdo.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00235401 _____ () C:\WINDOWS\system32\Gfxres.ru-RU.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00224256 _____ (Intel Corporation) C:\WINDOWS\system32\hccutils.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00222208 _____ () C:\WINDOWS\system32\igdde64.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00201128 _____ () C:\WINDOWS\system32\Gfxres.ar-SA.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00198725 _____ () C:\WINDOWS\system32\Gfxres.ja-JP.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00194560 _____ (Intel Corporation) C:\WINDOWS\system32\gfxSrvc.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00192758 _____ () C:\WINDOWS\system32\Gfxres.he-IL.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00180936 _____ () C:\WINDOWS\system32\Gfxres.ko-KR.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00180850 _____ () C:\WINDOWS\system32\Gfxres.it-IT.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00178473 _____ () C:\WINDOWS\system32\Gfxres.es-ES.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00178290 _____ () C:\WINDOWS\system32\Gfxres.fr-FR.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00178123 _____ () C:\WINDOWS\system32\Gfxres.de-DE.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00176838 _____ () C:\WINDOWS\system32\Gfxres.ro-RO.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00175862 _____ () C:\WINDOWS\system32\Gfxres.hu-HU.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00175571 _____ () C:\WINDOWS\system32\Gfxres.tr-TR.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00175067 _____ () C:\WINDOWS\system32\Gfxres.nl-NL.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00174802 _____ () C:\WINDOWS\system32\Gfxres.pl-PL.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00174269 _____ () C:\WINDOWS\system32\Gfxres.pt-BR.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00173792 _____ () C:\WINDOWS\system32\Gfxres.fi-FI.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00173276 _____ () C:\WINDOWS\system32\Gfxres.sk-SK.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00173059 _____ () C:\WINDOWS\system32\Gfxres.sv-SE.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00172833 _____ () C:\WINDOWS\system32\Gfxres.pt-PT.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00172554 _____ () C:\WINDOWS\system32\Gfxres.cs-CZ.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00171691 _____ () C:\WINDOWS\system32\Gfxres.hr-HR.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00168215 _____ () C:\WINDOWS\system32\Gfxres.sl-SI.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00166833 _____ () C:\WINDOWS\system32\Gfxres.nb-NO.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00166220 _____ () C:\WINDOWS\system32\Gfxres.da-DK.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00161534 _____ () C:\WINDOWS\system32\Gfxres.en-US.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00160256 _____ () C:\WINDOWS\system32\igdail64.dll
2014-04-12 19:02 - 2014-01-22 15:51 - 00154805 _____ () C:\WINDOWS\system32\Gfxres.zh-TW.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00152993 _____ () C:\WINDOWS\system32\Gfxres.zh-CN.resources
2014-04-12 19:02 - 2014-01-22 15:51 - 00012288 _____ ( ) C:\WINDOWS\system32\IGFXDEVLib.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 25971712 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 03224064 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 00493056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxdv32.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 00329216 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 00320512 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 00299520 _____ () C:\WINDOWS\SysWOW64\igdmd32.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 00182272 _____ () C:\WINDOWS\SysWOW64\igdde32.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 00142848 _____ () C:\WINDOWS\SysWOW64\igdail32.dll
2014-04-12 19:02 - 2014-01-22 15:48 - 00025600 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2014-04-12 19:02 - 2014-01-22 15:44 - 20954112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2014-04-12 19:02 - 2014-01-22 15:44 - 02896384 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2014-04-12 19:02 - 2014-01-22 15:44 - 00290816 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2014-04-12 19:02 - 2014-01-22 15:44 - 00265216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 04011168 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 02065920 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 01815040 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 01450656 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00785568 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00644768 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00602272 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00344736 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00210592 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00177824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00163328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00155136 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00137728 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00133120 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00128672 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2014-04-12 19:02 - 2014-01-22 15:35 - 00094368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2014-04-12 18:57 - 2014-04-18 17:50 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-04-12 18:57 - 2014-04-12 19:02 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-04-12 18:57 - 2014-04-12 18:57 - 00001876 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-04-12 18:57 - 2014-04-12 18:57 - 00001783 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-04-12 18:57 - 2014-04-12 18:57 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-04-12 18:56 - 2014-04-12 18:56 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Bluestacks
2014-04-09 23:50 - 2014-04-09 23:50 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-04-09 23:40 - 2014-04-09 23:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-04-09 23:40 - 2014-04-09 23:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-04-09 23:40 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-09 23:40 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-04-09 23:40 - 2014-03-10 12:35 - 02008408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-04-09 23:40 - 2014-03-10 12:35 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-04-09 23:40 - 2014-03-06 11:19 - 01287576 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-04-09 23:40 - 2014-03-06 11:02 - 01109424 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-04-09 23:40 - 2014-03-06 08:17 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-04-09 23:40 - 2014-03-06 08:10 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-04-06 14:07 - 2014-04-06 14:07 - 14203232 _____ (AVM Berlin) C:\Users\Admins-Mo\Downloads\FRITZ.Box_Fon_WLAN_7240.05.54.recover-image.exe
2014-04-01 01:17 - 2014-04-01 01:17 - 01161080 _____ () C:\WINDOWS\SysWOW64\ZombieAlert.A222801BB6B4.dll
2014-03-19 01:22 - 2014-01-08 03:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-19 01:22 - 2014-01-08 03:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-19 01:22 - 2014-01-08 03:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-19 01:22 - 2014-01-04 17:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-19 01:22 - 2014-01-04 17:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-19 01:22 - 2014-01-04 16:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-19 01:22 - 2014-01-04 15:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-19 01:22 - 2014-01-03 01:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-19 01:22 - 2014-01-03 01:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-19 01:22 - 2014-01-01 03:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-19 01:22 - 2014-01-01 03:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-19 01:22 - 2014-01-01 02:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-19 01:22 - 2014-01-01 02:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-19 01:22 - 2014-01-01 01:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-19 01:22 - 2014-01-01 01:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-19 01:22 - 2014-01-01 01:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-19 01:22 - 2013-12-31 01:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-19 01:22 - 2013-12-31 01:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-19 01:22 - 2013-12-31 01:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-19 01:22 - 2013-12-31 01:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-19 01:22 - 2013-12-31 01:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-19 01:22 - 2013-12-27 17:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-19 01:22 - 2013-12-27 10:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-19 01:22 - 2013-12-27 10:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-19 01:22 - 2013-12-27 10:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-19 01:22 - 2013-12-27 09:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-19 01:22 - 2013-12-27 09:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-19 01:22 - 2013-12-27 08:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-19 01:22 - 2013-12-21 09:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-19 01:22 - 2013-12-17 09:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-19 01:22 - 2013-12-14 08:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-19 01:22 - 2013-12-14 08:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-19 01:22 - 2013-12-13 12:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-19 01:22 - 2013-12-13 08:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-19 01:22 - 2013-12-13 07:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-19 01:22 - 2013-12-09 10:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-19 01:22 - 2013-12-09 06:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
==================== One Month Modified Files and Folders =======
2014-04-18 18:28 - 2014-04-13 22:58 - 00033641 _____ () C:\Users\Admins-Mo\Downloads\FRST.txt
2014-04-18 18:27 - 2014-04-18 18:27 - 02158592 _____ (Farbar) C:\Users\Admins-Mo\Downloads\FRST64.exe
2014-04-18 18:27 - 2014-04-18 18:25 - 00000480 _____ () C:\Users\Admins-Mo\Downloads\defogger_disable.log
2014-04-18 18:27 - 2014-04-13 22:57 - 00000000 ____D () C:\FRST
2014-04-18 18:27 - 2014-03-13 09:46 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Software Informer
2014-04-18 18:26 - 2014-04-18 18:26 - 00050477 _____ () C:\Users\Admins-Mo\Downloads\Defogger (1).exe
2014-04-18 18:26 - 2014-04-18 18:25 - 00000252 _____ () C:\Users\Admins-Mo\Downloads\defogger_enable.log
2014-04-18 18:26 - 2014-04-13 22:48 - 00000000 _____ () C:\Users\Admins-Mo\defogger_reenable
2014-04-18 18:26 - 2013-11-17 00:46 - 00000000 ____D () C:\Users\Admins-Mo
2014-04-18 18:25 - 2014-04-18 18:25 - 00050477 _____ () C:\Users\Admins-Mo\Downloads\Defogger.exe
2014-04-18 18:25 - 2013-11-17 01:45 - 00003938 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A0A9D59D-020B-47E3-82BD-93C809A4CD40}
2014-04-18 18:01 - 2013-11-07 13:36 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-18 18:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-18 17:59 - 2014-04-18 12:39 - 00000000 ____D () C:\Program Files (x86)\TowerTilt
2014-04-18 17:57 - 2014-04-18 13:33 - 00004324 _____ () C:\Users\Admins-Mo\AppData\Local\fitenyjt.gss
2014-04-18 17:50 - 2014-04-17 15:51 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-04-18 17:50 - 2014-04-17 15:50 - 00000000 ____D () C:\ProgramData\ZombieAlert
2014-04-18 17:50 - 2014-04-12 18:57 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-04-18 17:49 - 2013-11-07 13:37 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3624291485-3201753239-2019657463-1002
2014-04-18 17:12 - 2013-12-08 18:57 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-18 16:51 - 2013-11-17 00:44 - 01276883 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-18 16:01 - 2013-11-07 13:36 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-18 15:48 - 2014-02-10 03:27 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Viber
2014-04-18 15:02 - 2014-04-18 12:39 - 00000298 _____ () C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
2014-04-18 15:02 - 2014-04-17 15:50 - 00000306 _____ () C:\WINDOWS\Tasks\System Speedup_DEFAULT.job
2014-04-18 15:01 - 2014-04-18 12:39 - 00003108 _____ () C:\WINDOWS\System32\Tasks\RegClean Pro
2014-04-18 15:01 - 2014-04-18 12:39 - 00001426 _____ () C:\Users\Admins-Mo\Desktop\Registry kostenlos entrümpeln!.lnk
2014-04-18 15:01 - 2014-04-17 15:50 - 00003132 _____ () C:\WINDOWS\System32\Tasks\System Speedup
2014-04-18 14:45 - 2014-01-23 16:52 - 00000000 ____D () C:\xampp
2014-04-18 14:39 - 2014-04-18 14:39 - 00003112 _____ () C:\WINDOWS\System32\Tasks\{E5554CCA-7572-4312-8806-7CDEC6E3D5AB}
2014-04-18 14:39 - 2014-04-18 12:39 - 00000000 ____D () C:\Program Files (x86)\YourFileDownloader
2014-04-18 14:36 - 2014-02-11 03:14 - 00000000 ____D () C:\Program Files (x86)\LG Electronics
2014-04-18 14:36 - 2013-11-07 13:31 - 00000000 ___RD () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-18 14:17 - 2014-04-18 14:17 - 00061120 _____ (StdLib) C:\WINDOWS\system32\Drivers\wStLibG64.sys
2014-04-18 14:17 - 2012-07-26 07:26 - 00000226 _____ () C:\WINDOWS\win.ini
2014-04-18 14:13 - 2014-01-12 20:19 - 00108544 ___SH () C:\Users\Admins-Mo\Documents\Thumbs.db
2014-04-18 14:11 - 2013-12-11 03:55 - 00776610 _____ () C:\WINDOWS\system32\perfh00C.dat
2014-04-18 14:11 - 2013-12-11 03:55 - 00422458 _____ () C:\WINDOWS\system32\perfh001.dat
2014-04-18 14:11 - 2013-12-11 03:55 - 00149292 _____ () C:\WINDOWS\system32\perfc00C.dat
2014-04-18 14:11 - 2013-12-11 03:55 - 00065162 _____ () C:\WINDOWS\system32\perfc001.dat
2014-04-18 14:11 - 2013-09-30 06:14 - 03189766 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-18 14:11 - 2013-09-30 05:56 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-04-18 14:11 - 2013-09-30 05:56 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-04-18 13:43 - 2013-12-02 10:18 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Deployment
2014-04-18 13:42 - 2013-12-03 15:24 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-18 13:36 - 2014-04-18 13:36 - 00002124 _____ () C:\Users\Public\Desktop\Adobe FormsCentral.lnk
2014-04-18 13:36 - 2014-04-18 13:36 - 00002010 _____ () C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
2014-04-18 13:36 - 2014-04-18 13:36 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-04-18 13:36 - 2013-12-03 15:23 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-18 13:36 - 2013-12-03 15:22 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Adobe
2014-04-18 13:33 - 2014-04-17 15:49 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Genesis
2014-04-18 13:32 - 2014-04-18 13:32 - 00000784 _____ () C:\WINDOWS\KB893803v2.log
2014-04-18 13:30 - 2014-04-18 13:30 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\WinRAR
2014-04-18 13:28 - 2014-04-18 13:28 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-18 13:28 - 2014-04-18 13:28 - 00000000 ____D () C:\Program Files\WinRAR
2014-04-18 13:27 - 2014-04-18 13:27 - 01915576 _____ () C:\Users\Admins-Mo\Downloads\winrar-x64-51b2.exe
2014-04-18 12:58 - 2014-04-18 12:56 - 00000000 ____D () C:\Users\Admins-Mo\Adobe Reader v10.11 [32 & 64 Bit] - {RedDragon}
2014-04-18 12:57 - 2014-04-18 12:56 - 00000000 ____D () C:\Users\Admins-Mo\Adobe Reader v10.5.1 Full - {RedDragon}
2014-04-18 12:42 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-04-18 12:41 - 2014-04-18 12:39 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\YourFileDownloader
2014-04-18 12:40 - 2014-04-18 12:40 - 00001915 _____ () C:\Users\Public\Desktop\HitsBlender.lnk
2014-04-18 12:40 - 2014-04-18 12:40 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\HitsBlender
2014-04-18 12:40 - 2014-04-18 12:40 - 00000000 ____D () C:\ProgramData\HitsBlender
2014-04-18 12:40 - 2014-04-18 12:40 - 00000000 ____D () C:\Program Files (x86)\HitsBlender
2014-04-18 12:40 - 2013-11-08 13:21 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\cache
2014-04-18 12:39 - 2014-04-18 12:39 - 00003136 _____ () C:\WINDOWS\System32\Tasks\YourFile DownloaderUpdate
2014-04-18 12:39 - 2014-04-18 12:39 - 00003032 _____ () C:\WINDOWS\System32\Tasks\RegClean Pro_UPDATES
2014-04-18 12:39 - 2014-04-18 12:39 - 00002876 _____ () C:\WINDOWS\System32\Tasks\RegClean Pro_DEFAULT
2014-04-18 12:39 - 2014-04-18 12:39 - 00001955 _____ () C:\Users\Public\Desktop\YourFile Downloader.lnk
2014-04-18 12:39 - 2014-04-18 12:39 - 00001030 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-04-18 12:39 - 2014-04-18 12:39 - 00000306 _____ () C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
2014-04-18 12:39 - 2014-04-18 12:39 - 00000004 _____ () C:\end
2014-04-18 12:39 - 2014-04-18 12:39 - 00000000 ____D () C:\Program Files (x86)\YourFileDownloader Updater
2014-04-18 12:39 - 2014-04-18 12:39 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-04-18 12:39 - 2014-04-17 15:50 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\systweak
2014-04-18 12:38 - 2014-04-18 12:37 - 06318336 _____ (hxxp://yourfiledownloader.com) C:\Users\Admins-Mo\Downloads\Adobe_Reader_Pro_Crack_downloader (1).exe
2014-04-18 12:37 - 2014-04-18 12:37 - 06318336 _____ (hxxp://yourfiledownloader.com) C:\Users\Admins-Mo\Downloads\Adobe_Reader_Pro_Crack_downloader.exe
2014-04-18 12:35 - 2014-04-17 15:50 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\System Speedup
2014-04-18 12:34 - 2014-01-29 18:02 - 00003112 _____ () C:\WINDOWS\System32\Tasks\RDReminder
2014-04-18 12:33 - 2014-04-17 15:51 - 00003120 _____ () C:\WINDOWS\System32\Tasks\Advanced System Protector_startup
2014-04-18 12:33 - 2014-02-10 03:27 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\ViberPC
2014-04-17 15:54 - 2014-04-18 13:33 - 00002048 _____ () C:\Users\Admins-Mo\AppData\Local\fitenyjt.gdb
2014-04-17 15:52 - 2014-04-17 15:52 - 00000000 _____ () C:\Users\Admins-Mo\Downloads\file_installer_downloader-b12aUubb.exe.opdownload
2014-04-17 15:51 - 2014-04-17 15:51 - 00001181 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-04-17 15:51 - 2014-04-17 15:51 - 00000000 ____D () C:\ProgramData\Systweak
2014-04-17 15:50 - 2014-04-17 15:50 - 00003332 _____ () C:\WINDOWS\System32\Tasks\Advanced System Protector
2014-04-17 15:50 - 2014-04-17 15:50 - 00003040 _____ () C:\WINDOWS\System32\Tasks\System Speedup_UPDATES
2014-04-17 15:50 - 2014-04-17 15:50 - 00002884 _____ () C:\WINDOWS\System32\Tasks\System Speedup_DEFAULT
2014-04-17 15:50 - 2014-04-17 15:50 - 00001054 _____ () C:\Users\Public\Desktop\System Speedup.lnk
2014-04-17 15:50 - 2014-04-17 15:50 - 00000314 _____ () C:\WINDOWS\Tasks\System Speedup_UPDATES.job
2014-04-17 15:50 - 2014-04-17 15:50 - 00000000 ____D () C:\Program Files (x86)\System Speedup
2014-04-17 15:49 - 2014-04-17 15:49 - 00000000 ____D () C:\Program Files\suprasavings
2014-04-17 15:49 - 2014-04-17 15:49 - 00000000 ____D () C:\Program Files\003
2014-04-17 15:48 - 2014-04-17 15:48 - 00503696 _____ (AppsInstaller) C:\Users\Admins-Mo\Downloads\File_installer.exe
2014-04-17 15:48 - 2014-04-17 15:48 - 00001691 _____ () C:\Users\Admins-Mo\Desktop\Continue File installer.lnk
2014-04-17 15:11 - 2014-04-17 15:11 - 02469824 _____ () C:\Users\Admins-Mo\Downloads\AdobeDownloadAssistant (1).exe
2014-04-17 15:11 - 2014-04-17 15:11 - 00001007 _____ () C:\Users\Public\Desktop\Adobe Download Assistant.lnk
2014-04-17 15:11 - 2014-04-17 15:11 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-04-17 15:11 - 2014-04-17 15:11 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-04-17 15:11 - 2014-04-17 15:11 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-04-17 15:11 - 2014-04-17 15:11 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant
2014-04-17 15:09 - 2014-04-17 15:09 - 02469824 _____ () C:\Users\Admins-Mo\Downloads\AdobeDownloadAssistant.exe
2014-04-17 15:08 - 2014-04-17 15:07 - 12481554 _____ () C:\Users\Admins-Mo\Downloads\3. Adobe Acrobat X Pro 10 Crack by MPT.rar
2014-04-17 14:56 - 2014-04-15 00:55 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-17 14:38 - 2013-11-07 13:31 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Packages
2014-04-17 14:28 - 2014-04-17 14:28 - 00019608 _____ () C:\Users\Admins-Mo\Downloads\596F2949BF936D4FDB2EF98AE74A32AE8C0104F3 (1).torrent
2014-04-17 14:25 - 2014-04-17 14:25 - 00019608 _____ () C:\Users\Admins-Mo\Downloads\596F2949BF936D4FDB2EF98AE74A32AE8C0104F3.torrent
2014-04-17 12:26 - 2013-11-17 01:16 - 00000000 ___RD () C:\Users\Admins-Mo\SkyDrive
2014-04-16 14:30 - 2014-04-16 12:35 - 1193716557 _____ () C:\Users\Admins-Mo\Downloads\Cambridge-EnglishInUseCompleteCollectionBooks.zip
2014-04-16 13:56 - 2014-04-16 13:56 - 06468743 _____ () C:\Users\Admins-Mo\Downloads\Lecture_1_-_Introduction_-_April-16.pptx
2014-04-16 12:42 - 2014-04-16 12:16 - 239165224 _____ () C:\Users\Admins-Mo\Downloads\Cambridge-EnglishPronunciationInUseintermediatewithAudioCd2003.zip
2014-04-16 12:14 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-04-16 11:59 - 2013-12-21 16:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-15 15:26 - 2014-04-15 14:58 - 130487574 _____ () C:\Users\Admins-Mo\Downloads\MishaGlenny_2011G-480p.mp4
2014-04-15 15:08 - 2013-09-29 21:04 - 00045110 _____ () C:\WINDOWS\PFRO.log
2014-04-15 15:08 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\DesktopTileResources
2014-04-15 15:08 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-15 15:08 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-04-15 14:39 - 2013-11-08 15:10 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\CrashDumps
2014-04-15 14:18 - 2014-04-15 14:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-15 01:15 - 2014-01-29 18:02 - 00001068 _____ () C:\Users\Public\Desktop\Dll-Files Fixer.lnk
2014-04-15 01:15 - 2014-01-29 18:02 - 00000000 ____D () C:\Program Files (x86)\Dll-Files.com Fixer
2014-04-15 01:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Branding
2014-04-15 00:55 - 2014-04-15 00:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 00:52 - 2014-04-15 00:52 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-04-15 00:52 - 2014-04-15 00:51 - 00000000 ____D () C:\AdwCleaner
2014-04-15 00:51 - 2014-04-15 00:51 - 01426178 _____ () C:\Users\Admins-Mo\Desktop\adwcleaner.exe
2014-04-15 00:51 - 2013-12-21 16:02 - 00001029 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-15 00:51 - 2013-11-17 01:15 - 00001019 _____ () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-13 22:51 - 2014-04-13 22:51 - 02157568 _____ (Farbar) C:\Users\Admins-Mo\Desktop\FRST64.exe
2014-04-13 22:36 - 2014-01-03 01:40 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-04-13 21:12 - 2013-11-08 14:30 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-04-13 21:11 - 2013-11-08 14:30 - 90655440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-04-13 14:36 - 2013-12-02 10:13 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-04-13 02:40 - 2014-04-13 02:40 - 00003151 _____ () C:\Users\Admins-Mo\Desktop\GeneratedFile
2014-04-12 19:04 - 2014-01-29 19:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-04-12 19:04 - 2014-01-29 19:06 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-04-12 19:03 - 2014-04-12 19:03 - 00000732 _____ () C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
2014-04-12 19:03 - 2013-11-17 00:44 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-04-12 19:03 - 2013-08-22 16:46 - 00029425 _____ () C:\WINDOWS\setupact.log
2014-04-12 19:02 - 2014-04-12 18:57 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-04-12 18:57 - 2014-04-12 18:57 - 00001876 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-04-12 18:57 - 2014-04-12 18:57 - 00001783 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-04-12 18:57 - 2014-04-12 18:57 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-04-12 18:57 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-04-12 18:56 - 2014-04-12 18:56 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Bluestacks
2014-04-12 18:26 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-04-10 15:35 - 2014-01-29 18:02 - 00000314 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job
2014-04-09 23:50 - 2014-04-09 23:50 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-04-09 23:50 - 2013-08-22 16:46 - 00000178 _____ () C:\WINDOWS\setuperr.log
2014-04-09 23:40 - 2014-04-09 23:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-04-09 23:40 - 2014-04-09 23:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-04-09 17:03 - 2014-01-29 18:02 - 00000298 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2014-04-09 17:02 - 2014-01-29 18:02 - 00003038 _____ () C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_Updates
2014-04-09 17:02 - 2014-01-29 18:02 - 00003024 _____ () C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_MONTHLY
2014-04-06 14:07 - 2014-04-06 14:07 - 14203232 _____ (AVM Berlin) C:\Users\Admins-Mo\Downloads\FRITZ.Box_Fon_WLAN_7240.05.54.recover-image.exe
2014-04-06 09:32 - 2013-12-11 15:01 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-01 01:17 - 2014-04-01 01:17 - 01161080 _____ () C:\WINDOWS\SysWOW64\ZombieAlert.A222801BB6B4.dll
2014-03-31 23:23 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:23 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-31 03:16 - 2014-04-09 23:40 - 23134208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-31 01:57 - 2014-04-09 23:40 - 17073152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-30 22:58 - 2013-12-02 13:46 - 00000000 ____D () C:\Program Files (x86)\AntiBrowserSpy
2014-03-28 16:56 - 2013-11-07 13:36 - 00004102 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-28 16:56 - 2013-11-07 13:36 - 00003866 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-28 16:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-25 18:23 - 2014-03-17 14:51 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\TeamViewer
2014-03-25 18:17 - 2014-02-09 01:11 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\VoipConnect
2014-03-25 09:52 - 2013-11-07 13:31 - 00000000 ___RD () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-25 09:51 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-25 09:51 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\ar-SA
2014-03-25 09:51 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-03-19 17:19 - 2013-12-03 21:41 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Skype
2014-03-19 15:29 - 2013-12-14 06:13 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-03-19 00:05 - 2013-08-22 16:44 - 03086328 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
Files to move or delete:
====================
C:\Users\Admins-Mo\InstallUtil.resources.dll
Some content of TEMP:
====================
C:\Users\Admins-Mo\AppData\Local\Temp\35825uninstall.exe
C:\Users\Admins-Mo\AppData\Local\Temp\72engqbr.dll
C:\Users\Admins-Mo\AppData\Local\Temp\894.6314884537769_update.exe
C:\Users\Admins-Mo\AppData\Local\Temp\BackupSetup.exe
C:\Users\Admins-Mo\AppData\Local\Temp\bassmod.dll
C:\Users\Admins-Mo\AppData\Local\Temp\htmlayout.dll
C:\Users\Admins-Mo\AppData\Local\Temp\nsbEBB9.exe
C:\Users\Admins-Mo\AppData\Local\Temp\nseCCEF.exe
C:\Users\Admins-Mo\AppData\Local\Temp\nseE742.exe
C:\Users\Admins-Mo\AppData\Local\Temp\nsfAACD.exe
C:\Users\Admins-Mo\AppData\Local\Temp\nsfCF13.exe
C:\Users\Admins-Mo\AppData\Local\Temp\nspE956.exe
C:\Users\Admins-Mo\AppData\Local\Temp\nstCADB.exe
C:\Users\Admins-Mo\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pyl247B.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pyl8BF7.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pylA855.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pylA8B7.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pylBB9A.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pylCD8D.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pylCEAA.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\pylD998.tmp.exe
C:\Users\Admins-Mo\AppData\Local\Temp\RegClean2.exe
C:\Users\Admins-Mo\AppData\Local\Temp\setup0533.exe
C:\Users\Admins-Mo\AppData\Local\Temp\setupproplusretail.x86.de-de_act_1_.exe
C:\Users\Admins-Mo\AppData\Local\Temp\sp-downloader.exe
C:\Users\Admins-Mo\AppData\Local\Temp\Sqlite3.dll
C:\Users\Admins-Mo\AppData\Local\Temp\toolbar250242480.exe
C:\Users\Admins-Mo\AppData\Local\Temp\toolbar250247437.exe
C:\Users\Admins-Mo\AppData\Local\Temp\toolbar250255165.exe
C:\Users\Admins-Mo\AppData\Local\Temp\toolbar250255177.exe
C:\Users\Admins-Mo\AppData\Local\Temp\tvcwytg3.dll
C:\Users\Admins-Mo\AppData\Local\Temp\{1DE82EFE-4996-4A80-BECF-E0F51139760E}-34.0.1847.116_33.0.1750.154_chrome_updater.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-18 13:55
==================== End Of Log ============================
--- --- --- |
|
07.09.2014, 14:42
| #4 |
| Administrator /// technical service   | unerwünschte Werbung, Tools lassen sich nicht löschen Hallo, leider wurde Dein Thema aus (technischen Gründen) übersehen. Da mehrere Antworten in Deinem Thema vorhanden waren, wurde es versehentlich als 'bereits in Arbeit' eingestuft. Dies bitten wir zu entschuldigen. Wir versuchen jedem Hilfesuchenden binnen kurzer Zeit zu antworten und Lösungen für das Problem anzubieten. Bitte erstelle ggf. ein neues Thema, damit sich ein Teammitglied deinem Problem annehmen kann. Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten? Vielen Dank für Dein Verständnis. |
|
| Themen zu unerwünschte Werbung, Tools lassen sich nicht löschen |
| adobe, bluestacks, browser, converter, defender, desktop, explorer, flash player, google, helper.exe, home, homepage, iexplore.exe, kaspersky, keygen, launch, lightning, mozilla, newtab, object, quick_start, realtek, registry, security, services.exe, software, spotify web helper, svchost.exe, symantec, system, temp, unerwünschte werbung, werbung, windowsapps |
Linear-Darstellung
