Trojaner-Board - unerwünschte Werbung, Tools lassen sich nicht löschen

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - unerwünschte Werbung, Tools lassen sich nicht löschen (https://www.trojaner-board.de/152467-unerwuenschte-werbung-tools-lassen-loeschen.html)

unerwünschte Werbung, Tools lassen sich nicht löschen

Sobald ich ins Netz gehe, kommen Werbeseiten und Search Tools lassen sich nicht löschen. Zur Deinstallation finde ich sie nicht.

Hier mein erster Log:
FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-04-2014

Ran by Admins-Mo (administrator) on ADMINS on 13-04-2014 22:58:20

Running from C:\Users\Admins-Mo\Downloads

Windows 8.1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe

(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe

(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe

(Acer Cloud Technology) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe

(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe

(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe

(Dritek System INC.) C:\Windows\RfBtnSvc64.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

() C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe

(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe

(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe

(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe

(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe

() C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe

() C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe

() C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe

() C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

(Microsoft Corporation) C:\Windows\System32\skydrive.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

(Intel Corporation) C:\WINDOWS\system32\igfxext.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe

(VoipConnect) C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe

() C:\Users\Admins-Mo\AppData\Local\Viber\Viber.exe

(Microsoft Corporation) C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe

(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe

(VoipStunt) C:\Program Files (x86)\VoipStunt.com\VoipStunt\VoipStunt.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe

(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe

() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe

() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [ETDCtrl] => C:\Program Files\elantech\etdctrl.exe [2876304 2013-01-18] (ELAN Microelectronics Corp.)

HKLM\...\Run: [RtHDVCpl] => c:\program files\realtek\audio\hda\ravcpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_Dolby] => c:\program files\realtek\audio\hda\ravbg64.exe [1212048 2012-06-07] (Realtek Semiconductor)

HKLM\...\Run: [Logitech Download Assistant] => c:\windows\system32\logilda.dll [1425208 2013-12-13] (Logitech, Inc.)

HKLM\...\Run: [BtPreLoad] => c:\program files (x86)\qualcomm atheros\bluetooth suite\btpreload.exe [64640 2012-11-09] ()

HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [391152 2014-01-29] (Intel Corporation)

HKLM\...\Run: [HotKeysCmds] => C:\WINDOWS\system32\hkcmd.exe [771568 2014-01-29] (Intel Corporation)

HKLM\...\Run: [Persistence] => C:\WINDOWS\system32\igfxpers.exe [770544 2014-01-29] (Intel Corporation)

HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)

HKLM-x32\...\Run: [LManager] => [X]

HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe

HKLM-x32\...\Run: [NPSStartup] => [X]

HKLM-x32\...\Run: [RadioController] => c:\program files (x86)\radiocontroller\rfbtnhelper.exe [111216 2013-10-22] (Dritek System Inc.)

HKLM-x32\...\Run: [Norton Online Backup] => c:\program files (x86)\symantec\norton online backup\nobuclient.exe [2994880 2012-08-15] (Symantec Corporation)

HKLM-x32\...\Run: [KiesTrayAgent] => c:\program files (x86)\samsung\kies\kiestrayagent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [QuickTime Task] => c:\program files (x86)\quicktime\qttask.exe [98304 2013-12-03] (Apple Computer, Inc.)

HKLM-x32\...\Run: [mcui_exe] => "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

HKLM-x32\...\Run: [Dolby Home Theater v4] => c:\dolby pcee4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)

HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [819984 2014-03-13] (BlueStack Systems, Inc.)

Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

HKLM\...\Policies\Explorer: [NoControlPanel] 0

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Facebook Update] => c:\users\admins-mo\appdata\local\facebook\update\facebookupdate.exe [138096 2013-12-09] (Facebook Inc.)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [PowerVoip] => C:\Program Files (x86)\PowerVoip.com\PowerVoip\PowerVoip.exe [19759936 2014-03-16] (PowerVoip)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [VoipBuster] => C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe [19753792 2014-03-10] (VoipBuster)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Browser Infrastructure Helper] => c:\users\admins-mo\appdata\local\smartbar\application\quickshare.exe [20248 2013-10-31] (Smartbar)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Spotify Web Helper] => c:\program files (x86)\spotify\data\spotifywebhelper.exe [1193176 2013-10-22] ()

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [AcerCloud] => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [18223872 2013-12-06] (Acer Incorporated)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [VoipConnect] => C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe [19772736 2014-02-20] (VoipConnect)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Viber] => C:\Users\Admins-Mo\AppData\Local\Viber\Viber.exe [936456 2013-12-02] ()

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-14] (Samsung)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [1489920 2014-02-27] (Informer Technologies, Inc.)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [VoipStunt] => C:\Program Files (x86)\VoipStunt.com\VoipStunt\VoipStunt.exe [19768640 2014-02-11] (VoipStunt)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\MountPoints2: {aeb970f5-53ed-11e3-be89-9c2a701c0468} - "E:\WD Drive Unlock.exe" autoplay=true

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\MountPoints2: {b0c3d931-919c-11e3-bea7-089e0174c6f8} - "E:\LGAutoRun.exe" 

HKU\S-1-5-21-3624291485-3201753239-2019657463-1008\...\RunOnce: [RegAutoPlay] - C:\Windows\regedit.exe [151552 2013-08-22] (Microsoft Corporation)

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)

AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)

AppInit_DLLs: ,C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [157504 2014-02-22] (Amazon Inc.)

AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)

AppInit_DLLs-x32: ,C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)

AppInit_DLLs-x32: ,C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL [141120 2014-02-22] (Amazon Inc.)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214&type=default&q={searchTerms}

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214&type=default&q={searchTerms}

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}

StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552

SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}

SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}

SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 

SearchScopes: HKLM - {9749E983-BF9A-43ED-BEB0-F582059ED9AF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS

SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}

SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386206238&from=tugs&uid=LITEONITXLMT-256M3M_002301113552&q={searchTerms}

SearchScopes: HKLM-x32 - {9749E983-BF9A-43ED-BEB0-F582059ED9AF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS

SearchScopes: HKCU - DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ie-21&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_ie_ds_&query={searchTerms}

SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites1202&cd=2XzuyEtN2Y1L1Qzuzy0CtB0AyBtDtC0CtDyEyCzztAyB0F0FtN0D0Tzu0SyBtBtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=2072919560&ir=

SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214&type=default&q={searchTerms}

SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 

SearchScopes: HKCU - {9749E983-BF9A-43ED-BEB0-F582059ED9AF} URL = 

SearchScopes: HKCU - {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ie-21&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_ie_ds_&query={searchTerms}

BHO: Feven 1.5 - {11111111-1111-1111-1111-110311851132} - C:\Program Files (x86)\Feven 1.5\Feven 1.5-bho64.dll (Feven)

BHO: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll (Amazon Inc.)

BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)

BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)

BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)

BHO-x32: Feven 1.5 - {11111111-1111-1111-1111-110311851132} - C:\Program Files (x86)\Feven 1.5\Feven 1.5-bho.dll No File

BHO-x32: No Name - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - No File

BHO-x32: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)

BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)

BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)

BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)

BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)

BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)

BHO-x32: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll ()

BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)

Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)

Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)

Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)

Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 83.169.184.33 83.169.184.97 192.168.0.1
 

FireFox:

========

FF ProfilePath: C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default

FF user.js: detected! => C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\user.js

FF NewTab: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_ff_nt_

FF DefaultSearchEngine: Amazon 

FF SearchEngineOrder.1: Amazon 

FF SelectedSearchEngine: Amazon 

FF Homepage: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_ff_sp_

FF Keyword.URL: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ff_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ff-21&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_ff_ab_&query=

FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()

FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Admins-Mo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF SearchPlugin: C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\searchplugins\amazon.xml

FF SearchPlugin: C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\searchplugins\Mysearchdial.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: Widget context - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2013-12-13]

FF Extension: Feven 1.5 - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com [2014-01-03]

FF Extension: Quick Start - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\quick_start@gmail.com [2014-04-13]

FF Extension: Amazon 1Button App for Firefox - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\abb@amazon.com.xpi [2014-01-31]

FF Extension: NoScript - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-01-03]

FF Extension: Adblock Plus - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-07]

FF Extension: Adblock Edge - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-02-07]

FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\

FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\ []

FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF

FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF [2013-12-16]

FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\extensions\quick_start@gmail.com

FF Extension: Quick Start - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\extensions\quick_start@gmail.com [2014-04-13]

FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt

FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-12]

FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=sc&from=wpm0226&uid=LITEONITXLMT-256M3M_002301113552&ts=1393411214
 

Chrome: 

=======

CHR HomePage: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_cr_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_cr_sp_

CHR DefaultSearchKeyword: amazon.de

CHR DefaultSearchProvider: Amazon

CHR DefaultSearchURL: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_cr_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-cr-21&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_cr_ds_&query={searchTerms}

CHR DefaultNewTabURL: 

CHR Extension: (Feven 1.5) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\baodmgdpdoelldjmkhknbolcldnfjegg [2014-01-03]

CHR Extension: (Adblock Plus) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-03]

CHR Extension: (AdBlock) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-03]

CHR Extension: (Lightning Newtab) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2014-02-26]

CHR Extension: (Google Wallet) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-07]

CHR Extension: (Extended Protection) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-26]

CHR Extension: (Amazon 1Button App for Chrome) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2014-03-14]

CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\ADMINS~1\AppData\Local\mysearchdial-speeddial.crx [2013-12-24]

CHR HKCU\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-bds-amzn.crx [2014-01-31]

CHR HKCU\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\ADMINS~1\AppData\Local\mysearchdial-speeddial.crx [2013-12-24]

CHR HKLM-x32\...\Chrome\Extension: [ieadcoanfjloocmfafkebdnfefmohngj] - C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx [2013-12-24]

CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2013-12-05]

CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\Exts\Chrome.crx [2014-01-25]

CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26]

CHR HKLM-x32\...\Chrome\Extension: [oohfajmmkkdjdoaoncnnbgfoomiakgbd] - C:\Program Files (x86)\AntiBrowserSpy\Addons\Chrome.crx [2013-12-16]

CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\ADMINS~1\AppData\Local\mysearchdial-speeddial.crx [2013-12-24]
 

==================== Services (Whitelisted) =================
 

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [231040 2012-11-09] (Qualcomm Atheros Commnucations)

R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)

R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)

R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-12-06] (Acer Incorporated)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2211000 2014-03-30] (Microsoft Corporation)

R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)

R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)

R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)

R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)

R2 NIS; C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)

R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259728 2013-01-05] (NTI Corporation)

R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)

R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)

R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-10-22] (Dritek System INC.)

R2 Updater Service for AMZN; C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [222368 2013-03-21] ()

S3 USecuAppSvc; C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [345744 2012-11-12] (Acer Incorporated)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)

R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [425104 2014-02-26] (Taiwan Shui Mu Chih Ching Technology Limited.)

R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [501904 2014-02-26] (Cherished Technololgy LIMITED)

R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-11-09] (Atheros)
 

==================== Drivers (Whitelisted) ====================
 

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)

S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)

S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)

S3 andnetndis; C:\Windows\system32\DRIVERS\lgandnetndis64.sys [93696 2013-04-23] (LG Electronics Inc.)

S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)

R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-09] (Qualcomm Atheros)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)

R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)

R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-16] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-16] (Symantec Corporation)

S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)

S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)

S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)

R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\IPSDefs\20140411.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)

R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)

S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)

R3 NAVENG; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20140412.008\ENG64.SYS [126040 2013-12-16] (Symantec Corporation)

R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20140412.008\EX64.SYS [2099288 2013-12-16] (Symantec Corporation)

R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)

S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)

R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-10-22] (Dritek System Inc.)

S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)

S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)

R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)

S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-23] (DEVGURU Co., LTD.(www.devguru.co.kr))

S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-17] (Microsoft Corporation)

R0 SymDS; C:\Windows\System32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)

S0 SymELAM; C:\Windows\System32\drivers\NISx64\1501000.012\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)

R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-14] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)

R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)

S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)

S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)

S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)

S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-04-13 22:58 - 2014-04-13 22:58 - 00039374 _____ () C:\Users\Admins-Mo\Downloads\FRST.txt

2014-04-13 22:57 - 2014-04-13 22:57 - 00000000 ____D () C:\FRST

2014-04-13 22:52 - 2014-04-13 22:52 - 02157568 _____ (Farbar) C:\Users\Admins-Mo\Downloads\FRST64 (1).exe

2014-04-13 22:51 - 2014-04-13 22:51 - 02157568 _____ (Farbar) C:\Users\Admins-Mo\Downloads\FRST64.exe

2014-04-13 22:49 - 2014-04-13 22:49 - 00050477 _____ () C:\Users\Admins-Mo\Downloads\Defogger (1).exe

2014-04-13 22:48 - 2014-04-13 22:49 - 00000480 _____ () C:\Users\Admins-Mo\Downloads\defogger_disable.log

2014-04-13 22:48 - 2014-04-13 22:48 - 00050477 _____ () C:\Users\Admins-Mo\Downloads\Defogger.exe

2014-04-13 22:48 - 2014-04-13 22:48 - 00000000 _____ () C:\Users\Admins-Mo\defogger_reenable

2014-04-13 02:40 - 2014-04-13 02:40 - 00003151 _____ () C:\Users\Admins-Mo\Desktop\GeneratedFile

2014-04-12 19:03 - 2014-04-12 19:03 - 00000732 _____ () C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk

2014-04-12 19:02 - 2014-01-29 20:04 - 07597040 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 02476976 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00906224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxstarter.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00845296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00771568 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00770544 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00755184 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIHotKeyMenu.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00530928 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00416240 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00397808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00397296 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00391152 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00279024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00153072 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe

2014-04-12 19:02 - 2014-01-22 15:57 - 00450520 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys

2014-04-12 19:02 - 2014-01-22 15:57 - 00182784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v3412.dll

2014-04-12 19:02 - 2014-01-22 15:54 - 00002944 _____ () C:\WINDOWS\system32\iglhxs64.vp

2014-04-12 19:02 - 2014-01-22 15:51 - 09081856 _____ (Intel Corporation) C:\WINDOWS\system32\igfxress.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 07885824 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 04221440 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys

2014-04-12 19:02 - 2014-01-22 15:51 - 02384896 _____ () C:\WINDOWS\system32\GfxRes.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00733184 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00624640 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdev.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00548864 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpph.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00527872 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrell.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00527360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrplk.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00527360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfra.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00527360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxresn.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00526848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrus.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00526848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdeu.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00526336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrom.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00526336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnld.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00526336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrita.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsky.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptg.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhun.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhrv.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcsy.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00525312 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsve.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00525312 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrslv.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00525312 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfin.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00524800 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtrk.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00524800 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptb.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00524288 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnor.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00524288 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdan.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00523776 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtha.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00522240 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrheb.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00521728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrara.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00517632 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrjpn.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00516096 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrkor.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00514048 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcht.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00513536 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrchs.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00373760 _____ () C:\WINDOWS\system32\igdmd64.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00371200 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrenu.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00346624 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTMM.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00279040 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcpl.cpl

2014-04-12 19:02 - 2014-01-22 15:51 - 00267407 _____ () C:\WINDOWS\system32\Gfxres.th-TH.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00253466 _____ () C:\WINDOWS\system32\Gfxres.el-GR.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00243712 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdo.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00235401 _____ () C:\WINDOWS\system32\Gfxres.ru-RU.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00224256 _____ (Intel Corporation) C:\WINDOWS\system32\hccutils.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00222208 _____ () C:\WINDOWS\system32\igdde64.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00201128 _____ () C:\WINDOWS\system32\Gfxres.ar-SA.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00198725 _____ () C:\WINDOWS\system32\Gfxres.ja-JP.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00194560 _____ (Intel Corporation) C:\WINDOWS\system32\gfxSrvc.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00192758 _____ () C:\WINDOWS\system32\Gfxres.he-IL.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00180936 _____ () C:\WINDOWS\system32\Gfxres.ko-KR.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00180850 _____ () C:\WINDOWS\system32\Gfxres.it-IT.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00178473 _____ () C:\WINDOWS\system32\Gfxres.es-ES.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00178290 _____ () C:\WINDOWS\system32\Gfxres.fr-FR.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00178123 _____ () C:\WINDOWS\system32\Gfxres.de-DE.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00176838 _____ () C:\WINDOWS\system32\Gfxres.ro-RO.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00175862 _____ () C:\WINDOWS\system32\Gfxres.hu-HU.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00175571 _____ () C:\WINDOWS\system32\Gfxres.tr-TR.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00175067 _____ () C:\WINDOWS\system32\Gfxres.nl-NL.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00174802 _____ () C:\WINDOWS\system32\Gfxres.pl-PL.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00174269 _____ () C:\WINDOWS\system32\Gfxres.pt-BR.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00173792 _____ () C:\WINDOWS\system32\Gfxres.fi-FI.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00173276 _____ () C:\WINDOWS\system32\Gfxres.sk-SK.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00173059 _____ () C:\WINDOWS\system32\Gfxres.sv-SE.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00172833 _____ () C:\WINDOWS\system32\Gfxres.pt-PT.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00172554 _____ () C:\WINDOWS\system32\Gfxres.cs-CZ.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00171691 _____ () C:\WINDOWS\system32\Gfxres.hr-HR.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00168215 _____ () C:\WINDOWS\system32\Gfxres.sl-SI.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00166833 _____ () C:\WINDOWS\system32\Gfxres.nb-NO.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00166220 _____ () C:\WINDOWS\system32\Gfxres.da-DK.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00161534 _____ () C:\WINDOWS\system32\Gfxres.en-US.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00160256 _____ () C:\WINDOWS\system32\igdail64.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00154805 _____ () C:\WINDOWS\system32\Gfxres.zh-TW.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00152993 _____ () C:\WINDOWS\system32\Gfxres.zh-CN.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00012288 _____ ( ) C:\WINDOWS\system32\IGFXDEVLib.dll

2014-04-12 19:02 - 2014-01-22 15:48 - 25971712 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll

2014-04-12 19:02 - 2014-01-22 15:48 - 03224064 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll

2014-04-12 19:02 - 2014-01-22 15:48 - 00493056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxdv32.dll

2014-04-12 19:02 - 2014-01-22 15:48 - 00329216 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll

2014-04-12 19:02 - 2014-01-22 15:48 - 00320512 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll

2014-04-12 19:02 - 2014-01-22 15:48 - 00299520 _____ () C:\WINDOWS\SysWOW64\igdmd32.dll

2014-04-12 19:02 - 2014-01-22 15:48 - 00182272 _____ () C:\WINDOWS\SysWOW64\igdde32.dll

2014-04-12 19:02 - 2014-01-22 15:48 - 00142848 _____ () C:\WINDOWS\SysWOW64\igdail32.dll

2014-04-12 19:02 - 2014-01-22 15:48 - 00025600 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll

2014-04-12 19:02 - 2014-01-22 15:44 - 20954112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll

2014-04-12 19:02 - 2014-01-22 15:44 - 02896384 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll

2014-04-12 19:02 - 2014-01-22 15:44 - 00290816 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll

2014-04-12 19:02 - 2014-01-22 15:44 - 00265216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 04011168 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 02065920 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 01815040 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 01450656 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00785568 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00644768 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00602272 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00344736 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00210592 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00177824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00163328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00155136 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00137728 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00133120 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00128672 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00094368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll

2014-04-12 18:57 - 2014-04-13 14:52 - 00000000 ____D () C:\Program Files (x86)\BlueStacks

2014-04-12 18:57 - 2014-04-12 19:02 - 00000000 ____D () C:\ProgramData\BlueStacksSetup

2014-04-12 18:57 - 2014-04-12 18:57 - 00001876 _____ () C:\Users\Public\Desktop\Apps.lnk

2014-04-12 18:57 - 2014-04-12 18:57 - 00001783 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk

2014-04-12 18:57 - 2014-04-12 18:57 - 00000000 ____D () C:\ProgramData\BlueStacks

2014-04-12 18:56 - 2014-04-12 18:56 - 10468704 _____ (BlueStack Systems Inc.) C:\Users\Admins-Mo\Downloads\BlueStacks-SplitInstaller_native.exe

2014-04-12 18:56 - 2014-04-12 18:56 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Bluestacks

2014-04-09 23:50 - 2014-04-09 23:50 - 00000000 ____D () C:\Program Files\Common Files\Atheros

2014-04-09 23:40 - 2014-04-09 23:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2014-04-09 23:40 - 2014-04-09 23:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2014-04-09 23:40 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-04-09 23:40 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-04-09 23:40 - 2014-03-10 12:35 - 02008408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2014-04-09 23:40 - 2014-03-10 12:35 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys

2014-04-09 23:40 - 2014-03-06 11:19 - 01287576 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll

2014-04-09 23:40 - 2014-03-06 11:02 - 01109424 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2014-04-09 23:40 - 2014-03-06 08:17 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2014-04-09 23:40 - 2014-03-06 08:10 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll

2014-04-06 14:07 - 2014-04-06 14:07 - 14203232 _____ (AVM Berlin) C:\Users\Admins-Mo\Downloads\FRITZ.Box_Fon_WLAN_7240.05.54.recover-image.exe

2014-03-19 01:22 - 2014-01-08 03:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

2014-03-19 01:22 - 2014-01-08 03:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2014-03-19 01:22 - 2014-01-08 03:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2014-03-19 01:22 - 2014-01-04 17:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll

2014-03-19 01:22 - 2014-01-04 17:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll

2014-03-19 01:22 - 2014-01-04 16:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll

2014-03-19 01:22 - 2014-01-04 15:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll

2014-03-19 01:22 - 2014-01-03 01:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll

2014-03-19 01:22 - 2014-01-03 01:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll

2014-03-19 01:22 - 2014-01-01 03:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2014-03-19 01:22 - 2014-01-01 03:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll

2014-03-19 01:22 - 2014-01-01 02:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2014-03-19 01:22 - 2014-01-01 02:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll

2014-03-19 01:22 - 2014-01-01 01:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2014-03-19 01:22 - 2014-01-01 01:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2014-03-19 01:22 - 2014-01-01 01:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2014-03-19 01:22 - 2013-12-31 01:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll

2014-03-19 01:22 - 2013-12-31 01:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll

2014-03-19 01:22 - 2013-12-31 01:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll

2014-03-19 01:22 - 2013-12-31 01:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2014-03-19 01:22 - 2013-12-31 01:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll

2014-03-19 01:22 - 2013-12-27 17:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll

2014-03-19 01:22 - 2013-12-27 10:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll

2014-03-19 01:22 - 2013-12-27 10:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe

2014-03-19 01:22 - 2013-12-27 10:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll

2014-03-19 01:22 - 2013-12-27 09:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll

2014-03-19 01:22 - 2013-12-27 09:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe

2014-03-19 01:22 - 2013-12-27 08:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll

2014-03-19 01:22 - 2013-12-21 09:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll

2014-03-19 01:22 - 2013-12-17 09:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys

2014-03-19 01:22 - 2013-12-14 08:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2014-03-19 01:22 - 2013-12-14 08:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2014-03-19 01:22 - 2013-12-13 12:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe

2014-03-19 01:22 - 2013-12-13 08:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll

2014-03-19 01:22 - 2013-12-13 07:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll

2014-03-19 01:22 - 2013-12-09 10:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2014-03-19 01:22 - 2013-12-09 06:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2014-03-17 14:51 - 2014-03-25 18:23 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\TeamViewer

2014-03-17 14:51 - 2014-03-17 14:51 - 05852336 _____ (TeamViewer GmbH) C:\Users\Admins-Mo\Downloads\TeamViewer_Setup_de (1).exe

2014-03-17 14:51 - 2014-03-17 14:51 - 00001146 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk

2014-03-17 14:51 - 2014-03-17 14:51 - 00000000 ____D () C:\Program Files (x86)\TeamViewer

2014-03-17 14:50 - 2014-03-17 14:50 - 05852336 _____ (TeamViewer GmbH) C:\Users\Admins-Mo\Downloads\TeamViewer_Setup_de.exe

2014-03-17 13:58 - 2014-03-17 13:58 - 06554768 _____ (Finarea S.A. Switzerland ) C:\Users\Admins-Mo\Downloads\setupVoipConnect (1).exe

2014-03-16 16:50 - 2014-03-16 16:50 - 00055858 _____ () C:\Users\Admins-Mo\Downloads\Adobe Premiere Pro CS4 Serial Keygen (1).rar

2014-03-16 16:49 - 2014-03-16 16:49 - 00055858 _____ () C:\Users\Admins-Mo\Downloads\Adobe Premiere Pro CS4 Serial Keygen .rar

2014-03-16 16:44 - 2014-03-16 16:44 - 00117362 _____ () C:\Users\Admins-Mo\Downloads\premiere_cs_avs_importer_1.0rc1_setup.exe

2014-03-16 16:44 - 2014-03-16 16:44 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Premiere CS AVS Importer

2014-03-16 16:44 - 2014-03-16 16:44 - 00000000 ____D () C:\Program Files (x86)\Premiere CS AVS Importer

2014-03-14 06:17 - 2014-02-22 14:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe

2014-03-14 06:17 - 2014-02-22 13:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
 

==================== One Month Modified Files and Folders =======
 

2014-04-13 22:58 - 2014-04-13 22:58 - 00039374 _____ () C:\Users\Admins-Mo\Downloads\FRST.txt

2014-04-13 22:58 - 2014-04-13 22:57 - 00000000 ____D () C:\FRST

2014-04-13 22:58 - 2014-03-13 09:46 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Software Informer

2014-04-13 22:57 - 2014-02-26 12:40 - 00000000 ____D () C:\Program Files (x86)\WinZipper

2014-04-13 22:55 - 2014-02-10 03:27 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\ViberPC

2014-04-13 22:55 - 2014-02-10 03:27 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Viber

2014-04-13 22:55 - 2013-11-17 01:16 - 00000000 ___RD () C:\Users\Admins-Mo\SkyDrive

2014-04-13 22:55 - 2013-11-07 13:36 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-04-13 22:53 - 2013-09-29 21:04 - 00020628 _____ () C:\WINDOWS\PFRO.log

2014-04-13 22:53 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-04-13 22:53 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI

2014-04-13 22:52 - 2014-04-13 22:52 - 02157568 _____ (Farbar) C:\Users\Admins-Mo\Downloads\FRST64 (1).exe

2014-04-13 22:51 - 2014-04-13 22:51 - 02157568 _____ (Farbar) C:\Users\Admins-Mo\Downloads\FRST64.exe

2014-04-13 22:49 - 2014-04-13 22:49 - 00050477 _____ () C:\Users\Admins-Mo\Downloads\Defogger (1).exe

2014-04-13 22:49 - 2014-04-13 22:48 - 00000480 _____ () C:\Users\Admins-Mo\Downloads\defogger_disable.log

2014-04-13 22:48 - 2014-04-13 22:48 - 00050477 _____ () C:\Users\Admins-Mo\Downloads\Defogger.exe

2014-04-13 22:48 - 2014-04-13 22:48 - 00000000 _____ () C:\Users\Admins-Mo\defogger_reenable

2014-04-13 22:48 - 2013-11-17 00:46 - 00000000 ____D () C:\Users\Admins-Mo

2014-04-13 22:48 - 2013-11-17 00:44 - 01744456 _____ () C:\WINDOWS\WindowsUpdate.log

2014-04-13 22:36 - 2014-01-03 01:40 - 00000000 ____D () C:\Program Files\Adblock Plus for IE

2014-04-13 22:12 - 2013-12-08 18:57 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2014-04-13 22:01 - 2013-11-07 13:36 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-04-13 22:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-04-13 21:34 - 2013-12-11 03:55 - 00776610 _____ () C:\WINDOWS\system32\perfh00C.dat

2014-04-13 21:34 - 2013-12-11 03:55 - 00422458 _____ () C:\WINDOWS\system32\perfh001.dat

2014-04-13 21:34 - 2013-12-11 03:55 - 00149292 _____ () C:\WINDOWS\system32\perfc00C.dat

2014-04-13 21:34 - 2013-12-11 03:55 - 00065162 _____ () C:\WINDOWS\system32\perfc001.dat

2014-04-13 21:34 - 2013-11-07 13:37 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3624291485-3201753239-2019657463-1002

2014-04-13 21:34 - 2013-09-30 06:14 - 03189766 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-04-13 21:34 - 2013-09-30 05:56 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat

2014-04-13 21:34 - 2013-09-30 05:56 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat

2014-04-13 21:27 - 2013-11-17 01:45 - 00003938 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A0A9D59D-020B-47E3-82BD-93C809A4CD40}

2014-04-13 21:11 - 2013-11-08 14:30 - 90655440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2014-04-13 21:11 - 2013-11-08 14:30 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-04-13 15:38 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2014-04-13 14:52 - 2014-04-12 18:57 - 00000000 ____D () C:\Program Files (x86)\BlueStacks

2014-04-13 14:36 - 2013-12-02 10:13 - 00000000 ____D () C:\Program Files\Microsoft Office 15

2014-04-13 14:22 - 2014-01-29 18:02 - 00003112 _____ () C:\WINDOWS\System32\Tasks\RDReminder

2014-04-13 02:40 - 2014-04-13 02:40 - 00003151 _____ () C:\Users\Admins-Mo\Desktop\GeneratedFile

2014-04-12 19:04 - 2014-01-29 19:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV

2014-04-12 19:04 - 2014-01-29 19:06 - 00000000 ____D () C:\WINDOWS\system32\NV

2014-04-12 19:03 - 2014-04-12 19:03 - 00000732 _____ () C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk

2014-04-12 19:03 - 2013-11-17 00:44 - 00000000 ____D () C:\Program Files (x86)\Intel

2014-04-12 19:03 - 2013-08-22 16:46 - 00029425 _____ () C:\WINDOWS\setupact.log

2014-04-12 19:02 - 2014-04-12 18:57 - 00000000 ____D () C:\ProgramData\BlueStacksSetup

2014-04-12 18:57 - 2014-04-12 18:57 - 00001876 _____ () C:\Users\Public\Desktop\Apps.lnk

2014-04-12 18:57 - 2014-04-12 18:57 - 00001783 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk

2014-04-12 18:57 - 2014-04-12 18:57 - 00000000 ____D () C:\ProgramData\BlueStacks

2014-04-12 18:57 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries

2014-04-12 18:56 - 2014-04-12 18:56 - 10468704 _____ (BlueStack Systems Inc.) C:\Users\Admins-Mo\Downloads\BlueStacks-SplitInstaller_native.exe

2014-04-12 18:56 - 2014-04-12 18:56 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Bluestacks

2014-04-12 18:26 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2014-04-12 18:00 - 2013-12-13 01:23 - 00000490 _____ () C:\WINDOWS\Tasks\ParetoLogic Registration3.job

2014-04-11 15:36 - 2014-02-26 12:40 - 00000000 ____D () C:\ProgramData\IePluginService

2014-04-11 15:36 - 2014-02-26 12:40 - 00000000 ____D () C:\Program Files (x86)\SupTab

2014-04-10 15:35 - 2014-01-29 18:02 - 00000314 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job

2014-04-10 03:07 - 2013-12-13 01:22 - 00000422 _____ () C:\WINDOWS\Tasks\PC Health Advisor Defrag.job

2014-04-10 01:02 - 2013-12-13 01:22 - 00000464 _____ () C:\WINDOWS\Tasks\ParetoLogic Update Version3.job

2014-04-09 23:50 - 2014-04-09 23:50 - 00000000 ____D () C:\Program Files\Common Files\Atheros

2014-04-09 23:50 - 2013-08-22 16:46 - 00000178 _____ () C:\WINDOWS\setuperr.log

2014-04-09 23:40 - 2014-04-09 23:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2014-04-09 23:40 - 2014-04-09 23:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2014-04-09 17:03 - 2014-01-29 18:02 - 00000298 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job

2014-04-09 17:02 - 2014-01-29 18:02 - 00003038 _____ () C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_Updates

2014-04-09 17:02 - 2014-01-29 18:02 - 00003024 _____ () C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_MONTHLY

2014-04-08 02:49 - 2013-12-13 01:22 - 00000404 _____ () C:\WINDOWS\Tasks\PC Health Advisor.job

2014-04-06 14:07 - 2014-04-06 14:07 - 14203232 _____ (AVM Berlin) C:\Users\Admins-Mo\Downloads\FRITZ.Box_Fon_WLAN_7240.05.54.recover-image.exe

2014-04-06 09:32 - 2013-12-11 15:01 - 00000000 ____D () C:\Program Files (x86)\Opera

2014-03-31 23:23 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-03-31 23:23 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-03-31 03:16 - 2014-04-09 23:40 - 23134208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-03-31 01:57 - 2014-04-09 23:40 - 17073152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-03-30 22:58 - 2013-12-02 13:46 - 00000000 ____D () C:\Program Files (x86)\AntiBrowserSpy

2014-03-29 12:11 - 2013-12-02 10:18 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Deployment

2014-03-28 16:56 - 2013-11-07 13:36 - 00004102 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2014-03-28 16:56 - 2013-11-07 13:36 - 00003866 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2014-03-28 16:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache

2014-03-28 15:12 - 2013-11-08 15:10 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\CrashDumps

2014-03-25 18:23 - 2014-03-17 14:51 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\TeamViewer

2014-03-25 18:17 - 2014-02-09 01:11 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\VoipConnect

2014-03-25 09:52 - 2013-11-07 13:31 - 00000000 ___RD () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-03-25 09:52 - 2013-11-07 13:31 - 00000000 ___RD () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-03-25 09:51 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2014-03-25 09:51 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\ar-SA

2014-03-25 09:51 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA

2014-03-19 17:19 - 2013-12-03 21:41 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Skype

2014-03-19 15:29 - 2013-12-14 06:13 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64

2014-03-19 00:05 - 2013-08-22 16:44 - 03086328 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2014-03-18 20:00 - 2013-12-16 21:52 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\vlc

2014-03-18 18:21 - 2013-12-16 21:52 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\dvdcss

2014-03-17 14:51 - 2014-03-17 14:51 - 05852336 _____ (TeamViewer GmbH) C:\Users\Admins-Mo\Downloads\TeamViewer_Setup_de (1).exe

2014-03-17 14:51 - 2014-03-17 14:51 - 00001146 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk

2014-03-17 14:51 - 2014-03-17 14:51 - 00000000 ____D () C:\Program Files (x86)\TeamViewer

2014-03-17 14:50 - 2014-03-17 14:50 - 05852336 _____ (TeamViewer GmbH) C:\Users\Admins-Mo\Downloads\TeamViewer_Setup_de.exe

2014-03-17 13:58 - 2014-03-17 13:58 - 06554768 _____ (Finarea S.A. Switzerland ) C:\Users\Admins-Mo\Downloads\setupVoipConnect (1).exe

2014-03-16 19:10 - 2013-12-03 15:42 - 00000000 ____D () C:\Users\Admins-Mo\Documents\Adobe

2014-03-16 19:10 - 2013-11-07 13:31 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Adobe

2014-03-16 16:50 - 2014-03-16 16:50 - 00055858 _____ () C:\Users\Admins-Mo\Downloads\Adobe Premiere Pro CS4 Serial Keygen (1).rar

2014-03-16 16:49 - 2014-03-16 16:49 - 00055858 _____ () C:\Users\Admins-Mo\Downloads\Adobe Premiere Pro CS4 Serial Keygen .rar

2014-03-16 16:49 - 2014-02-26 12:40 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\WinZipper

2014-03-16 16:44 - 2014-03-16 16:44 - 00117362 _____ () C:\Users\Admins-Mo\Downloads\premiere_cs_avs_importer_1.0rc1_setup.exe

2014-03-16 16:44 - 2014-03-16 16:44 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Premiere CS AVS Importer

2014-03-16 16:44 - 2014-03-16 16:44 - 00000000 ____D () C:\Program Files (x86)\Premiere CS AVS Importer

2014-03-16 14:31 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
 

Files to move or delete:

====================

C:\Users\Admins-Mo\InstallUtil.resources.dll
 
 

Some content of TEMP:

====================

C:\Users\Admins-Mo\AppData\Local\Temp\35825uninstall.exe

C:\Users\Admins-Mo\AppData\Local\Temp\72engqbr.dll

C:\Users\Admins-Mo\AppData\Local\Temp\894.6314884537769_update.exe

C:\Users\Admins-Mo\AppData\Local\Temp\BackupSetup.exe

C:\Users\Admins-Mo\AppData\Local\Temp\OfficeSetup.exe

C:\Users\Admins-Mo\AppData\Local\Temp\pyl247B.tmp.exe

C:\Users\Admins-Mo\AppData\Local\Temp\pyl8BF7.tmp.exe

C:\Users\Admins-Mo\AppData\Local\Temp\pylA855.tmp.exe

C:\Users\Admins-Mo\AppData\Local\Temp\pylA8B7.tmp.exe

C:\Users\Admins-Mo\AppData\Local\Temp\pylBB9A.tmp.exe

C:\Users\Admins-Mo\AppData\Local\Temp\pylCD8D.tmp.exe

C:\Users\Admins-Mo\AppData\Local\Temp\pylCEAA.tmp.exe

C:\Users\Admins-Mo\AppData\Local\Temp\pylD998.tmp.exe

C:\Users\Admins-Mo\AppData\Local\Temp\setup0533.exe

C:\Users\Admins-Mo\AppData\Local\Temp\setupproplusretail.x86.de-de_act_1_.exe

C:\Users\Admins-Mo\AppData\Local\Temp\Sqlite3.dll

C:\Users\Admins-Mo\AppData\Local\Temp\tvcwytg3.dll

C:\Users\Admins-Mo\AppData\Local\Temp\{1DE82EFE-4996-4A80-BECF-E0F51139760E}-34.0.1847.116_33.0.1750.154_chrome_updater.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys

[2014-03-12 12:55] - [2014-01-31 18:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02
 
 
 

LastRegBack: 2014-04-08 12:03
 

==================== End Of Log ============================

--- --- ---

Hier der zweite Log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2014
Ran by Admins-Mo at 2014-04-13 23:05:08
Running from C:\Users\Admins-Mo\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security CBE (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security CBE (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security CBE (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

clear.fi SDK - Video 2 (x32 Version: 2.1.2128 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2112 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0077 - NTI Corporation)
Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.03.2002 - Acer Incorporated)
Acer Docs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 2.04.2001 - Acer)
Acer Instant Update Service (HKLM\...\{8215A318-CC27-435E-B3EA-2E3443C8998C}) (Version: 1.00.3013 - Acer Incorporated)
Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.04.2006.0 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.04.2004.1 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.04.2004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3011 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2002 - Acer Incorporated)
Acer Theft Shield (HKLM\...\{8ADB0CD2-4E5A-452F-BB3B-3A2984CAC749}) (Version: 1.01.3006 - Acer Incorporated)
Acer USB Charge Manager (HKLM\...\{07E867C5-0C48-40FF-A013-DDAF4565AD47}) (Version: 2.00.3002 - Acer Incorporated)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.1.0.5790 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CS4 American English Speech Analysis Models (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Encore CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Dolby (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Exporter (HKLM-x32\...\Adobe_5eba9bbdf1514a06b1a4c79a2920188) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Media Encoder CS4 Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Importer (HKLM-x32\...\Adobe_7774cb1e022c49962995a9014500066) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe OnLocation CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 (HKLM-x32\...\Adobe_26b63376f4efc354dae41af6b5e3343) (Version: 4 - Adobe Systems Incorporated)
Adobe Premiere Pro CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 Functional Content (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 Third Party Content (HKLM-x32\...\Adobe_6e02d32c7e5a9d9fc86bc91618cafda) (Version: 4 - Adobe Systems Incorporated)
Adobe Premiere Pro CS4 Third Party Content (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Amazon 1Button App (HKLM-x32\...\{893CB813-4179-4BFE-8D33-ABCC38816B48}) (Version: 1.0.6 - Amazon)
Amazon 1Button App (HKLM-x32\...\Amazon Browser Settings) (Version: 3.0 - Amazon)
AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 139 - Abelssoft)
Backup Manager v4 (x32 Version: 4.0.0.0077 - NTI Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{FE5ABB0E-EDEA-4023-B0FB-9DEA39A98D76}) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3318_45364 - CyberLink Corp.)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3318_45364 - CyberLink Corp.) Hidden
Dll-Files Fixer (HKLM-x32\...\Dll-Files Fixer_is1) (Version: 3.1.81 - Dll-Files.com)
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version: - ) <==== ATTENTION
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.13 - Dolby Laboratories Inc)
Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.)
Driver Magician 3.9 (HKLM-x32\...\Driver Magician_is1) (Version: - GoldSolution Software, Inc.)
DzSoft PHP Editor 4.2.7 (HKLM-x32\...\DzSoftPhpEditor_is1) (Version: 4.2.7 - DzSoft Ltd)
ETDWare PS/2-X64 11.6.19.204_WHQL (HKLM\...\Elantech) (Version: 11.6.19.204 - ELAN Microelectronic Corp.)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Feven 1.5 (HKLM-x32\...\Feven 1.5) (Version: 1.31.153.1 - Feven) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HID Monitor (HKLM-x32\...\{F548D9F4-D9D5-43EC-911C-753FB654D6C8}) (Version: 1.1.3 - Acer Incorporated)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}) (Version: 12.0.1.340 - Kaspersky Lab)
Kaspersky Security Scan (x32 Version: 12.0.1.340 - Kaspersky Lab) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Acer Inc.)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.14.20140117 - LG Electronics)
LG SP USB Driver (HKLM-x32\...\{E2AE8456-CCFE-46C0-8629-71CC507660FC}) (Version: 1.0 - LG Electronics)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.10.1.0 - LG Electronics)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3006 - Acer Incorporated)
Lollipop (HKCU\...\lollipop_01091743) (Version: - Lollipop Network, S.L.) <==== ATTENTION
Microsoft Document Explorer 2005 (HKLM-x32\...\Microsoft Document Explorer 2005) (Version: - Microsoft Corporation)
Microsoft Document Explorer 2005 (x32 Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4605.1003 - Microsoft Corporation)
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4605.1003 - Microsoft Corporation)
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Project MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Project Professional 2013 (HKLM-x32\...\Office15.PRJPROR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Project Professional 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft Visio MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visio Professional 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSDN Library for Visual Studio 2005 (HKLM-x32\...\MSDN Library for Visual Studio 2005) (Version: 8.0.50727.236 - Microsoft)
MSDN Library for Visual Studio 2005 (x32 Version: 8.0.50727.236 - Microsoft) Hidden
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Norton Internet Security CBE (HKLM-x32\...\NIS) (Version: 21.1.0.18 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9014 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9014 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3202 - Acer)
Opera Stable 20.0.1387.91 (HKLM-x32\...\Opera 20.0.1387.91) (Version: 20.0.1387.91 - Opera Software ASA)
Oracle VM VirtualBox 4.3.2 (HKLM\...\{49C9FDFF-6056-4E8C-B9AF-B7B4D78023E2}) (Version: 4.3.2 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Oxford Advanced Learner's Dictionary - 7th edition (HKLM-x32\...\OALD7) (Version: - )
Paragon Partition Manager™ 2014 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
ParetoLogic PC Health Advisor (HKLM-x32\...\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}) (Version: 3.1.0.0 - ParetoLogic, Inc.)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
PowerVoip (HKLM-x32\...\PowerVoip_is1) (Version: 4.13 build 738 - Finarea S.A. Switzerland)
Premiere CS AVS Importer 1.0 (HKLM-x32\...\Premiere CS AVS Importer) (Version: 1.0 - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.214 - Qualcomm Atheros Communications)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.30 - Qualcomm Atheros)
QUICKfind (HKLM-x32\...\{593AFFA4-D08E-4272-BABB-420949D32A10}) (Version: - )
QuickShare (HKLM-x32\...\{F40711CD-60B3-45F5-85C5-F1AA400C1B6E}) (Version: 10.169.60.13223 - Linkury Inc.) <==== ATTENTION
QuickTime (HKLM-x32\...\QuickTime) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.28130 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
Secure Download Manager (HKLM-x32\...\{E98D115E-D621-4723-8AF0-147BADA9A466}) (Version: 3.1.40 - Kivuto Solutions Inc.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Software Informer 1.3.1061.0 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
Viber (HKCU\...\Viber) (Version: 3.0.0.134193 - Viber Media Inc)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
VoipBuster (HKLM-x32\...\VoipBuster_is1) (Version: 4.13 build 738 - Finarea S.A. Switzerland)
VoipConnect (HKLM-x32\...\VoipConnect_is1) (Version: 4.14 build 744 - Finarea S.A. Switzerland)
VoipStunt (HKLM-x32\...\VoipStunt_is1) (Version: 4.14 build 745 - Finarea S.A. Switzerland)
Weeny Free PDF to Image Converter 1.3 (HKLM-x32\...\Weeny Free PDF to Image Converter_is1) (Version: - Weeny Software)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.29 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.2-3 - BitNami)

==================== Restore Points =========================

28-03-2014 13:54:49 Geplanter Prüfpunkt
08-04-2014 10:09:54 Geplanter Prüfpunkt
13-04-2014 19:10:59 Windows Update

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {094FE9FB-206B-4AFD-AE12-C770FDDAA1B6} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-10-23] (Acer Incorporated)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {104FFEA6-AB1F-4843-9E50-40BCC4853636} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-03-30] (Microsoft Corporation)
Task: {1232BBBD-B168-4685-A781-F182DB551CEE} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-11-25] (Dll-FIles.Com)
Task: {16BBE3E6-A1DF-4DCE-A39B-B5CF69B52D25} - System32\Tasks\AntiBrowserSpy - BrowserMask => C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2013-08-22] ()
Task: {1F85258B-FFCC-4935-A34C-E5E159C7F8B7} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2580DCBE-610D-4760-B03A-E10A2E6EB1C8} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-23] ()
Task: {25B35B24-BD4A-4CD2-AF96-4FAFEBD6F079} - System32\Tasks\RDReminder => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-11-25] (Dll-FIles.Com)
Task: {25EC6A61-9232-46DA-8D4D-76F36E196650} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {2BFAD7A6-E43E-433B-A4BA-45F0844DEB20} - System32\Tasks\HIDMonitor => C:\Program Files\Acer Incorporated\HID Monitor\HIDMonitor.exe
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {344BEE1D-20E9-4704-B666-BB4A88C91382} - System32\Tasks\PC Health Advisor Defrag => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [2011-03-30] (ParetoLogic, Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {457DC2C4-D18B-4230-85E6-5CBA9FA46CDC} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {47BC1BC5-1690-46FE-84BE-408373C42CFD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-07] (Google Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {506B6EFE-222A-4D4C-82C2-56D62AA5AC8B} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-11-06] ()
Task: {5FD8B123-F20A-4670-8CE7-A836BD903436} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-04-13] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {701ACB63-1337-4060-98B4-806A6029F3FA} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2013-12-06] (Acer Incorporated)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7AF26D20-898D-47D9-B5E0-396341BF7CE3} - System32\Tasks\Theft Shield\AcerTheftShieldTask => C:\Program Files\Acer\Acer Theft Shield\USecuAppLauncher.exe [2012-11-12] (Acer Incorporated)
Task: {7B821DEB-6DE4-45D0-8B42-53B01204A495} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {7F1B7E21-4B00-4289-8FDA-FCF16726416D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {7FE9E564-B21B-4F4D-8B03-CAE8F054FCE5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3624291485-3201753239-2019657463-1002Core => C:\Users\Admins-Mo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-09] (Facebook Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {88F1D010-00B0-4370-8729-5B72A320663B} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-09-20] (CyberLink)
Task: {8BF5954F-978D-4A7B-9F30-AB73D7E71243} - System32\Tasks\PC Health Advisor => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [2011-03-30] (ParetoLogic, Inc.)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {96ABC834-DA8B-487D-81BD-6C5A22272383} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-21] ()
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {C3F1DC4A-9ED1-4A10-A591-A04A093F23A2} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2014-02-27] (Informer Technologies, Inc.)
Task: {CBA26469-5307-4AB4-BC3D-9FB2B83FA394} - System32\Tasks\AntiBrowserSpy - SocialBlock - IEProxyCheck => C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe [2013-08-22] ()
Task: {CC3DDFDD-8D6C-437F-AA46-ACA53BE1EE79} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2011-03-30] (ParetoLogic Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D6325223-8370-4AAC-BFB1-C3B2BE293925} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-04-12] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DD268CBE-EFD8-43B0-9B75-3CD394312CA3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {DFB722A0-2D90-4479-8DD6-F7F539BB0D76} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-03-19] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EBA2E9A4-422D-48B5-AD45-CEFBB86EF457} - System32\Tasks\AntiBrowserSpy - SocialBlock - IE => C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe [2013-08-22] ()
Task: {EFA3DB89-E3FF-4BEE-9A86-1E6AA5CCF63D} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {F1EF3B10-52BF-463D-8DBA-611E58A73412} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-23] ()
Task: {F6FEA415-F0A7-4E47-9523-D76E55FEA4A9} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-11-25] (Dll-FIles.Com)
Task: {FAC7F6CA-0EB3-4EAB-8D66-2137AF7E3EC6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-03-19] (Microsoft Corporation)
Task: {FB5124A6-844F-4F02-8A8C-24F394222894} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-07] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3624291485-3201753239-2019657463-1002Core.job => C:\Users\Admins-Mo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\ParetoLogic Registration3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\WINDOWS\Tasks\PC Health Advisor Defrag.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe
Task: C:\WINDOWS\Tasks\PC Health Advisor.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 03:36 - 2013-09-05 03:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-03-19 15:34 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-12-02 10:13 - 2014-03-25 13:21 - 00629928 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-03-21 20:24 - 2013-03-21 20:24 - 00222368 _____ () C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
2012-08-23 14:02 - 2012-08-23 14:02 - 00030640 _____ () C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe
2013-12-02 13:46 - 2013-08-22 14:34 - 00769536 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
2013-12-02 13:46 - 2013-08-22 14:39 - 00823312 _____ () C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
2013-12-02 13:46 - 2013-08-22 14:39 - 00050192 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbSettings.dll
2013-12-02 13:46 - 2013-08-22 14:39 - 00861200 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyResources.dll
2013-12-02 13:46 - 2013-08-22 14:39 - 01323024 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyLibrary.dll
2013-12-02 13:46 - 2013-08-22 14:39 - 01406480 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbGui.dll
2013-12-02 13:46 - 2013-08-22 14:39 - 00015888 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbProcessManager.dll
2013-12-02 13:46 - 2013-08-22 14:39 - 00777728 _____ () C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
2014-02-10 03:27 - 2013-12-02 15:12 - 00936456 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\Viber.exe
2012-08-23 00:04 - 2012-08-23 00:04 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2012-08-23 00:04 - 2012-08-23 00:04 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2013-10-10 23:48 - 2013-10-10 23:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-02-26 12:40 - 2014-02-26 12:40 - 00612496 _____ () C:\Program Files (x86)\WinZipper\sqlite3.dll
2013-12-21 14:15 - 2013-12-04 19:58 - 00090368 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2013-01-05 22:54 - 2013-01-05 22:54 - 00465976 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2013-01-05 22:54 - 2013-01-05 22:54 - 00126096 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2013-01-05 22:54 - 2013-01-05 22:54 - 00156304 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2013-01-05 22:54 - 2013-01-05 22:54 - 00118928 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2013-01-05 22:54 - 2013-01-05 22:54 - 01082000 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2013-01-05 22:54 - 2013-01-05 22:54 - 00052880 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2013-01-05 22:54 - 2013-01-05 22:54 - 00728208 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2012-08-23 14:02 - 2012-08-23 14:02 - 00034736 _____ () C:\Program Files (x86)\Acer Incorporated\HID Monitor\ElanTPAPI.dll
2012-12-07 16:15 - 2012-12-07 16:15 - 02126264 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll
2012-12-07 16:15 - 2012-12-07 16:15 - 07422392 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll
2012-12-07 16:15 - 2012-12-07 16:15 - 02453944 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll
2012-12-07 16:15 - 2012-12-07 16:15 - 01270200 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll
2012-12-07 16:15 - 2012-12-07 16:15 - 00192952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll
2012-12-07 16:15 - 2012-12-07 16:15 - 00795064 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll
2014-03-14 00:49 - 2014-03-14 00:49 - 14442496 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\libViber.dll
2014-03-14 00:49 - 2014-03-14 00:49 - 00098304 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\qfacebook.dll
2014-03-14 00:49 - 2014-03-14 00:49 - 00049152 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\libEGL.dll
2014-03-14 00:49 - 2014-03-14 00:49 - 00729088 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\libGLESv2.dll
2014-03-14 00:49 - 2014-03-14 00:49 - 00835584 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\platforms\qwindows.dll
2014-03-14 00:49 - 2014-03-14 00:49 - 00024576 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\imageformats\qgif.dll
2014-03-14 00:49 - 2014-03-14 00:49 - 00024576 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\imageformats\qico.dll
2014-03-14 00:49 - 2014-03-14 00:49 - 00212992 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\imageformats\qjpeg.dll
2014-03-14 00:49 - 2014-03-14 00:49 - 00221184 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\imageformats\qmng.dll
2014-03-14 00:49 - 2014-03-14 00:49 - 00016384 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\imageformats\qsvg.dll
2014-03-14 00:49 - 2014-03-14 00:49 - 00016384 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\imageformats\qtga.dll
2014-03-14 00:49 - 2014-03-14 00:49 - 00278528 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\imageformats\qtiff.dll
2014-03-14 00:49 - 2014-03-14 00:49 - 00016384 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\imageformats\qwbmp.dll
2014-03-14 00:49 - 2014-03-14 00:49 - 00622592 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\sqldrivers\qsqlite.dll
2014-03-14 00:49 - 2014-03-14 00:49 - 00032768 _____ () C:\Users\Admins-Mo\AppData\Local\Viber\4.1.0.1703\iconengines\qsvgicon.dll
2014-04-06 09:32 - 2014-04-02 13:19 - 00908640 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\libglesv2.dll
2014-04-06 09:32 - 2014-04-02 13:19 - 00108896 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\libegl.dll
2014-04-06 09:32 - 2014-04-02 13:19 - 00895328 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\ffmpegsumo.dll
2014-02-13 18:49 - 2014-02-13 18:49 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\8bb41c02a60ce86db6647822d966a691\PSIClient.ni.dll
2013-10-22 13:48 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Admins-Mo\SkyDrive:ms-properties
AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (04/13/2014 11:00:11 PM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1564

Startzeit: 01cf575aa5b634c2

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 99b016a3-c34e-11e3-bec7-089e0174c6f8

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (04/13/2014 10:55:25 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (04/13/2014 10:50:08 PM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 236c

Startzeit: 01cf57593e987453

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 32270ce0-c34d-11e3-bec6-089e0174c6f8

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (04/13/2014 10:40:18 PM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 19ac

Startzeit: 01cf5757df1b25dd

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: d2a5d5e0-c34b-11e3-bec6-089e0174c6f8

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (04/13/2014 10:35:08 PM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 15e8

Startzeit: 01cf5754d7726d6d

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 19a75a58-c34b-11e3-bec6-089e0174c6f8

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (04/13/2014 09:41:34 PM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1064

Startzeit: 01cf574faa8fc45d

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 9e1c3f29-c343-11e3-bec6-089e0174c6f8

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (04/13/2014 09:27:25 PM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 13c4

Startzeit: 01cf574d8e642817

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: a2d2bccb-c341-11e3-bec6-089e0174c6f8

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (04/13/2014 09:21:32 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.

Error: (04/13/2014 09:21:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.

Error: (04/13/2014 09:16:17 PM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20413 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1350

Startzeit: 01cf574c218a85d9

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 15cde160-c340-11e3-bec6-089e0174c6f8

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

System errors:
=============
Error: (04/13/2014 10:53:46 PM) (Source: Ntfs) (User: )
Description: Auf dem Volume "\\?\Volume{b669fa6e-505f-4691-a861-b6971645ba6e}" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.

Error: (04/13/2014 10:53:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062

Error: (04/13/2014 10:31:18 PM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (04/13/2014 09:23:52 PM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (04/13/2014 09:21:16 PM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (04/13/2014 02:23:58 PM) (Source: Schannel) (User: ADMINS)
Description: Das vom Remoteserver erhaltene Zertifikat wurde von einer nicht vertrauenswürdigen Zertifizierungsstelle ausgestellt. Aus diesem Grund können keine der im Zertifikat enthalten Daten verifiziert werden. Fehler bei der SSL-Verbindungsanforderung. Die angehängten Daten enthalten das Serverzertifikat.

Error: (04/13/2014 02:23:58 PM) (Source: Schannel) (User: ADMINS)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48. Der Windows-SChannel-Fehlerstatus lautet: 552.

Error: (04/13/2014 02:22:37 PM) (Source: Schannel) (User: ADMINS)
Description: Das vom Remoteserver erhaltene Zertifikat wurde von einer nicht vertrauenswürdigen Zertifizierungsstelle ausgestellt. Aus diesem Grund können keine der im Zertifikat enthalten Daten verifiziert werden. Fehler bei der SSL-Verbindungsanforderung. Die angehängten Daten enthalten das Serverzertifikat.

Error: (04/13/2014 02:22:37 PM) (Source: Schannel) (User: ADMINS)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48. Der Windows-SChannel-Fehlerstatus lautet: 552.

Error: (04/13/2014 02:22:01 PM) (Source: Schannel) (User: ADMINS)
Description: Das vom Remoteserver erhaltene Zertifikat wurde von einer nicht vertrauenswürdigen Zertifizierungsstelle ausgestellt. Aus diesem Grund können keine der im Zertifikat enthalten Daten verifiziert werden. Fehler bei der SSL-Verbindungsanforderung. Die angehängten Daten enthalten das Serverzertifikat.

Microsoft Office Sessions:
=========================
Error: (04/13/2014 11:00:11 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.20461156401cf575aa5b634c24294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe99b016a3-c34e-11e3-bec7-089e0174c6f8microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (04/13/2014 10:55:25 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (04/13/2014 10:50:08 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.20461236c01cf57593e9874534294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe32270ce0-c34d-11e3-bec6-089e0174c6f8microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (04/13/2014 10:40:18 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.2046119ac01cf5757df1b25dd4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exed2a5d5e0-c34b-11e3-bec6-089e0174c6f8microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (04/13/2014 10:35:08 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.2046115e801cf5754d7726d6d4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe19a75a58-c34b-11e3-bec6-089e0174c6f8microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (04/13/2014 09:41:34 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.20461106401cf574faa8fc45d4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe9e1c3f29-c343-11e3-bec6-089e0174c6f8microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (04/13/2014 09:27:25 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.2046113c401cf574d8e6428174294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exea2d2bccb-c341-11e3-bec6-089e0174c6f8microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (04/13/2014 09:21:32 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (04/13/2014 09:21:31 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (04/13/2014 09:16:17 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.20413135001cf574c218a85d94294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe15cde160-c340-11e3-bec6-089e0174c6f8microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

==================== Memory info ===========================

Percentage of memory in use: 58%
Total physical RAM: 3911.27 MB
Available physical RAM: 1623.7 MB
Total Pagefile: 6087.27 MB
Available Pagefile: 3322.11 MB
Total Virtual: 131072 MB
Available Virtual: 131071.75 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:217.32 GB) (Free:116.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238 GB) (Disk ID: 4532D27D)

Partition: GPT Partition Type.

==================== End Of Log ============================

Wer kann mir helfen, unerwünschte Werbung und Tools wieder loszuwerden?:confused:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-04-2014 01

Ran by Admins-Mo (administrator) on ADMINS on 18-04-2014 18:27:57

Running from C:\Users\Admins-Mo\Downloads

Windows 8.1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe

(Acer Cloud Technology) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe

(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe

(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe

(Dritek System INC.) C:\Windows\RfBtnSvc64.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Creative Island Media, LLC) C:\ProgramData\ZombieAlert\ZombieAlertService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe

() C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe

() C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe

(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe

() C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe

(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe

() C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

(Intel Corporation) C:\WINDOWS\system32\igfxext.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe

(Creative Island Media, LLC) C:\ProgramData\ZombieAlert\ZombieAlert.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe

(VoipConnect) C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe

(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe

() C:\Users\Admins-Mo\AppData\Local\Viber\Viber.exe

(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe

(VoipStunt) C:\Program Files (x86)\VoipStunt.com\VoipStunt\VoipStunt.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe

(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe

() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe

() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe

(Microsoft Corporation) C:\Windows\System32\WWAHost.exe

(hxxp://yourfiledownloader.com) C:\Program Files (x86)\YourFileDownloader Updater\YourFileUpdater.exe

(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe

(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AcroTray.exe

() C:\Program Files (x86)\TowerTilt\bin\FilterApp_C64.exe

() C:\Program Files (x86)\TowerTilt\bin\TowerTilt.BrowserAdapter.exe

(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe

() C:\Users\Admins-Mo\Downloads\Defogger (1).exe

() C:\Program Files\003\xmkysecqun64.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [ETDCtrl] => C:\Program Files\elantech\etdctrl.exe [2876304 2013-01-18] (ELAN Microelectronics Corp.)

HKLM\...\Run: [RtHDVCpl] => c:\program files\realtek\audio\hda\ravcpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_Dolby] => c:\program files\realtek\audio\hda\ravbg64.exe [1212048 2012-06-07] (Realtek Semiconductor)

HKLM\...\Run: [Logitech Download Assistant] => c:\windows\system32\logilda.dll [1425208 2013-12-13] (Logitech, Inc.)

HKLM\...\Run: [BtPreLoad] => c:\program files (x86)\qualcomm atheros\bluetooth suite\btpreload.exe [64640 2012-11-09] ()

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)

HKLM-x32\...\Run: [LManager] => [X]

HKLM-x32\...\Run: [NPSStartup] => [X]

HKLM-x32\...\Run: [RadioController] => c:\program files (x86)\radiocontroller\rfbtnhelper.exe [111216 2013-10-22] (Dritek System Inc.)

HKLM-x32\...\Run: [Norton Online Backup] => c:\program files (x86)\symantec\norton online backup\nobuclient.exe [2994880 2012-08-15] (Symantec Corporation)

HKLM-x32\...\Run: [KiesTrayAgent] => c:\program files (x86)\samsung\kies\kiestrayagent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [QuickTime Task] => c:\program files (x86)\quicktime\qttask.exe [98304 2013-12-03] (Apple Computer, Inc.)

HKLM-x32\...\Run: [mcui_exe] => "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

HKLM-x32\...\Run: [Dolby Home Theater v4] => c:\dolby pcee4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)

HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [819984 2014-03-13] (BlueStack Systems, Inc.)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)

HKLM-x32\...\Runonce: [SpUninstallCleanUp] - REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f [X]

Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

HKLM\...\Policies\Explorer: [NoControlPanel] 0

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Facebook Update] => c:\users\admins-mo\appdata\local\facebook\update\facebookupdate.exe [138096 2013-12-09] (Facebook Inc.)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [PowerVoip] => C:\Program Files (x86)\PowerVoip.com\PowerVoip\PowerVoip.exe [19759936 2014-03-16] (PowerVoip)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [VoipBuster] => C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe [19753792 2014-03-10] (VoipBuster)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Spotify Web Helper] => c:\program files (x86)\spotify\data\spotifywebhelper.exe [1193176 2013-10-22] ()

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [AcerCloud] => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [18223872 2013-12-06] (Acer Incorporated)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [VoipConnect] => C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe [19772736 2014-02-20] (VoipConnect)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Viber] => C:\Users\Admins-Mo\AppData\Local\Viber\Viber.exe [936456 2013-12-02] ()

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-14] (Samsung)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [1489920 2014-02-27] (Informer Technologies, Inc.)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\Run: [VoipStunt] => C:\Program Files (x86)\VoipStunt.com\VoipStunt\VoipStunt.exe [19768640 2014-02-11] (VoipStunt)

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\MountPoints2: {aeb970f5-53ed-11e3-be89-9c2a701c0468} - "E:\WD Drive Unlock.exe" autoplay=true

HKU\S-1-5-21-3624291485-3201753239-2019657463-1002\...\MountPoints2: {b0c3d931-919c-11e3-bea7-089e0174c6f8} - "E:\LGAutoRun.exe" 

HKU\S-1-5-21-3624291485-3201753239-2019657463-1008\...\RunOnce: [RegAutoPlay] - C:\Windows\regedit.exe [151552 2013-08-22] (Microsoft Corporation)

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)

AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)

AppInit_DLLs: , C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [157504 2014-02-22] (Amazon Inc.)

AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)

AppInit_DLLs-x32: , C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)

AppInit_DLLs-x32: , C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL [141120 2014-02-22] (Amazon Inc.)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_ie_sp_

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM - {9749E983-BF9A-43ED-BEB0-F582059ED9AF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS

SearchScopes: HKLM-x32 - {9749E983-BF9A-43ED-BEB0-F582059ED9AF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS

SearchScopes: HKCU - {9749E983-BF9A-43ED-BEB0-F582059ED9AF} URL = 

BHO: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll (Amazon Inc.)

BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)

BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: No Name - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} -  No File

BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)

BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)

BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)

BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)

BHO-x32: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO-x32: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll ()

BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)

Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)

Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 83.169.184.33 83.169.184.97 192.168.0.1
 

FireFox:

========

FF ProfilePath: C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default

FF user.js: detected! => C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\user.js

FF DefaultSearchEngine: Amazon 

FF SearchEngineOrder.1: Amazon 

FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()

FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Admins-Mo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF SearchPlugin: C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\searchplugins\amazon.xml

FF SearchPlugin: C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\searchplugins\conduit-search.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: Widget context - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2013-12-13]

FF Extension: No Name - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\staged [2014-04-18]

FF Extension: NoScript - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-01-03]

FF Extension: Adblock Plus - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-07]

FF Extension: Adblock Edge - C:\Users\Admins-Mo\AppData\Roaming\Mozilla\Firefox\Profiles\frqnv28j.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-02-07]

FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\

FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn\ []

FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF

FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF [2013-12-16]

FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt

FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-12]

FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn

FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-04-18]
 

Chrome: 

=======

CHR HomePage: http:\/\/www.amazon.de\/gp\/bit\/amazonserp\/ref=bit_bds-p24_serp_cr_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_cr_sp_

CHR StartupUrls: "http:\/\/www.amazon.de\/gp\/bit\/amazonserp\/ref=bit_bds-p24_serp_cr_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_cr_sp_"],"startup_urls_migration_time":"13034552223913222"},"translate_accepted_count":{"en":0},"translate_blocked_languages":["de"],"translate_denied_count":{"en":13},"translate_whitelists"

CHR DefaultSearchKeyword: conduit.search

CHR DefaultSearchURL: http:\/\/www.amazon.de\/gp\/bit\/amazonserp\/ref=bit_bds-p24_serp_cr_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-cr-21&tbrId=v1_abb-channel-24_c47c2a7f90434395bb01481a6ccb5f45_39_1007_20140312_DE_cr_ds_&query={searchTerms}

CHR DefaultNewTabURL: 

CHR Extension: (No Name) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\baodmgdpdoelldjmkhknbolcldnfjegg [2014-01-03]

CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-03]

CHR Extension: (AdBlock) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-03]

CHR Extension: (No Name) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2014-02-26]

CHR Extension: (Google Wallet) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-07]

CHR Extension: (Extended Protection) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-26]

CHR Extension: (No Name) - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2014-03-14]

CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]

CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\Exts\Chrome.crx [2014-01-25]

CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\Admins-Mo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26]

CHR HKLM-x32\...\Chrome\Extension: [oohfajmmkkdjdoaoncnnbgfoomiakgbd] - C:\Program Files (x86)\AntiBrowserSpy\Addons\Chrome.crx [2013-12-16]
 

==================== Services (Whitelisted) =================
 

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [231040 2012-11-09] (Qualcomm Atheros Commnucations)

S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)

R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)

R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-12-06] (Acer Incorporated)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2211000 2014-03-30] (Microsoft Corporation)

R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)

R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)

R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)

R2 NIS; C:\Program Files (x86)\Norton Internet Security CBE\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)

R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259728 2013-01-05] (NTI Corporation)

R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)

R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)

R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-10-22] (Dritek System INC.)

S3 USecuAppSvc; C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [345744 2012-11-12] (Acer Incorporated)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)

R2 xmkysecqun64; C:\Program Files\003\xmkysecqun64.exe [706560 2014-04-17] ()

R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-11-09] (Atheros)

R2 ZombieAlert; C:\ProgramData\ZombieAlert\ZombieAlert.exe [151416 2014-04-01] (Creative Island Media, LLC)

S2 Update TowerTilt; "C:\Program Files (x86)\TowerTilt\updateTowerTilt.exe" [X]

S2 Util TowerTilt; "C:\Program Files (x86)\TowerTilt\bin\utilTowerTilt.exe" [X]
 

==================== Drivers (Whitelisted) ====================
 

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)

S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)

R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-09] (Qualcomm Atheros)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)

R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)

R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-16] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-16] (Symantec Corporation)

S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)

S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)

S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)

R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\IPSDefs\20140417.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)

R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)

S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)

R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-17] (Malwarebytes Corporation)

R3 NAVENG; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20140418.004\ENG64.SYS [126040 2013-12-16] (Symantec Corporation)

R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security CBE\NortonData\21.0.0.100\Definitions\VirusDefs\20140418.004\EX64.SYS [2099288 2013-12-16] (Symantec Corporation)

R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)

S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)

R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-10-22] (Dritek System Inc.)

S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)

S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)

R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)

S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-23] (DEVGURU Co., LTD.(www.devguru.co.kr))

S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-17] (Microsoft Corporation)

R0 SymDS; C:\Windows\System32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)

S0 SymELAM; C:\Windows\System32\drivers\NISx64\1501000.012\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)

R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-14] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)

R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)

S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)

S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)

S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)

R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61120 2014-04-18] (StdLib)

S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]

S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]

S3 andnetndis; \SystemRoot\system32\DRIVERS\lgandnetndis64.sys [X]

S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-04-18 18:27 - 2014-04-18 18:27 - 02158592 _____ (Farbar) C:\Users\Admins-Mo\Downloads\FRST64.exe

2014-04-18 18:26 - 2014-04-18 18:26 - 00050477 _____ () C:\Users\Admins-Mo\Downloads\Defogger (1).exe

2014-04-18 18:25 - 2014-04-18 18:27 - 00000480 _____ () C:\Users\Admins-Mo\Downloads\defogger_disable.log

2014-04-18 18:25 - 2014-04-18 18:26 - 00000252 _____ () C:\Users\Admins-Mo\Downloads\defogger_enable.log

2014-04-18 18:25 - 2014-04-18 18:25 - 00050477 _____ () C:\Users\Admins-Mo\Downloads\Defogger.exe

2014-04-18 14:39 - 2014-04-18 14:39 - 00003112 _____ () C:\WINDOWS\System32\Tasks\{E5554CCA-7572-4312-8806-7CDEC6E3D5AB}

2014-04-18 14:17 - 2014-04-18 14:17 - 00061120 _____ (StdLib) C:\WINDOWS\system32\Drivers\wStLibG64.sys

2014-04-18 13:36 - 2014-04-18 13:36 - 00002124 _____ () C:\Users\Public\Desktop\Adobe FormsCentral.lnk

2014-04-18 13:36 - 2014-04-18 13:36 - 00002010 _____ () C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk

2014-04-18 13:36 - 2014-04-18 13:36 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe

2014-04-18 13:33 - 2014-04-18 17:57 - 00004324 _____ () C:\Users\Admins-Mo\AppData\Local\fitenyjt.gss

2014-04-18 13:33 - 2014-04-17 15:54 - 00002048 _____ () C:\Users\Admins-Mo\AppData\Local\fitenyjt.gdb

2014-04-18 13:32 - 2014-04-18 13:32 - 00000784 _____ () C:\WINDOWS\KB893803v2.log

2014-04-18 13:30 - 2014-04-18 13:30 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\WinRAR

2014-04-18 13:28 - 2014-04-18 13:28 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2014-04-18 13:28 - 2014-04-18 13:28 - 00000000 ____D () C:\Program Files\WinRAR

2014-04-18 13:27 - 2014-04-18 13:27 - 01915576 _____ () C:\Users\Admins-Mo\Downloads\winrar-x64-51b2.exe

2014-04-18 12:56 - 2014-04-18 12:58 - 00000000 ____D () C:\Users\Admins-Mo\Adobe Reader v10.11 [32 & 64 Bit] - {RedDragon}

2014-04-18 12:56 - 2014-04-18 12:57 - 00000000 ____D () C:\Users\Admins-Mo\Adobe Reader v10.5.1 Full - {RedDragon}

2014-04-18 12:40 - 2014-04-18 12:40 - 00001915 _____ () C:\Users\Public\Desktop\HitsBlender.lnk

2014-04-18 12:40 - 2014-04-18 12:40 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\HitsBlender

2014-04-18 12:40 - 2014-04-18 12:40 - 00000000 ____D () C:\ProgramData\HitsBlender

2014-04-18 12:40 - 2014-04-18 12:40 - 00000000 ____D () C:\Program Files (x86)\HitsBlender

2014-04-18 12:39 - 2014-04-18 17:59 - 00000000 ____D () C:\Program Files (x86)\TowerTilt

2014-04-18 12:39 - 2014-04-18 15:02 - 00000298 _____ () C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job

2014-04-18 12:39 - 2014-04-18 15:01 - 00003108 _____ () C:\WINDOWS\System32\Tasks\RegClean Pro

2014-04-18 12:39 - 2014-04-18 15:01 - 00001426 _____ () C:\Users\Admins-Mo\Desktop\Registry kostenlos entrümpeln!.lnk

2014-04-18 12:39 - 2014-04-18 14:39 - 00000000 ____D () C:\Program Files (x86)\YourFileDownloader

2014-04-18 12:39 - 2014-04-18 12:41 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\YourFileDownloader

2014-04-18 12:39 - 2014-04-18 12:39 - 00003136 _____ () C:\WINDOWS\System32\Tasks\YourFile DownloaderUpdate

2014-04-18 12:39 - 2014-04-18 12:39 - 00003032 _____ () C:\WINDOWS\System32\Tasks\RegClean Pro_UPDATES

2014-04-18 12:39 - 2014-04-18 12:39 - 00002876 _____ () C:\WINDOWS\System32\Tasks\RegClean Pro_DEFAULT

2014-04-18 12:39 - 2014-04-18 12:39 - 00001955 _____ () C:\Users\Public\Desktop\YourFile Downloader.lnk

2014-04-18 12:39 - 2014-04-18 12:39 - 00001030 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk

2014-04-18 12:39 - 2014-04-18 12:39 - 00000306 _____ () C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job

2014-04-18 12:39 - 2014-04-18 12:39 - 00000004 _____ () C:\end

2014-04-18 12:39 - 2014-04-18 12:39 - 00000000 ____D () C:\Program Files (x86)\YourFileDownloader Updater

2014-04-18 12:39 - 2014-04-18 12:39 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro

2014-04-18 12:37 - 2014-04-18 12:38 - 06318336 _____ (hxxp://yourfiledownloader.com) C:\Users\Admins-Mo\Downloads\Adobe_Reader_Pro_Crack_downloader (1).exe

2014-04-18 12:37 - 2014-04-18 12:37 - 06318336 _____ (hxxp://yourfiledownloader.com) C:\Users\Admins-Mo\Downloads\Adobe_Reader_Pro_Crack_downloader.exe

2014-04-17 15:52 - 2014-04-17 15:52 - 00000000 _____ () C:\Users\Admins-Mo\Downloads\file_installer_downloader-b12aUubb.exe.opdownload

2014-04-17 15:51 - 2014-04-18 17:50 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector

2014-04-17 15:51 - 2014-04-18 12:33 - 00003120 _____ () C:\WINDOWS\System32\Tasks\Advanced System Protector_startup

2014-04-17 15:51 - 2014-04-17 15:51 - 00001181 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk

2014-04-17 15:51 - 2014-04-17 15:51 - 00000000 ____D () C:\ProgramData\Systweak

2014-04-17 15:51 - 2012-07-25 12:03 - 00016896 _____ () C:\WINDOWS\system32\sasnative64.exe

2014-04-17 15:50 - 2014-04-18 17:50 - 00000000 ____D () C:\ProgramData\ZombieAlert

2014-04-17 15:50 - 2014-04-18 15:02 - 00000306 _____ () C:\WINDOWS\Tasks\System Speedup_DEFAULT.job

2014-04-17 15:50 - 2014-04-18 15:01 - 00003132 _____ () C:\WINDOWS\System32\Tasks\System Speedup

2014-04-17 15:50 - 2014-04-18 12:39 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\systweak

2014-04-17 15:50 - 2014-04-18 12:35 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\System Speedup

2014-04-17 15:50 - 2014-04-17 15:50 - 00003332 _____ () C:\WINDOWS\System32\Tasks\Advanced System Protector

2014-04-17 15:50 - 2014-04-17 15:50 - 00003040 _____ () C:\WINDOWS\System32\Tasks\System Speedup_UPDATES

2014-04-17 15:50 - 2014-04-17 15:50 - 00002884 _____ () C:\WINDOWS\System32\Tasks\System Speedup_DEFAULT

2014-04-17 15:50 - 2014-04-17 15:50 - 00001054 _____ () C:\Users\Public\Desktop\System Speedup.lnk

2014-04-17 15:50 - 2014-04-17 15:50 - 00000314 _____ () C:\WINDOWS\Tasks\System Speedup_UPDATES.job

2014-04-17 15:50 - 2014-04-17 15:50 - 00000000 ____D () C:\Program Files (x86)\System Speedup

2014-04-17 15:50 - 2013-07-11 13:49 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\WINDOWS\system32\roboot64.exe

2014-04-17 15:49 - 2014-04-18 13:33 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Genesis

2014-04-17 15:49 - 2014-04-17 15:49 - 00000000 ____D () C:\Program Files\suprasavings

2014-04-17 15:49 - 2014-04-17 15:49 - 00000000 ____D () C:\Program Files\003

2014-04-17 15:48 - 2014-04-17 15:48 - 00503696 _____ (AppsInstaller) C:\Users\Admins-Mo\Downloads\File_installer.exe

2014-04-17 15:48 - 2014-04-17 15:48 - 00001691 _____ () C:\Users\Admins-Mo\Desktop\Continue File installer.lnk

2014-04-17 15:11 - 2014-04-17 15:11 - 02469824 _____ () C:\Users\Admins-Mo\Downloads\AdobeDownloadAssistant (1).exe

2014-04-17 15:11 - 2014-04-17 15:11 - 00001007 _____ () C:\Users\Public\Desktop\Adobe Download Assistant.lnk

2014-04-17 15:11 - 2014-04-17 15:11 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia

2014-04-17 15:11 - 2014-04-17 15:11 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia

2014-04-17 15:11 - 2014-04-17 15:11 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2014-04-17 15:11 - 2014-04-17 15:11 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant

2014-04-17 15:09 - 2014-04-17 15:09 - 02469824 _____ () C:\Users\Admins-Mo\Downloads\AdobeDownloadAssistant.exe

2014-04-17 15:07 - 2014-04-17 15:08 - 12481554 _____ () C:\Users\Admins-Mo\Downloads\3. Adobe Acrobat X Pro 10 Crack by MPT.rar

2014-04-17 14:28 - 2014-04-17 14:28 - 00019608 _____ () C:\Users\Admins-Mo\Downloads\596F2949BF936D4FDB2EF98AE74A32AE8C0104F3 (1).torrent

2014-04-17 14:25 - 2014-04-17 14:25 - 00019608 _____ () C:\Users\Admins-Mo\Downloads\596F2949BF936D4FDB2EF98AE74A32AE8C0104F3.torrent

2014-04-16 13:56 - 2014-04-16 13:56 - 06468743 _____ () C:\Users\Admins-Mo\Downloads\Lecture_1_-_Introduction_-_April-16.pptx

2014-04-16 12:35 - 2014-04-16 14:30 - 1193716557 _____ () C:\Users\Admins-Mo\Downloads\Cambridge-EnglishInUseCompleteCollectionBooks.zip

2014-04-16 12:16 - 2014-04-16 12:42 - 239165224 _____ () C:\Users\Admins-Mo\Downloads\Cambridge-EnglishPronunciationInUseintermediatewithAudioCd2003.zip

2014-04-15 14:58 - 2014-04-15 15:26 - 130487574 _____ () C:\Users\Admins-Mo\Downloads\MishaGlenny_2011G-480p.mp4

2014-04-15 14:18 - 2014-04-15 14:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-04-15 00:55 - 2014-04-17 14:56 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-04-15 00:55 - 2014-04-15 00:55 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-04-15 00:52 - 2014-04-15 00:52 - 00000000 ____D () C:\ProgramData\boost_interprocess

2014-04-15 00:51 - 2014-04-15 00:52 - 00000000 ____D () C:\AdwCleaner

2014-04-15 00:51 - 2014-04-15 00:51 - 01426178 _____ () C:\Users\Admins-Mo\Desktop\adwcleaner.exe

2014-04-13 22:58 - 2014-04-18 18:27 - 00033641 _____ () C:\Users\Admins-Mo\Downloads\FRST.txt

2014-04-13 22:57 - 2014-04-18 18:27 - 00000000 ____D () C:\FRST

2014-04-13 22:51 - 2014-04-13 22:51 - 02157568 _____ (Farbar) C:\Users\Admins-Mo\Desktop\FRST64.exe

2014-04-13 22:48 - 2014-04-18 18:26 - 00000000 _____ () C:\Users\Admins-Mo\defogger_reenable

2014-04-13 02:40 - 2014-04-13 02:40 - 00003151 _____ () C:\Users\Admins-Mo\Desktop\GeneratedFile

2014-04-12 19:03 - 2014-04-12 19:03 - 00000732 _____ () C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk

2014-04-12 19:02 - 2014-01-29 20:04 - 07597040 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 02476976 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00906224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxstarter.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00845296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00771568 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00770544 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00755184 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIHotKeyMenu.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00530928 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00416240 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00397808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00397296 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00391152 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00279024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe

2014-04-12 19:02 - 2014-01-29 20:04 - 00153072 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe

2014-04-12 19:02 - 2014-01-22 15:57 - 00450520 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys

2014-04-12 19:02 - 2014-01-22 15:57 - 00182784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v3412.dll

2014-04-12 19:02 - 2014-01-22 15:54 - 00002944 _____ () C:\WINDOWS\system32\iglhxs64.vp

2014-04-12 19:02 - 2014-01-22 15:51 - 09081856 _____ (Intel Corporation) C:\WINDOWS\system32\igfxress.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 07885824 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 04221440 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys

2014-04-12 19:02 - 2014-01-22 15:51 - 02384896 _____ () C:\WINDOWS\system32\GfxRes.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00733184 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00624640 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdev.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00548864 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpph.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00527872 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrell.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00527360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrplk.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00527360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfra.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00527360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxresn.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00526848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrus.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00526848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdeu.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00526336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrom.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00526336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnld.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00526336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrita.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsky.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptg.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhun.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhrv.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00525824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcsy.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00525312 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsve.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00525312 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrslv.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00525312 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfin.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00524800 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtrk.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00524800 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptb.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00524288 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnor.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00524288 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdan.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00523776 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtha.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00522240 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrheb.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00521728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrara.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00517632 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrjpn.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00516096 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrkor.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00514048 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcht.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00513536 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrchs.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00373760 _____ () C:\WINDOWS\system32\igdmd64.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00371200 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrenu.lrc

2014-04-12 19:02 - 2014-01-22 15:51 - 00346624 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTMM.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00279040 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcpl.cpl

2014-04-12 19:02 - 2014-01-22 15:51 - 00267407 _____ () C:\WINDOWS\system32\Gfxres.th-TH.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00253466 _____ () C:\WINDOWS\system32\Gfxres.el-GR.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00243712 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdo.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00235401 _____ () C:\WINDOWS\system32\Gfxres.ru-RU.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00224256 _____ (Intel Corporation) C:\WINDOWS\system32\hccutils.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00222208 _____ () C:\WINDOWS\system32\igdde64.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00201128 _____ () C:\WINDOWS\system32\Gfxres.ar-SA.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00198725 _____ () C:\WINDOWS\system32\Gfxres.ja-JP.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00194560 _____ (Intel Corporation) C:\WINDOWS\system32\gfxSrvc.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00192758 _____ () C:\WINDOWS\system32\Gfxres.he-IL.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00180936 _____ () C:\WINDOWS\system32\Gfxres.ko-KR.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00180850 _____ () C:\WINDOWS\system32\Gfxres.it-IT.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00178473 _____ () C:\WINDOWS\system32\Gfxres.es-ES.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00178290 _____ () C:\WINDOWS\system32\Gfxres.fr-FR.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00178123 _____ () C:\WINDOWS\system32\Gfxres.de-DE.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00176838 _____ () C:\WINDOWS\system32\Gfxres.ro-RO.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00175862 _____ () C:\WINDOWS\system32\Gfxres.hu-HU.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00175571 _____ () C:\WINDOWS\system32\Gfxres.tr-TR.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00175067 _____ () C:\WINDOWS\system32\Gfxres.nl-NL.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00174802 _____ () C:\WINDOWS\system32\Gfxres.pl-PL.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00174269 _____ () C:\WINDOWS\system32\Gfxres.pt-BR.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00173792 _____ () C:\WINDOWS\system32\Gfxres.fi-FI.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00173276 _____ () C:\WINDOWS\system32\Gfxres.sk-SK.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00173059 _____ () C:\WINDOWS\system32\Gfxres.sv-SE.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00172833 _____ () C:\WINDOWS\system32\Gfxres.pt-PT.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00172554 _____ () C:\WINDOWS\system32\Gfxres.cs-CZ.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00171691 _____ () C:\WINDOWS\system32\Gfxres.hr-HR.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00168215 _____ () C:\WINDOWS\system32\Gfxres.sl-SI.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00166833 _____ () C:\WINDOWS\system32\Gfxres.nb-NO.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00166220 _____ () C:\WINDOWS\system32\Gfxres.da-DK.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00161534 _____ () C:\WINDOWS\system32\Gfxres.en-US.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00160256 _____ () C:\WINDOWS\system32\igdail64.dll

2014-04-12 19:02 - 2014-01-22 15:51 - 00154805 _____ () C:\WINDOWS\system32\Gfxres.zh-TW.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00152993 _____ () C:\WINDOWS\system32\Gfxres.zh-CN.resources

2014-04-12 19:02 - 2014-01-22 15:51 - 00012288 _____ ( ) C:\WINDOWS\system32\IGFXDEVLib.dll

2014-04-12 19:02 - 2014-01-22 15:48 - 25971712 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll

2014-04-12 19:02 - 2014-01-22 15:48 - 03224064 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll

2014-04-12 19:02 - 2014-01-22 15:48 - 00493056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxdv32.dll

2014-04-12 19:02 - 2014-01-22 15:48 - 00329216 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll

2014-04-12 19:02 - 2014-01-22 15:48 - 00320512 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll

2014-04-12 19:02 - 2014-01-22 15:48 - 00299520 _____ () C:\WINDOWS\SysWOW64\igdmd32.dll

2014-04-12 19:02 - 2014-01-22 15:48 - 00182272 _____ () C:\WINDOWS\SysWOW64\igdde32.dll

2014-04-12 19:02 - 2014-01-22 15:48 - 00142848 _____ () C:\WINDOWS\SysWOW64\igdail32.dll

2014-04-12 19:02 - 2014-01-22 15:48 - 00025600 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll

2014-04-12 19:02 - 2014-01-22 15:44 - 20954112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll

2014-04-12 19:02 - 2014-01-22 15:44 - 02896384 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll

2014-04-12 19:02 - 2014-01-22 15:44 - 00290816 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll

2014-04-12 19:02 - 2014-01-22 15:44 - 00265216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 04011168 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 02065920 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 01815040 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 01450656 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00785568 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00644768 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00602272 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00344736 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00210592 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00177824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00163328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00155136 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00137728 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00133120 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00128672 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll

2014-04-12 19:02 - 2014-01-22 15:35 - 00094368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll

2014-04-12 18:57 - 2014-04-18 17:50 - 00000000 ____D () C:\Program Files (x86)\BlueStacks

2014-04-12 18:57 - 2014-04-12 19:02 - 00000000 ____D () C:\ProgramData\BlueStacksSetup

2014-04-12 18:57 - 2014-04-12 18:57 - 00001876 _____ () C:\Users\Public\Desktop\Apps.lnk

2014-04-12 18:57 - 2014-04-12 18:57 - 00001783 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk

2014-04-12 18:57 - 2014-04-12 18:57 - 00000000 ____D () C:\ProgramData\BlueStacks

2014-04-12 18:56 - 2014-04-12 18:56 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Bluestacks

2014-04-09 23:50 - 2014-04-09 23:50 - 00000000 ____D () C:\Program Files\Common Files\Atheros

2014-04-09 23:40 - 2014-04-09 23:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2014-04-09 23:40 - 2014-04-09 23:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2014-04-09 23:40 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-04-09 23:40 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-04-09 23:40 - 2014-03-10 12:35 - 02008408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2014-04-09 23:40 - 2014-03-10 12:35 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys

2014-04-09 23:40 - 2014-03-06 11:19 - 01287576 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll

2014-04-09 23:40 - 2014-03-06 11:02 - 01109424 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2014-04-09 23:40 - 2014-03-06 08:17 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2014-04-09 23:40 - 2014-03-06 08:10 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll

2014-04-06 14:07 - 2014-04-06 14:07 - 14203232 _____ (AVM Berlin) C:\Users\Admins-Mo\Downloads\FRITZ.Box_Fon_WLAN_7240.05.54.recover-image.exe

2014-04-01 01:17 - 2014-04-01 01:17 - 01161080 _____ () C:\WINDOWS\SysWOW64\ZombieAlert.A222801BB6B4.dll

2014-03-19 01:22 - 2014-01-08 03:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

2014-03-19 01:22 - 2014-01-08 03:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2014-03-19 01:22 - 2014-01-08 03:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2014-03-19 01:22 - 2014-01-04 17:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll

2014-03-19 01:22 - 2014-01-04 17:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll

2014-03-19 01:22 - 2014-01-04 16:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll

2014-03-19 01:22 - 2014-01-04 15:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll

2014-03-19 01:22 - 2014-01-03 01:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll

2014-03-19 01:22 - 2014-01-03 01:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll

2014-03-19 01:22 - 2014-01-01 03:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2014-03-19 01:22 - 2014-01-01 03:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll

2014-03-19 01:22 - 2014-01-01 02:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2014-03-19 01:22 - 2014-01-01 02:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll

2014-03-19 01:22 - 2014-01-01 01:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2014-03-19 01:22 - 2014-01-01 01:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2014-03-19 01:22 - 2014-01-01 01:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2014-03-19 01:22 - 2013-12-31 01:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll

2014-03-19 01:22 - 2013-12-31 01:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll

2014-03-19 01:22 - 2013-12-31 01:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll

2014-03-19 01:22 - 2013-12-31 01:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2014-03-19 01:22 - 2013-12-31 01:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll

2014-03-19 01:22 - 2013-12-27 17:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll

2014-03-19 01:22 - 2013-12-27 10:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll

2014-03-19 01:22 - 2013-12-27 10:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe

2014-03-19 01:22 - 2013-12-27 10:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll

2014-03-19 01:22 - 2013-12-27 09:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll

2014-03-19 01:22 - 2013-12-27 09:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe

2014-03-19 01:22 - 2013-12-27 08:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll

2014-03-19 01:22 - 2013-12-21 09:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll

2014-03-19 01:22 - 2013-12-17 09:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys

2014-03-19 01:22 - 2013-12-14 08:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2014-03-19 01:22 - 2013-12-14 08:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2014-03-19 01:22 - 2013-12-13 12:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe

2014-03-19 01:22 - 2013-12-13 08:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll

2014-03-19 01:22 - 2013-12-13 07:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll

2014-03-19 01:22 - 2013-12-09 10:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2014-03-19 01:22 - 2013-12-09 06:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
 

==================== One Month Modified Files and Folders =======
 

2014-04-18 18:28 - 2014-04-13 22:58 - 00033641 _____ () C:\Users\Admins-Mo\Downloads\FRST.txt

2014-04-18 18:27 - 2014-04-18 18:27 - 02158592 _____ (Farbar) C:\Users\Admins-Mo\Downloads\FRST64.exe

2014-04-18 18:27 - 2014-04-18 18:25 - 00000480 _____ () C:\Users\Admins-Mo\Downloads\defogger_disable.log

2014-04-18 18:27 - 2014-04-13 22:57 - 00000000 ____D () C:\FRST

2014-04-18 18:27 - 2014-03-13 09:46 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Software Informer

2014-04-18 18:26 - 2014-04-18 18:26 - 00050477 _____ () C:\Users\Admins-Mo\Downloads\Defogger (1).exe

2014-04-18 18:26 - 2014-04-18 18:25 - 00000252 _____ () C:\Users\Admins-Mo\Downloads\defogger_enable.log

2014-04-18 18:26 - 2014-04-13 22:48 - 00000000 _____ () C:\Users\Admins-Mo\defogger_reenable

2014-04-18 18:26 - 2013-11-17 00:46 - 00000000 ____D () C:\Users\Admins-Mo

2014-04-18 18:25 - 2014-04-18 18:25 - 00050477 _____ () C:\Users\Admins-Mo\Downloads\Defogger.exe

2014-04-18 18:25 - 2013-11-17 01:45 - 00003938 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A0A9D59D-020B-47E3-82BD-93C809A4CD40}

2014-04-18 18:01 - 2013-11-07 13:36 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-04-18 18:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-04-18 17:59 - 2014-04-18 12:39 - 00000000 ____D () C:\Program Files (x86)\TowerTilt

2014-04-18 17:57 - 2014-04-18 13:33 - 00004324 _____ () C:\Users\Admins-Mo\AppData\Local\fitenyjt.gss

2014-04-18 17:50 - 2014-04-17 15:51 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector

2014-04-18 17:50 - 2014-04-17 15:50 - 00000000 ____D () C:\ProgramData\ZombieAlert

2014-04-18 17:50 - 2014-04-12 18:57 - 00000000 ____D () C:\Program Files (x86)\BlueStacks

2014-04-18 17:49 - 2013-11-07 13:37 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3624291485-3201753239-2019657463-1002

2014-04-18 17:12 - 2013-12-08 18:57 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2014-04-18 16:51 - 2013-11-17 00:44 - 01276883 _____ () C:\WINDOWS\WindowsUpdate.log

2014-04-18 16:01 - 2013-11-07 13:36 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-04-18 15:48 - 2014-02-10 03:27 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Viber

2014-04-18 15:02 - 2014-04-18 12:39 - 00000298 _____ () C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job

2014-04-18 15:02 - 2014-04-17 15:50 - 00000306 _____ () C:\WINDOWS\Tasks\System Speedup_DEFAULT.job

2014-04-18 15:01 - 2014-04-18 12:39 - 00003108 _____ () C:\WINDOWS\System32\Tasks\RegClean Pro

2014-04-18 15:01 - 2014-04-18 12:39 - 00001426 _____ () C:\Users\Admins-Mo\Desktop\Registry kostenlos entrümpeln!.lnk

2014-04-18 15:01 - 2014-04-17 15:50 - 00003132 _____ () C:\WINDOWS\System32\Tasks\System Speedup

2014-04-18 14:45 - 2014-01-23 16:52 - 00000000 ____D () C:\xampp

2014-04-18 14:39 - 2014-04-18 14:39 - 00003112 _____ () C:\WINDOWS\System32\Tasks\{E5554CCA-7572-4312-8806-7CDEC6E3D5AB}

2014-04-18 14:39 - 2014-04-18 12:39 - 00000000 ____D () C:\Program Files (x86)\YourFileDownloader

2014-04-18 14:36 - 2014-02-11 03:14 - 00000000 ____D () C:\Program Files (x86)\LG Electronics

2014-04-18 14:36 - 2013-11-07 13:31 - 00000000 ___RD () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-04-18 14:17 - 2014-04-18 14:17 - 00061120 _____ (StdLib) C:\WINDOWS\system32\Drivers\wStLibG64.sys

2014-04-18 14:17 - 2012-07-26 07:26 - 00000226 _____ () C:\WINDOWS\win.ini

2014-04-18 14:13 - 2014-01-12 20:19 - 00108544 ___SH () C:\Users\Admins-Mo\Documents\Thumbs.db

2014-04-18 14:11 - 2013-12-11 03:55 - 00776610 _____ () C:\WINDOWS\system32\perfh00C.dat

2014-04-18 14:11 - 2013-12-11 03:55 - 00422458 _____ () C:\WINDOWS\system32\perfh001.dat

2014-04-18 14:11 - 2013-12-11 03:55 - 00149292 _____ () C:\WINDOWS\system32\perfc00C.dat

2014-04-18 14:11 - 2013-12-11 03:55 - 00065162 _____ () C:\WINDOWS\system32\perfc001.dat

2014-04-18 14:11 - 2013-09-30 06:14 - 03189766 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-04-18 14:11 - 2013-09-30 05:56 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat

2014-04-18 14:11 - 2013-09-30 05:56 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat

2014-04-18 13:43 - 2013-12-02 10:18 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Deployment

2014-04-18 13:42 - 2013-12-03 15:24 - 00000000 ____D () C:\ProgramData\Adobe

2014-04-18 13:36 - 2014-04-18 13:36 - 00002124 _____ () C:\Users\Public\Desktop\Adobe FormsCentral.lnk

2014-04-18 13:36 - 2014-04-18 13:36 - 00002010 _____ () C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk

2014-04-18 13:36 - 2014-04-18 13:36 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe

2014-04-18 13:36 - 2013-12-03 15:23 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-04-18 13:36 - 2013-12-03 15:22 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Adobe

2014-04-18 13:33 - 2014-04-17 15:49 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Genesis

2014-04-18 13:32 - 2014-04-18 13:32 - 00000784 _____ () C:\WINDOWS\KB893803v2.log

2014-04-18 13:30 - 2014-04-18 13:30 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\WinRAR

2014-04-18 13:28 - 2014-04-18 13:28 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2014-04-18 13:28 - 2014-04-18 13:28 - 00000000 ____D () C:\Program Files\WinRAR

2014-04-18 13:27 - 2014-04-18 13:27 - 01915576 _____ () C:\Users\Admins-Mo\Downloads\winrar-x64-51b2.exe

2014-04-18 12:58 - 2014-04-18 12:56 - 00000000 ____D () C:\Users\Admins-Mo\Adobe Reader v10.11 [32 & 64 Bit] - {RedDragon}

2014-04-18 12:57 - 2014-04-18 12:56 - 00000000 ____D () C:\Users\Admins-Mo\Adobe Reader v10.5.1 Full - {RedDragon}

2014-04-18 12:42 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2014-04-18 12:41 - 2014-04-18 12:39 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\YourFileDownloader

2014-04-18 12:40 - 2014-04-18 12:40 - 00001915 _____ () C:\Users\Public\Desktop\HitsBlender.lnk

2014-04-18 12:40 - 2014-04-18 12:40 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\HitsBlender

2014-04-18 12:40 - 2014-04-18 12:40 - 00000000 ____D () C:\ProgramData\HitsBlender

2014-04-18 12:40 - 2014-04-18 12:40 - 00000000 ____D () C:\Program Files (x86)\HitsBlender

2014-04-18 12:40 - 2013-11-08 13:21 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\cache

2014-04-18 12:39 - 2014-04-18 12:39 - 00003136 _____ () C:\WINDOWS\System32\Tasks\YourFile DownloaderUpdate

2014-04-18 12:39 - 2014-04-18 12:39 - 00003032 _____ () C:\WINDOWS\System32\Tasks\RegClean Pro_UPDATES

2014-04-18 12:39 - 2014-04-18 12:39 - 00002876 _____ () C:\WINDOWS\System32\Tasks\RegClean Pro_DEFAULT

2014-04-18 12:39 - 2014-04-18 12:39 - 00001955 _____ () C:\Users\Public\Desktop\YourFile Downloader.lnk

2014-04-18 12:39 - 2014-04-18 12:39 - 00001030 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk

2014-04-18 12:39 - 2014-04-18 12:39 - 00000306 _____ () C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job

2014-04-18 12:39 - 2014-04-18 12:39 - 00000004 _____ () C:\end

2014-04-18 12:39 - 2014-04-18 12:39 - 00000000 ____D () C:\Program Files (x86)\YourFileDownloader Updater

2014-04-18 12:39 - 2014-04-18 12:39 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro

2014-04-18 12:39 - 2014-04-17 15:50 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\systweak

2014-04-18 12:38 - 2014-04-18 12:37 - 06318336 _____ (hxxp://yourfiledownloader.com) C:\Users\Admins-Mo\Downloads\Adobe_Reader_Pro_Crack_downloader (1).exe

2014-04-18 12:37 - 2014-04-18 12:37 - 06318336 _____ (hxxp://yourfiledownloader.com) C:\Users\Admins-Mo\Downloads\Adobe_Reader_Pro_Crack_downloader.exe

2014-04-18 12:35 - 2014-04-17 15:50 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\System Speedup

2014-04-18 12:34 - 2014-01-29 18:02 - 00003112 _____ () C:\WINDOWS\System32\Tasks\RDReminder

2014-04-18 12:33 - 2014-04-17 15:51 - 00003120 _____ () C:\WINDOWS\System32\Tasks\Advanced System Protector_startup

2014-04-18 12:33 - 2014-02-10 03:27 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\ViberPC

2014-04-17 15:54 - 2014-04-18 13:33 - 00002048 _____ () C:\Users\Admins-Mo\AppData\Local\fitenyjt.gdb

2014-04-17 15:52 - 2014-04-17 15:52 - 00000000 _____ () C:\Users\Admins-Mo\Downloads\file_installer_downloader-b12aUubb.exe.opdownload

2014-04-17 15:51 - 2014-04-17 15:51 - 00001181 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk

2014-04-17 15:51 - 2014-04-17 15:51 - 00000000 ____D () C:\ProgramData\Systweak

2014-04-17 15:50 - 2014-04-17 15:50 - 00003332 _____ () C:\WINDOWS\System32\Tasks\Advanced System Protector

2014-04-17 15:50 - 2014-04-17 15:50 - 00003040 _____ () C:\WINDOWS\System32\Tasks\System Speedup_UPDATES

2014-04-17 15:50 - 2014-04-17 15:50 - 00002884 _____ () C:\WINDOWS\System32\Tasks\System Speedup_DEFAULT

2014-04-17 15:50 - 2014-04-17 15:50 - 00001054 _____ () C:\Users\Public\Desktop\System Speedup.lnk

2014-04-17 15:50 - 2014-04-17 15:50 - 00000314 _____ () C:\WINDOWS\Tasks\System Speedup_UPDATES.job

2014-04-17 15:50 - 2014-04-17 15:50 - 00000000 ____D () C:\Program Files (x86)\System Speedup

2014-04-17 15:49 - 2014-04-17 15:49 - 00000000 ____D () C:\Program Files\suprasavings

2014-04-17 15:49 - 2014-04-17 15:49 - 00000000 ____D () C:\Program Files\003

2014-04-17 15:48 - 2014-04-17 15:48 - 00503696 _____ (AppsInstaller) C:\Users\Admins-Mo\Downloads\File_installer.exe

2014-04-17 15:48 - 2014-04-17 15:48 - 00001691 _____ () C:\Users\Admins-Mo\Desktop\Continue File installer.lnk

2014-04-17 15:11 - 2014-04-17 15:11 - 02469824 _____ () C:\Users\Admins-Mo\Downloads\AdobeDownloadAssistant (1).exe

2014-04-17 15:11 - 2014-04-17 15:11 - 00001007 _____ () C:\Users\Public\Desktop\Adobe Download Assistant.lnk

2014-04-17 15:11 - 2014-04-17 15:11 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia

2014-04-17 15:11 - 2014-04-17 15:11 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia

2014-04-17 15:11 - 2014-04-17 15:11 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2014-04-17 15:11 - 2014-04-17 15:11 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant

2014-04-17 15:09 - 2014-04-17 15:09 - 02469824 _____ () C:\Users\Admins-Mo\Downloads\AdobeDownloadAssistant.exe

2014-04-17 15:08 - 2014-04-17 15:07 - 12481554 _____ () C:\Users\Admins-Mo\Downloads\3. Adobe Acrobat X Pro 10 Crack by MPT.rar

2014-04-17 14:56 - 2014-04-15 00:55 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-04-17 14:38 - 2013-11-07 13:31 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Packages

2014-04-17 14:28 - 2014-04-17 14:28 - 00019608 _____ () C:\Users\Admins-Mo\Downloads\596F2949BF936D4FDB2EF98AE74A32AE8C0104F3 (1).torrent

2014-04-17 14:25 - 2014-04-17 14:25 - 00019608 _____ () C:\Users\Admins-Mo\Downloads\596F2949BF936D4FDB2EF98AE74A32AE8C0104F3.torrent

2014-04-17 12:26 - 2013-11-17 01:16 - 00000000 ___RD () C:\Users\Admins-Mo\SkyDrive

2014-04-16 14:30 - 2014-04-16 12:35 - 1193716557 _____ () C:\Users\Admins-Mo\Downloads\Cambridge-EnglishInUseCompleteCollectionBooks.zip

2014-04-16 13:56 - 2014-04-16 13:56 - 06468743 _____ () C:\Users\Admins-Mo\Downloads\Lecture_1_-_Introduction_-_April-16.pptx

2014-04-16 12:42 - 2014-04-16 12:16 - 239165224 _____ () C:\Users\Admins-Mo\Downloads\Cambridge-EnglishPronunciationInUseintermediatewithAudioCd2003.zip

2014-04-16 12:14 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports

2014-04-16 11:59 - 2013-12-21 16:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-04-15 15:26 - 2014-04-15 14:58 - 130487574 _____ () C:\Users\Admins-Mo\Downloads\MishaGlenny_2011G-480p.mp4

2014-04-15 15:08 - 2013-09-29 21:04 - 00045110 _____ () C:\WINDOWS\PFRO.log

2014-04-15 15:08 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\DesktopTileResources

2014-04-15 15:08 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-04-15 15:08 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI

2014-04-15 14:39 - 2013-11-08 15:10 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\CrashDumps

2014-04-15 14:18 - 2014-04-15 14:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-04-15 01:15 - 2014-01-29 18:02 - 00001068 _____ () C:\Users\Public\Desktop\Dll-Files Fixer.lnk

2014-04-15 01:15 - 2014-01-29 18:02 - 00000000 ____D () C:\Program Files (x86)\Dll-Files.com Fixer

2014-04-15 01:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Branding

2014-04-15 00:55 - 2014-04-15 00:55 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-04-15 00:52 - 2014-04-15 00:52 - 00000000 ____D () C:\ProgramData\boost_interprocess

2014-04-15 00:52 - 2014-04-15 00:51 - 00000000 ____D () C:\AdwCleaner

2014-04-15 00:51 - 2014-04-15 00:51 - 01426178 _____ () C:\Users\Admins-Mo\Desktop\adwcleaner.exe

2014-04-15 00:51 - 2013-12-21 16:02 - 00001029 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-04-15 00:51 - 2013-11-17 01:15 - 00001019 _____ () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-04-13 22:51 - 2014-04-13 22:51 - 02157568 _____ (Farbar) C:\Users\Admins-Mo\Desktop\FRST64.exe

2014-04-13 22:36 - 2014-01-03 01:40 - 00000000 ____D () C:\Program Files\Adblock Plus for IE

2014-04-13 21:12 - 2013-11-08 14:30 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-04-13 21:11 - 2013-11-08 14:30 - 90655440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2014-04-13 14:36 - 2013-12-02 10:13 - 00000000 ____D () C:\Program Files\Microsoft Office 15

2014-04-13 02:40 - 2014-04-13 02:40 - 00003151 _____ () C:\Users\Admins-Mo\Desktop\GeneratedFile

2014-04-12 19:04 - 2014-01-29 19:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV

2014-04-12 19:04 - 2014-01-29 19:06 - 00000000 ____D () C:\WINDOWS\system32\NV

2014-04-12 19:03 - 2014-04-12 19:03 - 00000732 _____ () C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk

2014-04-12 19:03 - 2013-11-17 00:44 - 00000000 ____D () C:\Program Files (x86)\Intel

2014-04-12 19:03 - 2013-08-22 16:46 - 00029425 _____ () C:\WINDOWS\setupact.log

2014-04-12 19:02 - 2014-04-12 18:57 - 00000000 ____D () C:\ProgramData\BlueStacksSetup

2014-04-12 18:57 - 2014-04-12 18:57 - 00001876 _____ () C:\Users\Public\Desktop\Apps.lnk

2014-04-12 18:57 - 2014-04-12 18:57 - 00001783 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk

2014-04-12 18:57 - 2014-04-12 18:57 - 00000000 ____D () C:\ProgramData\BlueStacks

2014-04-12 18:57 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries

2014-04-12 18:56 - 2014-04-12 18:56 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Local\Bluestacks

2014-04-12 18:26 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2014-04-10 15:35 - 2014-01-29 18:02 - 00000314 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job

2014-04-09 23:50 - 2014-04-09 23:50 - 00000000 ____D () C:\Program Files\Common Files\Atheros

2014-04-09 23:50 - 2013-08-22 16:46 - 00000178 _____ () C:\WINDOWS\setuperr.log

2014-04-09 23:40 - 2014-04-09 23:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2014-04-09 23:40 - 2014-04-09 23:40 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2014-04-09 17:03 - 2014-01-29 18:02 - 00000298 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job

2014-04-09 17:02 - 2014-01-29 18:02 - 00003038 _____ () C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_Updates

2014-04-09 17:02 - 2014-01-29 18:02 - 00003024 _____ () C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_MONTHLY

2014-04-06 14:07 - 2014-04-06 14:07 - 14203232 _____ (AVM Berlin) C:\Users\Admins-Mo\Downloads\FRITZ.Box_Fon_WLAN_7240.05.54.recover-image.exe

2014-04-06 09:32 - 2013-12-11 15:01 - 00000000 ____D () C:\Program Files (x86)\Opera

2014-04-01 01:17 - 2014-04-01 01:17 - 01161080 _____ () C:\WINDOWS\SysWOW64\ZombieAlert.A222801BB6B4.dll

2014-03-31 23:23 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-03-31 23:23 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-03-31 03:16 - 2014-04-09 23:40 - 23134208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-03-31 01:57 - 2014-04-09 23:40 - 17073152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-03-30 22:58 - 2013-12-02 13:46 - 00000000 ____D () C:\Program Files (x86)\AntiBrowserSpy

2014-03-28 16:56 - 2013-11-07 13:36 - 00004102 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2014-03-28 16:56 - 2013-11-07 13:36 - 00003866 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2014-03-28 16:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache

2014-03-25 18:23 - 2014-03-17 14:51 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\TeamViewer

2014-03-25 18:17 - 2014-02-09 01:11 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\VoipConnect

2014-03-25 09:52 - 2013-11-07 13:31 - 00000000 ___RD () C:\Users\Admins-Mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-03-25 09:51 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2014-03-25 09:51 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\ar-SA

2014-03-25 09:51 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA

2014-03-19 17:19 - 2013-12-03 21:41 - 00000000 ____D () C:\Users\Admins-Mo\AppData\Roaming\Skype

2014-03-19 15:29 - 2013-12-14 06:13 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64

2014-03-19 00:05 - 2013-08-22 16:44 - 03086328 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
 

Files to move or delete:

====================

C:\Users\Admins-Mo\InstallUtil.resources.dll
 
 

Some content of TEMP:

====================

C:\Users\Admins-Mo\AppData\Local\Temp\35825uninstall.exe

C:\Users\Admins-Mo\AppData\Local\Temp\72engqbr.dll

C:\Users\Admins-Mo\AppData\Local\Temp\894.6314884537769_update.exe

C:\Users\Admins-Mo\AppData\Local\Temp\BackupSetup.exe

C:\Users\Admins-Mo\AppData\Local\Temp\bassmod.dll

C:\Users\Admins-Mo\AppData\Local\Temp\htmlayout.dll

C:\Users\Admins-Mo\AppData\Local\Temp\nsbEBB9.exe

C:\Users\Admins-Mo\AppData\Local\Temp\nseCCEF.exe

C:\Users\Admins-Mo\AppData\Local\Temp\nseE742.exe

C:\Users\Admins-Mo\AppData\Local\Temp\nsfAACD.exe

C:\Users\Admins-Mo\AppData\Local\Temp\nsfCF13.exe

C:\Users\Admins-Mo\AppData\Local\Temp\nspE956.exe

C:\Users\Admins-Mo\AppData\Local\Temp\nstCADB.exe

C:\Users\Admins-Mo\AppData\Local\Temp\OfficeSetup.exe

C:\Users\Admins-Mo\AppData\Local\Temp\pyl247B.tmp.exe

C:\Users\Admins-Mo\AppData\Local\Temp\pyl8BF7.tmp.exe

C:\Users\Admins-Mo\AppData\Local\Temp\pylA855.tmp.exe

C:\Users\Admins-Mo\AppData\Local\Temp\pylA8B7.tmp.exe

C:\Users\Admins-Mo\AppData\Local\Temp\pylBB9A.tmp.exe

C:\Users\Admins-Mo\AppData\Local\Temp\pylCD8D.tmp.exe

C:\Users\Admins-Mo\AppData\Local\Temp\pylCEAA.tmp.exe

C:\Users\Admins-Mo\AppData\Local\Temp\pylD998.tmp.exe

C:\Users\Admins-Mo\AppData\Local\Temp\RegClean2.exe

C:\Users\Admins-Mo\AppData\Local\Temp\setup0533.exe

C:\Users\Admins-Mo\AppData\Local\Temp\setupproplusretail.x86.de-de_act_1_.exe

C:\Users\Admins-Mo\AppData\Local\Temp\sp-downloader.exe

C:\Users\Admins-Mo\AppData\Local\Temp\Sqlite3.dll

C:\Users\Admins-Mo\AppData\Local\Temp\toolbar250242480.exe

C:\Users\Admins-Mo\AppData\Local\Temp\toolbar250247437.exe

C:\Users\Admins-Mo\AppData\Local\Temp\toolbar250255165.exe

C:\Users\Admins-Mo\AppData\Local\Temp\toolbar250255177.exe

C:\Users\Admins-Mo\AppData\Local\Temp\tvcwytg3.dll

C:\Users\Admins-Mo\AppData\Local\Temp\{1DE82EFE-4996-4A80-BECF-E0F51139760E}-34.0.1847.116_33.0.1750.154_chrome_updater.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-04-18 13:55
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Hallo,

leider wurde Dein Thema aus (technischen Gründen) übersehen. Da mehrere Antworten in Deinem Thema vorhanden waren, wurde es versehentlich als 'bereits in Arbeit' eingestuft.

Dies bitten wir zu entschuldigen.

Wir versuchen jedem Hilfesuchenden binnen kurzer Zeit zu antworten und Lösungen für das Problem anzubieten.

Bitte erstelle ggf. ein neues Thema, damit sich ein Teammitglied deinem Problem annehmen kann.

Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Vielen Dank für Dein Verständnis.