Trojaner-Board - AVG findet nach Entfernung erneut Luhe.Fiha.A

Nein, ich treibe kein Onlinebanking, aber ich habe auch beobachtet, dass in meinem Youtube Verlauf 2x Videos in der Nacht dazugekommen sind, die ich nie angeschaut habe, falls das wichtig ist o.o

Zitat:

Guck mal hier nach und poste mir das aktuelleste AVG Logfile: C:\ProgramData\AVG<number>

Irgendwie finde ich da nichts :s Da sind zwar ein paar Ordner und einer heißt auch "log", aber das sind glaube ich nicht die richtigen, weil da nur 2 oder 3 Dateien von 2014 sind :/
Dieses Farbar's Recovery Scan Tool habe ich schon heute morgen runtergeladen, weil hier in der Einführung stand, dass man sich das runterladen soll :) Und ich weiß nicht, ob ich das jetzt richtig mache mit dem #-Symbol, ich kenne mich nicht so aus :D

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014

Ran by HID-MOBIL (administrator) on HID-MOBIL-PC on 18-05-2014 10:54:53

Running from C:\Users\HID-MOBIL\Downloads

Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 

==================== Processes (Whitelisted) =================
 

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

(Egis Technology Inc. ) C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

() C:\Windows\SysWOW64\PnkBstrB.exe

(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe

(Intel Corporation) C:\Windows\System32\igfxext.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

(Egis Technology Inc. ) C:\Program Files\Acer ProShield\EgisTSR.exe

(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-21] (Realtek Semiconductor)

HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation)

HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11407120 2012-03-27] (Intel Corporation)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2868496 2012-02-14] (Synaptics Incorporated)

HKLM\...\Run: [ProShieldTSR] => C:\Program Files\Acer ProShield\EgisTSR.exe [165936 2012-02-02] (Egis Technology Inc. )

HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297024 2012-09-26] (NTI Corporation)

HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1111632 2012-03-05] (Dritek System Inc.)

HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-04] (Intel Corporation)

HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-11-05] (Egis Technology Inc.)

HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202096 2010-11-05] (Egis Technology Inc.)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-4113803299-3835168462-3764686188-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent

HKU\S-1-5-21-4113803299-3835168462-3764686188-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-26] (Electronic Arts)

HKU\S-1-5-21-4113803299-3835168462-3764686188-1000\...\Run: [Facebook Update] => C:\Users\HID-MOBIL\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-01] (Facebook Inc.)

HKU\S-1-5-21-4113803299-3835168462-3764686188-1000\...\Run: [Google Update] => C:\Users\HID-MOBIL\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-01-18] (Google Inc.)

HKU\S-1-5-21-4113803299-3835168462-3764686188-1000\...\MountPoints2: {b6940353-212b-11e2-8d9e-806e6f6e6963} - E:\Autorun.exe

HKU\S-1-5-21-4113803299-3835168462-3764686188-1000\...\Winlogon: [Shell] 

Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk

ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
 

==================== Internet (Whitelisted) ====================
 

ProxyServer: http=127.0.0.1:49162;https=127.0.0.1:49162

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1394390883&from=adks&uid=WDCXWD5000BPVT-22A1YT0_WD-WX31C125974259742&q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1394390883&from=adks&uid=WDCXWD5000BPVT-22A1YT0_WD-WX31C125974259742&q={searchTerms}

StartMenuInternet: IEXPLORE.EXE - iexplore.exe

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: EgisPBIE Sign-in Helper - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files\Acer ProShield\x86\EgisPBIE.dll (Egis Technology Inc.)

BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.29.253
 

FireFox:

========

FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\HID-MOBIL\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\HID-MOBIL\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\HID-MOBIL\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\HID-MOBIL\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\HID-MOBIL\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)

FF Plugin ProgramFiles/Appdata: C:\Users\HID-MOBIL\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\HID-MOBIL\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)

FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files\Acer ProShield\FFExt

FF Extension:  Online Accounts Extension  - C:\Program Files\Acer ProShield\FFExt [2012-10-28]

FF HKLM-x32\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files\Acer ProShield\FFExt20

FF Extension:  Online Accounts Extension  - C:\Program Files\Acer ProShield\FFExt20 [2012-10-28]

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
 

Chrome: 

=======

CHR HomePage: hxxp://www.awesomehp.com/?type=hp&ts=1394390883&from=adks&uid=WDCXWD5000BPVT-22A1YT0_WD-WX31C125974259742

CHR StartupUrls: "hxxp://www.google.com/"

CHR Extension: (Google Docs) - C:\Users\HID-MOBIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-11]

CHR Extension: (Google Drive) - C:\Users\HID-MOBIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-11]

CHR Extension: (YouTube) - C:\Users\HID-MOBIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-11]

CHR Extension: (Google-Suche) - C:\Users\HID-MOBIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-11]

CHR Extension: (Online Accounts Extension ) - C:\Users\HID-MOBIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ladimmjldcgbeamniagencjbodhnmgen [2013-11-11]

CHR Extension: (Google Wallet) - C:\Users\HID-MOBIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-11]

CHR Extension: (Battlefield Play4Free) - C:\Users\HID-MOBIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2014-04-24]

CHR Extension: (Google Mail) - C:\Users\HID-MOBIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-11]

CHR HKLM-x32\...\Chrome\Extension: [ladimmjldcgbeamniagencjbodhnmgen] - C:\Program Files\Acer ProShield\ChromeEx\EgisPBChromeExt.crx [2012-02-02]
 

==================== Services (Whitelisted) =================
 

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)

R2 EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [218160 2012-02-02] (Egis Technology Inc. )

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4233088 2013-04-29] (Symantec Corporation)

R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256576 2012-09-26] (NTI Corporation)

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-04-28] ()

R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-04-28] ()

R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)
 

==================== Drivers (Whitelisted) ====================
 

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)

R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.)

R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [88280 2014-04-03] (Malwarebytes Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-18] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)

R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [22800 2012-02-14] (Synaptics Incorporated)

S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-05-18 10:54 - 2014-05-18 10:55 - 00020985 _____ () C:\Users\HID-MOBIL\Downloads\FRST.txt

2014-05-18 10:54 - 2014-05-18 10:54 - 00000000 ____D () C:\FRST

2014-05-18 10:53 - 2014-05-18 10:53 - 02067456 _____ (Farbar) C:\Users\HID-MOBIL\Downloads\FRST64.exe

2014-05-18 10:51 - 2014-05-18 10:51 - 00000480 _____ () C:\Users\HID-MOBIL\Downloads\defogger_disable.log

2014-05-18 10:51 - 2014-05-18 10:51 - 00000000 _____ () C:\Users\HID-MOBIL\defogger_reenable

2014-05-18 10:49 - 2014-05-18 10:49 - 00050477 _____ () C:\Users\HID-MOBIL\Desktop\Defogger.exe

2014-05-17 17:04 - 2014-05-18 10:23 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-05-17 17:04 - 2014-05-17 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-05-17 17:04 - 2014-05-17 17:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-05-17 17:04 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-05-17 17:04 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-05-14 13:24 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-14 13:24 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-14 13:24 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-05-14 13:24 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-05-14 13:24 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-05-14 13:24 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-05-14 13:20 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-05-14 13:20 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-05-14 13:20 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-05-14 13:20 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2014-05-14 13:19 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2014-05-14 13:19 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2014-05-14 13:19 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-05-14 13:19 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2014-05-14 13:19 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2014-05-14 13:19 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2014-05-14 13:19 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2014-05-14 13:19 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-05-14 13:19 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-05-14 13:19 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-05-14 13:19 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-05-14 13:19 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll

2014-05-14 13:19 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2014-05-14 13:19 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-05-14 13:19 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-05-14 13:19 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-05-14 13:19 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-05-14 13:19 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll

2014-05-14 13:19 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2014-05-14 13:19 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll

2014-05-14 13:19 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll

2014-05-14 13:19 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll

2014-05-14 13:19 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll

2014-05-14 13:19 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll

2014-05-14 13:19 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-05-14 13:19 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2014-05-14 13:19 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2014-05-14 13:19 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-05-14 13:19 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2014-05-09 20:24 - 2014-05-09 20:24 - 00001969 _____ () C:\Users\HID-MOBIL\Desktop\Webocton - Scriptly.lnk

2014-05-09 20:24 - 2014-05-09 20:24 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Roaming\Webocton - Scriptly

2014-05-09 20:24 - 2014-05-09 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webocton - Scriptly

2014-05-09 20:24 - 2014-05-09 20:24 - 00000000 ____D () C:\Program Files (x86)\Webocton - Scriptly

2014-05-09 20:22 - 2014-05-09 20:22 - 14753601 _____ (Webocton ) C:\Users\HID-MOBIL\Downloads\webocton_scriptly.exe

2014-05-07 18:45 - 2014-05-07 18:45 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help

2014-05-07 18:45 - 2014-05-07 18:45 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help

2014-05-07 18:43 - 2014-05-07 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-05-07 18:42 - 2014-05-07 18:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-05-07 18:42 - 2014-05-07 18:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-05-07 16:24 - 2014-05-07 16:24 - 00002200 _____ () C:\Users\HID-MOBIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk

2014-05-07 16:24 - 2014-05-07 16:24 - 00002128 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk

2014-05-07 16:24 - 2014-05-07 16:24 - 00002128 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk

2014-05-07 16:24 - 2014-05-07 16:24 - 00000000 ___RD () C:\Users\HID-MOBIL\SkyDrive

2014-05-07 16:24 - 2014-05-07 16:24 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive

2014-05-07 16:24 - 2014-05-07 16:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive

2014-05-07 16:20 - 2014-05-14 15:25 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Local\Windows Live

2014-05-07 16:20 - 2014-05-07 16:20 - 00003192 _____ () C:\Windows\System32\Tasks\{CF948B7E-2258-497C-ADBB-8F8D083E01DE}

2014-05-07 16:19 - 2014-05-07 16:19 - 142602520 _____ (Microsoft Corporation) C:\Users\HID-MOBIL\Downloads\wlsetup-all_16.4.3508.0205.exe

2014-05-06 22:13 - 2014-05-14 19:32 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-05-05 15:55 - 2014-05-14 13:24 - 00000000 ____D () C:\Windows\system32\MRT

2014-05-05 15:55 - 2014-05-14 13:22 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-04-30 20:34 - 2014-04-30 20:34 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Roaming\Mozilla

2014-04-29 18:59 - 2014-04-29 19:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-04-28 20:27 - 2014-04-28 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games

2014-04-24 22:39 - 2014-04-24 22:40 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Local\Mozilla

2014-04-24 22:39 - 2014-04-24 22:39 - 00000000 ____D () C:\ProgramData\Mozilla

2014-04-24 21:18 - 2014-04-24 21:21 - 00000000 ____D () C:\Program Files (x86)\EA Games

2014-04-24 17:57 - 2014-04-24 17:58 - 00000000 ____D () C:\Users\HID-MOBIL\Documents\Battlefield Play4Free

2014-04-24 17:56 - 2014-04-28 20:27 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe

2014-04-24 17:56 - 2014-04-28 20:27 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2014-04-18 18:34 - 2014-04-18 18:34 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Local\Skype

2014-04-18 18:33 - 2014-04-18 18:33 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-04-18 18:33 - 2014-04-18 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2014-04-18 15:56 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-04-18 15:56 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-04-18 15:56 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-04-18 15:56 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-04-18 15:56 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-04-18 15:56 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-04-18 15:56 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-04-18 15:56 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-04-18 15:56 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-04-18 15:56 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-04-18 15:56 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-04-18 15:56 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-04-18 15:56 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-04-18 15:56 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-04-18 15:56 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-04-18 15:56 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-04-18 15:56 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-04-18 15:56 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-04-18 15:56 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-04-18 15:56 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-04-18 15:56 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-04-18 15:56 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-04-18 15:56 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-04-18 15:56 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-04-18 15:56 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-04-18 15:56 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-04-18 15:56 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-04-18 15:56 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-04-18 15:56 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-04-18 15:56 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-04-18 15:56 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-04-18 15:56 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-04-18 15:56 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-04-18 15:56 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-04-18 15:56 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-04-18 15:56 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-04-18 15:56 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-04-18 15:56 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-04-18 15:56 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-04-18 15:56 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-04-18 15:55 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-04-18 15:55 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-04-18 15:55 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-04-18 15:55 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
 

==================== One Month Modified Files and Folders =======
 

2014-05-18 10:55 - 2014-05-18 10:54 - 00020985 _____ () C:\Users\HID-MOBIL\Downloads\FRST.txt

2014-05-18 10:54 - 2014-05-18 10:54 - 00000000 ____D () C:\FRST

2014-05-18 10:53 - 2014-05-18 10:53 - 02067456 _____ (Farbar) C:\Users\HID-MOBIL\Downloads\FRST64.exe

2014-05-18 10:51 - 2014-05-18 10:51 - 00000480 _____ () C:\Users\HID-MOBIL\Downloads\defogger_disable.log

2014-05-18 10:51 - 2014-05-18 10:51 - 00000000 _____ () C:\Users\HID-MOBIL\defogger_reenable

2014-05-18 10:51 - 2012-12-24 20:55 - 00000000 ____D () C:\Users\HID-MOBIL

2014-05-18 10:49 - 2014-05-18 10:49 - 00050477 _____ () C:\Users\HID-MOBIL\Desktop\Defogger.exe

2014-05-18 10:39 - 2014-01-18 19:10 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4113803299-3835168462-3764686188-1000UA.job

2014-05-18 10:23 - 2014-05-17 17:04 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-05-18 10:10 - 2013-03-13 15:37 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Local\Adobe

2014-05-18 10:09 - 2013-11-11 14:15 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-05-18 10:08 - 2009-07-14 06:45 - 00016768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-05-18 10:08 - 2009-07-14 06:45 - 00016768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-05-18 10:06 - 2013-07-13 18:57 - 00000000 ____D () C:\ProgramData\MFAData

2014-05-18 10:05 - 2012-10-28 19:43 - 01239666 _____ () C:\Windows\WindowsUpdate.log

2014-05-18 10:04 - 2013-11-01 22:59 - 00000944 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4113803299-3835168462-3764686188-1000UA.job

2014-05-18 10:03 - 2013-05-31 09:48 - 00000000 ____D () C:\ProgramData\boost_interprocess

2014-05-18 10:02 - 2013-03-02 12:25 - 00000000 ____D () C:\ProgramData\Origin

2014-05-18 10:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-05-18 10:01 - 2013-03-02 12:24 - 00000000 ____D () C:\Program Files (x86)\Origin

2014-05-18 10:00 - 2013-11-11 14:15 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-05-18 10:00 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-05-18 10:00 - 2009-07-14 06:51 - 00142225 _____ () C:\Windows\setupact.log

2014-05-17 22:04 - 2013-11-01 22:59 - 00000922 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4113803299-3835168462-3764686188-1000Core.job

2014-05-17 17:37 - 2010-11-21 05:47 - 00183628 _____ () C:\Windows\PFRO.log

2014-05-17 17:04 - 2014-05-17 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-05-17 17:04 - 2014-05-17 17:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-05-17 17:04 - 2013-10-26 23:12 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-05-17 17:04 - 2013-10-26 23:12 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Roaming\Malwarebytes

2014-05-17 17:04 - 2013-10-26 23:12 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-05-17 17:04 - 2013-10-26 23:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-05-17 15:39 - 2014-01-18 19:10 - 00001084 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4113803299-3835168462-3764686188-1000Core.job

2014-05-16 20:12 - 2013-11-11 14:16 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-05-16 19:26 - 2014-03-31 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-05-16 19:26 - 2013-10-14 18:46 - 00000985 _____ () C:\Users\Public\Desktop\AVG 2014.lnk

2014-05-14 19:35 - 2012-12-24 20:58 - 00000000 ___RD () C:\Users\HID-MOBIL\Virtual Machines

2014-05-14 19:35 - 2012-12-24 20:58 - 00000000 ___RD () C:\Users\HID-MOBIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-05-14 19:35 - 2012-12-24 20:58 - 00000000 ___RD () C:\Users\HID-MOBIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-05-14 19:32 - 2014-05-06 22:13 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-05-14 19:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-05-14 15:25 - 2014-05-07 16:20 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Local\Windows Live

2014-05-14 13:24 - 2014-05-05 15:55 - 00000000 ____D () C:\Windows\system32\MRT

2014-05-14 13:24 - 2013-03-02 11:58 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-05-14 13:22 - 2014-05-05 15:55 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-05-13 18:36 - 2013-07-06 11:39 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Roaming\Skype

2014-05-09 20:24 - 2014-05-09 20:24 - 00001969 _____ () C:\Users\HID-MOBIL\Desktop\Webocton - Scriptly.lnk

2014-05-09 20:24 - 2014-05-09 20:24 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Roaming\Webocton - Scriptly

2014-05-09 20:24 - 2014-05-09 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webocton - Scriptly

2014-05-09 20:24 - 2014-05-09 20:24 - 00000000 ____D () C:\Program Files (x86)\Webocton - Scriptly

2014-05-09 20:22 - 2014-05-09 20:22 - 14753601 _____ (Webocton ) C:\Users\HID-MOBIL\Downloads\webocton_scriptly.exe

2014-05-09 16:04 - 2013-11-11 14:15 - 00004112 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-05-09 16:04 - 2013-11-11 14:15 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-05-09 15:34 - 2014-01-18 19:10 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4113803299-3835168462-3764686188-1000UA

2014-05-09 15:34 - 2014-01-18 19:10 - 00003718 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4113803299-3835168462-3764686188-1000Core

2014-05-09 08:14 - 2014-05-14 13:20 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-05-09 08:11 - 2014-05-14 13:20 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-05-07 19:37 - 2012-12-24 20:56 - 00070736 _____ () C:\Users\HID-MOBIL\AppData\Local\GDIPFONTCACHEV1.DAT

2014-05-07 19:35 - 2009-07-14 06:45 - 04988504 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-05-07 18:45 - 2014-05-07 18:45 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help

2014-05-07 18:45 - 2014-05-07 18:45 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help

2014-05-07 18:44 - 2013-03-02 12:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works

2014-05-07 18:43 - 2014-05-07 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-05-07 18:42 - 2014-05-07 18:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-05-07 18:42 - 2014-05-07 18:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-05-07 16:27 - 2012-09-11 08:59 - 00000000 ____D () C:\Program Files (x86)\Windows Live

2014-05-07 16:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared

2014-05-07 16:25 - 2012-09-11 08:58 - 00254973 _____ () C:\Windows\DirectX.log

2014-05-07 16:24 - 2014-05-07 16:24 - 00002200 _____ () C:\Users\HID-MOBIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk

2014-05-07 16:24 - 2014-05-07 16:24 - 00002128 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk

2014-05-07 16:24 - 2014-05-07 16:24 - 00002128 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk

2014-05-07 16:24 - 2014-05-07 16:24 - 00000000 ___RD () C:\Users\HID-MOBIL\SkyDrive

2014-05-07 16:24 - 2014-05-07 16:24 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive

2014-05-07 16:24 - 2014-05-07 16:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive

2014-05-07 16:24 - 2012-09-11 08:58 - 00000000 ____D () C:\Program Files\Windows Live

2014-05-07 16:23 - 2012-09-11 09:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live

2014-05-07 16:20 - 2014-05-07 16:20 - 00003192 _____ () C:\Windows\System32\Tasks\{CF948B7E-2258-497C-ADBB-8F8D083E01DE}

2014-05-07 16:19 - 2014-05-07 16:19 - 142602520 _____ (Microsoft Corporation) C:\Users\HID-MOBIL\Downloads\wlsetup-all_16.4.3508.0205.exe

2014-05-07 14:50 - 2013-10-14 18:44 - 00000000 ____D () C:\ProgramData\AVG2014

2014-05-07 13:40 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-05-06 06:40 - 2014-05-14 13:24 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-06 06:17 - 2014-05-14 13:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-06 05:25 - 2014-05-14 13:24 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-05-06 05:07 - 2014-05-14 13:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-05-06 05:00 - 2014-05-14 13:24 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-05-06 04:10 - 2014-05-14 13:24 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-04-30 20:34 - 2014-04-30 20:34 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Roaming\Mozilla

2014-04-29 19:10 - 2014-04-29 18:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-04-28 20:27 - 2014-04-28 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games

2014-04-28 20:27 - 2014-04-24 17:56 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe

2014-04-28 20:27 - 2014-04-24 17:56 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2014-04-24 22:47 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2014-04-24 22:47 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2014-04-24 22:40 - 2014-04-24 22:39 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Local\Mozilla

2014-04-24 22:39 - 2014-04-24 22:39 - 00000000 ____D () C:\ProgramData\Mozilla

2014-04-24 21:21 - 2014-04-24 21:18 - 00000000 ____D () C:\Program Files (x86)\EA Games

2014-04-24 21:11 - 2013-03-02 12:25 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Roaming\Origin

2014-04-24 21:11 - 2013-03-02 12:25 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Local\Origin

2014-04-24 17:58 - 2014-04-24 17:57 - 00000000 ____D () C:\Users\HID-MOBIL\Documents\Battlefield Play4Free

2014-04-22 14:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

2014-04-18 18:34 - 2014-04-18 18:34 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Local\Skype

2014-04-18 18:34 - 2012-09-11 08:55 - 00000000 ____D () C:\ProgramData\Skype

2014-04-18 18:33 - 2014-04-18 18:33 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-04-18 18:33 - 2014-04-18 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2014-04-18 18:33 - 2012-09-11 08:55 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk

2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
 

Some content of TEMP:

====================

C:\Users\HID-MOBIL\AppData\Local\Temp\BackupSetup.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\Creative Cloud Helper.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\CreativeCloudSet-Up.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD1850.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD3571.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD4671.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD7D78.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD86BB.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD8A35.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD8BAB.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD8C37.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD8E2B.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD8EC7.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD8F53.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD8FB1.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD900E.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD90F8.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD931A.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD9887.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADA3AD.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADA939.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADA9A6.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADB402.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADB817.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADBA68.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADC051.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADC773.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADCDC9.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADCF7E.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADDBBD.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADE629.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\hcuninstaller_20131031_181742_5188.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\ICReinstall_ZipOpenerSetup.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\ose00000.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\SHSetup.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\System.Data.SQLite.dll

C:\Users\HID-MOBIL\AppData\Local\Temp\System.Data.SQLite14717.dll

C:\Users\HID-MOBIL\AppData\Local\Temp\System.Data.SQLite27193.dll

C:\Users\HID-MOBIL\AppData\Local\Temp\System.Data.SQLite84577.dll

C:\Users\HID-MOBIL\AppData\Local\Temp\UninstallEADM.dll

C:\Users\HID-MOBIL\AppData\Local\Temp\vcredist_x64.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\xmlUpdater.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\_isC043.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe

[2014-05-14 13:19] - [2014-03-04 11:43] - 0455168 ____A (Microsoft Corporation) 88AB9B72B4BF3963A0DE0820B4B0B06C
 

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-05-11 21:45
 

==================== End Of Log ============================

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2014

Ran by HID-MOBIL at 2014-05-18 10:55:38

Running from C:\Users\HID-MOBIL\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

FW: AVG Internet Security 2014 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
 

==================== Installed Programs ======================
 

Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.105 - NTI Corporation)

Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2108.00 - CyberLink Corp.)

Acer Crystal Eye Webcam (x32 Version: 1.5.2108.00 - CyberLink Corp.) Hidden

Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Acer Incorporated)

Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.01.3503 - Acer Incorporated)

Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3506 - Acer Incorporated)

Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 20.11.1111.1653 - Acer Incorporated)

Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)

Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3501 - Acer Incorporated)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.1.2.232 - Adobe Systems Incorporated)

Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated)

Adobe Reader X (10.1.7) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)

Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)

AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4577 - AVG Technologies)

AVG 2014 (Version: 14.0.3950 - AVG Technologies) Hidden

AVG 2014 (Version: 14.0.4577 - AVG Technologies) Hidden

Backup Manager V3 (x32 Version: 3.0.0.105 - NTI Corporation) Hidden

Battlefield Play4Free (HKLM-x32\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)

Bing Bar (HKLM-x32\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Botanicula (HKLM-x32\...\Botanicula) (Version: 1.0 - Daedalic Entertainment)

Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.381 - Corel Inc.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)

Die Sims™ 3 Inselparadies (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)

Die Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)

Die Sims™ 3 Traumsuite-Accessoires (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)

DigitalSimulatorV5.57 (remove only) (HKLM-x32\...\DigitalSimulatorV5.57) (Version:  - )

eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)

EnhanceTronic (HKLM\...\EnhanceTronic) (Version: 2014.03.07.185813 - EnhanceTronic) <==== ATTENTION

Evernote v. 4.5.2 (HKLM-x32\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.)

Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)

Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)

Google Talk Plugin (HKLM-x32\...\{8E29C1CE-346A-3F59-AE22-8C5B7F230498}) (Version: 5.3.1.18536 - Google)

Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden

Happy Cloud Client (HKCU\...\HappyCloud) (Version: 3.72 - Happy Cloud, Inc.)

Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3503 - Acer Incorporated)

Install Absolute Data Protect (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 1.0.0.42 - Absolute Software)

Intel PROSet Wireless (Version:  - ) Hidden

Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)

Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)

Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)

Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}) (Version: 2.1.1.0153 - Intel Corporation)

Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)

Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)

Intel® PROSet/Wireless WiFi-Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)

Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)

iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)

Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Launch Manager (HKLM-x32\...\LManager) (Version: 6.0.13 - Acer Inc.)

Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)

newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden

Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.7.2.25 - Symantec Corporation)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5 - Notepad++ Team)

NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9006 - NTI Corporation)

NTI Media Maker 9 (x32 Version: 9.0.2.9006 - NTI Corporation) Hidden

NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)

Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)

Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)

Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

ProShield (HKLM-x32\...\InstallShield_{08CCD7B4-9EED-4926-805D-C4FFF869989A}) (Version: 1.1.20.0 - Egis Technology Inc.)

ProShield (Version: 1.1.20.0 - Egis Technology Inc.) Hidden

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)

Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.56.316.2012 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6581 - Realtek Semiconductor Corp.)

Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.27015 - Realtek Semiconductor Corp.)

Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)

Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)

Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)

Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.4 - Sophos Limited)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.41.5 - Synaptics Incorporated)

TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.22298 - TeamViewer)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

Webocton - Scriptly 0.8.95.6 (HKLM-x32\...\Webocton - Scriptly_is1) (Version: 0.8.95.6 - Webocton)

Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated)

Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live 照片库 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live 软件包 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden

Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 

==================== Restore Points  =========================
 

05-05-2014 13:55:13 Windows Update

06-05-2014 20:12:59 Windows Update

07-05-2014 14:20:12 Windows Live Essentials

07-05-2014 14:22:27 Windows Live Essentials

07-05-2014 14:24:58 DirectX wurde installiert

07-05-2014 14:25:30 DirectX wurde installiert

07-05-2014 14:25:54 DirectX wurde installiert

07-05-2014 14:26:54 WLSetup

07-05-2014 16:41:11 Windows Update

07-05-2014 20:11:44 Windows Update

08-05-2014 20:04:35 Windows Update

14-05-2014 11:19:13 Windows Update

14-05-2014 15:40:07 Windows Update

16-05-2014 17:24:38 Installed AVG 2014
 

==================== Hosts content: ==========================
 

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {470D1146-CE4F-4CF9-8884-905C124723D7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {62E4BA9D-E3EC-4A9A-A317-BBDA96B99ABE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-11] (Google Inc.)

Task: {99120788-EBCE-448B-9352-EE4194214397} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4113803299-3835168462-3764686188-1000Core => C:\Users\HID-MOBIL\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-18] (Google Inc.)

Task: {9FF8CA07-606E-4232-B084-A8579D68DFC3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4113803299-3835168462-3764686188-1000UA => C:\Users\HID-MOBIL\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-01] (Facebook Inc.)

Task: {A8C1AE2B-6F95-4E60-B2C7-C1065277A583} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4113803299-3835168462-3764686188-1000Core => C:\Users\HID-MOBIL\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-01] (Facebook Inc.)

Task: {B98CF5DB-E94C-4F73-86EA-654903760907} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4113803299-3835168462-3764686188-1000UA => C:\Users\HID-MOBIL\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-18] (Google Inc.)

Task: {BA5387AB-1849-4F5D-A3B7-9AE778D47DD3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-11] (Google Inc.)

Task: {C17BD594-80F5-4124-B07F-1016BDC7AA0D} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-04-06] (Acer Incorporated)

Task: {DC475869-DFFE-4ADA-AAC4-3FF38DBF2F29} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2012-10-04] (Acer Incorporated)

Task: {E336A0B2-4C3B-403D-BA13-B1094ABC989A} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe <==== ATTENTION

Task: {FAFC742E-84F0-4453-8F3E-D715304997D7} - System32\Tasks\AdobeAAMUpdater-1.0-HID-MOBIL-PC-HID-MOBIL => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4113803299-3835168462-3764686188-1000Core.job => C:\Users\HID-MOBIL\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4113803299-3835168462-3764686188-1000UA.job => C:\Users\HID-MOBIL\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4113803299-3835168462-3764686188-1000Core.job => C:\Users\HID-MOBIL\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4113803299-3835168462-3764686188-1000UA.job => C:\Users\HID-MOBIL\AppData\Local\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2013-08-30 10:01 - 2013-08-30 10:01 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll

2014-04-24 17:56 - 2014-04-28 20:27 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2014-04-24 17:56 - 2014-04-28 20:27 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe

2012-09-11 09:25 - 2012-03-27 02:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2012-02-02 20:43 - 2012-02-02 20:43 - 01407536 _____ () C:\Program Files\Acer ProShield\LIBEAY32.dll

2013-01-28 14:08 - 2013-01-28 14:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2013-01-28 14:08 - 2013-01-28 14:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2012-09-26 16:41 - 2012-09-26 16:41 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll

2012-09-26 16:41 - 2012-09-26 16:41 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll

2012-09-26 16:41 - 2012-09-26 16:41 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll

2014-04-24 21:07 - 2014-04-26 23:02 - 00962560 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll

2014-04-24 21:07 - 2014-04-26 23:02 - 00024064 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll

2014-04-24 21:07 - 2014-04-26 23:02 - 00025088 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll

2014-04-24 21:07 - 2014-04-26 23:02 - 00217088 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll

2014-04-24 21:07 - 2014-04-26 23:02 - 00261632 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll

2014-04-24 21:07 - 2014-04-26 23:02 - 00019968 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll

2014-04-24 21:07 - 2014-04-26 23:02 - 00302592 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll

2014-04-24 21:07 - 2014-04-26 23:02 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll

2014-05-16 20:12 - 2014-05-08 01:29 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll

2014-05-16 20:12 - 2014-05-08 01:29 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libglesv2.dll

2014-05-16 20:12 - 2014-05-08 01:29 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libegl.dll

2014-05-16 20:12 - 2014-05-08 01:29 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll

2014-05-16 20:12 - 2014-05-08 01:29 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll

2014-05-16 20:12 - 2014-05-08 01:29 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll

2014-02-13 20:34 - 2014-02-13 20:34 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b162055347700182d96325676dd591c4\IsdiInterop.ni.dll

2012-10-28 19:53 - 2011-11-29 21:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

2014-05-16 20:12 - 2014-05-08 01:29 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll

2012-10-28 20:00 - 2012-02-07 11:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
 

==================== EXE Association (whitelisted) =============
 
 

==================== Disabled items from MSCONFIG ==============
 
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (05/18/2014 10:01:50 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2

Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000

Ausnahmecode: 0xc0000005

Fehleroffset: 0x69737265

ID des fehlerhaften Prozesses: 0x954

Startzeit der fehlerhaften Anwendung: 0xmbam.exe0

Pfad der fehlerhaften Anwendung: mbam.exe1

Pfad des fehlerhaften Moduls: mbam.exe2

Berichtskennung: mbam.exe3
 

Error: (05/18/2014 10:00:57 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (05/17/2014 10:02:16 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (05/17/2014 05:38:14 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (05/17/2014 02:45:42 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (05/17/2014 01:32:03 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (05/17/2014 10:39:33 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (05/16/2014 02:58:07 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (05/15/2014 05:31:53 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (05/15/2014 03:18:34 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

System errors:

=============

Error: (05/13/2014 10:01:57 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {7160A13D-73DA-4CEA-95B9-37356478588A}
 

Error: (05/11/2014 10:03:12 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {7160A13D-73DA-4CEA-95B9-37356478588A}
 

Error: (05/11/2014 00:22:28 AM) (Source: DCOM) (EventID: 10010) (User: )

Description: {7160A13D-73DA-4CEA-95B9-37356478588A}
 

Error: (05/08/2014 10:04:38 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {7160A13D-73DA-4CEA-95B9-37356478588A}
 

Error: (05/07/2014 06:45:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)

Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: 2007 Microsoft Office Suite Service Pack 3 (SP3)
 

Error: (05/07/2014 01:38:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst avgwd erreicht.
 

Error: (05/06/2014 10:12:54 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {7160A13D-73DA-4CEA-95B9-37356478588A}
 

Error: (05/04/2014 05:16:16 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht.
 

Error: (05/01/2014 10:32:25 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {7160A13D-73DA-4CEA-95B9-37356478588A}
 

Error: (04/26/2014 04:11:59 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.
 
 

Microsoft Office Sessions:

=========================
 

==================== Memory info =========================== 
 

Percentage of memory in use: 56%

Total physical RAM: 3907.76 MB

Available physical RAM: 1684.16 MB

Total Pagefile: 7813.7 MB

Available Pagefile: 5048.84 MB

Total Virtual: 8192 MB

Available Virtual: 8191.83 MB
 

==================== Drives ================================
 

Drive c: (Acer) (Fixed) (Total:219.2 GB) (Free:110.41 GB) NTFS

Drive d: (DATA) (Fixed) (Total:219.25 GB) (Free:219.12 GB) NTFS

Drive e: (Sims3EP10) (CDROM) (Total:4.37 GB) (Free:0 GB) UDF
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 466 GB) (Disk ID: 3DAA953E)
 

Partition: GPT Partition Type.
 

==================== End Of Log ============================

Schritt 1 (Programm deinstallieren): erledigt
Schritt 2 (Fixlog.txt):

Code:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-05-2014

Ran by HID-MOBIL at 2014-05-19 19:22:10 Run:1

Running from C:\FRST

Boot Mode: Normal

==============================================
 

Content of fixlist:

*****************

HKU\S-1-5-21-4113803299-3835168462-3764686188-1000\...\Winlogon: [Shell]

ProxyServer: http=127.0.0.1:49162;https=127.0.0.1:49162

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1394390883&from=adks&uid=WDCXWD5000BPVT-22A1YT0_WD-WX31C125974259742&q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1394390883&from=adks&uid=WDCXWD5000BPVT-22A1YT0_WD-WX31C125974259742&q={searchTerms}

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

Task: {E336A0B2-4C3B-403D-BA13-B1094ABC989A} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe <==== ATTENTION

C:\Program Files (x86)\Browsersafeguard

         

*****************
 

HKU\S-1-5-21-4113803299-3835168462-3764686188-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.

HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.

HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E336A0B2-4C3B-403D-BA13-B1094ABC989A} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E336A0B2-4C3B-403D-BA13-B1094ABC989A} => Key deleted successfully.

C:\Windows\System32\Tasks\BrowserSafeguard Update Task => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserSafeguard Update Task => Key deleted successfully.

"C:\Program Files (x86)\Browsersafeguard" => File/Directory not found.
 

==== End of Fixlog ====

Schritt 3 (Browsereinstellungen zurücksetzen): erledigt
Schritt 4 (log.txt):

Code:

ESETSmartInstaller@High as downloader log:

all ok

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6920

# api_version=3.0.2

# EOSSerial=dc6855fa8960d0409fbf38432c1c6b45

# engine=18336

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2014-05-20 03:53:47

# local_time=2014-05-20 05:53:47 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1031

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=5893 16776574 100 94 27118119 152231077 0 0

# scanned=254581

# found=3

# cleaned=0

# scan_time=6429

sh=7FB2AC849359B04C5CD8E83D1BF1595743A3533B ft=1 fh=c71c0011a69fb8e7 vn="Variante von Win32/InstallCore.IT evtl. unerwünschte Anwendung" ac=I fn="C:\Users\HID-MOBIL\AppData\Local\Temp\ICReinstall_ZipOpenerSetup.exe"

sh=A836A8346F791EC8A83B51BC78E84B2F6659E6DA ft=1 fh=0a2e45c370149901 vn="Win32/Wajam.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\HID-MOBIL\AppData\Local\Temp\is357113909\283597_stp\wajam_validate.exe"

sh=A836A8346F791EC8A83B51BC78E84B2F6659E6DA ft=1 fh=0a2e45c370149901 vn="Win32/Wajam.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\HID-MOBIL\AppData\Local\Temp\is357113909\6502201_stp\wajam_validate.exe"

Schritt 5 (FRST.txt):

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014

Ran by HID-MOBIL (administrator) on HID-MOBIL-PC on 20-05-2014 18:01:12

Running from C:\FRST

Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 

==================== Processes (Whitelisted) =================
 

(Egis Technology Inc. ) C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

() C:\Windows\SysWOW64\PnkBstrB.exe

(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

(Intel Corporation) C:\Windows\System32\igfxext.exe

(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe

(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

(Egis Technology Inc. ) C:\Program Files\Acer ProShield\EgisTSR.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE

(Microsoft Corporation) C:\Windows\splwow64.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-21] (Realtek Semiconductor)

HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation)

HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11407120 2012-03-27] (Intel Corporation)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2868496 2012-02-14] (Synaptics Incorporated)

HKLM\...\Run: [ProShieldTSR] => C:\Program Files\Acer ProShield\EgisTSR.exe [165936 2012-02-02] (Egis Technology Inc. )

HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297024 2012-09-26] (NTI Corporation)

HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1111632 2012-03-05] (Dritek System Inc.)

HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-04] (Intel Corporation)

HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-11-05] (Egis Technology Inc.)

HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202096 2010-11-05] (Egis Technology Inc.)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-4113803299-3835168462-3764686188-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent

HKU\S-1-5-21-4113803299-3835168462-3764686188-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-26] (Electronic Arts)

HKU\S-1-5-21-4113803299-3835168462-3764686188-1000\...\Run: [Facebook Update] => C:\Users\HID-MOBIL\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-01] (Facebook Inc.)

HKU\S-1-5-21-4113803299-3835168462-3764686188-1000\...\Run: [Google Update] => C:\Users\HID-MOBIL\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-01-18] (Google Inc.)

HKU\S-1-5-21-4113803299-3835168462-3764686188-1000\...\MountPoints2: {b6940353-212b-11e2-8d9e-806e6f6e6963} - E:\Autorun.exe

Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk

ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
 

==================== Internet (Whitelisted) ====================
 

StartMenuInternet: IEXPLORE.EXE - iexplore.exe

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: EgisPBIE Sign-in Helper - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files\Acer ProShield\x86\EgisPBIE.dll (Egis Technology Inc.)

BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.29.253
 

FireFox:

========

FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\HID-MOBIL\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\HID-MOBIL\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\HID-MOBIL\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\HID-MOBIL\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\HID-MOBIL\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)

FF Plugin ProgramFiles/Appdata: C:\Users\HID-MOBIL\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\HID-MOBIL\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)

FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files\Acer ProShield\FFExt

FF Extension:  Online Accounts Extension  - C:\Program Files\Acer ProShield\FFExt [2012-10-28]

FF HKLM-x32\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files\Acer ProShield\FFExt20

FF Extension:  Online Accounts Extension  - C:\Program Files\Acer ProShield\FFExt20 [2012-10-28]

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
 

Chrome: 

=======

CHR HomePage: hxxp://www.awesomehp.com/?type=hp&ts=1394390883&from=adks&uid=WDCXWD5000BPVT-22A1YT0_WD-WX31C125974259742

CHR StartupUrls: "hxxp://www.google.com/"

CHR Extension: (Google Docs) - C:\Users\HID-MOBIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-11]

CHR Extension: (Google Drive) - C:\Users\HID-MOBIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-11]

CHR Extension: (YouTube) - C:\Users\HID-MOBIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-11]

CHR Extension: (Google-Suche) - C:\Users\HID-MOBIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-11]

CHR Extension: (Online Accounts Extension ) - C:\Users\HID-MOBIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ladimmjldcgbeamniagencjbodhnmgen [2013-11-11]

CHR Extension: (Google Wallet) - C:\Users\HID-MOBIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-11]

CHR Extension: (Battlefield Play4Free) - C:\Users\HID-MOBIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2014-04-24]

CHR Extension: (Google Mail) - C:\Users\HID-MOBIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-11]

CHR HKLM-x32\...\Chrome\Extension: [ladimmjldcgbeamniagencjbodhnmgen] - C:\Program Files\Acer ProShield\ChromeEx\EgisPBChromeExt.crx [2012-02-02]
 

==================== Services (Whitelisted) =================
 

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)

R2 EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [218160 2012-02-02] (Egis Technology Inc. )

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4233088 2013-04-29] (Symantec Corporation)

R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256576 2012-09-26] (NTI Corporation)

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-04-28] ()

R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-04-28] ()

R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)
 

==================== Drivers (Whitelisted) ====================
 

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-05-13] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [236312 2014-05-13] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [191768 2014-05-13] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-05-13] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [323352 2014-05-13] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130328 2014-05-13] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-05-13] (AVG Technologies CZ, s.r.o.)

R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [273176 2014-05-13] (AVG Technologies CZ, s.r.o.)

R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [88280 2014-04-03] (Malwarebytes Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-20] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)

R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [22800 2012-02-14] (Synaptics Incorporated)

S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-05-20 16:03 - 2014-05-20 16:03 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-05-20 16:02 - 2014-05-20 16:02 - 02347384 _____ (ESET) C:\Users\HID-MOBIL\Downloads\esetsmartinstaller_deu (2).exe

2014-05-19 21:52 - 2014-05-19 21:52 - 02347384 _____ (ESET) C:\Users\HID-MOBIL\Downloads\esetsmartinstaller_deu (1).exe

2014-05-19 19:32 - 2014-05-19 19:32 - 02347384 _____ (ESET) C:\Users\HID-MOBIL\Downloads\esetsmartinstaller_deu.exe

2014-05-19 19:32 - 2014-05-19 19:32 - 02347384 _____ (ESET) C:\Users\HID-MOBIL\Desktop\esetsmartinstaller_deu.exe

2014-05-18 10:57 - 2014-05-18 10:57 - 00051179 _____ () C:\Users\HID-MOBIL\Desktop\FRST.txt

2014-05-18 10:57 - 2014-05-18 10:57 - 00035119 _____ () C:\Users\HID-MOBIL\Desktop\Addition.txt

2014-05-18 10:55 - 2014-05-18 10:56 - 00035119 _____ () C:\Users\HID-MOBIL\Downloads\Addition.txt

2014-05-18 10:54 - 2014-05-20 18:01 - 00000000 ____D () C:\FRST

2014-05-18 10:54 - 2014-05-18 10:56 - 00051179 _____ () C:\Users\HID-MOBIL\Downloads\FRST.txt

2014-05-18 10:51 - 2014-05-18 10:51 - 00000480 _____ () C:\Users\HID-MOBIL\Downloads\defogger_disable.log

2014-05-18 10:51 - 2014-05-18 10:51 - 00000000 _____ () C:\Users\HID-MOBIL\defogger_reenable

2014-05-18 10:49 - 2014-05-18 10:49 - 00050477 _____ () C:\Users\HID-MOBIL\Desktop\Defogger.exe

2014-05-17 17:04 - 2014-05-20 16:48 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-05-17 17:04 - 2014-05-17 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-05-17 17:04 - 2014-05-17 17:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-05-17 17:04 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-05-17 17:04 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-05-14 13:24 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-14 13:24 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-14 13:24 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-05-14 13:24 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-05-14 13:24 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-05-14 13:24 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-05-14 13:20 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-05-14 13:20 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-05-14 13:20 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-05-14 13:20 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2014-05-14 13:19 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2014-05-14 13:19 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2014-05-14 13:19 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-05-14 13:19 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2014-05-14 13:19 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2014-05-14 13:19 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2014-05-14 13:19 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2014-05-14 13:19 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-05-14 13:19 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-05-14 13:19 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-05-14 13:19 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-05-14 13:19 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll

2014-05-14 13:19 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2014-05-14 13:19 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-05-14 13:19 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-05-14 13:19 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-05-14 13:19 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-05-14 13:19 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll

2014-05-14 13:19 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2014-05-14 13:19 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll

2014-05-14 13:19 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll

2014-05-14 13:19 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll

2014-05-14 13:19 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll

2014-05-14 13:19 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll

2014-05-14 13:19 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-05-14 13:19 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2014-05-14 13:19 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2014-05-14 13:19 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll

2014-05-14 13:19 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-05-14 13:19 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys

2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys

2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys

2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys

2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys

2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys

2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys

2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys

2014-05-09 20:24 - 2014-05-09 20:24 - 00001969 _____ () C:\Users\HID-MOBIL\Desktop\Webocton - Scriptly.lnk

2014-05-09 20:24 - 2014-05-09 20:24 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Roaming\Webocton - Scriptly

2014-05-09 20:24 - 2014-05-09 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webocton - Scriptly

2014-05-09 20:24 - 2014-05-09 20:24 - 00000000 ____D () C:\Program Files (x86)\Webocton - Scriptly

2014-05-09 20:22 - 2014-05-09 20:22 - 14753601 _____ (Webocton ) C:\Users\HID-MOBIL\Downloads\webocton_scriptly.exe

2014-05-07 18:45 - 2014-05-07 18:45 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help

2014-05-07 18:45 - 2014-05-07 18:45 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help

2014-05-07 18:43 - 2014-05-07 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-05-07 18:42 - 2014-05-07 18:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-05-07 18:42 - 2014-05-07 18:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-05-07 16:24 - 2014-05-07 16:24 - 00002200 _____ () C:\Users\HID-MOBIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk

2014-05-07 16:24 - 2014-05-07 16:24 - 00002128 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk

2014-05-07 16:24 - 2014-05-07 16:24 - 00002128 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk

2014-05-07 16:24 - 2014-05-07 16:24 - 00000000 ___RD () C:\Users\HID-MOBIL\SkyDrive

2014-05-07 16:24 - 2014-05-07 16:24 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive

2014-05-07 16:24 - 2014-05-07 16:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive

2014-05-07 16:20 - 2014-05-14 15:25 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Local\Windows Live

2014-05-07 16:20 - 2014-05-07 16:20 - 00003192 _____ () C:\Windows\System32\Tasks\{CF948B7E-2258-497C-ADBB-8F8D083E01DE}

2014-05-07 16:19 - 2014-05-07 16:19 - 142602520 _____ (Microsoft Corporation) C:\Users\HID-MOBIL\Downloads\wlsetup-all_16.4.3508.0205.exe

2014-05-06 22:13 - 2014-05-14 19:32 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-05-05 15:55 - 2014-05-14 13:24 - 00000000 ____D () C:\Windows\system32\MRT

2014-05-05 15:55 - 2014-05-14 13:22 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-04-30 20:34 - 2014-04-30 20:34 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Roaming\Mozilla

2014-04-29 18:59 - 2014-04-29 19:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-04-28 20:27 - 2014-04-28 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games

2014-04-24 22:39 - 2014-04-24 22:40 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Local\Mozilla

2014-04-24 22:39 - 2014-04-24 22:39 - 00000000 ____D () C:\ProgramData\Mozilla

2014-04-24 21:18 - 2014-04-24 21:21 - 00000000 ____D () C:\Program Files (x86)\EA Games

2014-04-24 17:57 - 2014-04-24 17:58 - 00000000 ____D () C:\Users\HID-MOBIL\Documents\Battlefield Play4Free

2014-04-24 17:56 - 2014-04-28 20:27 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe

2014-04-24 17:56 - 2014-04-28 20:27 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
 

==================== One Month Modified Files and Folders =======
 

2014-05-20 18:01 - 2014-05-18 10:54 - 00000000 ____D () C:\FRST

2014-05-20 17:39 - 2014-01-18 19:10 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4113803299-3835168462-3764686188-1000UA.job

2014-05-20 17:09 - 2013-11-11 14:15 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-05-20 16:48 - 2014-05-17 17:04 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-05-20 16:09 - 2013-11-11 14:15 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-05-20 16:04 - 2013-11-01 22:59 - 00000944 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4113803299-3835168462-3764686188-1000UA.job

2014-05-20 16:04 - 2009-07-14 06:45 - 00016768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-05-20 16:04 - 2009-07-14 06:45 - 00016768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-05-20 16:03 - 2014-05-20 16:03 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-05-20 16:02 - 2014-05-20 16:02 - 02347384 _____ (ESET) C:\Users\HID-MOBIL\Downloads\esetsmartinstaller_deu (2).exe

2014-05-20 16:02 - 2012-10-28 19:43 - 01291283 _____ () C:\Windows\WindowsUpdate.log

2014-05-20 16:01 - 2013-07-13 18:57 - 00000000 ____D () C:\ProgramData\MFAData

2014-05-20 15:58 - 2013-05-31 09:48 - 00000000 ____D () C:\ProgramData\boost_interprocess

2014-05-20 15:56 - 2013-03-02 12:25 - 00000000 ____D () C:\ProgramData\Origin

2014-05-20 15:55 - 2013-03-02 12:24 - 00000000 ____D () C:\Program Files (x86)\Origin

2014-05-20 15:54 - 2010-11-21 05:47 - 00185554 _____ () C:\Windows\PFRO.log

2014-05-20 15:54 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-05-20 15:54 - 2009-07-14 06:51 - 00143246 _____ () C:\Windows\setupact.log

2014-05-20 05:45 - 2013-03-13 15:37 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Local\Adobe

2014-05-19 22:04 - 2013-11-01 22:59 - 00000922 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4113803299-3835168462-3764686188-1000Core.job

2014-05-19 21:52 - 2014-05-19 21:52 - 02347384 _____ (ESET) C:\Users\HID-MOBIL\Downloads\esetsmartinstaller_deu (1).exe

2014-05-19 19:32 - 2014-05-19 19:32 - 02347384 _____ (ESET) C:\Users\HID-MOBIL\Downloads\esetsmartinstaller_deu.exe

2014-05-19 19:32 - 2014-05-19 19:32 - 02347384 _____ (ESET) C:\Users\HID-MOBIL\Desktop\esetsmartinstaller_deu.exe

2014-05-19 19:29 - 2012-10-29 04:34 - 00701576 _____ () C:\Windows\system32\perfh007.dat

2014-05-19 19:29 - 2012-10-29 04:34 - 00150444 _____ () C:\Windows\system32\perfc007.dat

2014-05-19 19:29 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-05-19 15:39 - 2014-01-18 19:10 - 00001084 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4113803299-3835168462-3764686188-1000Core.job

2014-05-19 15:19 - 2014-03-31 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-05-19 15:19 - 2013-10-14 18:46 - 00000985 _____ () C:\Users\Public\Desktop\AVG 2014.lnk

2014-05-18 10:57 - 2014-05-18 10:57 - 00051179 _____ () C:\Users\HID-MOBIL\Desktop\FRST.txt

2014-05-18 10:57 - 2014-05-18 10:57 - 00035119 _____ () C:\Users\HID-MOBIL\Desktop\Addition.txt

2014-05-18 10:56 - 2014-05-18 10:55 - 00035119 _____ () C:\Users\HID-MOBIL\Downloads\Addition.txt

2014-05-18 10:56 - 2014-05-18 10:54 - 00051179 _____ () C:\Users\HID-MOBIL\Downloads\FRST.txt

2014-05-18 10:51 - 2014-05-18 10:51 - 00000480 _____ () C:\Users\HID-MOBIL\Downloads\defogger_disable.log

2014-05-18 10:51 - 2014-05-18 10:51 - 00000000 _____ () C:\Users\HID-MOBIL\defogger_reenable

2014-05-18 10:51 - 2012-12-24 20:55 - 00000000 ____D () C:\Users\HID-MOBIL

2014-05-18 10:49 - 2014-05-18 10:49 - 00050477 _____ () C:\Users\HID-MOBIL\Desktop\Defogger.exe

2014-05-18 10:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-05-17 17:04 - 2014-05-17 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-05-17 17:04 - 2014-05-17 17:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-05-17 17:04 - 2013-10-26 23:12 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-05-17 17:04 - 2013-10-26 23:12 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Roaming\Malwarebytes

2014-05-17 17:04 - 2013-10-26 23:12 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-05-17 17:04 - 2013-10-26 23:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-05-16 20:12 - 2013-11-11 14:16 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-05-14 19:35 - 2012-12-24 20:58 - 00000000 ___RD () C:\Users\HID-MOBIL\Virtual Machines

2014-05-14 19:35 - 2012-12-24 20:58 - 00000000 ___RD () C:\Users\HID-MOBIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-05-14 19:35 - 2012-12-24 20:58 - 00000000 ___RD () C:\Users\HID-MOBIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-05-14 19:32 - 2014-05-06 22:13 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-05-14 19:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-05-14 15:25 - 2014-05-07 16:20 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Local\Windows Live

2014-05-14 13:24 - 2014-05-05 15:55 - 00000000 ____D () C:\Windows\system32\MRT

2014-05-14 13:24 - 2013-03-02 11:58 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-05-14 13:22 - 2014-05-05 15:55 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-05-13 18:36 - 2013-07-06 11:39 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Roaming\Skype

2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys

2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys

2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys

2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys

2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys

2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys

2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys

2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys

2014-05-09 20:24 - 2014-05-09 20:24 - 00001969 _____ () C:\Users\HID-MOBIL\Desktop\Webocton - Scriptly.lnk

2014-05-09 20:24 - 2014-05-09 20:24 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Roaming\Webocton - Scriptly

2014-05-09 20:24 - 2014-05-09 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webocton - Scriptly

2014-05-09 20:24 - 2014-05-09 20:24 - 00000000 ____D () C:\Program Files (x86)\Webocton - Scriptly

2014-05-09 20:22 - 2014-05-09 20:22 - 14753601 _____ (Webocton ) C:\Users\HID-MOBIL\Downloads\webocton_scriptly.exe

2014-05-09 16:04 - 2013-11-11 14:15 - 00004112 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-05-09 16:04 - 2013-11-11 14:15 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-05-09 15:34 - 2014-01-18 19:10 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4113803299-3835168462-3764686188-1000UA

2014-05-09 15:34 - 2014-01-18 19:10 - 00003718 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4113803299-3835168462-3764686188-1000Core

2014-05-09 08:14 - 2014-05-14 13:20 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-05-09 08:11 - 2014-05-14 13:20 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-05-07 19:37 - 2012-12-24 20:56 - 00070736 _____ () C:\Users\HID-MOBIL\AppData\Local\GDIPFONTCACHEV1.DAT

2014-05-07 19:35 - 2009-07-14 06:45 - 04988504 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-05-07 18:45 - 2014-05-07 18:45 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help

2014-05-07 18:45 - 2014-05-07 18:45 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help

2014-05-07 18:44 - 2013-03-02 12:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works

2014-05-07 18:43 - 2014-05-07 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-05-07 18:42 - 2014-05-07 18:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-05-07 18:42 - 2014-05-07 18:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-05-07 16:27 - 2012-09-11 08:59 - 00000000 ____D () C:\Program Files (x86)\Windows Live

2014-05-07 16:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared

2014-05-07 16:25 - 2012-09-11 08:58 - 00254973 _____ () C:\Windows\DirectX.log

2014-05-07 16:24 - 2014-05-07 16:24 - 00002200 _____ () C:\Users\HID-MOBIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk

2014-05-07 16:24 - 2014-05-07 16:24 - 00002128 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk

2014-05-07 16:24 - 2014-05-07 16:24 - 00002128 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk

2014-05-07 16:24 - 2014-05-07 16:24 - 00000000 ___RD () C:\Users\HID-MOBIL\SkyDrive

2014-05-07 16:24 - 2014-05-07 16:24 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive

2014-05-07 16:24 - 2014-05-07 16:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive

2014-05-07 16:24 - 2012-09-11 08:58 - 00000000 ____D () C:\Program Files\Windows Live

2014-05-07 16:23 - 2012-09-11 09:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live

2014-05-07 16:20 - 2014-05-07 16:20 - 00003192 _____ () C:\Windows\System32\Tasks\{CF948B7E-2258-497C-ADBB-8F8D083E01DE}

2014-05-07 16:19 - 2014-05-07 16:19 - 142602520 _____ (Microsoft Corporation) C:\Users\HID-MOBIL\Downloads\wlsetup-all_16.4.3508.0205.exe

2014-05-07 14:50 - 2013-10-14 18:44 - 00000000 ____D () C:\ProgramData\AVG2014

2014-05-07 13:40 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-05-06 06:40 - 2014-05-14 13:24 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-06 06:17 - 2014-05-14 13:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-06 05:25 - 2014-05-14 13:24 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-05-06 05:07 - 2014-05-14 13:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-05-06 05:00 - 2014-05-14 13:24 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-05-06 04:10 - 2014-05-14 13:24 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-04-30 20:34 - 2014-04-30 20:34 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Roaming\Mozilla

2014-04-29 19:10 - 2014-04-29 18:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-04-28 20:27 - 2014-04-28 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games

2014-04-28 20:27 - 2014-04-24 17:56 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe

2014-04-28 20:27 - 2014-04-24 17:56 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2014-04-24 22:47 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2014-04-24 22:47 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2014-04-24 22:40 - 2014-04-24 22:39 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Local\Mozilla

2014-04-24 22:39 - 2014-04-24 22:39 - 00000000 ____D () C:\ProgramData\Mozilla

2014-04-24 21:21 - 2014-04-24 21:18 - 00000000 ____D () C:\Program Files (x86)\EA Games

2014-04-24 21:11 - 2013-03-02 12:25 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Roaming\Origin

2014-04-24 21:11 - 2013-03-02 12:25 - 00000000 ____D () C:\Users\HID-MOBIL\AppData\Local\Origin

2014-04-24 17:58 - 2014-04-24 17:57 - 00000000 ____D () C:\Users\HID-MOBIL\Documents\Battlefield Play4Free

2014-04-22 14:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
 

Some content of TEMP:

====================

C:\Users\HID-MOBIL\AppData\Local\Temp\BackupSetup.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\Creative Cloud Helper.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\CreativeCloudSet-Up.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD1850.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD3571.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD4671.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD7D78.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD86BB.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD8A35.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD8BAB.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD8C37.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD8E2B.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD8EC7.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD8F53.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD8FB1.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD900E.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD90F8.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD931A.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EAD9887.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADA3AD.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADA939.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADA9A6.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADB402.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADB817.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADBA68.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADC051.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADC773.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADCDC9.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADCF7E.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADDBBD.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\EADE629.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\hcuninstaller_20131031_181742_5188.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\ICReinstall_ZipOpenerSetup.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\ose00000.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\SHSetup.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\System.Data.SQLite.dll

C:\Users\HID-MOBIL\AppData\Local\Temp\System.Data.SQLite14717.dll

C:\Users\HID-MOBIL\AppData\Local\Temp\System.Data.SQLite27193.dll

C:\Users\HID-MOBIL\AppData\Local\Temp\System.Data.SQLite84577.dll

C:\Users\HID-MOBIL\AppData\Local\Temp\UninstallEADM.dll

C:\Users\HID-MOBIL\AppData\Local\Temp\vcredist_x64.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\xmlUpdater.exe

C:\Users\HID-MOBIL\AppData\Local\Temp\_isC043.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe

[2014-05-14 13:19] - [2014-03-04 11:43] - 0455168 ____A (Microsoft Corporation) 88AB9B72B4BF3963A0DE0820B4B0B06C
 

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-05-11 21:45
 

==================== End Of Log ============================

--- --- ---