Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A"

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 05.03.2014, 11:45   #1
grasp
 
MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A" - Unglücklich

MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A"



Hallo,

der „Internetrechner“, den meine Frau und ich gemeinsam benutzen, war laut meiner Liebsten in letzter Zeit etwas langsam geworden.

Also machte ich gemäß TB-Anleitung ein Systemscan mit MalwareBytes.
MB meldete 2 Funde einschl. ein Registry Key von oben genannten Anbietern.

Anbei das MB-Logfile:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.05.02

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16798
Gaspar :: SAMSUNG [Administrator]

05.03.2014 06:51:31
mbam-log-2014-03-05 (06-51-31).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 428924
Laufzeit: 1 Stunde(n), 18 Minute(n), 40 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCU\Software\Datamngr (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Carina\Downloads\Internet_Explorer_10_brch.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
Gleich nach "Entfernen" durch MB meldete Avira, dass die Registry blockiert sei, und ein Systemscan notwendig sei.
Der Systemscan von Avira meldete auch was und das Teil wurd in Quarantäne gestellt.

Avira-Logfile:

Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Mittwoch, 5. März 2014  10:21


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira Antivirus Free
Seriennummer   : 0000149996-AVHOE-0000001
Plattform      : Windows 8
Windowsversion : (plain)  [6.2.9200]
Boot Modus     : Normal gebootet
Benutzername   : SYSTEM
Computername   : SAMSUNG

Versionsinformationen:
BUILD.DAT      : 14.0.3.338     56624 Bytes  14.02.2014 11:00:00
AVSCAN.EXE     : 14.0.3.332   1058384 Bytes  20.02.2014 11:00:33
AVSCANRC.DLL   : 14.0.2.180     62008 Bytes  14.02.2014 10:00:47
LUKE.DLL       : 14.0.3.336     65616 Bytes  20.02.2014 11:00:36
AVSCPLR.DLL    : 14.0.3.336    124496 Bytes  20.02.2014 11:00:33
AVREG.DLL      : 14.0.3.336    250448 Bytes  20.02.2014 11:00:32
avlode.dll     : 14.0.3.336    544848 Bytes  20.02.2014 11:00:32
avlode.rdf     : 14.0.3.26      58589 Bytes  20.02.2014 23:11:43
VBASE000.VDF   : 7.11.70.0   66736640 Bytes  04.04.2013 18:25:41
VBASE001.VDF   : 7.11.74.226  2201600 Bytes  30.04.2013 18:25:41
VBASE002.VDF   : 7.11.80.60   2751488 Bytes  28.05.2013 18:25:41
VBASE003.VDF   : 7.11.85.214  2162688 Bytes  21.06.2013 18:25:41
VBASE004.VDF   : 7.11.91.176  3903488 Bytes  23.07.2013 18:25:41
VBASE005.VDF   : 7.11.98.186  6822912 Bytes  29.08.2013 18:25:41
VBASE006.VDF   : 7.11.103.230  2293248 Bytes  24.09.2013 18:25:41
VBASE007.VDF   : 7.11.116.38  5485568 Bytes  28.11.2013 16:26:17
VBASE008.VDF   : 7.11.126.50  3615744 Bytes  22.01.2014 16:53:05
VBASE009.VDF   : 7.11.128.174  2030080 Bytes  03.02.2014 15:47:30
VBASE010.VDF   : 7.11.134.72  3034112 Bytes  03.03.2014 17:43:18
VBASE011.VDF   : 7.11.134.73     2048 Bytes  03.03.2014 17:43:18
VBASE012.VDF   : 7.11.134.74     2048 Bytes  03.03.2014 17:43:18
VBASE013.VDF   : 7.11.134.75     2048 Bytes  03.03.2014 17:43:18
VBASE014.VDF   : 7.11.134.76     2048 Bytes  03.03.2014 17:43:18
VBASE015.VDF   : 7.11.134.77     2048 Bytes  03.03.2014 17:43:18
VBASE016.VDF   : 7.11.134.78     2048 Bytes  03.03.2014 17:43:18
VBASE017.VDF   : 7.11.134.79     2048 Bytes  03.03.2014 17:43:18
VBASE018.VDF   : 7.11.134.80     2048 Bytes  03.03.2014 17:43:18
VBASE019.VDF   : 7.11.134.81     2048 Bytes  03.03.2014 17:43:18
VBASE020.VDF   : 7.11.134.82     2048 Bytes  03.03.2014 17:43:18
VBASE021.VDF   : 7.11.134.83     2048 Bytes  03.03.2014 17:43:18
VBASE022.VDF   : 7.11.134.84     2048 Bytes  03.03.2014 17:43:18
VBASE023.VDF   : 7.11.134.85     2048 Bytes  03.03.2014 17:43:19
VBASE024.VDF   : 7.11.134.86     2048 Bytes  03.03.2014 17:43:19
VBASE025.VDF   : 7.11.134.87     2048 Bytes  03.03.2014 17:43:19
VBASE026.VDF   : 7.11.134.88     2048 Bytes  03.03.2014 17:43:19
VBASE027.VDF   : 7.11.134.89     2048 Bytes  03.03.2014 17:43:19
VBASE028.VDF   : 7.11.134.90     2048 Bytes  03.03.2014 17:43:19
VBASE029.VDF   : 7.11.134.91     2048 Bytes  03.03.2014 17:43:19
VBASE030.VDF   : 7.11.134.92     2048 Bytes  03.03.2014 17:43:19
VBASE031.VDF   : 7.11.134.198   319488 Bytes  05.03.2014 05:34:46
Engineversion  : 8.2.14.18 
AEVDF.DLL      : 8.1.3.4       102774 Bytes  31.10.2013 18:25:18
AESCRIPT.DLL   : 8.1.4.194     524670 Bytes  27.02.2014 19:38:32
AESCN.DLL      : 8.1.10.6      131447 Bytes  15.12.2013 19:25:22
AESBX.DLL      : 8.2.20.6     1331575 Bytes  26.01.2014 16:53:15
AERDL.DLL      : 8.2.0.138     704888 Bytes  03.12.2013 13:51:49
AEPACK.DLL     : 8.4.0.4       774520 Bytes  27.02.2014 19:38:32
AEOFFICE.DLL   : 8.1.2.82      205181 Bytes  20.02.2014 23:11:43
AEHEUR.DLL     : 8.1.4.938    6521210 Bytes  27.02.2014 19:38:32
AEHELP.DLL     : 8.1.27.10     266618 Bytes  23.11.2013 09:16:14
AEGEN.DLL      : 8.1.7.22      446839 Bytes  26.01.2014 16:53:10
AEEXP.DLL      : 8.4.1.238     483704 Bytes  27.02.2014 19:38:33
AEEMU.DLL      : 8.1.3.2       393587 Bytes  31.10.2013 18:25:18
AECORE.DLL     : 8.1.35.0      229753 Bytes  17.02.2014 19:02:56
AEBB.DLL       : 8.1.1.4        53619 Bytes  31.10.2013 18:25:18
AVWINLL.DLL    : 14.0.3.252     23608 Bytes  20.02.2014 11:00:31
AVPREF.DLL     : 14.0.3.252     48696 Bytes  20.02.2014 11:00:32
AVREP.DLL      : 14.0.3.252    175672 Bytes  20.02.2014 11:00:32
AVARKT.DLL     : 14.0.3.336    256080 Bytes  20.02.2014 11:00:31
AVEVTLOG.DLL   : 14.0.3.336    165968 Bytes  20.02.2014 11:00:32
SQLITE3.DLL    : 3.7.0.1       394808 Bytes  14.02.2014 10:00:50
AVSMTP.DLL     : 14.0.3.252     60472 Bytes  20.02.2014 11:00:33
NETNT.DLL      : 14.0.3.252     13368 Bytes  20.02.2014 11:00:36
RCIMAGE.DLL    : 14.0.3.260   4979256 Bytes  20.02.2014 11:00:31
RCTEXT.DLL     : 14.0.3.282     72760 Bytes  20.02.2014 11:00:31

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: c:\program files (x86)\avira\antivir desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, 
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: ein
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Abweichende Gefahrenkategorien........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Beginn des Suchlaufs: Mittwoch, 5. März 2014  10:21

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:)'
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.
Fehler in der ARK Library

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '97' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '178' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLANExt.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '12' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '105' Modul(e) wurden durchsucht
Durchsuche Prozess 'apnmcp.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'EasyLauncher.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'EvtEng.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'ExpressCache.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'ifxspmgt.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'ifxtcs.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'HeciServer.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'jhi_service.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'HelperService.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'IfxPsdSv.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'RegSrvc.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'ZeroConfigService.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'avwebg7.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'dashost.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'devmonsrv.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'obexsrv.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'BTHSAmpPalService.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'BTHSSecurityMgr.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'IntelMeFWService.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'daemonu.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'SWMAgent.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'UNS.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'IntelCpHeciSvc.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhostex.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'EasySettingsCmdServer.exe' - '110' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '186' Modul(e) wurden durchsucht
Durchsuche Prozess 'sSettings.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'PSDrt.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpTna.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxext.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVCpl64.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'ETDCtrl.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'ETDCtrlHelper.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'hkcmd.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxpers.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'CLMLSvc_P2G8.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'PDVD10Serv.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '94' Modul(e) wurden durchsucht
Durchsuche Prozess 'CommonAgent.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'GuaranaAgent.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbam.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'ismagent.exe' - '102' Modul(e) wurden durchsucht
Durchsuche Prozess 'updateui.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '112' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '115' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '27' Modul(e) wurden durchsucht

Untersuchung der Systemdateien wird begonnen:
Signiert -> 'C:\windows\system32\svchost.exe'
Signiert -> 'C:\windows\system32\winlogon.exe'
Signiert -> 'C:\windows\explorer.exe'
Signiert -> 'C:\windows\system32\smss.exe'
Signiert -> 'C:\windows\system32\wininet.DLL'
Signiert -> 'C:\windows\system32\wsock32.DLL'
Signiert -> 'C:\windows\system32\ws2_32.DLL'
Signiert -> 'C:\windows\system32\services.exe'
Signiert -> 'C:\windows\system32\lsass.exe'
Signiert -> 'C:\windows\system32\csrss.exe'
Signiert -> 'C:\windows\system32\drivers\kbdclass.sys'
Signiert -> 'C:\windows\system32\spoolsv.exe'
Signiert -> 'C:\windows\system32\alg.exe'
Signiert -> 'C:\windows\system32\wuauclt.exe'
Signiert -> 'C:\windows\system32\advapi32.DLL'
Signiert -> 'C:\windows\system32\user32.DLL'
Signiert -> 'C:\windows\system32\gdi32.DLL'
Signiert -> 'C:\windows\system32\kernel32.DLL'
Signiert -> 'C:\windows\system32\ntdll.DLL'
Signiert -> 'C:\windows\system32\ntoskrnl.exe'
Signiert -> 'C:\windows\system32\drivers\beep.sys'
Signiert -> 'C:\windows\system32\ctfmon.exe'
Signiert -> 'C:\windows\system32\imm32.dll'
Signiert -> 'C:\windows\system32\dsound.dll'
Signiert -> 'C:\windows\system32\aclui.dll'
Signiert -> 'C:\windows\system32\msvcrt.dll'
Signiert -> 'C:\windows\system32\d3d9.dll'
Signiert -> 'C:\windows\system32\dnsapi.dll'
Signiert -> 'C:\windows\system32\mshtml.dll'
Signiert -> 'C:\windows\system32\regsvr32.exe'
Signiert -> 'C:\windows\system32\rundll32.exe'
Signiert -> 'C:\windows\system32\userinit.exe'
Signiert -> 'C:\windows\system32\reg.exe'
Signiert -> 'C:\windows\regedit.exe'
Die Systemdateien wurden durchsucht ('34' Dateien)

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '2822' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\'
C:\Users\Carina\Downloads\IE10-Windows6.1-x64-de-de.exe
  [FUND]      Enthält Erkennungsmuster der Anwendung APPL/Downloader.Gen

Beginne mit der Desinfektion:
C:\Users\Carina\Downloads\IE10-Windows6.1-x64-de-de.exe
  [FUND]      Enthält Erkennungsmuster der Anwendung APPL/Downloader.Gen
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '56b8af73.qua' verschoben!


Ende des Suchlaufs: Mittwoch, 5. März 2014  12:42
Benötigte Zeit:  2:17:48 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

  37359 Verzeichnisse wurden überprüft
 684464 Dateien wurden geprüft
      1 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      1 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 684463 Dateien ohne Befall
   6044 Archive wurden durchsucht
      0 Warnungen
      1 Hinweise
     92 Objekte wurden beim Rootkitscan durchsucht
      0 Versteckte Objekte wurden gefunden
         
Könnt Ihr bitte helfen? Wie soll ich bei diesem Problem vorgehen?

Danke im Voraus für die Hilfe,
grasp

Alt 05.03.2014, 12:42   #2
schrauber
/// the machine
/// TB-Ausbilder
 

MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A" - Standard

MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A"



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 05.03.2014, 17:08   #3
grasp
 
MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A" - Standard

MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A"



Hallo schrauber,

und danke weiterhin für den Support

Anbei der FRST-Log


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-03-2014
Ran by admin (administrator) on SAMSUNG on 05-03-2014 18:03:12
Running from C:\Users\admin\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\PSDrt.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\SpTna.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\BlueToothControl64.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\windows\system32\igfxext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\ipmGui.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758160 2014-02-13] (APN)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\mgrldr.dll => C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\mgrldr.dll File Not Found
AppInit_DLLs:  ,C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [245872 2013-01-11] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\program files (x86)\movies toolbar\datamngr\mgrldr.dll => "c:\program files (x86)\movies toolbar\datamngr\mgrldr.dll" File Not Found
AppInit_DLLs-x32: , C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [201576 2013-01-11] (NVIDIA Corporation)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKLM - DefaultScope {C46AB014-AC2D-4E36-8028-703D4BBD0C91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=390&systemid=406&v=a9396-125&apn_uid=5495733303434520&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM - {C46AB014-AC2D-4E36-8028-703D4BBD0C91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope {C46AB014-AC2D-4E36-8028-703D4BBD0C91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=390&systemid=406&v=a9396-125&apn_uid=5495733303434520&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 - {C46AB014-AC2D-4E36-8028-703D4BBD0C91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\96wfh7vu.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\96wfh7vu.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-03-05]
FF Extension: NoScript - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\96wfh7vu.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-05]
FF Extension: Adblock Plus - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\96wfh7vu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-05]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-04]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] (APN LLC.)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-08-26] (Samsung Electronics CO., LTD.)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [102224 2012-08-17] (Condusiv Technologies)
R2 IFXSpMgtSrv; C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe [1141656 2012-08-05] (Infineon Technologies AG)
R2 IFXTCS; C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe [994200 2012-08-05] (Infineon Technologies AG)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PersonalSecureDriveService; C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe [212888 2012-08-05] (Infineon Technologies AG)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-18] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 cmntnet; C:\Windows\system32\DRIVERS\cmntnet.sys [141824 2013-02-28] (Wireless Data Device)
S3 cmnuusbser; C:\Windows\system32\DRIVERS\cmnuusbser.sys [123904 2013-02-28] (Wireless Device)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23376 2012-08-17] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [103248 2012-08-17] (Condusiv Technologies)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2012-02-03] (Infineon Technologies AG)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-12-07] (Windows (R) 2003 DDK 3790 provider)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 hwdatacard; \SystemRoot\system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; \SystemRoot\system32\DRIVERS\ewusbdev.sys [X]
S3 SBIOSIO; \??\C:\Windows\Temp\SBIOSIO64.SYS [X]
S3 TDKLIB; \??\C:\Users\Gaspar\AppData\Local\Temp\TdkLib64.sys [X]
S3 TVICPORT; \??\C:\windows\system32\DRIVERS\TVICPORT.SYS [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-05 18:03 - 2014-03-05 18:03 - 00019361 _____ () C:\Users\admin\Desktop\FRST.txt
2014-03-05 18:02 - 2014-03-05 18:03 - 00000000 ____D () C:\FRST
2014-03-05 18:01 - 2014-03-05 18:01 - 02157056 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2014-03-05 13:59 - 2014-03-05 13:59 - 00000291 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk
2014-03-05 13:37 - 2014-03-05 13:37 - 00000291 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk
2014-03-05 13:29 - 2014-03-05 13:29 - 00000000 ____D () C:\Users\admin\Desktop\clean MRZ14
2014-03-05 13:28 - 2014-03-05 13:28 - 00000858 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TFC.lnk
2014-03-05 13:27 - 2014-03-05 13:27 - 00000000 ___SH () C:\DkHyperbootSync
2014-03-05 13:26 - 2014-03-05 13:26 - 00448512 _____ (OldTimer Tools) C:\Users\admin\Downloads\TFC.exe
2014-03-05 13:22 - 2014-03-05 13:22 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Mozilla
2014-03-05 13:22 - 2014-03-05 13:22 - 00000000 ____D () C:\Users\admin\AppData\Local\Mozilla
2014-03-05 13:10 - 2014-03-05 17:54 - 00003594 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-265458620-2719425478-174326876-1007
2014-03-05 13:10 - 2014-03-05 13:10 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Avira
2014-03-05 13:09 - 2014-03-05 13:09 - 00000000 ____D () C:\Users\admin\AppData\Local\Samsung
2014-03-05 13:05 - 2014-03-05 13:05 - 00001450 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-05 13:05 - 2014-03-05 13:05 - 00001202 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Adobe
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin\AppData\Local\Power2Go8
2014-03-05 13:04 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin\AppData\Local\Packages
2014-03-05 13:04 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin
2014-03-05 13:04 - 2014-03-05 13:04 - 00000020 ___SH () C:\Users\admin\ntuser.ini
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Vorlagen
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Startmenü
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Netzwerkumgebung
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Lokale Einstellungen
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Eigene Dateien
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Druckumgebung
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Documents\Eigene Musik
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Documents\Eigene Bilder
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Local\Verlauf
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Local\Anwendungsdaten
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Anwendungsdaten
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Intel
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Infineon
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Local\VirtualStore
2014-03-05 13:04 - 2013-09-14 20:29 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-05 13:04 - 2013-07-01 23:43 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-05 13:04 - 2013-02-09 19:28 - 00000000 ____D () C:\Users\admin\AppData\Local\Microsoft Help
2014-03-05 13:04 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-05 13:04 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-05 12:53 - 2014-03-05 12:45 - 00030812 _____ () C:\Users\admin\Desktop\AVSCAN-20140305-102108-F0976F23.LOG
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\Malwarebytes
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-05 06:49 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-03-05 06:47 - 2014-03-05 06:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\admin\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-04 21:19 - 2014-03-04 21:19 - 00000000 ____D () C:\Program Files\Intel Corporation
2014-03-04 21:09 - 2014-03-04 21:09 - 00000000 ____D () C:\windows\SysWOW64\NV
2014-03-04 21:09 - 2014-03-04 21:09 - 00000000 ____D () C:\windows\system32\NV
2014-03-04 21:08 - 2014-03-04 21:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-04 21:08 - 2014-03-04 21:08 - 00000020 ___SH () C:\Users\UpdatusUser.Samsung\ntuser.ini
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Vorlagen
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Startmenü
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Netzwerkumgebung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Lokale Einstellungen
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Eigene Dateien
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Druckumgebung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Documents\Eigene Musik
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Documents\Eigene Bilder
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Local\Verlauf
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Local\Anwendungsdaten
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Anwendungsdaten
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 ____D () C:\Users\UpdatusUser.Samsung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-04 21:08 - 2013-09-14 20:29 - 00000000 ___RD () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-04 21:08 - 2013-07-01 23:43 - 00000000 ___RD () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-04 21:08 - 2013-02-09 19:28 - 00000000 ____D () C:\Users\UpdatusUser.Samsung\AppData\Local\Microsoft Help
2014-03-04 21:08 - 2013-01-10 22:37 - 06382880 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2014-03-04 21:08 - 2013-01-10 22:37 - 03460896 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2014-03-04 21:08 - 2013-01-10 22:36 - 02934933 _____ () C:\windows\system32\nvcoproc.bin
2014-03-04 21:08 - 2013-01-10 22:36 - 02558240 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2014-03-04 21:08 - 2013-01-10 22:36 - 00997664 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshext.dll
2014-03-04 21:08 - 2013-01-10 22:36 - 00884512 _____ (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
2014-03-04 21:08 - 2013-01-10 22:36 - 00118560 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2014-03-04 21:08 - 2013-01-10 22:36 - 00063776 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2014-03-04 21:08 - 2013-01-10 22:36 - 00055584 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshextr.dll
2014-03-04 21:08 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-04 21:08 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-04 21:06 - 2014-03-04 21:06 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-04 21:05 - 2013-01-11 05:45 - 26931488 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 25256224 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 20450080 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 18054672 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 17560352 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 15129448 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 15052728 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 12641480 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 11009312 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2014-03-04 21:05 - 2013-01-11 05:45 - 09390760 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 07932256 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 07565088 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 06263632 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 02904352 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 02824504 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 02720544 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 02504096 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 02344736 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvenc.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 01985824 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvenc.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 01814304 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco64.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 01510176 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco64.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 01107440 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00958120 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00420128 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00364832 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00245872 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00201576 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00030496 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvpciflt.sys
2014-03-04 21:05 - 2013-01-11 05:45 - 00017266 _____ () C:\windows\system32\nvinfo.pb
2014-03-04 20:42 - 2014-03-04 20:54 - 00000000 ____D () C:\windows\LastGood
2014-03-04 20:14 - 2014-03-04 20:14 - 00002192 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Help Desk.lnk
2014-03-04 20:13 - 2014-03-04 21:08 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-04 19:28 - 2014-03-04 19:28 - 00003126 _____ () C:\windows\System32\Tasks\advRecovery
2014-03-04 18:08 - 2014-03-04 18:08 - 00000618 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TFC.lnk
2014-03-04 18:05 - 2014-03-04 18:05 - 00001202 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2014-03-04 16:33 - 2014-03-04 16:34 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-03-04 16:33 - 2014-03-04 16:33 - 00000000 ____D () C:\Users\Carina\Documents\PDF Architect Files
2014-03-04 16:33 - 2014-03-04 16:33 - 00000000 ____D () C:\Users\Carina\AppData\Roaming\pdfforge
2014-03-04 16:33 - 2014-03-04 16:33 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-03-04 16:33 - 2013-04-09 14:13 - 00110264 _____ (pdfforge GmbH) C:\windows\system32\pdfcmon.dll
2014-03-04 16:33 - 2012-05-05 10:54 - 00662288 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSCOMCT2.OCX
2014-03-04 16:33 - 2012-05-05 10:54 - 00137000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMAPI32.OCX
2014-03-04 16:33 - 2012-05-05 10:54 - 00023552 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPIDE.DLL
2014-03-04 16:33 - 1998-07-06 17:56 - 00125712 _____ (Microsoft Corporation) C:\windows\SysWOW64\VB6DE.DLL
2014-03-04 16:33 - 1998-07-06 17:55 - 00158208 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSCMCDE.DLL
2014-03-04 16:33 - 1998-07-06 17:55 - 00064512 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSCC2DE.DLL
2014-03-04 16:28 - 2014-03-04 16:29 - 69734576 _____ (pdfforge ) C:\Users\admin\Downloads\PDFCreator-1_7_2_setup_offline.exe
2014-02-28 13:23 - 2014-02-28 13:23 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Skype
2014-02-26 20:29 - 2014-02-26 20:30 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-26 20:29 - 2014-02-26 20:30 - 00000000 ____D () C:\Program Files\iTunes
2014-02-26 20:29 - 2014-02-26 20:30 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-26 20:29 - 2014-02-26 20:29 - 00000000 ____D () C:\Program Files\iPod
2014-02-25 10:51 - 2014-02-25 10:51 - 01071000 _____ (Solid State Networks) C:\Users\admin\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-02-23 17:10 - 2014-03-05 12:55 - 00103316 _____ () C:\windows\PFRO.log
2014-02-23 07:41 - 2014-03-04 21:19 - 00001207 _____ () C:\windows\setupact.log
2014-02-23 07:41 - 2014-02-23 07:41 - 00000000 _____ () C:\windows\setuperr.log
2014-02-22 22:52 - 2014-02-22 23:07 - 00000000 ____D () C:\Users\Carina\AppData\Roaming\Skype
2014-02-22 14:02 - 2014-02-22 14:02 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Macromedia
2014-02-22 09:32 - 2014-02-22 09:32 - 00005338 _____ () C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-22 09:32 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-22 09:32 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-02-22 09:32 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-02-22 09:32 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-02-22 09:29 - 2014-02-22 09:30 - 00921000 _____ (Oracle Corporation) C:\Users\admin\Downloads\jxpiinstall.exe
2014-02-21 20:37 - 2014-02-17 23:03 - 00694240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 20:37 - 2014-02-17 23:03 - 00078304 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 15:55 - 2014-03-05 11:54 - 01463781 _____ () C:\windows\WindowsUpdate.log
2014-02-21 00:56 - 2014-02-21 00:56 - 00002774 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-02-21 00:56 - 2014-02-21 00:56 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-21 00:55 - 2014-02-21 00:55 - 03645064 _____ (Piriform Ltd) C:\Users\admin\Downloads\ccsetup410_slim.exe
2014-02-20 19:08 - 2014-02-20 19:10 - 137004504 _____ () C:\Users\Carina\Downloads\avira_free_antivirus1403_de.exe
2014-02-20 11:56 - 2014-02-20 11:56 - 00000000 ____D () C:\Users\Carina\AppData\Local\AskPartnerNetwork
2014-02-20 11:53 - 2014-02-20 11:53 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\Mozilla
2014-02-20 11:53 - 2014-02-20 11:53 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Mozilla
2014-02-20 11:52 - 2014-02-20 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-20 11:52 - 2014-02-20 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-20 11:49 - 2014-02-20 11:49 - 24490112 _____ (Mozilla) C:\Users\admin\Downloads\Firefox_Setup_27.0.1.exe
2014-02-16 13:06 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-16 13:06 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-16 13:06 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-16 13:06 - 2014-02-01 10:19 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-02-16 13:06 - 2014-02-01 10:19 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-16 13:06 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-16 13:06 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-16 13:06 - 2014-02-01 08:58 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-16 13:06 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-16 13:06 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-16 13:06 - 2014-02-01 06:08 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-02-16 13:05 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-16 13:05 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-16 13:05 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-16 13:05 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-16 13:05 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-16 13:05 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-02-16 13:05 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-02-16 13:05 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-02-16 13:04 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-02-16 13:04 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-16 13:04 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-02-16 13:04 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-02-16 13:04 - 2013-11-27 01:19 - 00385614 _____ () C:\windows\system32\ApnDatabase.xml
2014-02-16 13:04 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2014-02-16 13:04 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-02-16 09:42 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-02-16 09:42 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-02-16 09:42 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-02-16 09:42 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll

==================== One Month Modified Files and Folders =======

2014-03-05 18:03 - 2014-03-05 18:03 - 00019361 _____ () C:\Users\admin\Desktop\FRST.txt
2014-03-05 18:03 - 2014-03-05 18:02 - 00000000 ____D () C:\FRST
2014-03-05 18:01 - 2014-03-05 18:01 - 02157056 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2014-03-05 18:00 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\sru
2014-03-05 17:54 - 2014-03-05 13:10 - 00003594 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-265458620-2719425478-174326876-1007
2014-03-05 17:52 - 2012-08-23 18:50 - 00000000 ____D () C:\ProgramData\WinClon
2014-03-05 13:59 - 2014-03-05 13:59 - 00000291 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk
2014-03-05 13:48 - 2013-10-10 08:01 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-265458620-2719425478-174326876-1003
2014-03-05 13:43 - 2013-02-17 13:05 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-03-05 13:38 - 2012-08-23 18:53 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-03-05 13:37 - 2014-03-05 13:37 - 00000291 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk
2014-03-05 13:29 - 2014-03-05 13:29 - 00000000 ____D () C:\Users\admin\Desktop\clean MRZ14
2014-03-05 13:28 - 2014-03-05 13:28 - 00000858 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TFC.lnk
2014-03-05 13:27 - 2014-03-05 13:27 - 00000000 ___SH () C:\DkHyperbootSync
2014-03-05 13:26 - 2014-03-05 13:26 - 00448512 _____ (OldTimer Tools) C:\Users\admin\Downloads\TFC.exe
2014-03-05 13:22 - 2014-03-05 13:22 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Mozilla
2014-03-05 13:22 - 2014-03-05 13:22 - 00000000 ____D () C:\Users\admin\AppData\Local\Mozilla
2014-03-05 13:10 - 2014-03-05 13:10 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Avira
2014-03-05 13:09 - 2014-03-05 13:09 - 00000000 ____D () C:\Users\admin\AppData\Local\Samsung
2014-03-05 13:05 - 2014-03-05 13:05 - 00001450 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-05 13:05 - 2014-03-05 13:05 - 00001202 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Adobe
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin\AppData\Local\Power2Go8
2014-03-05 13:05 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Local\Packages
2014-03-05 13:05 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin
2014-03-05 13:04 - 2014-03-05 13:04 - 00000020 ___SH () C:\Users\admin\ntuser.ini
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Vorlagen
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Startmenü
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Netzwerkumgebung
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Lokale Einstellungen
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Eigene Dateien
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Druckumgebung
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Documents\Eigene Musik
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Documents\Eigene Bilder
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Local\Verlauf
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Local\Anwendungsdaten
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Anwendungsdaten
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Intel
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Infineon
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Local\VirtualStore
2014-03-05 12:55 - 2014-02-23 17:10 - 00103316 _____ () C:\windows\PFRO.log
2014-03-05 12:55 - 2012-07-26 08:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-05 12:45 - 2014-03-05 12:53 - 00030812 _____ () C:\Users\admin\Desktop\AVSCAN-20140305-102108-F0976F23.LOG
2014-03-05 11:54 - 2014-02-21 15:55 - 01463781 _____ () C:\windows\WindowsUpdate.log
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\Malwarebytes
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-05 06:47 - 2014-03-05 06:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\admin\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-04 21:19 - 2014-03-04 21:19 - 00000000 ____D () C:\Program Files\Intel Corporation
2014-03-04 21:19 - 2014-02-23 07:41 - 00001207 _____ () C:\windows\setupact.log
2014-03-04 21:19 - 2012-08-23 18:18 - 00000000 ____D () C:\ProgramData\Intel
2014-03-04 21:09 - 2014-03-04 21:09 - 00000000 ____D () C:\windows\SysWOW64\NV
2014-03-04 21:09 - 2014-03-04 21:09 - 00000000 ____D () C:\windows\system32\NV
2014-03-04 21:09 - 2014-03-04 21:08 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-04 21:08 - 2014-03-04 21:08 - 00000020 ___SH () C:\Users\UpdatusUser.Samsung\ntuser.ini
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Vorlagen
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Startmenü
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Netzwerkumgebung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Lokale Einstellungen
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Eigene Dateien
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Druckumgebung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Documents\Eigene Musik
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Documents\Eigene Bilder
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Local\Verlauf
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Local\Anwendungsdaten
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Anwendungsdaten
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 ____D () C:\Users\UpdatusUser.Samsung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-04 21:08 - 2014-03-04 20:13 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-04 21:08 - 2012-08-23 18:41 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-04 21:08 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\Help
2014-03-04 21:06 - 2014-03-04 21:06 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-04 21:02 - 2012-08-23 18:56 - 00016814 _____ () C:\windows\system32\results.xml
2014-03-04 20:55 - 2012-08-23 18:18 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-04 20:54 - 2014-03-04 20:42 - 00000000 ____D () C:\windows\LastGood
2014-03-04 20:14 - 2014-03-04 20:14 - 00002192 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Help Desk.lnk
2014-03-04 20:12 - 2012-07-26 06:26 - 00524288 ___SH () C:\windows\system32\config\BBI
2014-03-04 19:55 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-03-04 19:28 - 2014-03-04 19:28 - 00003126 _____ () C:\windows\System32\Tasks\advRecovery
2014-03-04 19:28 - 2012-08-23 18:21 - 00000000 ____D () C:\Program Files\Samsung
2014-03-04 19:28 - 2012-08-23 18:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-04 18:08 - 2014-03-04 18:08 - 00000618 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TFC.lnk
2014-03-04 18:05 - 2014-03-04 18:05 - 00001202 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2014-03-04 16:34 - 2014-03-04 16:33 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-03-04 16:33 - 2014-03-04 16:33 - 00000000 ____D () C:\Users\Carina\Documents\PDF Architect Files
2014-03-04 16:33 - 2014-03-04 16:33 - 00000000 ____D () C:\Users\Carina\AppData\Roaming\pdfforge
2014-03-04 16:33 - 2014-03-04 16:33 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-03-04 16:29 - 2014-03-04 16:28 - 69734576 _____ (pdfforge ) C:\Users\admin\Downloads\PDFCreator-1_7_2_setup_offline.exe
2014-03-04 13:41 - 2012-08-24 10:54 - 03688970 _____ () C:\windows\system32\perfh007.dat
2014-03-04 13:41 - 2012-08-24 10:54 - 01034502 _____ () C:\windows\system32\perfc007.dat
2014-03-04 13:41 - 2012-07-26 08:28 - 00005430 _____ () C:\windows\system32\PerfStringBackup.INI
2014-03-03 19:29 - 2013-10-11 08:58 - 00000000 ____D () C:\ProgramData\Skype
2014-03-03 19:25 - 2013-10-11 08:58 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\Skype
2014-03-01 20:32 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\NDF
2014-03-01 15:12 - 2013-02-08 16:01 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-265458620-2719425478-174326876-1002
2014-03-01 15:02 - 2013-02-08 17:59 - 00000000 ____D () C:\Users\Carina\Documents\Outlook-Dateien
2014-02-28 13:23 - 2014-02-28 13:23 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Skype
2014-02-26 20:30 - 2014-02-26 20:29 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-26 20:30 - 2014-02-26 20:29 - 00000000 ____D () C:\Program Files\iTunes
2014-02-26 20:30 - 2014-02-26 20:29 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-26 20:29 - 2014-02-26 20:29 - 00000000 ____D () C:\Program Files\iPod
2014-02-26 20:26 - 2013-02-19 14:05 - 00000000 ____D () C:\ProgramData\Apple
2014-02-25 11:05 - 2013-02-11 22:17 - 00000000 ____D () C:\Users\Carina\AppData\Local\Adobe
2014-02-25 10:51 - 2014-02-25 10:51 - 01071000 _____ (Solid State Networks) C:\Users\admin\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-02-23 07:41 - 2014-02-23 07:41 - 00000000 _____ () C:\windows\setuperr.log
2014-02-22 23:07 - 2014-02-22 22:52 - 00000000 ____D () C:\Users\Carina\AppData\Roaming\Skype
2014-02-22 22:49 - 2013-12-26 10:32 - 00000000 ____D () C:\Users\Carina\Desktop\Beijing_APR13
2014-02-22 14:02 - 2014-02-22 14:02 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Macromedia
2014-02-22 09:33 - 2013-11-23 08:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-22 09:32 - 2014-02-22 09:32 - 00005338 _____ () C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-22 09:32 - 2013-04-08 17:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-22 09:30 - 2014-02-22 09:29 - 00921000 _____ (Oracle Corporation) C:\Users\admin\Downloads\jxpiinstall.exe
2014-02-22 00:56 - 2013-10-11 05:50 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\CrashDumps
2014-02-21 00:58 - 2013-05-13 15:26 - 00000000 ____D () C:\Users\Carina\AppData\Local\CrashDumps
2014-02-21 00:58 - 2013-02-08 19:11 - 00000000 ____D () C:\windows\Minidump
2014-02-21 00:58 - 2012-08-05 23:07 - 00000000 ____D () C:\windows\Panther
2014-02-21 00:56 - 2014-02-21 00:56 - 00002774 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-02-21 00:56 - 2014-02-21 00:56 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-21 00:55 - 2014-02-21 00:55 - 03645064 _____ (Piriform Ltd) C:\Users\admin\Downloads\ccsetup410_slim.exe
2014-02-20 21:43 - 2013-02-17 13:05 - 00003772 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-02-20 19:10 - 2014-02-20 19:08 - 137004504 _____ () C:\Users\Carina\Downloads\avira_free_antivirus1403_de.exe
2014-02-20 18:11 - 2013-02-13 16:15 - 00000000 ____D () C:\Users\Carina\AppData\Local\Mozilla
2014-02-20 11:56 - 2014-02-20 11:56 - 00000000 ____D () C:\Users\Carina\AppData\Local\AskPartnerNetwork
2014-02-20 11:56 - 2013-10-10 13:05 - 00000000 ____D () C:\Users\Carina\AppData\Local\Google
2014-02-20 11:56 - 2013-10-10 13:05 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-20 11:53 - 2014-02-20 11:53 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\Mozilla
2014-02-20 11:53 - 2014-02-20 11:53 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Mozilla
2014-02-20 11:52 - 2014-02-20 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-20 11:52 - 2014-02-20 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-20 11:49 - 2014-02-20 11:49 - 24490112 _____ (Mozilla) C:\Users\admin\Downloads\Firefox_Setup_27.0.1.exe
2014-02-19 07:52 - 2013-07-26 18:21 - 00000000 ____D () C:\windows\system32\MRT
2014-02-19 07:49 - 2013-02-10 20:05 - 88567024 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-02-17 23:03 - 2014-02-21 20:37 - 00694240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-02-17 23:03 - 2014-02-21 20:37 - 00078304 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-16 17:10 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\rescache
2014-02-16 15:20 - 2013-02-08 17:46 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-16 15:07 - 2012-07-26 06:26 - 00000167 _____ () C:\windows\win.ini

Files to move or delete:
====================
C:\ProgramData\ECReset_Partition.bat
C:\ProgramData\ExpressCacheRun.exe
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\avgnt.exe
C:\Users\Gaspar\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-26 09:51

==================== End Of Log ============================
         
--- --- ---


Und ide Addition-Datei:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-03-2014
Ran by admin (administrator) on SAMSUNG on 05-03-2014 18:03:12
Running from C:\Users\admin\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\PSDrt.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\SpTna.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\BlueToothControl64.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\windows\system32\igfxext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\ipmGui.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758160 2014-02-13] (APN)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\mgrldr.dll => C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\mgrldr.dll File Not Found
AppInit_DLLs:  ,C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [245872 2013-01-11] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\program files (x86)\movies toolbar\datamngr\mgrldr.dll => "c:\program files (x86)\movies toolbar\datamngr\mgrldr.dll" File Not Found
AppInit_DLLs-x32: , C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [201576 2013-01-11] (NVIDIA Corporation)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKLM - DefaultScope {C46AB014-AC2D-4E36-8028-703D4BBD0C91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=390&systemid=406&v=a9396-125&apn_uid=5495733303434520&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM - {C46AB014-AC2D-4E36-8028-703D4BBD0C91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope {C46AB014-AC2D-4E36-8028-703D4BBD0C91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=390&systemid=406&v=a9396-125&apn_uid=5495733303434520&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 - {C46AB014-AC2D-4E36-8028-703D4BBD0C91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\96wfh7vu.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\96wfh7vu.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-03-05]
FF Extension: NoScript - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\96wfh7vu.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-05]
FF Extension: Adblock Plus - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\96wfh7vu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-05]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-04]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] (APN LLC.)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-08-26] (Samsung Electronics CO., LTD.)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [102224 2012-08-17] (Condusiv Technologies)
R2 IFXSpMgtSrv; C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe [1141656 2012-08-05] (Infineon Technologies AG)
R2 IFXTCS; C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe [994200 2012-08-05] (Infineon Technologies AG)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PersonalSecureDriveService; C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe [212888 2012-08-05] (Infineon Technologies AG)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-18] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 cmntnet; C:\Windows\system32\DRIVERS\cmntnet.sys [141824 2013-02-28] (Wireless Data Device)
S3 cmnuusbser; C:\Windows\system32\DRIVERS\cmnuusbser.sys [123904 2013-02-28] (Wireless Device)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23376 2012-08-17] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [103248 2012-08-17] (Condusiv Technologies)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2012-02-03] (Infineon Technologies AG)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-12-07] (Windows (R) 2003 DDK 3790 provider)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 hwdatacard; \SystemRoot\system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; \SystemRoot\system32\DRIVERS\ewusbdev.sys [X]
S3 SBIOSIO; \??\C:\Windows\Temp\SBIOSIO64.SYS [X]
S3 TDKLIB; \??\C:\Users\Gaspar\AppData\Local\Temp\TdkLib64.sys [X]
S3 TVICPORT; \??\C:\windows\system32\DRIVERS\TVICPORT.SYS [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-05 18:03 - 2014-03-05 18:03 - 00019361 _____ () C:\Users\admin\Desktop\FRST.txt
2014-03-05 18:02 - 2014-03-05 18:03 - 00000000 ____D () C:\FRST
2014-03-05 18:01 - 2014-03-05 18:01 - 02157056 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2014-03-05 13:59 - 2014-03-05 13:59 - 00000291 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk
2014-03-05 13:37 - 2014-03-05 13:37 - 00000291 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk
2014-03-05 13:29 - 2014-03-05 13:29 - 00000000 ____D () C:\Users\admin\Desktop\clean MRZ14
2014-03-05 13:28 - 2014-03-05 13:28 - 00000858 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TFC.lnk
2014-03-05 13:27 - 2014-03-05 13:27 - 00000000 ___SH () C:\DkHyperbootSync
2014-03-05 13:26 - 2014-03-05 13:26 - 00448512 _____ (OldTimer Tools) C:\Users\admin\Downloads\TFC.exe
2014-03-05 13:22 - 2014-03-05 13:22 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Mozilla
2014-03-05 13:22 - 2014-03-05 13:22 - 00000000 ____D () C:\Users\admin\AppData\Local\Mozilla
2014-03-05 13:10 - 2014-03-05 17:54 - 00003594 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-265458620-2719425478-174326876-1007
2014-03-05 13:10 - 2014-03-05 13:10 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Avira
2014-03-05 13:09 - 2014-03-05 13:09 - 00000000 ____D () C:\Users\admin\AppData\Local\Samsung
2014-03-05 13:05 - 2014-03-05 13:05 - 00001450 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-05 13:05 - 2014-03-05 13:05 - 00001202 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Adobe
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin\AppData\Local\Power2Go8
2014-03-05 13:04 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin\AppData\Local\Packages
2014-03-05 13:04 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin
2014-03-05 13:04 - 2014-03-05 13:04 - 00000020 ___SH () C:\Users\admin\ntuser.ini
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Vorlagen
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Startmenü
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Netzwerkumgebung
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Lokale Einstellungen
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Eigene Dateien
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Druckumgebung
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Documents\Eigene Musik
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Documents\Eigene Bilder
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Local\Verlauf
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Local\Anwendungsdaten
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Anwendungsdaten
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Intel
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Infineon
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Local\VirtualStore
2014-03-05 13:04 - 2013-09-14 20:29 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-05 13:04 - 2013-07-01 23:43 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-05 13:04 - 2013-02-09 19:28 - 00000000 ____D () C:\Users\admin\AppData\Local\Microsoft Help
2014-03-05 13:04 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-05 13:04 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-05 12:53 - 2014-03-05 12:45 - 00030812 _____ () C:\Users\admin\Desktop\AVSCAN-20140305-102108-F0976F23.LOG
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\Malwarebytes
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-05 06:49 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-03-05 06:47 - 2014-03-05 06:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\admin\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-04 21:19 - 2014-03-04 21:19 - 00000000 ____D () C:\Program Files\Intel Corporation
2014-03-04 21:09 - 2014-03-04 21:09 - 00000000 ____D () C:\windows\SysWOW64\NV
2014-03-04 21:09 - 2014-03-04 21:09 - 00000000 ____D () C:\windows\system32\NV
2014-03-04 21:08 - 2014-03-04 21:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-04 21:08 - 2014-03-04 21:08 - 00000020 ___SH () C:\Users\UpdatusUser.Samsung\ntuser.ini
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Vorlagen
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Startmenü
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Netzwerkumgebung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Lokale Einstellungen
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Eigene Dateien
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Druckumgebung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Documents\Eigene Musik
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Documents\Eigene Bilder
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Local\Verlauf
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Local\Anwendungsdaten
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Anwendungsdaten
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 ____D () C:\Users\UpdatusUser.Samsung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-04 21:08 - 2013-09-14 20:29 - 00000000 ___RD () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-04 21:08 - 2013-07-01 23:43 - 00000000 ___RD () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-04 21:08 - 2013-02-09 19:28 - 00000000 ____D () C:\Users\UpdatusUser.Samsung\AppData\Local\Microsoft Help
2014-03-04 21:08 - 2013-01-10 22:37 - 06382880 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2014-03-04 21:08 - 2013-01-10 22:37 - 03460896 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2014-03-04 21:08 - 2013-01-10 22:36 - 02934933 _____ () C:\windows\system32\nvcoproc.bin
2014-03-04 21:08 - 2013-01-10 22:36 - 02558240 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2014-03-04 21:08 - 2013-01-10 22:36 - 00997664 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshext.dll
2014-03-04 21:08 - 2013-01-10 22:36 - 00884512 _____ (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
2014-03-04 21:08 - 2013-01-10 22:36 - 00118560 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2014-03-04 21:08 - 2013-01-10 22:36 - 00063776 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2014-03-04 21:08 - 2013-01-10 22:36 - 00055584 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshextr.dll
2014-03-04 21:08 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-04 21:08 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-04 21:06 - 2014-03-04 21:06 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-04 21:05 - 2013-01-11 05:45 - 26931488 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 25256224 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 20450080 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 18054672 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 17560352 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 15129448 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 15052728 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 12641480 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 11009312 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2014-03-04 21:05 - 2013-01-11 05:45 - 09390760 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 07932256 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 07565088 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 06263632 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 02904352 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 02824504 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 02720544 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 02504096 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 02344736 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvenc.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 01985824 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvenc.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 01814304 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco64.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 01510176 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco64.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 01107440 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00958120 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00420128 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00364832 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00245872 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00201576 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00030496 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvpciflt.sys
2014-03-04 21:05 - 2013-01-11 05:45 - 00017266 _____ () C:\windows\system32\nvinfo.pb
2014-03-04 20:42 - 2014-03-04 20:54 - 00000000 ____D () C:\windows\LastGood
2014-03-04 20:14 - 2014-03-04 20:14 - 00002192 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Help Desk.lnk
2014-03-04 20:13 - 2014-03-04 21:08 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-04 19:28 - 2014-03-04 19:28 - 00003126 _____ () C:\windows\System32\Tasks\advRecovery
2014-03-04 18:08 - 2014-03-04 18:08 - 00000618 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TFC.lnk
2014-03-04 18:05 - 2014-03-04 18:05 - 00001202 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2014-03-04 16:33 - 2014-03-04 16:34 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-03-04 16:33 - 2014-03-04 16:33 - 00000000 ____D () C:\Users\Carina\Documents\PDF Architect Files
2014-03-04 16:33 - 2014-03-04 16:33 - 00000000 ____D () C:\Users\Carina\AppData\Roaming\pdfforge
2014-03-04 16:33 - 2014-03-04 16:33 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-03-04 16:33 - 2013-04-09 14:13 - 00110264 _____ (pdfforge GmbH) C:\windows\system32\pdfcmon.dll
2014-03-04 16:33 - 2012-05-05 10:54 - 00662288 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSCOMCT2.OCX
2014-03-04 16:33 - 2012-05-05 10:54 - 00137000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMAPI32.OCX
2014-03-04 16:33 - 2012-05-05 10:54 - 00023552 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPIDE.DLL
2014-03-04 16:33 - 1998-07-06 17:56 - 00125712 _____ (Microsoft Corporation) C:\windows\SysWOW64\VB6DE.DLL
2014-03-04 16:33 - 1998-07-06 17:55 - 00158208 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSCMCDE.DLL
2014-03-04 16:33 - 1998-07-06 17:55 - 00064512 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSCC2DE.DLL
2014-03-04 16:28 - 2014-03-04 16:29 - 69734576 _____ (pdfforge ) C:\Users\admin\Downloads\PDFCreator-1_7_2_setup_offline.exe
2014-02-28 13:23 - 2014-02-28 13:23 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Skype
2014-02-26 20:29 - 2014-02-26 20:30 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-26 20:29 - 2014-02-26 20:30 - 00000000 ____D () C:\Program Files\iTunes
2014-02-26 20:29 - 2014-02-26 20:30 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-26 20:29 - 2014-02-26 20:29 - 00000000 ____D () C:\Program Files\iPod
2014-02-25 10:51 - 2014-02-25 10:51 - 01071000 _____ (Solid State Networks) C:\Users\admin\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-02-23 17:10 - 2014-03-05 12:55 - 00103316 _____ () C:\windows\PFRO.log
2014-02-23 07:41 - 2014-03-04 21:19 - 00001207 _____ () C:\windows\setupact.log
2014-02-23 07:41 - 2014-02-23 07:41 - 00000000 _____ () C:\windows\setuperr.log
2014-02-22 22:52 - 2014-02-22 23:07 - 00000000 ____D () C:\Users\Carina\AppData\Roaming\Skype
2014-02-22 14:02 - 2014-02-22 14:02 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Macromedia
2014-02-22 09:32 - 2014-02-22 09:32 - 00005338 _____ () C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-22 09:32 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-22 09:32 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-02-22 09:32 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-02-22 09:32 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-02-22 09:29 - 2014-02-22 09:30 - 00921000 _____ (Oracle Corporation) C:\Users\admin\Downloads\jxpiinstall.exe
2014-02-21 20:37 - 2014-02-17 23:03 - 00694240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 20:37 - 2014-02-17 23:03 - 00078304 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 15:55 - 2014-03-05 11:54 - 01463781 _____ () C:\windows\WindowsUpdate.log
2014-02-21 00:56 - 2014-02-21 00:56 - 00002774 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-02-21 00:56 - 2014-02-21 00:56 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-21 00:55 - 2014-02-21 00:55 - 03645064 _____ (Piriform Ltd) C:\Users\admin\Downloads\ccsetup410_slim.exe
2014-02-20 19:08 - 2014-02-20 19:10 - 137004504 _____ () C:\Users\Carina\Downloads\avira_free_antivirus1403_de.exe
2014-02-20 11:56 - 2014-02-20 11:56 - 00000000 ____D () C:\Users\Carina\AppData\Local\AskPartnerNetwork
2014-02-20 11:53 - 2014-02-20 11:53 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\Mozilla
2014-02-20 11:53 - 2014-02-20 11:53 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Mozilla
2014-02-20 11:52 - 2014-02-20 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-20 11:52 - 2014-02-20 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-20 11:49 - 2014-02-20 11:49 - 24490112 _____ (Mozilla) C:\Users\admin\Downloads\Firefox_Setup_27.0.1.exe
2014-02-16 13:06 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-16 13:06 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-16 13:06 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-16 13:06 - 2014-02-01 10:19 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-02-16 13:06 - 2014-02-01 10:19 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-16 13:06 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-16 13:06 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-16 13:06 - 2014-02-01 08:58 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-16 13:06 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-16 13:06 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-16 13:06 - 2014-02-01 06:08 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-02-16 13:05 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-16 13:05 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-16 13:05 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-16 13:05 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-16 13:05 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-16 13:05 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-02-16 13:05 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-02-16 13:05 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-02-16 13:04 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-02-16 13:04 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-16 13:04 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-02-16 13:04 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-02-16 13:04 - 2013-11-27 01:19 - 00385614 _____ () C:\windows\system32\ApnDatabase.xml
2014-02-16 13:04 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2014-02-16 13:04 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-02-16 09:42 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-02-16 09:42 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-02-16 09:42 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-02-16 09:42 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll

==================== One Month Modified Files and Folders =======

2014-03-05 18:03 - 2014-03-05 18:03 - 00019361 _____ () C:\Users\admin\Desktop\FRST.txt
2014-03-05 18:03 - 2014-03-05 18:02 - 00000000 ____D () C:\FRST
2014-03-05 18:01 - 2014-03-05 18:01 - 02157056 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2014-03-05 18:00 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\sru
2014-03-05 17:54 - 2014-03-05 13:10 - 00003594 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-265458620-2719425478-174326876-1007
2014-03-05 17:52 - 2012-08-23 18:50 - 00000000 ____D () C:\ProgramData\WinClon
2014-03-05 13:59 - 2014-03-05 13:59 - 00000291 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk
2014-03-05 13:48 - 2013-10-10 08:01 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-265458620-2719425478-174326876-1003
2014-03-05 13:43 - 2013-02-17 13:05 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-03-05 13:38 - 2012-08-23 18:53 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-03-05 13:37 - 2014-03-05 13:37 - 00000291 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk
2014-03-05 13:29 - 2014-03-05 13:29 - 00000000 ____D () C:\Users\admin\Desktop\clean MRZ14
2014-03-05 13:28 - 2014-03-05 13:28 - 00000858 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TFC.lnk
2014-03-05 13:27 - 2014-03-05 13:27 - 00000000 ___SH () C:\DkHyperbootSync
2014-03-05 13:26 - 2014-03-05 13:26 - 00448512 _____ (OldTimer Tools) C:\Users\admin\Downloads\TFC.exe
2014-03-05 13:22 - 2014-03-05 13:22 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Mozilla
2014-03-05 13:22 - 2014-03-05 13:22 - 00000000 ____D () C:\Users\admin\AppData\Local\Mozilla
2014-03-05 13:10 - 2014-03-05 13:10 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Avira
2014-03-05 13:09 - 2014-03-05 13:09 - 00000000 ____D () C:\Users\admin\AppData\Local\Samsung
2014-03-05 13:05 - 2014-03-05 13:05 - 00001450 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-05 13:05 - 2014-03-05 13:05 - 00001202 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Adobe
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin\AppData\Local\Power2Go8
2014-03-05 13:05 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Local\Packages
2014-03-05 13:05 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin
2014-03-05 13:04 - 2014-03-05 13:04 - 00000020 ___SH () C:\Users\admin\ntuser.ini
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Vorlagen
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Startmenü
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Netzwerkumgebung
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Lokale Einstellungen
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Eigene Dateien
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Druckumgebung
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Documents\Eigene Musik
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Documents\Eigene Bilder
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Local\Verlauf
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Local\Anwendungsdaten
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Anwendungsdaten
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Intel
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Infineon
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Local\VirtualStore
2014-03-05 12:55 - 2014-02-23 17:10 - 00103316 _____ () C:\windows\PFRO.log
2014-03-05 12:55 - 2012-07-26 08:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-05 12:45 - 2014-03-05 12:53 - 00030812 _____ () C:\Users\admin\Desktop\AVSCAN-20140305-102108-F0976F23.LOG
2014-03-05 11:54 - 2014-02-21 15:55 - 01463781 _____ () C:\windows\WindowsUpdate.log
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\Malwarebytes
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-05 06:47 - 2014-03-05 06:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\admin\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-04 21:19 - 2014-03-04 21:19 - 00000000 ____D () C:\Program Files\Intel Corporation
2014-03-04 21:19 - 2014-02-23 07:41 - 00001207 _____ () C:\windows\setupact.log
2014-03-04 21:19 - 2012-08-23 18:18 - 00000000 ____D () C:\ProgramData\Intel
2014-03-04 21:09 - 2014-03-04 21:09 - 00000000 ____D () C:\windows\SysWOW64\NV
2014-03-04 21:09 - 2014-03-04 21:09 - 00000000 ____D () C:\windows\system32\NV
2014-03-04 21:09 - 2014-03-04 21:08 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-04 21:08 - 2014-03-04 21:08 - 00000020 ___SH () C:\Users\UpdatusUser.Samsung\ntuser.ini
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Vorlagen
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Startmenü
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Netzwerkumgebung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Lokale Einstellungen
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Eigene Dateien
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Druckumgebung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Documents\Eigene Musik
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Documents\Eigene Bilder
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Local\Verlauf
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Local\Anwendungsdaten
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Anwendungsdaten
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 ____D () C:\Users\UpdatusUser.Samsung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-04 21:08 - 2014-03-04 20:13 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-04 21:08 - 2012-08-23 18:41 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-04 21:08 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\Help
2014-03-04 21:06 - 2014-03-04 21:06 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-04 21:02 - 2012-08-23 18:56 - 00016814 _____ () C:\windows\system32\results.xml
2014-03-04 20:55 - 2012-08-23 18:18 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-04 20:54 - 2014-03-04 20:42 - 00000000 ____D () C:\windows\LastGood
2014-03-04 20:14 - 2014-03-04 20:14 - 00002192 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Help Desk.lnk
2014-03-04 20:12 - 2012-07-26 06:26 - 00524288 ___SH () C:\windows\system32\config\BBI
2014-03-04 19:55 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-03-04 19:28 - 2014-03-04 19:28 - 00003126 _____ () C:\windows\System32\Tasks\advRecovery
2014-03-04 19:28 - 2012-08-23 18:21 - 00000000 ____D () C:\Program Files\Samsung
2014-03-04 19:28 - 2012-08-23 18:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-04 18:08 - 2014-03-04 18:08 - 00000618 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TFC.lnk
2014-03-04 18:05 - 2014-03-04 18:05 - 00001202 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2014-03-04 16:34 - 2014-03-04 16:33 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-03-04 16:33 - 2014-03-04 16:33 - 00000000 ____D () C:\Users\Carina\Documents\PDF Architect Files
2014-03-04 16:33 - 2014-03-04 16:33 - 00000000 ____D () C:\Users\Carina\AppData\Roaming\pdfforge
2014-03-04 16:33 - 2014-03-04 16:33 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-03-04 16:29 - 2014-03-04 16:28 - 69734576 _____ (pdfforge ) C:\Users\admin\Downloads\PDFCreator-1_7_2_setup_offline.exe
2014-03-04 13:41 - 2012-08-24 10:54 - 03688970 _____ () C:\windows\system32\perfh007.dat
2014-03-04 13:41 - 2012-08-24 10:54 - 01034502 _____ () C:\windows\system32\perfc007.dat
2014-03-04 13:41 - 2012-07-26 08:28 - 00005430 _____ () C:\windows\system32\PerfStringBackup.INI
2014-03-03 19:29 - 2013-10-11 08:58 - 00000000 ____D () C:\ProgramData\Skype
2014-03-03 19:25 - 2013-10-11 08:58 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\Skype
2014-03-01 20:32 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\NDF
2014-03-01 15:12 - 2013-02-08 16:01 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-265458620-2719425478-174326876-1002
2014-03-01 15:02 - 2013-02-08 17:59 - 00000000 ____D () C:\Users\Carina\Documents\Outlook-Dateien
2014-02-28 13:23 - 2014-02-28 13:23 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Skype
2014-02-26 20:30 - 2014-02-26 20:29 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-26 20:30 - 2014-02-26 20:29 - 00000000 ____D () C:\Program Files\iTunes
2014-02-26 20:30 - 2014-02-26 20:29 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-26 20:29 - 2014-02-26 20:29 - 00000000 ____D () C:\Program Files\iPod
2014-02-26 20:26 - 2013-02-19 14:05 - 00000000 ____D () C:\ProgramData\Apple
2014-02-25 11:05 - 2013-02-11 22:17 - 00000000 ____D () C:\Users\Carina\AppData\Local\Adobe
2014-02-25 10:51 - 2014-02-25 10:51 - 01071000 _____ (Solid State Networks) C:\Users\admin\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-02-23 07:41 - 2014-02-23 07:41 - 00000000 _____ () C:\windows\setuperr.log
2014-02-22 23:07 - 2014-02-22 22:52 - 00000000 ____D () C:\Users\Carina\AppData\Roaming\Skype
2014-02-22 22:49 - 2013-12-26 10:32 - 00000000 ____D () C:\Users\Carina\Desktop\Beijing_APR13
2014-02-22 14:02 - 2014-02-22 14:02 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Macromedia
2014-02-22 09:33 - 2013-11-23 08:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-22 09:32 - 2014-02-22 09:32 - 00005338 _____ () C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-22 09:32 - 2013-04-08 17:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-22 09:30 - 2014-02-22 09:29 - 00921000 _____ (Oracle Corporation) C:\Users\admin\Downloads\jxpiinstall.exe
2014-02-22 00:56 - 2013-10-11 05:50 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\CrashDumps
2014-02-21 00:58 - 2013-05-13 15:26 - 00000000 ____D () C:\Users\Carina\AppData\Local\CrashDumps
2014-02-21 00:58 - 2013-02-08 19:11 - 00000000 ____D () C:\windows\Minidump
2014-02-21 00:58 - 2012-08-05 23:07 - 00000000 ____D () C:\windows\Panther
2014-02-21 00:56 - 2014-02-21 00:56 - 00002774 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-02-21 00:56 - 2014-02-21 00:56 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-21 00:55 - 2014-02-21 00:55 - 03645064 _____ (Piriform Ltd) C:\Users\admin\Downloads\ccsetup410_slim.exe
2014-02-20 21:43 - 2013-02-17 13:05 - 00003772 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-02-20 19:10 - 2014-02-20 19:08 - 137004504 _____ () C:\Users\Carina\Downloads\avira_free_antivirus1403_de.exe
2014-02-20 18:11 - 2013-02-13 16:15 - 00000000 ____D () C:\Users\Carina\AppData\Local\Mozilla
2014-02-20 11:56 - 2014-02-20 11:56 - 00000000 ____D () C:\Users\Carina\AppData\Local\AskPartnerNetwork
2014-02-20 11:56 - 2013-10-10 13:05 - 00000000 ____D () C:\Users\Carina\AppData\Local\Google
2014-02-20 11:56 - 2013-10-10 13:05 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-20 11:53 - 2014-02-20 11:53 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\Mozilla
2014-02-20 11:53 - 2014-02-20 11:53 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Mozilla
2014-02-20 11:52 - 2014-02-20 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-20 11:52 - 2014-02-20 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-20 11:49 - 2014-02-20 11:49 - 24490112 _____ (Mozilla) C:\Users\admin\Downloads\Firefox_Setup_27.0.1.exe
2014-02-19 07:52 - 2013-07-26 18:21 - 00000000 ____D () C:\windows\system32\MRT
2014-02-19 07:49 - 2013-02-10 20:05 - 88567024 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-02-17 23:03 - 2014-02-21 20:37 - 00694240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-02-17 23:03 - 2014-02-21 20:37 - 00078304 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-16 17:10 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\rescache
2014-02-16 15:20 - 2013-02-08 17:46 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-16 15:07 - 2012-07-26 06:26 - 00000167 _____ () C:\windows\win.ini

Files to move or delete:
====================
C:\ProgramData\ECReset_Partition.bat
C:\ProgramData\ExpressCacheRun.exe
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\avgnt.exe
C:\Users\Gaspar\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-26 09:51

==================== End Of Log ============================
         
--- --- ---



Beste Grüße,
grasp
__________________

Alt 06.03.2014, 13:24   #4
schrauber
/// the machine
/// TB-Ausbilder
 

MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A" - Standard

MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A"



Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.03.2014, 15:47   #5
grasp
 
MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A" - Standard

MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A"



Hallo schrauber,

soll ich mit Defogger ein "disable" machen vor dem Suchlauf mit AdwCleaner und JRT?

Gruß

grasp

Anbei Log-Dateien

-AdwCleaner

Code:
ATTFilter
# AdwCleaner v3.020 - Bericht erstellt am 07/03/2014 um 16:13:30
# Aktualisiert 27/02/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : admin - SAMSUNG
# Gestartet von : C:\Users\admin\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\BitGuard
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\ProgramData\BrowserProtect
Ordner Gelöscht : C:\Users\Carina\AppData\Local\iLivid
Ordner Gelöscht : C:\Users\Carina\AppData\Local\torch
Ordner Gelöscht : C:\Users\Carina\AppData\LocalLow\searchresultstb
Ordner Gelöscht : C:\Users\Carina\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Carina\AppData\Roaming\Mozilla\Firefox\Profiles\y8er3maw.default\ilividmoviestoolbardla
Datei Gelöscht : C:\Users\Carina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\torch
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - toolbar\datamngr\mgrldr.dll,
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - Toolbar\Datamngr\x64\mgrldr.dll

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16798


-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\Carina\AppData\Roaming\Mozilla\Firefox\Profiles\y8er3maw.default\prefs.js ]


[ Datei : C:\Users\Gaspar\AppData\Roaming\Mozilla\Firefox\Profiles\2wiz3xsu.default\prefs.js ]


[ Datei : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\96wfh7vu.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [3716 octets] - [07/03/2014 15:55:12]
AdwCleaner[S0].txt - [3649 octets] - [07/03/2014 16:13:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3709 octets] ##########
         
-JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8 x64
Ran by admin on 07.03.2014 at 16:23:10,24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Failed to delete: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
Failed to delete: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\apntbmon



~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\torchsetupfull_rasapi32
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\torchsetupfull_rasmancs
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\torchsetupfull_rasapi32
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\torchsetupfull_rasmancs
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup-r390-n-bi_RASAPI32
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup-r390-n-bi_RASMANCS
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SetupDataMngr_iLivid_RASAPI32
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SetupDataMngr_iLivid_RASMANCS
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup-r390-n-bi_RASAPI32
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup-r390-n-bi_RASMANCS
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_iLivid_RASAPI32
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_iLivid_RASMANCS



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\apn"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.03.2014 at 16:30:59,56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

-neues FRST-Scan


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2014
Ran by admin (administrator) on SAMSUNG on 07-03-2014 16:41:18
Running from C:\Users\admin\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\PSDrt.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\SpTna.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) C:\windows\system32\igfxext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7818040 2013-09-19] (Motorola Solutions, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758160 2014-02-13] (APN)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Program Files (x86)\Movies ,C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [245872 2013-01-11] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\program files (x86)\movies C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [201576 2013-01-11] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKLM - DefaultScope {C46AB014-AC2D-4E36-8028-703D4BBD0C91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM - {C46AB014-AC2D-4E36-8028-703D4BBD0C91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - {C46AB014-AC2D-4E36-8028-703D4BBD0C91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\96wfh7vu.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\96wfh7vu.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-03-05]
FF Extension: NoScript - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\96wfh7vu.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-07]
FF Extension: Adblock Plus - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\96wfh7vu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-05]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-04]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] (APN LLC.)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-08-26] (Samsung Electronics CO., LTD.)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [102224 2012-08-17] (Condusiv Technologies)
R2 IFXSpMgtSrv; C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe [1141656 2012-08-05] (Infineon Technologies AG)
R2 IFXTCS; C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe [994200 2012-08-05] (Infineon Technologies AG)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PersonalSecureDriveService; C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe [212888 2012-08-05] (Infineon Technologies AG)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-18] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 cmntnet; C:\Windows\system32\DRIVERS\cmntnet.sys [141824 2013-02-28] (Wireless Data Device)
S3 cmnuusbser; C:\Windows\system32\DRIVERS\cmnuusbser.sys [123904 2013-02-28] (Wireless Device)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23376 2012-08-17] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [103248 2012-08-17] (Condusiv Technologies)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2012-02-03] (Infineon Technologies AG)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-12-07] (Windows (R) 2003 DDK 3790 provider)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 hwdatacard; \SystemRoot\system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; \SystemRoot\system32\DRIVERS\ewusbdev.sys [X]
S3 SBIOSIO; \??\C:\Windows\Temp\SBIOSIO64.SYS [X]
S3 TDKLIB; \??\C:\Users\Gaspar\AppData\Local\Temp\TdkLib64.sys [X]
S3 TVICPORT; \??\C:\windows\system32\DRIVERS\TVICPORT.SYS [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-07 16:41 - 2014-03-07 16:41 - 02156544 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2014-03-07 16:41 - 2014-03-07 16:41 - 00019234 _____ () C:\Users\admin\Desktop\FRST.txt
2014-03-07 16:41 - 2014-03-07 16:41 - 00000000 ____D () C:\Users\admin\Desktop\FRST-OlderVersion
2014-03-07 16:30 - 2014-03-07 16:30 - 00002721 _____ () C:\Users\admin\Desktop\JRT.txt
2014-03-07 16:23 - 2014-03-07 16:23 - 00000000 ____D () C:\windows\ERUNT
2014-03-07 16:18 - 2014-03-07 16:18 - 00003797 _____ () C:\Users\admin\Desktop\AdwCleaner[S0].txt
2014-03-07 15:54 - 2014-03-07 16:15 - 00000000 ____D () C:\AdwCleaner
2014-03-07 15:16 - 2014-03-07 15:16 - 01037734 _____ (Thisisu) C:\Users\admin\Desktop\JRT.exe
2014-03-07 15:14 - 2014-03-07 15:14 - 01244192 _____ () C:\Users\admin\Desktop\adwcleaner.exe
2014-03-06 11:53 - 2014-03-06 11:53 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Macromedia
2014-03-06 11:53 - 2014-03-06 11:53 - 00000000 ____D () C:\Users\admin\AppData\Local\Macromedia
2014-03-05 20:38 - 2013-12-07 07:36 - 19751936 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-03-05 20:38 - 2013-12-07 06:15 - 17560576 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-03-05 20:24 - 2014-03-05 20:24 - 00000000 ____D () C:\windows\softwaredistribution.bak1
2014-03-05 19:58 - 2014-03-05 19:58 - 00001225 _____ () C:\windows\IE11_main.log
2014-03-05 18:57 - 2014-03-05 18:58 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-05 18:57 - 2014-03-05 18:58 - 00000000 ____D () C:\Program Files\iTunes
2014-03-05 18:57 - 2014-03-05 18:58 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-05 18:57 - 2014-03-05 18:57 - 00000000 ____D () C:\Program Files\iPod
2014-03-05 18:56 - 2014-03-05 18:56 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Apple Computer
2014-03-05 18:56 - 2014-03-05 18:56 - 00000000 ____D () C:\Users\admin\AppData\Local\Apple Computer
2014-03-05 18:52 - 2014-03-05 18:52 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\vlc
2014-03-05 18:37 - 2014-03-05 18:37 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-03-05 18:35 - 2014-03-05 18:35 - 00000000 ____D () C:\Users\admin\AppData\Local\Secunia PSI
2014-03-05 18:34 - 2014-03-05 18:34 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-03-05 18:30 - 2014-03-05 18:30 - 05329480 _____ (Secunia) C:\Users\admin\Downloads\PSISetup_3.0.0.9016.exe
2014-03-05 18:15 - 2014-03-05 18:15 - 00000000 _____ () C:\Users\admin\agent.log
2014-03-05 18:05 - 2014-03-05 18:06 - 00035593 _____ () C:\Users\admin\Desktop\Addition.txt
2014-03-05 18:02 - 2014-03-07 16:41 - 00000000 ____D () C:\FRST
2014-03-05 13:59 - 2014-03-05 13:59 - 00000291 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk
2014-03-05 13:37 - 2014-03-05 13:37 - 00000291 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk
2014-03-05 13:29 - 2014-03-05 18:17 - 00000000 ____D () C:\Users\admin\Desktop\clean MRZ14
2014-03-05 13:28 - 2014-03-05 13:28 - 00000858 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TFC.lnk
2014-03-05 13:26 - 2014-03-05 13:26 - 00448512 _____ (OldTimer Tools) C:\Users\admin\Downloads\TFC.exe
2014-03-05 13:22 - 2014-03-05 13:22 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Mozilla
2014-03-05 13:22 - 2014-03-05 13:22 - 00000000 ____D () C:\Users\admin\AppData\Local\Mozilla
2014-03-05 13:10 - 2014-03-07 15:40 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-265458620-2719425478-174326876-1007
2014-03-05 13:10 - 2014-03-05 13:10 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Avira
2014-03-05 13:09 - 2014-03-05 13:09 - 00000000 ____D () C:\Users\admin\AppData\Local\Samsung
2014-03-05 13:05 - 2014-03-05 20:47 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-05 13:05 - 2014-03-05 20:47 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-05 13:05 - 2014-03-05 13:05 - 00001450 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-05 13:05 - 2014-03-05 13:05 - 00001202 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Adobe
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin\AppData\Local\Power2Go8
2014-03-05 13:04 - 2014-03-05 18:15 - 00000000 ____D () C:\Users\admin
2014-03-05 13:04 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin\AppData\Local\Packages
2014-03-05 13:04 - 2014-03-05 13:04 - 00000020 ___SH () C:\Users\admin\ntuser.ini
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Vorlagen
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Startmenü
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Netzwerkumgebung
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Lokale Einstellungen
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Eigene Dateien
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Druckumgebung
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Documents\Eigene Musik
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Documents\Eigene Bilder
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Local\Verlauf
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Local\Anwendungsdaten
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Anwendungsdaten
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Intel
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Infineon
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Local\VirtualStore
2014-03-05 13:04 - 2013-09-14 20:29 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-05 13:04 - 2013-07-01 23:43 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-05 13:04 - 2013-02-09 19:28 - 00000000 ____D () C:\Users\admin\AppData\Local\Microsoft Help
2014-03-05 13:04 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-05 13:04 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\Malwarebytes
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-05 06:49 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-03-05 06:47 - 2014-03-05 06:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\admin\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-04 21:19 - 2014-03-04 21:19 - 00000000 ____D () C:\Program Files\Intel Corporation
2014-03-04 21:09 - 2014-03-04 21:09 - 00000000 ____D () C:\windows\SysWOW64\NV
2014-03-04 21:09 - 2014-03-04 21:09 - 00000000 ____D () C:\windows\system32\NV
2014-03-04 21:08 - 2014-03-04 21:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-04 21:08 - 2014-03-04 21:08 - 00000020 ___SH () C:\Users\UpdatusUser.Samsung\ntuser.ini
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Vorlagen
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Startmenü
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Netzwerkumgebung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Lokale Einstellungen
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Eigene Dateien
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Druckumgebung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Documents\Eigene Musik
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Documents\Eigene Bilder
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Local\Verlauf
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Local\Anwendungsdaten
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Anwendungsdaten
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 ____D () C:\Users\UpdatusUser.Samsung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-04 21:08 - 2013-09-14 20:29 - 00000000 ___RD () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-04 21:08 - 2013-07-01 23:43 - 00000000 ___RD () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-04 21:08 - 2013-02-09 19:28 - 00000000 ____D () C:\Users\UpdatusUser.Samsung\AppData\Local\Microsoft Help
2014-03-04 21:08 - 2013-01-10 22:37 - 06382880 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2014-03-04 21:08 - 2013-01-10 22:37 - 03460896 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2014-03-04 21:08 - 2013-01-10 22:36 - 02934933 _____ () C:\windows\system32\nvcoproc.bin
2014-03-04 21:08 - 2013-01-10 22:36 - 02558240 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2014-03-04 21:08 - 2013-01-10 22:36 - 00997664 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshext.dll
2014-03-04 21:08 - 2013-01-10 22:36 - 00884512 _____ (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
2014-03-04 21:08 - 2013-01-10 22:36 - 00118560 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2014-03-04 21:08 - 2013-01-10 22:36 - 00063776 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2014-03-04 21:08 - 2013-01-10 22:36 - 00055584 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshextr.dll
2014-03-04 21:08 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-04 21:08 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-04 21:06 - 2014-03-04 21:06 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-04 21:05 - 2013-01-11 05:45 - 26931488 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 25256224 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 20450080 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 18054672 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 17560352 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 15129448 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 15052728 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 12641480 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 11009312 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2014-03-04 21:05 - 2013-01-11 05:45 - 09390760 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 07932256 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 07565088 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 06263632 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 02904352 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 02824504 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 02720544 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 02504096 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 02344736 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvenc.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 01985824 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvenc.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 01814304 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco64.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 01510176 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco64.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 01107440 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00958120 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00420128 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00364832 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00245872 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00201576 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00030496 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvpciflt.sys
2014-03-04 21:05 - 2013-01-11 05:45 - 00017266 _____ () C:\windows\system32\nvinfo.pb
2014-03-04 20:14 - 2014-03-04 20:14 - 00002192 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Help Desk.lnk
2014-03-04 20:13 - 2014-03-04 21:08 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-04 19:28 - 2014-03-04 19:28 - 00003126 _____ () C:\windows\System32\Tasks\advRecovery
2014-03-04 18:08 - 2014-03-04 18:08 - 00000618 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TFC.lnk
2014-03-04 18:05 - 2014-03-04 18:05 - 00001202 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2014-03-04 16:33 - 2014-03-04 16:34 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-03-04 16:33 - 2014-03-04 16:33 - 00000000 ____D () C:\Users\Carina\Documents\PDF Architect Files
2014-03-04 16:33 - 2014-03-04 16:33 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-03-04 16:33 - 2013-04-09 14:13 - 00110264 _____ (pdfforge GmbH) C:\windows\system32\pdfcmon.dll
2014-03-04 16:33 - 2012-05-05 10:54 - 00662288 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSCOMCT2.OCX
2014-03-04 16:33 - 2012-05-05 10:54 - 00137000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMAPI32.OCX
2014-03-04 16:33 - 2012-05-05 10:54 - 00023552 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPIDE.DLL
2014-03-04 16:33 - 1998-07-06 17:56 - 00125712 _____ (Microsoft Corporation) C:\windows\SysWOW64\VB6DE.DLL
2014-03-04 16:33 - 1998-07-06 17:55 - 00158208 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSCMCDE.DLL
2014-03-04 16:33 - 1998-07-06 17:55 - 00064512 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSCC2DE.DLL
2014-03-04 16:28 - 2014-03-04 16:29 - 69734576 _____ (pdfforge ) C:\Users\admin\Downloads\PDFCreator-1_7_2_setup_offline.exe
2014-02-28 13:23 - 2014-02-28 13:23 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Skype
2014-02-25 10:51 - 2014-02-25 10:51 - 01071000 _____ (Solid State Networks) C:\Users\admin\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-02-23 17:10 - 2014-03-06 11:39 - 00103870 _____ () C:\windows\PFRO.log
2014-02-23 07:41 - 2014-03-05 20:54 - 00002487 _____ () C:\windows\setupact.log
2014-02-23 07:41 - 2014-02-23 07:41 - 00000000 _____ () C:\windows\setuperr.log
2014-02-22 22:52 - 2014-02-22 23:07 - 00000000 ____D () C:\Users\Carina\AppData\Roaming\Skype
2014-02-22 14:02 - 2014-02-22 14:02 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Macromedia
2014-02-22 09:32 - 2014-02-22 09:32 - 00005338 _____ () C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-22 09:32 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-22 09:32 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-02-22 09:32 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-02-22 09:32 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-02-22 09:29 - 2014-02-22 09:30 - 00921000 _____ (Oracle Corporation) C:\Users\admin\Downloads\jxpiinstall.exe
2014-02-21 20:37 - 2014-02-17 23:03 - 00694240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 20:37 - 2014-02-17 23:03 - 00078304 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 15:55 - 2014-03-07 16:37 - 01403047 _____ () C:\windows\WindowsUpdate.log
2014-02-21 00:56 - 2014-02-21 00:56 - 00002774 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-02-21 00:56 - 2014-02-21 00:56 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-21 00:55 - 2014-02-21 00:55 - 03645064 _____ (Piriform Ltd) C:\Users\admin\Downloads\ccsetup410_slim.exe
2014-02-20 19:08 - 2014-02-20 19:10 - 137004504 _____ () C:\Users\Carina\Downloads\avira_free_antivirus1403_de.exe
2014-02-20 11:56 - 2014-02-20 11:56 - 00000000 ____D () C:\Users\Carina\AppData\Local\AskPartnerNetwork
2014-02-20 11:53 - 2014-02-20 11:53 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\Mozilla
2014-02-20 11:53 - 2014-02-20 11:53 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Mozilla
2014-02-20 11:52 - 2014-02-20 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-20 11:52 - 2014-02-20 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-20 11:49 - 2014-02-20 11:49 - 24490112 _____ (Mozilla) C:\Users\admin\Downloads\Firefox_Setup_27.0.1.exe
2014-02-16 13:06 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-16 13:06 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-16 13:06 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-16 13:06 - 2014-02-01 10:19 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-02-16 13:06 - 2014-02-01 10:19 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-16 13:06 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-16 13:06 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-16 13:06 - 2014-02-01 08:58 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-16 13:06 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-16 13:06 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-16 13:06 - 2014-02-01 06:08 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-02-16 13:05 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-16 13:05 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-16 13:05 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-16 13:05 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-16 13:05 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-16 13:05 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-02-16 13:05 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-02-16 13:05 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-02-16 13:04 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-02-16 13:04 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-16 13:04 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-02-16 13:04 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-02-16 13:04 - 2013-11-27 01:19 - 00385614 _____ () C:\windows\system32\ApnDatabase.xml
2014-02-16 13:04 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2014-02-16 13:04 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-02-16 09:42 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-02-16 09:42 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-02-16 09:42 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-02-16 09:42 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll

==================== One Month Modified Files and Folders =======

2014-03-07 16:41 - 2014-03-07 16:41 - 02156544 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2014-03-07 16:41 - 2014-03-07 16:41 - 00019234 _____ () C:\Users\admin\Desktop\FRST.txt
2014-03-07 16:41 - 2014-03-07 16:41 - 00000000 ____D () C:\Users\admin\Desktop\FRST-OlderVersion
2014-03-07 16:41 - 2014-03-05 18:02 - 00000000 ____D () C:\FRST
2014-03-07 16:38 - 2012-08-23 18:53 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-03-07 16:37 - 2014-02-21 15:55 - 01403047 _____ () C:\windows\WindowsUpdate.log
2014-03-07 16:30 - 2014-03-07 16:30 - 00002721 _____ () C:\Users\admin\Desktop\JRT.txt
2014-03-07 16:23 - 2014-03-07 16:23 - 00000000 ____D () C:\windows\ERUNT
2014-03-07 16:20 - 2012-08-23 18:50 - 00000000 ____D () C:\ProgramData\WinClon
2014-03-07 16:18 - 2014-03-07 16:18 - 00003797 _____ () C:\Users\admin\Desktop\AdwCleaner[S0].txt
2014-03-07 16:16 - 2012-07-26 08:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-07 16:15 - 2014-03-07 15:54 - 00000000 ____D () C:\AdwCleaner
2014-03-07 16:00 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\sru
2014-03-07 15:43 - 2013-02-17 13:05 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-03-07 15:42 - 2012-08-24 10:54 - 03752154 _____ () C:\windows\system32\perfh007.dat
2014-03-07 15:42 - 2012-08-24 10:54 - 01053446 _____ () C:\windows\system32\perfc007.dat
2014-03-07 15:42 - 2012-07-26 08:28 - 00005430 _____ () C:\windows\system32\PerfStringBackup.INI
2014-03-07 15:40 - 2014-03-05 13:10 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-265458620-2719425478-174326876-1007
2014-03-07 15:30 - 2013-02-08 17:59 - 00000000 ____D () C:\Users\Carina\Documents\Outlook-Dateien
2014-03-07 15:16 - 2014-03-07 15:16 - 01037734 _____ (Thisisu) C:\Users\admin\Desktop\JRT.exe
2014-03-07 15:14 - 2014-03-07 15:14 - 01244192 _____ () C:\Users\admin\Desktop\adwcleaner.exe
2014-03-07 14:34 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\NDF
2014-03-06 18:45 - 2013-02-08 16:01 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-265458620-2719425478-174326876-1002
2014-03-06 18:36 - 2013-02-08 15:55 - 00000000 ___RD () C:\Users\Carina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-06 18:36 - 2013-02-08 15:55 - 00000000 ___RD () C:\Users\Carina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-06 13:37 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-03-06 13:17 - 2013-10-10 07:55 - 00000000 ___RD () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-06 13:17 - 2013-10-10 07:55 - 00000000 ___RD () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-06 11:53 - 2014-03-06 11:53 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Macromedia
2014-03-06 11:53 - 2014-03-06 11:53 - 00000000 ____D () C:\Users\admin\AppData\Local\Macromedia
2014-03-06 11:39 - 2014-02-23 17:10 - 00103870 _____ () C:\windows\PFRO.log
2014-03-06 11:39 - 2012-07-26 06:26 - 00524288 ___SH () C:\windows\system32\config\BBI
2014-03-05 20:56 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-03-05 20:54 - 2014-02-23 07:41 - 00002487 _____ () C:\windows\setupact.log
2014-03-05 20:47 - 2014-03-05 13:05 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-05 20:47 - 2014-03-05 13:05 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-05 20:44 - 2012-07-26 09:12 - 00000000 ___RD () C:\windows\ToastData
2014-03-05 20:24 - 2014-03-05 20:24 - 00000000 ____D () C:\windows\softwaredistribution.bak1
2014-03-05 19:58 - 2014-03-05 19:58 - 00001225 _____ () C:\windows\IE11_main.log
2014-03-05 19:45 - 2013-10-10 08:01 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-265458620-2719425478-174326876-1003
2014-03-05 18:58 - 2014-03-05 18:57 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-05 18:58 - 2014-03-05 18:57 - 00000000 ____D () C:\Program Files\iTunes
2014-03-05 18:58 - 2014-03-05 18:57 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-05 18:57 - 2014-03-05 18:57 - 00000000 ____D () C:\Program Files\iPod
2014-03-05 18:56 - 2014-03-05 18:56 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Apple Computer
2014-03-05 18:56 - 2014-03-05 18:56 - 00000000 ____D () C:\Users\admin\AppData\Local\Apple Computer
2014-03-05 18:52 - 2014-03-05 18:52 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\vlc
2014-03-05 18:37 - 2014-03-05 18:37 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-03-05 18:35 - 2014-03-05 18:35 - 00000000 ____D () C:\Users\admin\AppData\Local\Secunia PSI
2014-03-05 18:34 - 2014-03-05 18:34 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-03-05 18:30 - 2014-03-05 18:30 - 05329480 _____ (Secunia) C:\Users\admin\Downloads\PSISetup_3.0.0.9016.exe
2014-03-05 18:17 - 2014-03-05 13:29 - 00000000 ____D () C:\Users\admin\Desktop\clean MRZ14
2014-03-05 18:15 - 2014-03-05 18:15 - 00000000 _____ () C:\Users\admin\agent.log
2014-03-05 18:15 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin
2014-03-05 18:06 - 2014-03-05 18:05 - 00035593 _____ () C:\Users\admin\Desktop\Addition.txt
2014-03-05 13:59 - 2014-03-05 13:59 - 00000291 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk
2014-03-05 13:37 - 2014-03-05 13:37 - 00000291 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk
2014-03-05 13:28 - 2014-03-05 13:28 - 00000858 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TFC.lnk
2014-03-05 13:26 - 2014-03-05 13:26 - 00448512 _____ (OldTimer Tools) C:\Users\admin\Downloads\TFC.exe
2014-03-05 13:22 - 2014-03-05 13:22 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Mozilla
2014-03-05 13:22 - 2014-03-05 13:22 - 00000000 ____D () C:\Users\admin\AppData\Local\Mozilla
2014-03-05 13:10 - 2014-03-05 13:10 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Avira
2014-03-05 13:09 - 2014-03-05 13:09 - 00000000 ____D () C:\Users\admin\AppData\Local\Samsung
2014-03-05 13:05 - 2014-03-05 13:05 - 00001450 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-05 13:05 - 2014-03-05 13:05 - 00001202 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Adobe
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin\AppData\Local\Power2Go8
2014-03-05 13:05 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Local\Packages
2014-03-05 13:04 - 2014-03-05 13:04 - 00000020 ___SH () C:\Users\admin\ntuser.ini
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Vorlagen
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Startmenü
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Netzwerkumgebung
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Lokale Einstellungen
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Eigene Dateien
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Druckumgebung
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Documents\Eigene Musik
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Documents\Eigene Bilder
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Local\Verlauf
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Local\Anwendungsdaten
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Anwendungsdaten
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Intel
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Infineon
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Local\VirtualStore
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\Malwarebytes
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-05 06:47 - 2014-03-05 06:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\admin\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-04 21:19 - 2014-03-04 21:19 - 00000000 ____D () C:\Program Files\Intel Corporation
2014-03-04 21:19 - 2012-08-23 18:18 - 00000000 ____D () C:\ProgramData\Intel
2014-03-04 21:09 - 2014-03-04 21:09 - 00000000 ____D () C:\windows\SysWOW64\NV
2014-03-04 21:09 - 2014-03-04 21:09 - 00000000 ____D () C:\windows\system32\NV
2014-03-04 21:09 - 2014-03-04 21:08 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-04 21:08 - 2014-03-04 21:08 - 00000020 ___SH () C:\Users\UpdatusUser.Samsung\ntuser.ini
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Vorlagen
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Startmenü
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Netzwerkumgebung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Lokale Einstellungen
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Eigene Dateien
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Druckumgebung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Documents\Eigene Musik
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Documents\Eigene Bilder
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Local\Verlauf
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Local\Anwendungsdaten
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Anwendungsdaten
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 ____D () C:\Users\UpdatusUser.Samsung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-04 21:08 - 2014-03-04 20:13 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-04 21:08 - 2012-08-23 18:41 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-04 21:08 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\Help
2014-03-04 21:06 - 2014-03-04 21:06 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-04 21:02 - 2012-08-23 18:56 - 00016814 _____ () C:\windows\system32\results.xml
2014-03-04 20:55 - 2012-08-23 18:18 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-04 20:14 - 2014-03-04 20:14 - 00002192 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Help Desk.lnk
2014-03-04 19:28 - 2014-03-04 19:28 - 00003126 _____ () C:\windows\System32\Tasks\advRecovery
2014-03-04 19:28 - 2012-08-23 18:21 - 00000000 ____D () C:\Program Files\Samsung
2014-03-04 19:28 - 2012-08-23 18:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-04 18:08 - 2014-03-04 18:08 - 00000618 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TFC.lnk
2014-03-04 18:05 - 2014-03-04 18:05 - 00001202 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2014-03-04 16:34 - 2014-03-04 16:33 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-03-04 16:33 - 2014-03-04 16:33 - 00000000 ____D () C:\Users\Carina\Documents\PDF Architect Files
2014-03-04 16:33 - 2014-03-04 16:33 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-03-04 16:29 - 2014-03-04 16:28 - 69734576 _____ (pdfforge ) C:\Users\admin\Downloads\PDFCreator-1_7_2_setup_offline.exe
2014-03-03 19:29 - 2013-10-11 08:58 - 00000000 ____D () C:\ProgramData\Skype
2014-03-03 19:25 - 2013-10-11 08:58 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\Skype
2014-02-28 13:23 - 2014-02-28 13:23 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Skype
2014-02-26 20:26 - 2013-02-19 14:05 - 00000000 ____D () C:\ProgramData\Apple
2014-02-25 11:05 - 2013-02-11 22:17 - 00000000 ____D () C:\Users\Carina\AppData\Local\Adobe
2014-02-25 10:51 - 2014-02-25 10:51 - 01071000 _____ (Solid State Networks) C:\Users\admin\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-02-23 07:41 - 2014-02-23 07:41 - 00000000 _____ () C:\windows\setuperr.log
2014-02-22 23:07 - 2014-02-22 22:52 - 00000000 ____D () C:\Users\Carina\AppData\Roaming\Skype
2014-02-22 22:49 - 2013-12-26 10:32 - 00000000 ____D () C:\Users\Carina\Desktop\Beijing_APR13
2014-02-22 14:02 - 2014-02-22 14:02 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Macromedia
2014-02-22 09:33 - 2013-11-23 08:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-22 09:32 - 2014-02-22 09:32 - 00005338 _____ () C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-22 09:32 - 2013-04-08 17:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-22 09:30 - 2014-02-22 09:29 - 00921000 _____ (Oracle Corporation) C:\Users\admin\Downloads\jxpiinstall.exe
2014-02-22 00:56 - 2013-10-11 05:50 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\CrashDumps
2014-02-21 15:55 - 2012-08-23 18:21 - 00000000 ____D () C:\windows\softwaredistribution.bak
2014-02-21 00:58 - 2013-05-13 15:26 - 00000000 ____D () C:\Users\Carina\AppData\Local\CrashDumps
2014-02-21 00:58 - 2013-02-08 19:11 - 00000000 ____D () C:\windows\Minidump
2014-02-21 00:58 - 2012-08-05 23:07 - 00000000 ____D () C:\windows\Panther
2014-02-21 00:56 - 2014-02-21 00:56 - 00002774 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-02-21 00:56 - 2014-02-21 00:56 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-21 00:55 - 2014-02-21 00:55 - 03645064 _____ (Piriform Ltd) C:\Users\admin\Downloads\ccsetup410_slim.exe
2014-02-20 21:43 - 2013-02-17 13:05 - 00003772 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-02-20 19:10 - 2014-02-20 19:08 - 137004504 _____ () C:\Users\Carina\Downloads\avira_free_antivirus1403_de.exe
2014-02-20 18:11 - 2013-02-13 16:15 - 00000000 ____D () C:\Users\Carina\AppData\Local\Mozilla
2014-02-20 11:56 - 2014-02-20 11:56 - 00000000 ____D () C:\Users\Carina\AppData\Local\AskPartnerNetwork
2014-02-20 11:56 - 2013-10-10 13:05 - 00000000 ____D () C:\Users\Carina\AppData\Local\Google
2014-02-20 11:56 - 2013-10-10 13:05 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-20 11:53 - 2014-02-20 11:53 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\Mozilla
2014-02-20 11:53 - 2014-02-20 11:53 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Mozilla
2014-02-20 11:52 - 2014-02-20 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-20 11:52 - 2014-02-20 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-20 11:49 - 2014-02-20 11:49 - 24490112 _____ (Mozilla) C:\Users\admin\Downloads\Firefox_Setup_27.0.1.exe
2014-02-19 07:52 - 2013-07-26 18:21 - 00000000 ____D () C:\windows\system32\MRT
2014-02-19 07:49 - 2013-02-10 20:05 - 88567024 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-02-17 23:03 - 2014-02-21 20:37 - 00694240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-02-17 23:03 - 2014-02-21 20:37 - 00078304 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-16 17:10 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\rescache
2014-02-16 15:20 - 2013-02-08 17:46 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-16 15:07 - 2012-07-26 06:26 - 00000167 _____ () C:\windows\win.ini

Files to move or delete:
====================
C:\ProgramData\ECReset_Partition.bat
C:\ProgramData\ExpressCacheRun.exe
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\avgnt.exe
C:\Users\admin\AppData\Local\Temp\Quarantine.exe
C:\Users\Carina\AppData\Local\Temp\avgnt.exe
C:\Users\Gaspar\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-26 09:51

==================== End Of Log ============================
         
--- --- ---

--- --- ---



-neue Addition-Datei

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-03-2014
Ran by admin at 2014-03-07 16:42:24
Running from C:\Users\admin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4489 - APN, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Business - Intensivkurs English (HKLM-x32\...\BTEIK_16_690740) (Version:  - digital publishing AG)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ETDWare PS/2-X64 11.7.2.1_WHQL (HKLM\...\Elantech) (Version: 11.7.2.1 - ELAN Microelectronic Corp.)
ExpressCache (HKLM\...\{3EA6AB5D-D434-4ACA-9609-48F1319518EF}) (Version: 1.0.94 - Condusiv Technologies)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Harmony Browser Plug-in (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)
Infineon TPM Professional Package (HKLM\...\{D035AE8C-1161-4C90-908F-3380C1BE4B12}) (Version: 4.3.000.3137 - Infineon Technologies AG)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2857 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 16.1.1.0084 - Intel Corporation) Hidden
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
NVIDIA Grafiktreiber 311.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.00 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 311.00 (Version: 311.00 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.10.0 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.1.45 - Samsung Electronics CO., LTD.) Hidden
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Settings (HKLM-x32\...\{52E5DE60-C96B-42CC-9A37-FE04725940AE}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)
Support Center (HKLM\...\{5C20C1A9-75F9-4B6B-AAC3-9065C2AFB918}) (Version: 2.1.1106 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.11 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{DA06101F-FD76-4BF0-88BD-B26A197005E3}) (Version: 2.1.21 - Samsung Electronics CO., LTD.)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
User Guide (HKLM-x32\...\{5D4E117D-FC6A-4FB8-81E3-BEFFAE2F7BE6}) (Version: 1.1.00 - Samsung Electronics CO., LTD.)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass  (07/27/2012 20.57.1.735) (HKLM\...\9F04C462DAB591BDCCE784F77E4D4F1736010B92) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.)
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)

==================== Restore Points  =========================

05-03-2014 19:38:51 Windows Update

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0B9D82B9-45F6-478B-B8D7-D0F81C0A3BC2} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {4FA68840-A6A4-4914-9F81-D42A8A94944E} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2013-08-23] (SEC)
Task: {5B18F2B3-A5A0-470D-86D0-92827C3FBE53} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {705CB594-27B7-433C-BCEB-70BB7B3B7D8D} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {7A3AC97E-CF1E-4059-B163-8B36AB5D898F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8811F410-5E55-4C23-A49D-338646BB980F} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-08-26] (Samsung Electronics CO., LTD.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B40197B8-CC33-4798-B55E-E7AE291BF8D0} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20] (Adobe Systems Incorporated)
Task: {C5958EE2-0510-4AFE-9DD2-67D5AFF6DA1E} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D85D9FC0-4240-4EE0-B30B-E798745FC815} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {DF57B438-B83D-4149-B951-DC1F0872E6F3} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: {E7AD0D5F-911D-44C2-8F57-CBA1D3280604} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe

==================== Loaded Modules (whitelisted) =============

2012-08-26 10:48 - 2012-08-26 10:48 - 00076920 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2012-08-17 03:56 - 2012-08-16 05:23 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-10-16 18:15 - 2013-10-16 18:15 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\office.odf
2012-07-24 04:06 - 2012-07-24 04:06 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2013-11-23 10:11 - 2014-02-14 11:00 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00028280 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 01015416 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00026232 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00029816 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00091768 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2012-08-23 18:54 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 03:34 - 2012-06-08 03:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-08-23 18:39 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2011-08-15 12:12 - 2011-08-15 12:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2011-08-17 08:48 - 2011-08-17 08:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-08-15 12:15 - 2011-08-15 12:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 08:48 - 2011-08-17 08:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2012-06-14 03:54 - 2012-06-14 03:54 - 00071680 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ServiceManagerStarter.dll
2011-08-15 11:23 - 2011-08-15 11:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2011-08-15 12:12 - 2011-08-15 12:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2012-06-14 03:57 - 2012-06-14 03:57 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-17 08:41 - 2011-08-17 08:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2012-06-14 03:56 - 2012-06-14 03:56 - 00481792 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2012-06-14 04:06 - 2012-06-14 04:06 - 00500064 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2012-06-14 03:55 - 2012-06-14 03:55 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2011-07-19 08:05 - 2011-07-19 08:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-08-15 12:17 - 2011-08-15 12:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2011-07-19 08:04 - 2011-07-19 08:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2014-02-20 11:52 - 2014-02-13 01:36 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/07/2014 03:42:21 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (03/07/2014 03:42:21 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (03/07/2014 03:42:21 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (03/07/2014 03:34:14 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (03/07/2014 03:34:14 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (03/07/2014 03:34:14 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (03/07/2014 03:24:40 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (03/07/2014 03:24:40 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (03/07/2014 03:24:40 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (03/07/2014 02:48:36 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.


System errors:
=============
Error: (03/07/2014 04:16:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (03/06/2014 11:39:45 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (03/06/2014 11:37:15 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/06/2014 11:37:15 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/05/2014 08:53:15 PM) (Source: BTHUSB) (User: )
Description: Der lokale Adapter bietet keine Unterstützung für einen wichtigen Controllerstatus für energiearme Geräte. Die mindestens erforderliche unterstützte Statusmaske ist "0x1f7fffff", vorhanden ist jedoch "0x1f3fffff". Die Funktionalität für energiearme Geräte wird deaktiviert.

Error: (03/05/2014 08:46:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (03/05/2014 08:45:29 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

Error: (03/05/2014 08:43:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Bluetooth Device Monitor" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (03/05/2014 08:43:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Bluetooth Device Monitor" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (03/05/2014 08:43:27 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Bluetooth Device Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (03/07/2014 03:42:21 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F2030000E5050000

Error: (03/07/2014 03:42:21 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance163707000000000000000000008F020000

Error: (03/07/2014 03:42:21 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance163707000000000000000000008F020000

Error: (03/07/2014 03:34:14 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F2030000E5050000

Error: (03/07/2014 03:34:14 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance163707000000000000000000008F020000

Error: (03/07/2014 03:34:14 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance163707000000000000000000008F020000

Error: (03/07/2014 03:24:40 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F2030000E5050000

Error: (03/07/2014 03:24:40 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance163707000000000000000000008F020000

Error: (03/07/2014 03:24:40 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance163707000000000000000000008F020000

Error: (03/07/2014 02:48:36 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F2030000E5050000


==================== Memory info =========================== 

Percentage of memory in use: 38%
Total physical RAM: 7893.53 MB
Available physical RAM: 4845.46 MB
Total Pagefile: 15829.53 MB
Available Pagefile: 12857.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:907.17 GB) (Free:848.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: C185C1F2)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 74F02DEA)
Partition 1: (Not Active) - (Size=15 GB) - (Type=73)

==================== End Of Log ============================
         

Danke weiterhin für die Hilfe,

Gruß,
grasp


Alt 08.03.2014, 15:16   #6
schrauber
/// the machine
/// TB-Ausbilder
 

MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A" - Standard

MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A"




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A"

Alt 09.03.2014, 16:08   #7
grasp
 
MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A" - Standard

MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A"



Hallo,

anbei die Logfiles:

-ESET

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=a4da599176530a41be94f75376ae62fc
# engine=17373
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-09 03:39:05
# local_time=2014-03-09 04:39:06 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode=1799 16775165 100 94 5640 11139228 0 0
# compatibility_mode=5893 16776574 100 94 277591 21663021 0 0
# scanned=59600
# found=0
# cleaned=0
# scan_time=1291
         
-SecurityCheck

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.80  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop      
Windows Defender   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Secunia PSI (3.0.0.9016)   
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 51  
 Adobe Flash Player 	12.0.0.70  
 Adobe Reader 10.1.9 Adobe Reader out of Date!  
 Mozilla Firefox (27.0.1) 
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
-FRST


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2014
Ran by admin (administrator) on SAMSUNG on 09-03-2014 16:58:43
Running from C:\Users\admin\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\PSDrt.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\SpTna.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\windows\system32\igfxext.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Microsoft Corporation) C:\windows\system32\LogonUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\PSDrt.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\SpTna.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\windows\system32\igfxext.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2872176 2012-10-09] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7818040 2013-09-19] (Motorola Solutions, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758160 2014-02-13] (APN)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-265458620-2719425478-174326876-1002\...\MountPoints2: {469ed785-71fe-11e2-be7f-50b7c3839522} - "E:\XSManagerinstallation.exe" 
HKU\S-1-5-21-265458620-2719425478-174326876-1002\...\MountPoints2: {d5395a66-7a0f-11e2-be83-c8f7333da7fb} - "E:\AutoRun.exe" 
HKU\S-1-5-21-265458620-2719425478-174326876-1002\...\MountPoints2: {f81db083-7be5-11e2-be85-c8f7333da7fb} - "E:\AutoRun.exe" 
AppInit_DLLs: C:\Program Files (x86)\Movies ,C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [245872 2013-01-11] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\program files (x86)\movies C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [201576 2013-01-11] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKLM - DefaultScope {C46AB014-AC2D-4E36-8028-703D4BBD0C91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM - {C46AB014-AC2D-4E36-8028-703D4BBD0C91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - {C46AB014-AC2D-4E36-8028-703D4BBD0C91} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\96wfh7vu.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\96wfh7vu.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-03-05]
FF Extension: NoScript - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\96wfh7vu.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-07]
FF Extension: Adblock Plus - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\96wfh7vu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-05]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-04]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] (APN LLC.)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-08-26] (Samsung Electronics CO., LTD.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [90992 2012-10-09] (ELAN Microelectronics Corp.)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [102224 2012-08-17] (Condusiv Technologies)
R2 IFXSpMgtSrv; C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe [1141656 2012-08-05] (Infineon Technologies AG)
R2 IFXTCS; C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe [994200 2012-08-05] (Infineon Technologies AG)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PersonalSecureDriveService; C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe [212888 2012-08-05] (Infineon Technologies AG)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-18] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 cmntnet; C:\Windows\system32\DRIVERS\cmntnet.sys [141824 2013-02-28] (Wireless Data Device)
S3 cmnuusbser; C:\Windows\system32\DRIVERS\cmnuusbser.sys [123904 2013-02-28] (Wireless Device)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23376 2012-08-17] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [103248 2012-08-17] (Condusiv Technologies)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2012-02-03] (Infineon Technologies AG)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-12-07] (Windows (R) 2003 DDK 3790 provider)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 hwdatacard; \SystemRoot\system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; \SystemRoot\system32\DRIVERS\ewusbdev.sys [X]
S3 SBIOSIO; \??\C:\Windows\Temp\SBIOSIO64.SYS [X]
S3 TDKLIB; \??\C:\Users\Gaspar\AppData\Local\Temp\TdkLib64.sys [X]
S3 TVICPORT; \??\C:\windows\system32\DRIVERS\TVICPORT.SYS [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-09 16:58 - 2014-03-09 16:59 - 00021028 _____ () C:\Users\admin\Desktop\FRST.txt
2014-03-09 16:58 - 2014-03-09 16:58 - 00000900 _____ () C:\Users\admin\Desktop\checkup.txt
2014-03-09 16:52 - 2014-03-09 16:53 - 00987442 _____ () C:\Users\admin\Desktop\SecurityCheck.exe
2014-03-09 16:08 - 2014-03-09 16:09 - 02347384 _____ (ESET) C:\Users\admin\Desktop\esetsmartinstaller_enu.exe
2014-03-08 10:20 - 2014-03-08 10:20 - 00000000 ____D () C:\windows\LastGood.Tmp
2014-03-08 10:19 - 2014-03-08 10:20 - 00005628 _____ () C:\windows\DPINST.LOG
2014-03-07 17:15 - 2014-03-07 17:16 - 00000000 ____D () C:\Users\admin\Desktop\X41_cleanBBapp
2014-03-07 16:42 - 2014-03-07 16:43 - 00036549 _____ () C:\Users\admin\Desktop\Addition.txt
2014-03-07 16:41 - 2014-03-07 16:41 - 02156544 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2014-03-07 16:41 - 2014-03-07 16:41 - 00000000 ____D () C:\Users\admin\Desktop\FRST-OlderVersion
2014-03-07 16:30 - 2014-03-07 16:30 - 00002721 _____ () C:\Users\admin\Desktop\JRT.txt
2014-03-07 16:23 - 2014-03-07 16:23 - 00000000 ____D () C:\windows\ERUNT
2014-03-07 16:18 - 2014-03-07 16:18 - 00003797 _____ () C:\Users\admin\Desktop\AdwCleaner[S0].txt
2014-03-07 15:54 - 2014-03-07 16:15 - 00000000 ____D () C:\AdwCleaner
2014-03-07 15:16 - 2014-03-07 15:16 - 01037734 _____ (Thisisu) C:\Users\admin\Desktop\JRT.exe
2014-03-07 15:14 - 2014-03-07 15:14 - 01244192 _____ () C:\Users\admin\Desktop\adwcleaner.exe
2014-03-06 11:53 - 2014-03-06 11:53 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Macromedia
2014-03-06 11:53 - 2014-03-06 11:53 - 00000000 ____D () C:\Users\admin\AppData\Local\Macromedia
2014-03-05 20:38 - 2013-12-07 07:36 - 19751936 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-03-05 20:38 - 2013-12-07 06:15 - 17560576 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-03-05 20:24 - 2014-03-05 20:24 - 00000000 ____D () C:\windows\softwaredistribution.bak1
2014-03-05 19:58 - 2014-03-05 19:58 - 00001225 _____ () C:\windows\IE11_main.log
2014-03-05 18:57 - 2014-03-05 18:58 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-05 18:57 - 2014-03-05 18:58 - 00000000 ____D () C:\Program Files\iTunes
2014-03-05 18:57 - 2014-03-05 18:58 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-05 18:57 - 2014-03-05 18:57 - 00000000 ____D () C:\Program Files\iPod
2014-03-05 18:56 - 2014-03-05 18:56 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Apple Computer
2014-03-05 18:56 - 2014-03-05 18:56 - 00000000 ____D () C:\Users\admin\AppData\Local\Apple Computer
2014-03-05 18:52 - 2014-03-05 18:52 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\vlc
2014-03-05 18:37 - 2014-03-05 18:37 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-03-05 18:35 - 2014-03-05 18:35 - 00000000 ____D () C:\Users\admin\AppData\Local\Secunia PSI
2014-03-05 18:34 - 2014-03-05 18:34 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-03-05 18:30 - 2014-03-05 18:30 - 05329480 _____ (Secunia) C:\Users\admin\Downloads\PSISetup_3.0.0.9016.exe
2014-03-05 18:15 - 2014-03-05 18:15 - 00000000 _____ () C:\Users\admin\agent.log
2014-03-05 18:02 - 2014-03-09 16:58 - 00000000 ____D () C:\FRST
2014-03-05 13:59 - 2014-03-05 13:59 - 00000291 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk
2014-03-05 13:37 - 2014-03-05 13:37 - 00000291 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk
2014-03-05 13:29 - 2014-03-05 18:17 - 00000000 ____D () C:\Users\admin\Desktop\clean MRZ14
2014-03-05 13:28 - 2014-03-05 13:28 - 00000858 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TFC.lnk
2014-03-05 13:26 - 2014-03-05 13:26 - 00448512 _____ (OldTimer Tools) C:\Users\admin\Downloads\TFC.exe
2014-03-05 13:22 - 2014-03-05 13:22 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Mozilla
2014-03-05 13:22 - 2014-03-05 13:22 - 00000000 ____D () C:\Users\admin\AppData\Local\Mozilla
2014-03-05 13:10 - 2014-03-07 15:40 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-265458620-2719425478-174326876-1007
2014-03-05 13:10 - 2014-03-05 13:10 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Avira
2014-03-05 13:09 - 2014-03-05 13:09 - 00000000 ____D () C:\Users\admin\AppData\Local\Samsung
2014-03-05 13:05 - 2014-03-05 20:47 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-05 13:05 - 2014-03-05 20:47 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-05 13:05 - 2014-03-05 13:05 - 00001450 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-05 13:05 - 2014-03-05 13:05 - 00001202 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Adobe
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin\AppData\Local\Power2Go8
2014-03-05 13:04 - 2014-03-05 18:15 - 00000000 ____D () C:\Users\admin
2014-03-05 13:04 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin\AppData\Local\Packages
2014-03-05 13:04 - 2014-03-05 13:04 - 00000020 ___SH () C:\Users\admin\ntuser.ini
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Vorlagen
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Startmenü
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Netzwerkumgebung
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Lokale Einstellungen
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Eigene Dateien
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Druckumgebung
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Documents\Eigene Musik
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Documents\Eigene Bilder
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Local\Verlauf
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Local\Anwendungsdaten
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Anwendungsdaten
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Intel
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Infineon
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Local\VirtualStore
2014-03-05 13:04 - 2013-09-14 20:29 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-05 13:04 - 2013-07-01 23:43 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-05 13:04 - 2013-02-09 19:28 - 00000000 ____D () C:\Users\admin\AppData\Local\Microsoft Help
2014-03-05 13:04 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-05 13:04 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\Malwarebytes
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-05 06:49 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-03-05 06:47 - 2014-03-05 06:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\admin\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-04 21:19 - 2014-03-04 21:19 - 00000000 ____D () C:\Program Files\Intel Corporation
2014-03-04 21:09 - 2014-03-04 21:09 - 00000000 ____D () C:\windows\SysWOW64\NV
2014-03-04 21:09 - 2014-03-04 21:09 - 00000000 ____D () C:\windows\system32\NV
2014-03-04 21:08 - 2014-03-04 21:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-04 21:08 - 2014-03-04 21:08 - 00000020 ___SH () C:\Users\UpdatusUser.Samsung\ntuser.ini
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Vorlagen
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Startmenü
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Netzwerkumgebung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Lokale Einstellungen
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Eigene Dateien
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Druckumgebung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Documents\Eigene Musik
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Documents\Eigene Bilder
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Local\Verlauf
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Local\Anwendungsdaten
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Anwendungsdaten
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 ____D () C:\Users\UpdatusUser.Samsung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-04 21:08 - 2013-09-14 20:29 - 00000000 ___RD () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-04 21:08 - 2013-07-01 23:43 - 00000000 ___RD () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-04 21:08 - 2013-02-09 19:28 - 00000000 ____D () C:\Users\UpdatusUser.Samsung\AppData\Local\Microsoft Help
2014-03-04 21:08 - 2013-01-10 22:37 - 06382880 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2014-03-04 21:08 - 2013-01-10 22:37 - 03460896 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2014-03-04 21:08 - 2013-01-10 22:36 - 02934933 _____ () C:\windows\system32\nvcoproc.bin
2014-03-04 21:08 - 2013-01-10 22:36 - 02558240 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2014-03-04 21:08 - 2013-01-10 22:36 - 00997664 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshext.dll
2014-03-04 21:08 - 2013-01-10 22:36 - 00884512 _____ (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
2014-03-04 21:08 - 2013-01-10 22:36 - 00118560 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2014-03-04 21:08 - 2013-01-10 22:36 - 00063776 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2014-03-04 21:08 - 2013-01-10 22:36 - 00055584 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshextr.dll
2014-03-04 21:08 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-04 21:08 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-04 21:06 - 2014-03-04 21:06 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-04 21:05 - 2013-01-11 05:45 - 26931488 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 25256224 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 20450080 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 18054672 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 17560352 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 15129448 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 15052728 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 12641480 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 11009312 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2014-03-04 21:05 - 2013-01-11 05:45 - 09390760 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 07932256 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 07565088 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 06263632 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 02904352 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 02824504 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 02720544 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 02504096 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 02344736 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvenc.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 01985824 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvenc.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 01814304 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco64.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 01510176 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco64.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 01107440 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00958120 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00420128 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00364832 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00245872 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00201576 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll
2014-03-04 21:05 - 2013-01-11 05:45 - 00030496 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvpciflt.sys
2014-03-04 21:05 - 2013-01-11 05:45 - 00017266 _____ () C:\windows\system32\nvinfo.pb
2014-03-04 20:14 - 2014-03-04 20:14 - 00002192 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Help Desk.lnk
2014-03-04 20:13 - 2014-03-04 21:08 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-04 19:28 - 2014-03-04 19:28 - 00003126 _____ () C:\windows\System32\Tasks\advRecovery
2014-03-04 18:08 - 2014-03-04 18:08 - 00000618 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TFC.lnk
2014-03-04 18:05 - 2014-03-04 18:05 - 00001202 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2014-03-04 16:33 - 2014-03-04 16:34 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-03-04 16:33 - 2014-03-04 16:33 - 00000000 ____D () C:\Users\Carina\Documents\PDF Architect Files
2014-03-04 16:33 - 2014-03-04 16:33 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-03-04 16:33 - 2013-04-09 14:13 - 00110264 _____ (pdfforge GmbH) C:\windows\system32\pdfcmon.dll
2014-03-04 16:33 - 2012-05-05 10:54 - 00662288 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSCOMCT2.OCX
2014-03-04 16:33 - 2012-05-05 10:54 - 00137000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMAPI32.OCX
2014-03-04 16:33 - 2012-05-05 10:54 - 00023552 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPIDE.DLL
2014-03-04 16:33 - 1998-07-06 17:56 - 00125712 _____ (Microsoft Corporation) C:\windows\SysWOW64\VB6DE.DLL
2014-03-04 16:33 - 1998-07-06 17:55 - 00158208 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSCMCDE.DLL
2014-03-04 16:33 - 1998-07-06 17:55 - 00064512 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSCC2DE.DLL
2014-03-04 16:28 - 2014-03-04 16:29 - 69734576 _____ (pdfforge ) C:\Users\admin\Downloads\PDFCreator-1_7_2_setup_offline.exe
2014-02-28 13:23 - 2014-02-28 13:23 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Skype
2014-02-25 10:51 - 2014-02-25 10:51 - 01071000 _____ (Solid State Networks) C:\Users\admin\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-02-23 17:10 - 2014-03-06 11:39 - 00103870 _____ () C:\windows\PFRO.log
2014-02-23 07:41 - 2014-03-05 20:54 - 00002487 _____ () C:\windows\setupact.log
2014-02-23 07:41 - 2014-02-23 07:41 - 00000000 _____ () C:\windows\setuperr.log
2014-02-22 22:52 - 2014-02-22 23:07 - 00000000 ____D () C:\Users\Carina\AppData\Roaming\Skype
2014-02-22 14:02 - 2014-02-22 14:02 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Macromedia
2014-02-22 09:32 - 2014-02-22 09:32 - 00005338 _____ () C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-22 09:32 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-22 09:32 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-02-22 09:32 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-02-22 09:32 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-02-22 09:29 - 2014-02-22 09:30 - 00921000 _____ (Oracle Corporation) C:\Users\admin\Downloads\jxpiinstall.exe
2014-02-21 20:37 - 2014-02-17 23:03 - 00694240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 20:37 - 2014-02-17 23:03 - 00078304 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 15:55 - 2014-03-09 12:06 - 01583195 _____ () C:\windows\WindowsUpdate.log
2014-02-21 00:56 - 2014-02-21 00:56 - 00002774 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-02-21 00:56 - 2014-02-21 00:56 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-21 00:55 - 2014-02-21 00:55 - 03645064 _____ (Piriform Ltd) C:\Users\admin\Downloads\ccsetup410_slim.exe
2014-02-20 19:08 - 2014-02-20 19:10 - 137004504 _____ () C:\Users\Carina\Downloads\avira_free_antivirus1403_de.exe
2014-02-20 11:56 - 2014-02-20 11:56 - 00000000 ____D () C:\Users\Carina\AppData\Local\AskPartnerNetwork
2014-02-20 11:53 - 2014-02-20 11:53 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\Mozilla
2014-02-20 11:53 - 2014-02-20 11:53 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Mozilla
2014-02-20 11:52 - 2014-02-20 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-20 11:52 - 2014-02-20 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-20 11:49 - 2014-02-20 11:49 - 24490112 _____ (Mozilla) C:\Users\admin\Downloads\Firefox_Setup_27.0.1.exe
2014-02-16 13:06 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-16 13:06 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-16 13:06 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-16 13:06 - 2014-02-01 10:19 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-02-16 13:06 - 2014-02-01 10:19 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-16 13:06 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-16 13:06 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-16 13:06 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-16 13:06 - 2014-02-01 08:58 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-16 13:06 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-16 13:06 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-16 13:06 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-16 13:06 - 2014-02-01 06:08 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-02-16 13:05 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-16 13:05 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-16 13:05 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-16 13:05 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-16 13:05 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-16 13:05 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-02-16 13:05 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-02-16 13:05 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-02-16 13:04 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-02-16 13:04 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-16 13:04 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-02-16 13:04 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-02-16 13:04 - 2013-11-27 01:19 - 00385614 _____ () C:\windows\system32\ApnDatabase.xml
2014-02-16 13:04 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2014-02-16 13:04 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-02-16 09:42 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-02-16 09:42 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-02-16 09:42 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-02-16 09:42 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll

==================== One Month Modified Files and Folders =======

2014-03-09 16:59 - 2014-03-09 16:58 - 00021028 _____ () C:\Users\admin\Desktop\FRST.txt
2014-03-09 16:58 - 2014-03-09 16:58 - 00000900 _____ () C:\Users\admin\Desktop\checkup.txt
2014-03-09 16:58 - 2014-03-05 18:02 - 00000000 ____D () C:\FRST
2014-03-09 16:53 - 2014-03-09 16:52 - 00987442 _____ () C:\Users\admin\Desktop\SecurityCheck.exe
2014-03-09 16:43 - 2013-02-17 13:05 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-03-09 16:38 - 2012-08-23 18:53 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-03-09 16:09 - 2014-03-09 16:08 - 02347384 _____ (ESET) C:\Users\admin\Desktop\esetsmartinstaller_enu.exe
2014-03-09 16:07 - 2012-08-23 18:50 - 00000000 ____D () C:\ProgramData\WinClon
2014-03-09 16:03 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\sru
2014-03-09 12:14 - 2013-02-08 16:01 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-265458620-2719425478-174326876-1002
2014-03-09 12:06 - 2014-02-21 15:55 - 01583195 _____ () C:\windows\WindowsUpdate.log
2014-03-08 10:23 - 2012-08-23 18:43 - 00000000 ____D () C:\Program Files\Elantech
2014-03-08 10:23 - 2012-07-26 08:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-08 10:20 - 2014-03-08 10:20 - 00000000 ____D () C:\windows\LastGood.Tmp
2014-03-08 10:20 - 2014-03-08 10:19 - 00005628 _____ () C:\windows\DPINST.LOG
2014-03-08 09:35 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\NDF
2014-03-08 08:57 - 2013-02-08 17:59 - 00000000 ____D () C:\Users\Carina\Documents\Outlook-Dateien
2014-03-08 01:55 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\rescache
2014-03-07 17:16 - 2014-03-07 17:15 - 00000000 ____D () C:\Users\admin\Desktop\X41_cleanBBapp
2014-03-07 16:43 - 2014-03-07 16:42 - 00036549 _____ () C:\Users\admin\Desktop\Addition.txt
2014-03-07 16:41 - 2014-03-07 16:41 - 02156544 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2014-03-07 16:41 - 2014-03-07 16:41 - 00000000 ____D () C:\Users\admin\Desktop\FRST-OlderVersion
2014-03-07 16:30 - 2014-03-07 16:30 - 00002721 _____ () C:\Users\admin\Desktop\JRT.txt
2014-03-07 16:23 - 2014-03-07 16:23 - 00000000 ____D () C:\windows\ERUNT
2014-03-07 16:18 - 2014-03-07 16:18 - 00003797 _____ () C:\Users\admin\Desktop\AdwCleaner[S0].txt
2014-03-07 16:15 - 2014-03-07 15:54 - 00000000 ____D () C:\AdwCleaner
2014-03-07 15:42 - 2012-08-24 10:54 - 03752154 _____ () C:\windows\system32\perfh007.dat
2014-03-07 15:42 - 2012-08-24 10:54 - 01053446 _____ () C:\windows\system32\perfc007.dat
2014-03-07 15:42 - 2012-07-26 08:28 - 00005430 _____ () C:\windows\system32\PerfStringBackup.INI
2014-03-07 15:40 - 2014-03-05 13:10 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-265458620-2719425478-174326876-1007
2014-03-07 15:16 - 2014-03-07 15:16 - 01037734 _____ (Thisisu) C:\Users\admin\Desktop\JRT.exe
2014-03-07 15:14 - 2014-03-07 15:14 - 01244192 _____ () C:\Users\admin\Desktop\adwcleaner.exe
2014-03-06 18:36 - 2013-02-08 15:55 - 00000000 ___RD () C:\Users\Carina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-06 18:36 - 2013-02-08 15:55 - 00000000 ___RD () C:\Users\Carina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-06 13:37 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-03-06 13:17 - 2013-10-10 07:55 - 00000000 ___RD () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-06 13:17 - 2013-10-10 07:55 - 00000000 ___RD () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-06 11:53 - 2014-03-06 11:53 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Macromedia
2014-03-06 11:53 - 2014-03-06 11:53 - 00000000 ____D () C:\Users\admin\AppData\Local\Macromedia
2014-03-06 11:39 - 2014-02-23 17:10 - 00103870 _____ () C:\windows\PFRO.log
2014-03-06 11:39 - 2012-07-26 06:26 - 00524288 ___SH () C:\windows\system32\config\BBI
2014-03-05 20:56 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-03-05 20:54 - 2014-02-23 07:41 - 00002487 _____ () C:\windows\setupact.log
2014-03-05 20:47 - 2014-03-05 13:05 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-05 20:47 - 2014-03-05 13:05 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-05 20:44 - 2012-07-26 09:12 - 00000000 ___RD () C:\windows\ToastData
2014-03-05 20:24 - 2014-03-05 20:24 - 00000000 ____D () C:\windows\softwaredistribution.bak1
2014-03-05 19:58 - 2014-03-05 19:58 - 00001225 _____ () C:\windows\IE11_main.log
2014-03-05 19:45 - 2013-10-10 08:01 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-265458620-2719425478-174326876-1003
2014-03-05 18:58 - 2014-03-05 18:57 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-05 18:58 - 2014-03-05 18:57 - 00000000 ____D () C:\Program Files\iTunes
2014-03-05 18:58 - 2014-03-05 18:57 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-05 18:57 - 2014-03-05 18:57 - 00000000 ____D () C:\Program Files\iPod
2014-03-05 18:56 - 2014-03-05 18:56 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Apple Computer
2014-03-05 18:56 - 2014-03-05 18:56 - 00000000 ____D () C:\Users\admin\AppData\Local\Apple Computer
2014-03-05 18:52 - 2014-03-05 18:52 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\vlc
2014-03-05 18:37 - 2014-03-05 18:37 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-03-05 18:35 - 2014-03-05 18:35 - 00000000 ____D () C:\Users\admin\AppData\Local\Secunia PSI
2014-03-05 18:34 - 2014-03-05 18:34 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-03-05 18:30 - 2014-03-05 18:30 - 05329480 _____ (Secunia) C:\Users\admin\Downloads\PSISetup_3.0.0.9016.exe
2014-03-05 18:17 - 2014-03-05 13:29 - 00000000 ____D () C:\Users\admin\Desktop\clean MRZ14
2014-03-05 18:15 - 2014-03-05 18:15 - 00000000 _____ () C:\Users\admin\agent.log
2014-03-05 18:15 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin
2014-03-05 13:59 - 2014-03-05 13:59 - 00000291 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk
2014-03-05 13:37 - 2014-03-05 13:37 - 00000291 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk
2014-03-05 13:28 - 2014-03-05 13:28 - 00000858 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TFC.lnk
2014-03-05 13:26 - 2014-03-05 13:26 - 00448512 _____ (OldTimer Tools) C:\Users\admin\Downloads\TFC.exe
2014-03-05 13:22 - 2014-03-05 13:22 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Mozilla
2014-03-05 13:22 - 2014-03-05 13:22 - 00000000 ____D () C:\Users\admin\AppData\Local\Mozilla
2014-03-05 13:10 - 2014-03-05 13:10 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Avira
2014-03-05 13:09 - 2014-03-05 13:09 - 00000000 ____D () C:\Users\admin\AppData\Local\Samsung
2014-03-05 13:05 - 2014-03-05 13:05 - 00001450 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-05 13:05 - 2014-03-05 13:05 - 00001202 _____ () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Adobe
2014-03-05 13:05 - 2014-03-05 13:05 - 00000000 ____D () C:\Users\admin\AppData\Local\Power2Go8
2014-03-05 13:05 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Local\Packages
2014-03-05 13:04 - 2014-03-05 13:04 - 00000020 ___SH () C:\Users\admin\ntuser.ini
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Vorlagen
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Startmenü
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Netzwerkumgebung
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Lokale Einstellungen
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Eigene Dateien
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Druckumgebung
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Documents\Eigene Musik
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Documents\Eigene Bilder
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Local\Verlauf
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\AppData\Local\Anwendungsdaten
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 _SHDL () C:\Users\admin\Anwendungsdaten
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Intel
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Infineon
2014-03-05 13:04 - 2014-03-05 13:04 - 00000000 ____D () C:\Users\admin\AppData\Local\VirtualStore
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\Malwarebytes
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-05 06:49 - 2014-03-05 06:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-05 06:47 - 2014-03-05 06:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\admin\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-04 21:19 - 2014-03-04 21:19 - 00000000 ____D () C:\Program Files\Intel Corporation
2014-03-04 21:19 - 2012-08-23 18:18 - 00000000 ____D () C:\ProgramData\Intel
2014-03-04 21:09 - 2014-03-04 21:09 - 00000000 ____D () C:\windows\SysWOW64\NV
2014-03-04 21:09 - 2014-03-04 21:09 - 00000000 ____D () C:\windows\system32\NV
2014-03-04 21:09 - 2014-03-04 21:08 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-04 21:08 - 2014-03-04 21:08 - 00000020 ___SH () C:\Users\UpdatusUser.Samsung\ntuser.ini
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Vorlagen
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Startmenü
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Netzwerkumgebung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Lokale Einstellungen
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Eigene Dateien
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Druckumgebung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Documents\Eigene Musik
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Documents\Eigene Bilder
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Local\Verlauf
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\AppData\Local\Anwendungsdaten
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 _SHDL () C:\Users\UpdatusUser.Samsung\Anwendungsdaten
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 ____D () C:\Users\UpdatusUser.Samsung
2014-03-04 21:08 - 2014-03-04 21:08 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-04 21:08 - 2014-03-04 20:13 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-04 21:08 - 2012-08-23 18:41 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-04 21:08 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\Help
2014-03-04 21:06 - 2014-03-04 21:06 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-04 21:02 - 2012-08-23 18:56 - 00016814 _____ () C:\windows\system32\results.xml
2014-03-04 20:55 - 2012-08-23 18:18 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-04 20:14 - 2014-03-04 20:14 - 00002192 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Help Desk.lnk
2014-03-04 19:28 - 2014-03-04 19:28 - 00003126 _____ () C:\windows\System32\Tasks\advRecovery
2014-03-04 19:28 - 2012-08-23 18:21 - 00000000 ____D () C:\Program Files\Samsung
2014-03-04 19:28 - 2012-08-23 18:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-04 18:08 - 2014-03-04 18:08 - 00000618 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TFC.lnk
2014-03-04 18:05 - 2014-03-04 18:05 - 00001202 _____ () C:\Users\Gaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2014-03-04 16:34 - 2014-03-04 16:33 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-03-04 16:33 - 2014-03-04 16:33 - 00000000 ____D () C:\Users\Carina\Documents\PDF Architect Files
2014-03-04 16:33 - 2014-03-04 16:33 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-03-04 16:29 - 2014-03-04 16:28 - 69734576 _____ (pdfforge ) C:\Users\admin\Downloads\PDFCreator-1_7_2_setup_offline.exe
2014-03-03 19:29 - 2013-10-11 08:58 - 00000000 ____D () C:\ProgramData\Skype
2014-03-03 19:25 - 2013-10-11 08:58 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\Skype
2014-02-28 13:23 - 2014-02-28 13:23 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Skype
2014-02-26 20:26 - 2013-02-19 14:05 - 00000000 ____D () C:\ProgramData\Apple
2014-02-25 11:05 - 2013-02-11 22:17 - 00000000 ____D () C:\Users\Carina\AppData\Local\Adobe
2014-02-25 10:51 - 2014-02-25 10:51 - 01071000 _____ (Solid State Networks) C:\Users\admin\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-02-23 07:41 - 2014-02-23 07:41 - 00000000 _____ () C:\windows\setuperr.log
2014-02-22 23:07 - 2014-02-22 22:52 - 00000000 ____D () C:\Users\Carina\AppData\Roaming\Skype
2014-02-22 22:49 - 2013-12-26 10:32 - 00000000 ____D () C:\Users\Carina\Desktop\Beijing_APR13
2014-02-22 14:02 - 2014-02-22 14:02 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Macromedia
2014-02-22 09:33 - 2013-11-23 08:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-22 09:32 - 2014-02-22 09:32 - 00005338 _____ () C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-22 09:32 - 2013-04-08 17:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-22 09:30 - 2014-02-22 09:29 - 00921000 _____ (Oracle Corporation) C:\Users\admin\Downloads\jxpiinstall.exe
2014-02-22 00:56 - 2013-10-11 05:50 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\CrashDumps
2014-02-21 15:55 - 2012-08-23 18:21 - 00000000 ____D () C:\windows\softwaredistribution.bak
2014-02-21 00:58 - 2013-05-13 15:26 - 00000000 ____D () C:\Users\Carina\AppData\Local\CrashDumps
2014-02-21 00:58 - 2013-02-08 19:11 - 00000000 ____D () C:\windows\Minidump
2014-02-21 00:58 - 2012-08-05 23:07 - 00000000 ____D () C:\windows\Panther
2014-02-21 00:56 - 2014-02-21 00:56 - 00002774 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-02-21 00:56 - 2014-02-21 00:56 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-21 00:55 - 2014-02-21 00:55 - 03645064 _____ (Piriform Ltd) C:\Users\admin\Downloads\ccsetup410_slim.exe
2014-02-20 21:43 - 2013-02-17 13:05 - 00003772 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-02-20 19:10 - 2014-02-20 19:08 - 137004504 _____ () C:\Users\Carina\Downloads\avira_free_antivirus1403_de.exe
2014-02-20 18:11 - 2013-02-13 16:15 - 00000000 ____D () C:\Users\Carina\AppData\Local\Mozilla
2014-02-20 11:56 - 2014-02-20 11:56 - 00000000 ____D () C:\Users\Carina\AppData\Local\AskPartnerNetwork
2014-02-20 11:56 - 2013-10-10 13:05 - 00000000 ____D () C:\Users\Carina\AppData\Local\Google
2014-02-20 11:56 - 2013-10-10 13:05 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-20 11:53 - 2014-02-20 11:53 - 00000000 ____D () C:\Users\Gaspar\AppData\Roaming\Mozilla
2014-02-20 11:53 - 2014-02-20 11:53 - 00000000 ____D () C:\Users\Gaspar\AppData\Local\Mozilla
2014-02-20 11:52 - 2014-02-20 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-20 11:52 - 2014-02-20 11:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-20 11:49 - 2014-02-20 11:49 - 24490112 _____ (Mozilla) C:\Users\admin\Downloads\Firefox_Setup_27.0.1.exe
2014-02-19 07:52 - 2013-07-26 18:21 - 00000000 ____D () C:\windows\system32\MRT
2014-02-19 07:49 - 2013-02-10 20:05 - 88567024 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-02-17 23:03 - 2014-02-21 20:37 - 00694240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-02-17 23:03 - 2014-02-21 20:37 - 00078304 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-16 15:20 - 2013-02-08 17:46 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-16 15:07 - 2012-07-26 06:26 - 00000167 _____ () C:\windows\win.ini

Files to move or delete:
====================
C:\ProgramData\ECReset_Partition.bat
C:\ProgramData\ExpressCacheRun.exe
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\avgnt.exe
C:\Users\admin\AppData\Local\Temp\Quarantine.exe
C:\Users\Carina\AppData\Local\Temp\avgnt.exe
C:\Users\Gaspar\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-09 12:14

==================== End Of Log ============================
         
--- --- ---


-Addition

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-03-2014
Ran by admin at 2014-03-09 17:00:52
Running from C:\Users\admin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4489 - APN, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Business - Intensivkurs English (HKLM-x32\...\BTEIK_16_690740) (Version:  - digital publishing AG)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ETDWare X64 11.7.5.5_WHQL (HKLM\...\Elantech) (Version: 11.7.5.5 - ELAN Microelectronic Corp.)
ExpressCache (HKLM\...\{3EA6AB5D-D434-4ACA-9609-48F1319518EF}) (Version: 1.0.94 - Condusiv Technologies)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Harmony Browser Plug-in (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)
Infineon TPM Professional Package (HKLM\...\{D035AE8C-1161-4C90-908F-3380C1BE4B12}) (Version: 4.3.000.3137 - Infineon Technologies AG)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2857 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 16.1.1.0084 - Intel Corporation) Hidden
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
NVIDIA Grafiktreiber 311.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.00 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 311.00 (Version: 311.00 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.10.0 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.1.45 - Samsung Electronics CO., LTD.) Hidden
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Settings (HKLM-x32\...\{52E5DE60-C96B-42CC-9A37-FE04725940AE}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)
Support Center (HKLM\...\{5C20C1A9-75F9-4B6B-AAC3-9065C2AFB918}) (Version: 2.1.1106 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.11 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{DA06101F-FD76-4BF0-88BD-B26A197005E3}) (Version: 2.1.21 - Samsung Electronics CO., LTD.)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
User Guide (HKLM-x32\...\{5D4E117D-FC6A-4FB8-81E3-BEFFAE2F7BE6}) (Version: 1.1.00 - Samsung Electronics CO., LTD.)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass  (07/27/2012 20.57.1.735) (HKLM\...\9F04C462DAB591BDCCE784F77E4D4F1736010B92) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.)
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)

==================== Restore Points  =========================

05-03-2014 19:38:51 Windows Update

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0B9D82B9-45F6-478B-B8D7-D0F81C0A3BC2} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {4FA68840-A6A4-4914-9F81-D42A8A94944E} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2013-08-23] (SEC)
Task: {5B18F2B3-A5A0-470D-86D0-92827C3FBE53} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {705CB594-27B7-433C-BCEB-70BB7B3B7D8D} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {7A3AC97E-CF1E-4059-B163-8B36AB5D898F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8811F410-5E55-4C23-A49D-338646BB980F} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-08-26] (Samsung Electronics CO., LTD.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B40197B8-CC33-4798-B55E-E7AE291BF8D0} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20] (Adobe Systems Incorporated)
Task: {C5958EE2-0510-4AFE-9DD2-67D5AFF6DA1E} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D85D9FC0-4240-4EE0-B30B-E798745FC815} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {DF57B438-B83D-4149-B951-DC1F0872E6F3} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: {E7AD0D5F-911D-44C2-8F57-CBA1D3280604} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe

==================== Loaded Modules (whitelisted) =============

2012-08-26 10:48 - 2012-08-26 10:48 - 00076920 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\office.odf
2012-08-17 03:56 - 2012-08-16 05:23 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-24 04:06 - 2012-07-24 04:06 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2013-10-16 18:15 - 2013-10-16 18:15 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2013-11-23 10:11 - 2014-02-14 11:00 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-23 18:39 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00028280 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 01015416 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00026232 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00029816 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00091768 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2012-08-23 18:54 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 03:34 - 2012-06-08 03:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2011-08-15 12:12 - 2011-08-15 12:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2012-06-14 03:57 - 2012-06-14 03:57 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-15 12:12 - 2011-08-15 12:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-15 12:15 - 2011-08-15 12:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 08:41 - 2011-08-17 08:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-17 08:48 - 2011-08-17 08:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-08-17 08:48 - 2011-08-17 08:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-15 11:23 - 2011-08-15 11:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2012-06-14 03:56 - 2012-06-14 03:56 - 00481792 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2012-06-14 04:06 - 2012-06-14 04:06 - 00500064 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2012-06-14 03:55 - 2012-06-14 03:55 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2011-07-19 08:05 - 2011-07-19 08:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-08-15 12:17 - 2011-08-15 12:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2011-07-19 08:04 - 2011-07-19 08:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/09/2014 04:41:52 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (03/09/2014 04:10:47 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (03/09/2014 04:10:42 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (03/09/2014 04:10:03 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (03/09/2014 04:09:50 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (03/07/2014 03:42:21 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (03/07/2014 03:42:21 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (03/07/2014 03:42:21 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (03/07/2014 03:34:14 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (03/07/2014 03:34:14 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.


System errors:
=============
Error: (03/08/2014 10:23:23 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (03/07/2014 04:16:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (03/06/2014 11:39:45 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (03/06/2014 11:37:15 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/06/2014 11:37:15 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/05/2014 08:53:15 PM) (Source: BTHUSB) (User: )
Description: Der lokale Adapter bietet keine Unterstützung für einen wichtigen Controllerstatus für energiearme Geräte. Die mindestens erforderliche unterstützte Statusmaske ist "0x1f7fffff", vorhanden ist jedoch "0x1f3fffff". Die Funktionalität für energiearme Geräte wird deaktiviert.

Error: (03/05/2014 08:46:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (03/05/2014 08:45:29 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

Error: (03/05/2014 08:43:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Bluetooth Device Monitor" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (03/05/2014 08:43:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Bluetooth Device Monitor" wurde mit folgendem Fehler beendet: 
%%2147500037


Microsoft Office Sessions:
=========================
Error: (03/09/2014 04:41:52 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (03/09/2014 04:10:47 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\admin\Desktop\esetsmartinstaller_enu.exe

Error: (03/09/2014 04:10:42 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\admin\Desktop\esetsmartinstaller_enu.exe

Error: (03/09/2014 04:10:03 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\admin\Desktop\esetsmartinstaller_enu.exe

Error: (03/09/2014 04:09:50 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\admin\Desktop\esetsmartinstaller_enu.exe

Error: (03/07/2014 03:42:21 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F2030000E5050000

Error: (03/07/2014 03:42:21 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance163707000000000000000000008F020000

Error: (03/07/2014 03:42:21 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance163707000000000000000000008F020000

Error: (03/07/2014 03:34:14 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F2030000E5050000

Error: (03/07/2014 03:34:14 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance163707000000000000000000008F020000


==================== Memory info =========================== 

Percentage of memory in use: 36%
Total physical RAM: 7893.53 MB
Available physical RAM: 4979.5 MB
Total Pagefile: 15829.53 MB
Available Pagefile: 12674.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:907.17 GB) (Free:847.32 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: C185C1F2)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 74F02DEA)
Partition 1: (Not Active) - (Size=15 GB) - (Type=73)

==================== End Of Log ============================
         
Für die Betreuung weiterhin vielen Dank

grasp

Alt 10.03.2014, 12:55   #8
schrauber
/// the machine
/// TB-Ausbilder
 

MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A" - Standard

MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A"



Adobe updaten.

Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A"
administrator, appl/downloader.gen, blockiert, dllhost.exe, dnsapi.dll, entfernen, gelöscht, hdd0(c:, hdd0(c:), malwarebytes, ntdll.dll, programm, pup.optional.conduit.a, pup.optional.datamngr.a, registry key, rundll32.exe, services.exe, svchost.exe, wuauclt.exe



Ähnliche Themen: MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A"


  1. Windows 7 Malwarebytes hat "pup.optional.findr.a" gefunden
    Plagegeister aller Art und deren Bekämpfung - 12.03.2015 (21)
  2. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  3. Fenster öffnen sich und Antivirus Meldung "pup.optional.VBates"
    Log-Analyse und Auswertung - 13.06.2014 (15)
  4. USB-Sticks zeigen nur Verknüpfungen, Malwarebytes fand Objekte, die mit "PUP optional A(...)" infiziert sind
    Plagegeister aller Art und deren Bekämpfung - 10.03.2014 (9)
  5. Werde "PUP.Optional.Conduit.A" nicht los.
    Log-Analyse und Auswertung - 01.12.2013 (19)
  6. "monstermarketplace.com" Infektion und ihre Folgen; "Anti-Virus-Blocker"," unsichtbare Toolbars" + "Browser-Hijacker" von selbst installiert
    Log-Analyse und Auswertung - 16.11.2013 (21)
  7. Wiederholtes Auftauchen von "PUP.Optional.Conduit.A"
    Log-Analyse und Auswertung - 01.11.2013 (15)
  8. Wiederholter Befall mit "PUP.Optional.Conduit.A"
    Log-Analyse und Auswertung - 15.10.2013 (7)
  9. Malwarebytes bereibigt "PUP.Optional.xxx.A", aber AdwCleaner findet noch was in der Registry
    Log-Analyse und Auswertung - 14.10.2013 (13)
  10. Malwarebytes findet 2 Infektionen "PUP.optional"
    Log-Analyse und Auswertung - 19.09.2013 (3)
  11. Windows 7: Malwarebytes Fund "PUP.Optional.OpenCandy"
    Log-Analyse und Auswertung - 13.09.2013 (14)
  12. WIN 7: Malwarebytes Anti-Malware meldet "PUM.UserWLoad" & "Trojan.Ransom"
    Log-Analyse und Auswertung - 04.09.2013 (21)
  13. SPAM-Vorwurf durch Internet-Anbieter / "Malwarebytes Anti-Malware"-Abstürze / Nachfrage zu "Secunia PSI"
    Log-Analyse und Auswertung - 30.08.2013 (17)
  14. Browser/Werbe popup, "AppsHat", MBAM Funde, nach "Schrift-Download"
    Plagegeister aller Art und deren Bekämpfung - 26.08.2013 (31)
  15. AVIRA meldet "W32/Patched.ZA", "TR/ATRAPS.Gen2", "TR/ATRAPS.Gen", "ZR/sirefe.P.487"
    Log-Analyse und Auswertung - 30.07.2012 (9)
  16. Mögliche Funde wie "Win32/InstallCore.A" / Suspect "npqtplugin5.dll" u.s.w
    Plagegeister aller Art und deren Bekämpfung - 19.12.2011 (23)
  17. "Adware.Virtumonde"/"Downloader.MisleadApp"/"TR/VB.agt.4"/"NewDotNet.A.1350"/"Fakerec
    Plagegeister aller Art und deren Bekämpfung - 22.08.2008 (6)

Zum Thema MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A" - Hallo, der „Internetrechner“, den meine Frau und ich gemeinsam benutzen, war laut meiner Liebsten in letzter Zeit etwas langsam geworden. Also machte ich gemäß TB-Anleitung ein Systemscan mit MalwareBytes. MB - MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A"...
Archiv
Du betrachtest: MALWAREBYTES meldet 2 Funde, als Anbieter "PUP.Optional.Conduit.A" und "PUP.Optional.DataMngr.A" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.