Windows 8: yawtix and google suchergebnisse lassen sich nicht öffnen Halli Hallo,
ich hab nen neuen Laptop gestern bekommen. Und ich habe wohl irgendwie es versäumt ein virusprogramm darauf zu laden. Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Hilal (administrator) on HILOSSI on 27-07-2014 02:43:16
Running from C:\Users\Hilal\Downloads
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Yawtix\updateYawtix.exe
() C:\Program Files (x86)\Yawtix\bin\utilYawtix.exe
(Apache Software Foundation) C:\Bitnami\WAMPST~2.31-\apache2\bin\httpd.exe
() C:\Bitnami\wampstack-5.4.31-1\mysql\bin\mysqld.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Apache Software Foundation) C:\Bitnami\WAMPST~2.31-\apache2\bin\httpd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Yawtix\bin\Yawtix.PurBrowse64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
() C:\Program Files (x86)\Yawtix\bin\Yawtix.BrowserAdapter.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13656792 2013-10-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-09-26] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [79376 2013-07-31] (Intel Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-03-12] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: !AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Yawtix -> {f9c8ce1b-66a0-4f45-af10-5f24ef19bc4e} -> C:\Program Files (x86)\Yawtix\Yawtixbho.dll (Yawtix)
Tcpip\Parameters: [DhcpNameServer] 192.168.11.1
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Hilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-25]
CHR Extension: (Google Drive) - C:\Users\Hilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-25]
CHR Extension: (YouTube) - C:\Users\Hilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-25]
CHR Extension: (Adblock Plus) - C:\Users\Hilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-26]
CHR Extension: (Google-Suche) - C:\Users\Hilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-25]
CHR Extension: (AdBlock) - C:\Users\Hilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-26]
CHR Extension: (Google Wallet) - C:\Users\Hilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-25]
CHR Extension: (Citavi Picker) - C:\Users\Hilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2014-07-26]
CHR Extension: (Google Mail) - C:\Users\Hilal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-25]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-07-23] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [283296 2013-07-26] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [83032 2013-07-31] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [100032 2013-07-31] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [84568 2013-07-31] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [92864 2013-07-31] (Intel Corporation)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [828656 2013-10-07] (Condusiv Technologies)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-19] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-05-30] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 Update Yawtix; C:\Program Files (x86)\Yawtix\updateYawtix.exe [321816 2014-07-26] ()
R2 Util Yawtix; C:\Program Files (x86)\Yawtix\bin\utilYawtix.exe [321816 2014-07-26] ()
S2 vtigercrmMysql540; C:\Program Files (x86)\vtigercrm-5.4.0\mysql\my.ini [2994 2014-07-26] () [File not signed]
R2 wampstackApache; C:\Bitnami\WAMPST~2.31-\apache2\bin\httpd.exe [20992 2014-07-19] (Apache Software Foundation) [File not signed]
R2 wampstackMySQL; C:\Bitnami\wampstack-5.4.31-1\mysql\bin\mysqld.exe [8140288 2014-05-11] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-04-26] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
S2 0309271387560864mcinstcleanup; C:\Users\ADMINI~1\AppData\Local\Temp\030927~1.EXE -cleanup -nolog [X]
S2 vtigercrmApache540; "C:\Program Files (x86)\vtigercrm-5.4.0\apache\bin\Apache.exe" -k runservice [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmPeStor; C:\Windows\system32\drivers\AmPeStor.sys [145176 2013-08-07] (Alcor Micro, Corp.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70416 2013-09-23] (ASUS Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [68072 2013-07-31] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [57216 2013-07-31] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [120256 2013-07-31] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [200808 2013-07-31] (Intel Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [25840 2013-10-07] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [117488 2013-10-07] (Condusiv Technologies)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [118728 2013-09-19] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-05-30] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-05-30] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-05-30] ()
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-07-23] (Windows (R) Win 7 DDK provider)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-07-26] ()
R1 {16d667ee-6782-4b21-81df-8ded8ebc3868}Gw64; C:\Windows\System32\drivers\{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw64.sys [61112 2014-07-08] (StdLib)
U0 msahci;
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-26 18:44 - 2014-07-26 18:46 - 00029250 _____ () C:\Users\Hilal\Downloads\Addition.txt
2014-07-26 18:42 - 2014-07-27 02:43 - 00021196 _____ () C:\Users\Hilal\Downloads\FRST.txt
2014-07-26 18:42 - 2014-07-27 02:43 - 00000000 ____D () C:\FRST
2014-07-26 18:40 - 2014-07-26 18:41 - 02093568 _____ (Farbar) C:\Users\Hilal\Downloads\FRST64.exe
2014-07-26 18:16 - 2014-07-26 18:16 - 00000349 _____ () C:\Users\Hilal\Desktop\MCD8R-JYHBW-7VBH2-J7WK9-9G2RK.lnk
2014-07-26 18:02 - 2014-07-26 18:02 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-07-26 18:01 - 2014-07-26 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-07-26 18:01 - 2014-07-26 18:01 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-07-26 18:00 - 2014-07-26 18:00 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-07-26 18:00 - 2014-07-26 18:00 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-07-26 17:55 - 2014-07-26 17:55 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-07-26 17:55 - 2014-07-26 17:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-07-26 17:54 - 2014-07-26 18:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-26 17:54 - 2014-07-26 18:00 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-07-26 17:54 - 2014-07-26 17:54 - 00000000 __RHD () C:\MSOCache
2014-07-26 17:54 - 2014-07-26 17:54 - 00000000 ____D () C:\Users\Hilal\AppData\Local\Microsoft Help
2014-07-26 17:51 - 2014-03-05 16:32 - 880752640 _____ () C:\Users\Hilal\Desktop\Office2010.iso
2014-07-26 17:49 - 2014-07-26 17:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-07-26 17:10 - 2014-07-26 17:10 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-07-26 16:52 - 2013-04-26 10:05 - 00692568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-26 16:52 - 2013-04-26 10:05 - 00078168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-26 16:34 - 2014-07-26 17:51 - 00797448 _____ () C:\Windows\system32\perfh00C.dat
2014-07-26 16:34 - 2014-07-26 17:51 - 00792976 _____ () C:\Windows\system32\perfh013.dat
2014-07-26 16:34 - 2014-07-26 17:51 - 00788402 _____ () C:\Windows\system32\perfh010.dat
2014-07-26 16:34 - 2014-07-26 17:51 - 00161530 _____ () C:\Windows\system32\perfc013.dat
2014-07-26 16:34 - 2014-07-26 17:51 - 00158028 _____ () C:\Windows\system32\perfc00C.dat
2014-07-26 16:34 - 2014-07-26 17:51 - 00155552 _____ () C:\Windows\system32\perfc010.dat
2014-07-26 16:34 - 2014-07-26 16:30 - 00347474 _____ () C:\Windows\system32\perfi013.dat
2014-07-26 16:34 - 2014-07-26 16:30 - 00045378 _____ () C:\Windows\system32\perfd013.dat
2014-07-26 16:34 - 2014-07-26 16:29 - 00350772 _____ () C:\Windows\system32\perfi00C.dat
2014-07-26 16:34 - 2014-07-26 16:29 - 00340806 _____ () C:\Windows\system32\perfi010.dat
2014-07-26 16:34 - 2014-07-26 16:29 - 00040528 _____ () C:\Windows\system32\perfd00C.dat
2014-07-26 16:34 - 2014-07-26 16:29 - 00039784 _____ () C:\Windows\system32\perfd010.dat
2014-07-26 16:33 - 2014-07-26 16:33 - 00281248 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-26 16:32 - 2014-07-26 16:32 - 00000000 ____D () C:\Windows\SysWOW64\nl
2014-07-26 16:32 - 2014-07-26 16:32 - 00000000 ____D () C:\Windows\SysWOW64\0413
2014-07-26 16:31 - 2014-07-26 16:31 - 00000000 ____D () C:\Windows\SysWOW64\it
2014-07-26 16:31 - 2014-07-26 16:31 - 00000000 ____D () C:\Windows\SysWOW64\fr
2014-07-26 16:31 - 2014-07-26 16:31 - 00000000 ____D () C:\Windows\SysWOW64\0410
2014-07-26 16:31 - 2014-07-26 16:31 - 00000000 ____D () C:\Windows\SysWOW64\040C
2014-07-26 16:31 - 2014-07-26 16:31 - 00000000 ____D () C:\Windows\system32\nl
2014-07-26 16:31 - 2014-07-26 16:31 - 00000000 ____D () C:\Windows\system32\it
2014-07-26 16:31 - 2014-07-26 16:31 - 00000000 ____D () C:\Windows\system32\0413
2014-07-26 16:31 - 2014-07-26 16:31 - 00000000 ____D () C:\Windows\system32\0410
2014-07-26 16:30 - 2014-07-26 16:30 - 00000000 ____D () C:\Windows\system32\fr
2014-07-26 16:30 - 2014-07-26 16:30 - 00000000 ____D () C:\Windows\system32\040C
2014-07-26 16:11 - 2014-07-26 16:31 - 00000000 ____D () C:\sources
2014-07-26 16:02 - 2014-07-26 16:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-26 16:02 - 2014-06-26 17:40 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-26 12:57 - 2014-07-26 12:58 - 164962843 _____ () C:\Users\Hilal\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_de.exe
2014-07-26 12:03 - 2014-07-26 12:03 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-26 12:03 - 2014-07-26 12:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-26 12:03 - 2014-07-26 12:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-26 12:03 - 2014-07-26 12:03 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-26 12:03 - 2014-07-26 12:03 - 00000000 ____D () C:\ProgramData\Sun
2014-07-26 12:03 - 2014-07-26 12:03 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-26 12:03 - 2014-07-26 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-26 12:03 - 2014-07-26 12:03 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-26 12:02 - 2014-07-26 12:02 - 00918952 _____ (Oracle Corporation) C:\Users\Hilal\Downloads\chromeinstall-7u65.exe
2014-07-26 12:02 - 2014-07-26 12:02 - 00000000 ____D () C:\Users\Hilal\AppData\Local\Cisco
2014-07-26 12:02 - 2014-07-26 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2014-07-26 12:02 - 2014-07-26 12:02 - 00000000 ____D () C:\ProgramData\Cisco
2014-07-26 12:02 - 2014-03-12 22:33 - 00112496 ____R (Cisco Systems, Inc.) C:\Windows\system32\Drivers\acsock64.sys
2014-07-26 12:01 - 2014-07-26 12:01 - 03065640 _____ (Cisco Systems, Inc.) C:\Users\Hilal\Downloads\anyconnect-win-3.1.05160-web-deploy-k9.exe
2014-07-26 05:20 - 2014-07-26 05:20 - 00002073 _____ () C:\Users\Public\Desktop\startvTiger.lnk
2014-07-26 05:20 - 2014-07-26 05:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vtigercrm-5.4.0
2014-07-26 05:19 - 2014-07-26 05:20 - 00000000 ____D () C:\Program Files (x86)\vtigercrm-5.4.0
2014-07-26 05:12 - 2014-07-26 05:12 - 00001024 _____ () C:\.rnd
2014-07-26 05:12 - 2014-07-26 05:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitnami WAMP Stack
2014-07-26 05:05 - 2014-07-26 05:05 - 00000000 ____D () C:\Users\Hilal\AppData\Local\Adobe
2014-07-26 04:58 - 2014-07-08 18:42 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw64.sys
2014-07-26 04:40 - 2014-07-26 05:03 - 00000000 ____D () C:\Bitnami
2014-07-26 04:34 - 2014-07-26 04:35 - 110963928 _____ (Bitnami) C:\Users\Hilal\Downloads\bitnami-wampstack-5.4.31-0-windows-installer.exe
2014-07-26 04:23 - 2014-01-19 09:38 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-07-26 04:15 - 2014-07-26 04:15 - 00000000 ____D () C:\Users\Hilal\Downloads\httpd-2.4.10.tar
2014-07-26 04:14 - 2014-07-26 04:14 - 05031834 _____ () C:\Users\Hilal\Downloads\httpd-2.4.10.tar.bz2
2014-07-26 04:09 - 2014-07-26 04:09 - 00000000 ____D () C:\Users\Hilal\Downloads\phpMyAdmin-4.2.6-all-languages
2014-07-26 03:52 - 2014-07-26 16:15 - 00000000 ____D () C:\Program Files (x86)\Yawtix
2014-07-26 03:49 - 2014-07-26 03:49 - 00000804 _____ () C:\Users\Public\Desktop\7-Zip File Manager.lnk
2014-07-26 03:49 - 2014-07-26 03:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy 7-Zip
2014-07-26 03:49 - 2014-07-26 03:49 - 00000000 ____D () C:\Program Files\Easy 7-Zip
2014-07-26 03:47 - 2014-07-26 03:47 - 01916909 _____ (James Hoo ) C:\Users\Hilal\Downloads\easy7zip_x64.exe
2014-07-26 03:45 - 2014-07-26 03:45 - 05213687 _____ () C:\Users\Hilal\Downloads\phpMyAdmin-4.2.6-all-languages.7z
2014-07-26 03:30 - 2014-07-26 05:20 - 00000738 _____ () C:\Windows\Tasks\vtigerCRM Email Reminder.job
2014-07-26 03:30 - 2014-07-26 05:20 - 00000638 _____ () C:\Windows\Tasks\vtigerCRM Recurring Invoice.job
2014-07-26 03:30 - 2014-07-26 05:20 - 00000610 _____ () C:\Windows\Tasks\vtigerCRM WorkFlow.job
2014-07-26 03:30 - 2014-07-26 05:20 - 00000604 _____ () C:\Windows\Tasks\vtigerCRM Notification Scheduler.job
2014-07-26 03:27 - 2014-07-26 03:28 - 46018552 _____ () C:\Users\Hilal\Downloads\vtigercrm-5.4.0.exe
2014-07-26 01:33 - 2014-07-26 01:33 - 00000000 ____D () C:\ProgramData\Gibraltar
2014-07-25 23:03 - 2014-07-25 23:03 - 00000000 ____D () C:\Users\Hilal\Desktop\Thesis
2014-07-25 21:47 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2014-07-25 21:47 - 2012-11-10 06:23 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-07-25 21:47 - 2012-11-10 06:23 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-07-25 21:47 - 2012-11-10 06:22 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
2014-07-25 21:47 - 2012-11-10 06:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
2014-07-25 21:47 - 2012-11-10 06:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
2014-07-25 21:33 - 2014-07-26 01:33 - 00000000 ____D () C:\Users\Hilal\Documents\Citavi 4
2014-07-25 21:33 - 2014-07-26 01:33 - 00000000 ____D () C:\Users\Hilal\AppData\Roaming\Swiss Academic Software
2014-07-25 21:33 - 2014-07-25 21:33 - 00000000 ____D () C:\Users\Hilal\AppData\Local\Swiss Academic Software
2014-07-25 21:33 - 2014-07-25 21:33 - 00000000 ____D () C:\ProgramData\Swiss Academic Software
2014-07-25 21:31 - 2014-07-25 21:31 - 00001951 _____ () C:\Users\Public\Desktop\Citavi 4.lnk
2014-07-25 21:31 - 2014-07-25 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 4
2014-07-25 21:30 - 2014-07-25 21:31 - 00000000 ____D () C:\Program Files (x86)\Citavi 4
2014-07-25 21:29 - 2014-07-25 21:29 - 00000000 ____D () C:\Users\Hilal\AppData\Local\Downloaded Installations
2014-07-25 21:26 - 2014-07-25 21:26 - 88093376 _____ (Swiss Academic Software) C:\Users\Hilal\Downloads\Citavi4Setup.exe
2014-07-25 21:18 - 2014-07-26 18:50 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2426790863-3918607427-1566970042-1001
2014-07-25 21:17 - 2014-07-25 21:17 - 00002253 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-25 21:17 - 2014-07-25 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-25 21:16 - 2014-07-26 23:21 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-25 21:16 - 2014-07-26 21:21 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-25 21:16 - 2014-07-25 21:17 - 00000000 ____D () C:\Users\Hilal\AppData\Local\Google
2014-07-25 21:16 - 2014-07-25 21:17 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-25 21:16 - 2014-07-25 21:16 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-25 21:16 - 2014-07-25 21:16 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-25 21:15 - 2014-07-25 21:16 - 00000000 ____D () C:\Users\Hilal\AppData\Local\Deployment
2014-07-25 21:15 - 2014-07-25 21:15 - 00000000 ____D () C:\Users\Hilal\AppData\Local\Apps\2.0
2014-07-25 21:13 - 2014-07-25 21:13 - 00000000 ____D () C:\Users\Hilal\AppData\Roaming\Macromedia
2014-07-25 21:12 - 2014-07-25 21:12 - 00000000 ____D () C:\Users\Hilal\AppData\Roaming\ASUS WebStorage
2014-07-25 21:11 - 2014-07-25 21:11 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-07-25 21:10 - 2014-07-26 17:51 - 00000075 _____ () C:\Users\Hilal\AppData\Roaming\sp_data.sys
2014-07-25 21:10 - 2014-07-26 05:05 - 00000000 ____D () C:\Users\Hilal\AppData\Roaming\Adobe
2014-07-25 21:10 - 2014-07-25 21:10 - 00001444 _____ () C:\Users\Hilal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-25 21:10 - 2014-07-25 21:10 - 00000196 _____ () C:\Windows\FixPatch.log
2014-07-25 21:10 - 2014-07-25 21:10 - 00000000 ____D () C:\Users\Hilal\AppData\Local\VirtualStore
2014-07-25 21:09 - 2014-07-26 15:35 - 00000000 ____D () C:\Users\Hilal
2014-07-25 21:09 - 2014-07-26 03:51 - 00000000 ____D () C:\Users\Hilal\AppData\Local\Packages
2014-07-25 21:09 - 2014-07-25 21:10 - 00000000 ____D () C:\Users\Hilal\AppData\Local\ASUS
2014-07-25 21:09 - 2014-07-25 21:09 - 00000020 ___SH () C:\Users\Hilal\ntuser.ini
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\Vorlagen
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\Startmenü
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\Netzwerkumgebung
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\Lokale Einstellungen
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\Eigene Dateien
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\Druckumgebung
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\Documents\Eigene Musik
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\Documents\Eigene Bilder
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\AppData\Local\Verlauf
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\AppData\Local\Anwendungsdaten
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\Anwendungsdaten
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 ____D () C:\Users\Hilal\AppData\Roaming\Intel
2014-07-25 21:09 - 2013-04-26 09:59 - 00000000 ___RD () C:\Users\Hilal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-25 21:09 - 2013-04-26 01:16 - 00002098 _____ () C:\Users\Hilal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-07-25 21:09 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Hilal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-25 21:09 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Hilal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-25 21:09 - 2012-07-26 10:13 - 00000000 ____D () C:\Users\Hilal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-27 02:43 - 2014-07-26 18:42 - 00021196 _____ () C:\Users\Hilal\Downloads\FRST.txt
2014-07-27 02:43 - 2014-07-26 18:42 - 00000000 ____D () C:\FRST
2014-07-27 02:42 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-07-27 02:42 - 2012-07-26 07:26 - 00000301 _____ () C:\Windows\win.ini
2014-07-26 23:21 - 2014-07-25 21:16 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-26 21:29 - 2013-12-20 19:16 - 02004860 _____ () C:\Windows\WindowsUpdate.log
2014-07-26 21:21 - 2014-07-25 21:16 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-26 18:50 - 2014-07-25 21:18 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2426790863-3918607427-1566970042-1001
2014-07-26 18:46 - 2014-07-26 18:44 - 00029250 _____ () C:\Users\Hilal\Downloads\Addition.txt
2014-07-26 18:44 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-26 18:41 - 2014-07-26 18:40 - 02093568 _____ (Farbar) C:\Users\Hilal\Downloads\FRST64.exe
2014-07-26 18:26 - 2014-07-26 17:54 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-26 18:23 - 2014-07-26 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-07-26 18:16 - 2014-07-26 18:16 - 00000349 _____ () C:\Users\Hilal\Desktop\MCD8R-JYHBW-7VBH2-J7WK9-9G2RK.lnk
2014-07-26 18:13 - 2013-04-26 01:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-07-26 18:02 - 2014-07-26 18:02 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-07-26 18:01 - 2014-07-26 18:01 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-07-26 18:01 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-07-26 18:00 - 2014-07-26 18:00 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-07-26 18:00 - 2014-07-26 18:00 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-07-26 18:00 - 2014-07-26 17:54 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-07-26 17:55 - 2014-07-26 17:55 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-07-26 17:55 - 2014-07-26 17:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-07-26 17:55 - 2012-07-26 11:45 - 00000000 ____D () C:\Windows\ShellNew
2014-07-26 17:55 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\System
2014-07-26 17:54 - 2014-07-26 17:54 - 00000000 __RHD () C:\MSOCache
2014-07-26 17:54 - 2014-07-26 17:54 - 00000000 ____D () C:\Users\Hilal\AppData\Local\Microsoft Help
2014-07-26 17:51 - 2014-07-26 16:34 - 00797448 _____ () C:\Windows\system32\perfh00C.dat
2014-07-26 17:51 - 2014-07-26 16:34 - 00792976 _____ () C:\Windows\system32\perfh013.dat
2014-07-26 17:51 - 2014-07-26 16:34 - 00788402 _____ () C:\Windows\system32\perfh010.dat
2014-07-26 17:51 - 2014-07-26 16:34 - 00161530 _____ () C:\Windows\system32\perfc013.dat
2014-07-26 17:51 - 2014-07-26 16:34 - 00158028 _____ () C:\Windows\system32\perfc00C.dat
2014-07-26 17:51 - 2014-07-26 16:34 - 00155552 _____ () C:\Windows\system32\perfc010.dat
2014-07-26 17:51 - 2014-07-25 21:10 - 00000075 _____ () C:\Users\Hilal\AppData\Roaming\sp_data.sys
2014-07-26 17:51 - 2012-08-03 01:02 - 00760560 _____ () C:\Windows\system32\perfh007.dat
2014-07-26 17:51 - 2012-08-03 01:02 - 00158770 _____ () C:\Windows\system32\perfc007.dat
2014-07-26 17:51 - 2012-07-26 09:28 - 04568320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-26 17:49 - 2014-07-26 17:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-07-26 17:49 - 2012-07-26 09:21 - 00035722 _____ () C:\Windows\setupact.log
2014-07-26 17:12 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-07-26 17:10 - 2014-07-26 17:10 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-07-26 17:10 - 2013-12-20 19:33 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-07-26 17:10 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-26 17:09 - 2012-08-02 15:24 - 00029052 _____ () C:\Windows\PFRO.log
2014-07-26 17:09 - 2012-07-26 07:37 - 00000000 ____D () C:\Windows\servicing
2014-07-26 16:33 - 2014-07-26 16:33 - 00281248 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-26 16:33 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-26 16:32 - 2014-07-26 16:32 - 00000000 ____D () C:\Windows\SysWOW64\nl
2014-07-26 16:32 - 2014-07-26 16:32 - 00000000 ____D () C:\Windows\SysWOW64\0413
2014-07-26 16:32 - 2012-07-26 11:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-26 16:32 - 2012-07-26 11:43 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-07-26 16:32 - 2012-07-26 11:43 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2014-07-26 16:32 - 2012-07-26 11:43 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-07-26 16:32 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-07-26 16:32 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-07-26 16:32 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-07-26 16:32 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-07-26 16:32 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-07-26 16:32 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-07-26 16:32 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-07-26 16:31 - 2014-07-26 16:31 - 00000000 ____D () C:\Windows\SysWOW64\it
2014-07-26 16:31 - 2014-07-26 16:31 - 00000000 ____D () C:\Windows\SysWOW64\fr
2014-07-26 16:31 - 2014-07-26 16:31 - 00000000 ____D () C:\Windows\SysWOW64\0410
2014-07-26 16:31 - 2014-07-26 16:31 - 00000000 ____D () C:\Windows\SysWOW64\040C
2014-07-26 16:31 - 2014-07-26 16:31 - 00000000 ____D () C:\Windows\system32\nl
2014-07-26 16:31 - 2014-07-26 16:31 - 00000000 ____D () C:\Windows\system32\it
2014-07-26 16:31 - 2014-07-26 16:31 - 00000000 ____D () C:\Windows\system32\0413
2014-07-26 16:31 - 2014-07-26 16:31 - 00000000 ____D () C:\Windows\system32\0410
2014-07-26 16:31 - 2014-07-26 16:11 - 00000000 ____D () C:\sources
2014-07-26 16:31 - 2012-08-03 01:01 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-07-26 16:31 - 2012-07-26 11:43 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-07-26 16:31 - 2012-07-26 11:43 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-07-26 16:31 - 2012-07-26 11:43 - 00000000 ____D () C:\Windows\system32\winrm
2014-07-26 16:31 - 2012-07-26 11:43 - 00000000 ____D () C:\Windows\system32\WCN
2014-07-26 16:31 - 2012-07-26 11:43 - 00000000 ____D () C:\Windows\system32\slmgr
2014-07-26 16:31 - 2012-07-26 11:43 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-07-26 16:31 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-07-26 16:31 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-07-26 16:31 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\Com
2014-07-26 16:31 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2014-07-26 16:31 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\migwiz
2014-07-26 16:31 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\Com
2014-07-26 16:31 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-26 16:31 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-07-26 16:31 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\system32\oobe
2014-07-26 16:31 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-26 16:30 - 2014-07-26 16:34 - 00347474 _____ () C:\Windows\system32\perfi013.dat
2014-07-26 16:30 - 2014-07-26 16:34 - 00045378 _____ () C:\Windows\system32\perfd013.dat
2014-07-26 16:30 - 2014-07-26 16:30 - 00000000 ____D () C:\Windows\system32\fr
2014-07-26 16:30 - 2014-07-26 16:30 - 00000000 ____D () C:\Windows\system32\040C
2014-07-26 16:30 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-07-26 16:30 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-26 16:30 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-26 16:30 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-26 16:30 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-26 16:30 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2014-07-26 16:30 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-07-26 16:30 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\en-GB
2014-07-26 16:29 - 2014-07-26 16:34 - 00350772 _____ () C:\Windows\system32\perfi00C.dat
2014-07-26 16:29 - 2014-07-26 16:34 - 00340806 _____ () C:\Windows\system32\perfi010.dat
2014-07-26 16:29 - 2014-07-26 16:34 - 00040528 _____ () C:\Windows\system32\perfd00C.dat
2014-07-26 16:29 - 2014-07-26 16:34 - 00039784 _____ () C:\Windows\system32\perfd010.dat
2014-07-26 16:15 - 2014-07-26 03:52 - 00000000 ____D () C:\Program Files (x86)\Yawtix
2014-07-26 16:04 - 2014-07-26 16:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-26 15:35 - 2014-07-25 21:09 - 00000000 ____D () C:\Users\Hilal
2014-07-26 13:30 - 2013-12-20 19:26 - 00003474 _____ () C:\Windows\System32\Tasks\ASUS Live Update1
2014-07-26 13:30 - 2013-12-20 19:26 - 00003464 _____ () C:\Windows\System32\Tasks\ASUS Live Update2
2014-07-26 12:58 - 2014-07-26 12:57 - 164962843 _____ () C:\Users\Hilal\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_de.exe
2014-07-26 12:03 - 2014-07-26 12:03 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-26 12:03 - 2014-07-26 12:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-26 12:03 - 2014-07-26 12:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-26 12:03 - 2014-07-26 12:03 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-26 12:03 - 2014-07-26 12:03 - 00000000 ____D () C:\ProgramData\Sun
2014-07-26 12:03 - 2014-07-26 12:03 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-26 12:03 - 2014-07-26 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-26 12:03 - 2014-07-26 12:03 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-26 12:02 - 2014-07-26 12:02 - 00918952 _____ (Oracle Corporation) C:\Users\Hilal\Downloads\chromeinstall-7u65.exe
2014-07-26 12:02 - 2014-07-26 12:02 - 00000000 ____D () C:\Users\Hilal\AppData\Local\Cisco
2014-07-26 12:02 - 2014-07-26 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2014-07-26 12:02 - 2014-07-26 12:02 - 00000000 ____D () C:\ProgramData\Cisco
2014-07-26 12:02 - 2013-12-20 19:17 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-07-26 12:01 - 2014-07-26 12:01 - 03065640 _____ (Cisco Systems, Inc.) C:\Users\Hilal\Downloads\anyconnect-win-3.1.05160-web-deploy-k9.exe
2014-07-26 05:20 - 2014-07-26 05:20 - 00002073 _____ () C:\Users\Public\Desktop\startvTiger.lnk
2014-07-26 05:20 - 2014-07-26 05:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vtigercrm-5.4.0
2014-07-26 05:20 - 2014-07-26 05:19 - 00000000 ____D () C:\Program Files (x86)\vtigercrm-5.4.0
2014-07-26 05:20 - 2014-07-26 03:30 - 00000738 _____ () C:\Windows\Tasks\vtigerCRM Email Reminder.job
2014-07-26 05:20 - 2014-07-26 03:30 - 00000638 _____ () C:\Windows\Tasks\vtigerCRM Recurring Invoice.job
2014-07-26 05:20 - 2014-07-26 03:30 - 00000610 _____ () C:\Windows\Tasks\vtigerCRM WorkFlow.job
2014-07-26 05:20 - 2014-07-26 03:30 - 00000604 _____ () C:\Windows\Tasks\vtigerCRM Notification Scheduler.job
2014-07-26 05:12 - 2014-07-26 05:12 - 00001024 _____ () C:\.rnd
2014-07-26 05:12 - 2014-07-26 05:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitnami WAMP Stack
2014-07-26 05:07 - 2013-04-26 01:15 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-26 05:05 - 2014-07-26 05:05 - 00000000 ____D () C:\Users\Hilal\AppData\Local\Adobe
2014-07-26 05:05 - 2014-07-25 21:10 - 00000000 ____D () C:\Users\Hilal\AppData\Roaming\Adobe
2014-07-26 05:03 - 2014-07-26 04:40 - 00000000 ____D () C:\Bitnami
2014-07-26 04:35 - 2014-07-26 04:34 - 110963928 _____ (Bitnami) C:\Users\Hilal\Downloads\bitnami-wampstack-5.4.31-0-windows-installer.exe
2014-07-26 04:23 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-26 04:15 - 2014-07-26 04:15 - 00000000 ____D () C:\Users\Hilal\Downloads\httpd-2.4.10.tar
2014-07-26 04:14 - 2014-07-26 04:14 - 05031834 _____ () C:\Users\Hilal\Downloads\httpd-2.4.10.tar.bz2
2014-07-26 04:09 - 2014-07-26 04:09 - 00000000 ____D () C:\Users\Hilal\Downloads\phpMyAdmin-4.2.6-all-languages
2014-07-26 03:56 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-07-26 03:51 - 2014-07-25 21:09 - 00000000 ____D () C:\Users\Hilal\AppData\Local\Packages
2014-07-26 03:49 - 2014-07-26 03:49 - 00000804 _____ () C:\Users\Public\Desktop\7-Zip File Manager.lnk
2014-07-26 03:49 - 2014-07-26 03:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy 7-Zip
2014-07-26 03:49 - 2014-07-26 03:49 - 00000000 ____D () C:\Program Files\Easy 7-Zip
2014-07-26 03:47 - 2014-07-26 03:47 - 01916909 _____ (James Hoo ) C:\Users\Hilal\Downloads\easy7zip_x64.exe
2014-07-26 03:45 - 2014-07-26 03:45 - 05213687 _____ () C:\Users\Hilal\Downloads\phpMyAdmin-4.2.6-all-languages.7z
2014-07-26 03:28 - 2014-07-26 03:27 - 46018552 _____ () C:\Users\Hilal\Downloads\vtigercrm-5.4.0.exe
2014-07-26 01:33 - 2014-07-26 01:33 - 00000000 ____D () C:\ProgramData\Gibraltar
2014-07-26 01:33 - 2014-07-25 21:33 - 00000000 ____D () C:\Users\Hilal\Documents\Citavi 4
2014-07-26 01:33 - 2014-07-25 21:33 - 00000000 ____D () C:\Users\Hilal\AppData\Roaming\Swiss Academic Software
2014-07-25 23:03 - 2014-07-25 23:03 - 00000000 ____D () C:\Users\Hilal\Desktop\Thesis
2014-07-25 21:33 - 2014-07-25 21:33 - 00000000 ____D () C:\Users\Hilal\AppData\Local\Swiss Academic Software
2014-07-25 21:33 - 2014-07-25 21:33 - 00000000 ____D () C:\ProgramData\Swiss Academic Software
2014-07-25 21:31 - 2014-07-25 21:31 - 00001951 _____ () C:\Users\Public\Desktop\Citavi 4.lnk
2014-07-25 21:31 - 2014-07-25 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 4
2014-07-25 21:31 - 2014-07-25 21:30 - 00000000 ____D () C:\Program Files (x86)\Citavi 4
2014-07-25 21:30 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\restore
2014-07-25 21:29 - 2014-07-25 21:29 - 00000000 ____D () C:\Users\Hilal\AppData\Local\Downloaded Installations
2014-07-25 21:26 - 2014-07-25 21:26 - 88093376 _____ (Swiss Academic Software) C:\Users\Hilal\Downloads\Citavi4Setup.exe
2014-07-25 21:17 - 2014-07-25 21:17 - 00002253 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-25 21:17 - 2014-07-25 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-25 21:17 - 2014-07-25 21:16 - 00000000 ____D () C:\Users\Hilal\AppData\Local\Google
2014-07-25 21:17 - 2014-07-25 21:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-25 21:16 - 2014-07-25 21:16 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-25 21:16 - 2014-07-25 21:16 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-25 21:16 - 2014-07-25 21:15 - 00000000 ____D () C:\Users\Hilal\AppData\Local\Deployment
2014-07-25 21:15 - 2014-07-25 21:15 - 00000000 ____D () C:\Users\Hilal\AppData\Local\Apps\2.0
2014-07-25 21:15 - 2013-12-20 19:11 - 00000000 ____D () C:\ProgramData\Intel
2014-07-25 21:13 - 2014-07-25 21:13 - 00000000 ____D () C:\Users\Hilal\AppData\Roaming\Macromedia
2014-07-25 21:12 - 2014-07-25 21:12 - 00000000 ____D () C:\Users\Hilal\AppData\Roaming\ASUS WebStorage
2014-07-25 21:11 - 2014-07-25 21:11 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-07-25 21:10 - 2014-07-25 21:10 - 00001444 _____ () C:\Users\Hilal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-25 21:10 - 2014-07-25 21:10 - 00000196 _____ () C:\Windows\FixPatch.log
2014-07-25 21:10 - 2014-07-25 21:10 - 00000000 ____D () C:\Users\Hilal\AppData\Local\VirtualStore
2014-07-25 21:10 - 2014-07-25 21:09 - 00000000 ____D () C:\Users\Hilal\AppData\Local\ASUS
2014-07-25 21:10 - 2012-08-02 15:33 - 00000000 ____D () C:\Windows\Log
2014-07-25 21:09 - 2014-07-25 21:09 - 00000020 ___SH () C:\Users\Hilal\ntuser.ini
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\Vorlagen
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\Startmenü
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\Netzwerkumgebung
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\Lokale Einstellungen
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\Eigene Dateien
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\Druckumgebung
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\Documents\Eigene Musik
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\Documents\Eigene Bilder
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\AppData\Local\Verlauf
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\AppData\Local\Anwendungsdaten
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 _SHDL () C:\Users\Hilal\Anwendungsdaten
2014-07-25 21:09 - 2014-07-25 21:09 - 00000000 ____D () C:\Users\Hilal\AppData\Roaming\Intel
2014-07-22 17:11 - 2012-07-26 10:13 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2014-07-22 17:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\Recovery
2014-07-08 18:42 - 2014-07-26 04:58 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw64.sys
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
Some content of TEMP:
====================
C:\Users\Hilal\AppData\Local\Temp\20140726120439652jniverify.dll
C:\Users\Hilal\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2012-08-02 15:24
==================== End Of Log ============================ Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014
Ran by Hilal at 2014-07-27 02:43:36
Running from C:\Users\Hilal\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Alcor Micro PCIE Card Reader (HKLM-x32\...\AmPeStor) (Version: 2.5.1107.0113 - Alcor Micro Corp.)
Alcor Micro PCIE Card Reader (x32 Version: 2.5.1107.0113 - Alcor Micro Corp.) Hidden
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.4 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.5 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0014 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.310 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0030 - ASUS)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bitnami WAMP Stack (HKLM-x32\...\Bitnami WAMP Stack 5.4.31-0) (Version: 5.4.31-0 - Bitnami)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05160 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05160 - Cisco Systems, Inc.) Hidden
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.4.0.28 - Swiss Academic Software)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dragon Assistant Installer (HKLM-x32\...\{A48069B4-3189-4DC2-AD03-645A16949F2F}) (Version: 1.0.0 - ASUS)
Easy 7-Zip v0.1.2 (HKLM\...\{661BB54F-5E4A-45F0-8153-DDF10C2E3FB7}_is1) (Version: 0.1.2 - James Hoo)
ExpressCache (HKLM\...\{E61C6104-EB91-471D-B1CB-7F21AA34103E}) (Version: 1.0.108.0 - Condusiv Technologies)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel Experience Center - Configuration (x32 Version: 1.7.0.179 - Intel) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.0.0.2023 - Intel Corporation)
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{3608ec0a-56b4-4d9d-b038-9b3e51d72582}) (Version: 1.7.0.179 - Intel)
Intel(R) Experience Center Driver (Version: 1.7.0.179 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.06.2000.0671 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3277 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 16.6.0.0128 - Intel Corporation) Hidden
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{B0366D1E-F89B-4584-B427-ED8E8C41877C}) (Version: 4.1.42.2308 - Intel)
Intel(R) Update Manager (x32 Version: 1.6.3.70 - Intel Corporation) Hidden
Intel(R) WiDi (HKLM\...\{201B03D6-FDDA-4C70-8A15-887F5B3CE365}) (Version: 4.2.19.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.06.0000.0280 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7058 - Realtek Semiconductor Corp.)
Realtek USB Ethernet Controller Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 8.6.626.2013 - Realtek)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
vtigercrm-5.4.0 (HKCU\...\vtigercrm-5.4.0) (Version: - )
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Driver Package - ASUS (ATP) Mouse (09/17/2013 1.0.0.186) (HKLM\...\D9E691DCEE7D3B9B7C62A7F5C2EAABBB9335DC9A) (Version: 09/17/2013 1.0.0.186 - ASUS)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
Yawtix (HKLM\...\Yawtix) (Version: 2014.07.25.222850 - Yawtix)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
25-07-2014 19:30:14 Installed Citavi 4.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {02F06C01-5F64-4102-86C3-CEC3D281D39D} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {14DF284F-3818-45D8-9816-495BADDC705E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-06-26] (Microsoft Corporation)
Task: {18BB0ADF-54AC-4F13-9546-9A3D5A7D8989} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-09-23] (AsusTek)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {27F2606B-ACC7-4A76-80DF-D09AD01EBEC7} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-07-31] (ASUSTeK Computer Inc.)
Task: {3464C411-0067-4F85-83EA-BA056F67DCDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-25] (Google Inc.)
Task: {559A1E57-EB76-4461-85F9-390C827A3C0E} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-07-01] (ASUSTeK Computer Inc.)
Task: {5C148631-C7CF-4B28-96BC-AFBD266D9CCD} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-07-09] ()
Task: {61A532A7-0631-4F81-87BB-5B87515676BF} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {6C7C3088-4236-4815-960C-9AB1A61E3C61} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-07-23] (ASUS)
Task: {86B82F06-7F07-43D9-9269-16AA2AB12DAE} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-09] (ASUSTek Computer Inc.)
Task: {94C0D800-1FD6-422F-A1DA-10C3214A16CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-25] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B7BF9693-988E-47B6-A0E9-474097975E88} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-06-03] (ASUS)
Task: {BDF2C130-9E56-4EDB-9C03-F5A88EA79A41} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CD4CDEA0-8947-4702-B331-B06F1075844F} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {E90874B4-ABC9-463F-A49C-4F2EB24C9D00} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-07-01] (ASUSTeK Computer Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\vtigerCRM Email Reminder.job => ?
Task: C:\Windows\Tasks\vtigerCRM Notification Scheduler.job => ?
Task: C:\Windows\Tasks\vtigerCRM Recurring Invoice.job => ?
Task: C:\Windows\Tasks\vtigerCRM WorkFlow.job => ?
==================== Loaded Modules (whitelisted) =============
2012-12-19 08:10 - 2012-12-19 08:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2013-05-30 18:46 - 2013-05-30 18:46 - 00182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-05-30 18:46 - 2013-05-30 18:46 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-07-26 00:28 - 2014-07-26 15:25 - 00321816 _____ () C:\Program Files (x86)\Yawtix\updateYawtix.exe
2014-07-26 04:56 - 2014-07-26 15:28 - 00321816 _____ () C:\Program Files (x86)\Yawtix\bin\utilYawtix.exe
2014-07-26 05:04 - 2014-05-11 19:04 - 08140288 _____ () C:\Bitnami\wampstack-5.4.31-1\mysql\bin\mysqld.exe
2014-07-26 04:58 - 2014-07-08 18:42 - 00287000 _____ () C:\Program Files (x86)\Yawtix\bin\Yawtix.PurBrowse64.exe
2013-07-23 11:54 - 2013-07-23 11:54 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-04-26 10:38 - 2013-01-02 08:55 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2014-07-26 04:58 - 2014-07-26 20:27 - 00096536 _____ () C:\Program Files (x86)\Yawtix\bin\Yawtix.BrowserAdapter.exe
2014-03-12 22:53 - 2014-03-12 22:53 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-07-26 05:03 - 2014-07-19 14:49 - 00218112 _____ () C:\Bitnami\WAMPST~2.31-\apache2\bin\pcre.dll
2014-07-26 05:03 - 2013-06-29 21:15 - 00067584 _____ () C:\Bitnami\WAMPST~2.31-\apache2\bin\zlib1.dll
2014-07-26 05:04 - 2014-07-23 20:49 - 00097792 _____ () C:\Bitnami\wampstack-5.4.31-1\php\libpq.dll
2014-07-26 05:04 - 2014-07-25 09:32 - 00025088 _____ () C:\Bitnami\wampstack-5.4.31-1\php\php5apache2_4.dll
2013-12-20 19:11 - 2013-09-16 14:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-04-29 16:17 - 2013-04-29 16:17 - 00587264 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-07-26 04:58 - 2014-07-26 20:27 - 00183576 _____ () C:\Program Files (x86)\Yawtix\bin\YawtixBAApp.dll
2014-07-25 21:17 - 2014-07-15 11:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-25 21:17 - 2014-07-15 11:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-25 21:17 - 2014-07-15 11:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-25 21:17 - 2014-07-15 11:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-25 21:17 - 2014-07-15 11:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2014-07-25 21:17 - 2014-07-15 11:24 - 14664008 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/26/2014 05:59:44 PM) (Source: MsiInstaller) (EventID: 1002) (User: HILOSSI)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".
Error: (07/26/2014 05:56:22 PM) (Source: MsiInstaller) (EventID: 1002) (User: HILOSSI)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".
Error: (07/26/2014 05:56:16 PM) (Source: MsiInstaller) (EventID: 1002) (User: HILOSSI)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".
Error: (07/26/2014 05:56:15 PM) (Source: MsiInstaller) (EventID: 1002) (User: HILOSSI)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".
Error: (07/26/2014 05:56:11 PM) (Source: MsiInstaller) (EventID: 1002) (User: HILOSSI)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".
Error: (07/26/2014 05:56:09 PM) (Source: MsiInstaller) (EventID: 1002) (User: HILOSSI)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".
Error: (07/26/2014 05:56:00 PM) (Source: MsiInstaller) (EventID: 1002) (User: HILOSSI)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".
Error: (07/26/2014 05:55:55 PM) (Source: MsiInstaller) (EventID: 1002) (User: HILOSSI)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".
Error: (07/26/2014 05:55:54 PM) (Source: MsiInstaller) (EventID: 1002) (User: HILOSSI)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".
Error: (07/26/2014 05:55:51 PM) (Source: MsiInstaller) (EventID: 1002) (User: HILOSSI)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".
System errors:
=============
Error: (07/26/2014 07:54:32 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "HFU-UX31A-MINT",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{08FFF5FE-DEA5-411D-AA43-990F3BD103D5}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/26/2014 07:42:31 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "HFU-UX31A-MINT",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{08FFF5FE-DEA5-411D-AA43-990F3BD103D5}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/26/2014 07:30:31 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "HFU-UX31A-MINT",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{08FFF5FE-DEA5-411D-AA43-990F3BD103D5}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/26/2014 07:18:30 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "HFU-UX31A-MINT",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{08FFF5FE-DEA5-411D-AA43-990F3BD103D5}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/26/2014 06:54:29 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "HFU-UX31A-MINT",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{08FFF5FE-DEA5-411D-AA43-990F3BD103D5}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/26/2014 06:42:28 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "HFU-UX31A-MINT",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{08FFF5FE-DEA5-411D-AA43-990F3BD103D5}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/26/2014 06:30:28 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "HFU-UX31A-MINT",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{08FFF5FE-DEA5-411D-AA43-990F3BD103D5}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/26/2014 06:18:27 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "HFU-UX31A-MINT",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{08FFF5FE-DEA5-411D-AA43-990F3BD103D5}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/26/2014 06:06:27 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "HFU-UX31A-MINT",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{08FFF5FE-DEA5-411D-AA43-990F3BD103D5}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/26/2014 05:58:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0922 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 3.5 unter Windows 8 und Windows Server 2012 für x64-basierte Systeme (KB2931357)
Microsoft Office Sessions:
=========================
Error: (07/26/2014 05:59:44 PM) (Source: MsiInstaller) (EventID: 1002) (User: HILOSSI)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
Error: (07/26/2014 05:56:22 PM) (Source: MsiInstaller) (EventID: 1002) (User: HILOSSI)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
Error: (07/26/2014 05:56:16 PM) (Source: MsiInstaller) (EventID: 1002) (User: HILOSSI)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
Error: (07/26/2014 05:56:15 PM) (Source: MsiInstaller) (EventID: 1002) (User: HILOSSI)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
Error: (07/26/2014 05:56:11 PM) (Source: MsiInstaller) (EventID: 1002) (User: HILOSSI)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
Error: (07/26/2014 05:56:09 PM) (Source: MsiInstaller) (EventID: 1002) (User: HILOSSI)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
Error: (07/26/2014 05:56:00 PM) (Source: MsiInstaller) (EventID: 1002) (User: HILOSSI)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
Error: (07/26/2014 05:55:55 PM) (Source: MsiInstaller) (EventID: 1002) (User: HILOSSI)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
Error: (07/26/2014 05:55:54 PM) (Source: MsiInstaller) (EventID: 1002) (User: HILOSSI)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
Error: (07/26/2014 05:55:51 PM) (Source: MsiInstaller) (EventID: 1002) (User: HILOSSI)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
==================== Memory info ===========================
Percentage of memory in use: 47%
Total physical RAM: 8075.34 MB
Available physical RAM: 4205.46 MB
Total Pagefile: 12683.34 MB
Available Pagefile: 8312.1 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:131.91 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:258.34 GB) (Free:258.22 GB) NTFS
Drive f: (CDROM) (CDROM) (Total:0.82 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 5B98F280)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 74F02DEA)
Partition 1: (Not Active) - (Size=15 GB) - (Type=73)
==================== End Of Log ============================ |