Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Entfernung der "AVG Security Toolbar" schlägt fehl!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 23.02.2014, 09:12   #1
StarSlider
 
Entfernung der "AVG Security Toolbar" schlägt fehl! - Standard

Entfernung der "AVG Security Toolbar" schlägt fehl!



Hallo zusammen,

ich bin neu hier und hoffe, dass ich mit meiner Anfrage hier überhaupt richtig bin, denn ich weiß nicht wirklich weiter...

Scheinbar durch irgendeine Unachtsamkeit habe ich mir diese "AVG Security Toolbar" installiert, was leider sehr ärgerlich ist, da ich diese Toolbar einfach nicht mehr vom Rechner entfernt bekomme!

Software:
- Habe einen msi Laptop mit Windows 8 (mit allen aktuellen relevanten System-Updates)
- Nutze u.a. auch den IE - aktuell die Version 11.0.9600.16518
- Avira Antivirus Suite

Situation:
- Es erscheint beim Öffnen des IEs unterhalb des Menüs die Toolbar von AVG
- Deaktivierung ist möglich, aber beim Ausführen der Option "Uninstall AVG toolbar" erfolgt nach einiger Zeit ein separates Hinweisfenster, dass ich mich angeblich mit "Administrationsrechten" anzumelden habe, was sehr verwundert, denn mein Profil hat diese Rechte! Habe ich geprüft...
- Über die Systemsteuerung in der Softwareübersicht erscheint ebenfalls in der Liste der Eintrag "AVG Safeguard toolbar". Eine Deinstallation funktioniert aber nicht - die Deinstallationsroutine hängt sich währenddessen auf... Warum auch immer!?!?

Das zu meiner Situation!
Habe im Internet gelesen, dass diese Toolbar in der Tat nicht ohne ist. Soll heißen, dass sie als "Hijacker" bezeichnet wird. Daher meine Idee, hier bei Euch um Rat zu fragen. Aber alle Vorschläge, die ich gefunden habe, um diese Toolbar entfernen zu können, haben nicht funktioniert.

Daher ist meine Hoffnung, dass ich hier vielleicht einen Rat erhalte?

Besten Dank im Voraus!
Star.

Alt 23.02.2014, 09:51   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Entfernung der "AVG Security Toolbar" schlägt fehl! - Standard

Entfernung der "AVG Security Toolbar" schlägt fehl!



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 23.02.2014, 15:37   #3
StarSlider
 
Entfernung der "AVG Security Toolbar" schlägt fehl! - Standard

Entfernung der "AVG Security Toolbar" schlägt fehl!



Ok, melde mich später dann... Wird aber vermutlich erst morgen was...
__________________

Alt 24.02.2014, 15:59   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Entfernung der "AVG Security Toolbar" schlägt fehl! - Standard

Entfernung der "AVG Security Toolbar" schlägt fehl!



ok
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 24.02.2014, 20:34   #5
StarSlider
 
Entfernung der "AVG Security Toolbar" schlägt fehl! - Standard

Entfernung der "AVG Security Toolbar" schlägt fehl!



So, bitte schön... :-)


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-02-2014
Ran by Fares (administrator) on STARSLIDER on 24-02-2014 21:28:36
Running from C:\Users\Fares\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Valve Corporation) D:\Games\Skyrim\Steam.exe
(Marx Softwareentwicklung - www.software4u.de) C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IDMLauncher.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\WMIADAP.EXE
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-03-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Radio Manager] - C:\Program Files (x86)\SCM\Radio Manager.exe [403848 2012-09-13] (MSI)
HKLM\...\Run: [SCM] - C:\Program Files (x86)\SCM\SCM.exe [399776 2012-09-13] (MSI)
HKLM\...\Run: [THXCfg64] - C:\Windows\system32\THXCfg64.dll [25600 2010-09-14] (Creative Technology Ltd.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7818040 2013-09-19] (Motorola Solutions, Inc.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2013-10-18] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [THX Audio Control Panel] - C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1517056 2011-08-30] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super-Charger] - C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [502328 2012-05-23] (MSI)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2535448 2014-02-06] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [PowerDVD13Agent] - C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe [517144 2013-11-29] (CyberLink Corp.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1916057237-1336084813-2840200523-1002\...\Run: [Steam] - D:\Games\Skyrim\Steam.exe [1822400 2014-02-20] (Valve Corporation)
HKU\S-1-5-21-1916057237-1336084813-2840200523-1002\...\Run: [iDevice Manager Launcher] - C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IDMLauncher.exe [139728 2014-01-02] (Marx Softwareentwicklung - www.software4u.de)
HKU\S-1-5-21-1916057237-1336084813-2840200523-1002\...\Run: [Google Update] - C:\Users\Fares\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-04] (Google Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [148528 2014-02-08] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi13.msn.com
SearchScopes: HKLM - DefaultScope {9D374A47-E713-4C72-85B0-7083622D9CAD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM - {9D374A47-E713-4C72-85B0-7083622D9CAD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM-x32 - DefaultScope {9D374A47-E713-4C72-85B0-7083622D9CAD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM-x32 - {9D374A47-E713-4C72-85B0-7083622D9CAD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPD9C7CE1A-425B-4E63-8ECA-90C16A169E6D&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPD9C7CE1A-425B-4E63-8ECA-90C16A169E6D&q={searchTerms}&SSPV=
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://mysearch.avg.com/search?cid={F6118840-09D8-455F-9CD5-C57CB0A68EDA}&mid=120e8db1340547d39d79dd9bd4a1a970-e2c86206793427fc553092696e345666bec2720e&lang=en&ds=ts024&coid=avgtbdists&cmpid=&pr=sa&d=2014-02-06 00:02:43&v=17.3.1.204&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {9D374A47-E713-4C72-85B0-7083622D9CAD} URL = 
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Chrome: 
=======
CHR HomePage: homepage_is_newtabpage
CHR RestoreOnStartup: "sync_promo":{"startup_count"
CHR DefaultSearchKeyword: conduit.search
CHR DefaultSearchURL: http:\/\/search.conduit.com\/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPD9C7CE1A-425B-4E63-8ECA-90C16A169E6D&q={searchTerms}&SSPV=
CHR Extension: (Google Docs) - C:\Users\Fares\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-04]
CHR Extension: (Google Drive) - C:\Users\Fares\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-04]
CHR Extension: (YouTube) - C:\Users\Fares\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-04]
CHR Extension: (Google Search) - C:\Users\Fares\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-04]
CHR Extension: (AVG SafeGuard) - C:\Users\Fares\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-10-04]
CHR Extension: (Google Wallet) - C:\Users\Fares\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-04]
CHR Extension: (Gmail) - C:\Users\Fares\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-04]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\17.3.1.204\avg.crx [2014-02-06]

==================== Services (Whitelisted) =================

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [896056 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-11-29] (CyberLink)
R2 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-11-29] (CyberLink)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-28] (Futuremark)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2012-09-13] (Micro-Star International Co., Ltd.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [142904 2012-05-23] (MSI)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-02] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1771544 2014-01-06] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-02] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [17936 2011-12-12] (Windows (R) Win 7 DDK provider)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99800 2013-05-31] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [3293008 2011-07-26] (Windows (R) Win 7 DDK provider)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S3 SjtWinIo; C:\Windows\System32\drivers\SjtWinIo.sys [9216 2013-05-18] (SpeedJet Technology INC.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-16] (Microsoft Corporation)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-01-24] ()
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [32456 2013-11-29] (CyberLink Corp.)
S1 BfLwf; \SystemRoot\system32\DRIVERS\bwcW8x64.sys [X]
S3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 GPUZ; \??\C:\WINDOWS\TEMP\GPUZ.sys [X]
S3 Ke2200; \SystemRoot\system32\DRIVERS\e22w8x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-24 21:28 - 2014-02-24 21:28 - 00022352 _____ () C:\Users\Fares\Downloads\FRST.txt
2014-02-24 21:28 - 2014-02-24 21:28 - 00000000 ____D () C:\FRST
2014-02-24 21:27 - 2014-02-24 21:27 - 02156032 _____ (Farbar) C:\Users\Fares\Downloads\FRST64.exe
2014-02-23 09:29 - 2014-02-23 09:29 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\stflt.sys
2014-02-19 21:23 - 2014-02-19 21:23 - 00001534 _____ () C:\ProgramData\ss.ini
2014-02-19 21:22 - 2014-02-19 21:22 - 00001024 _____ () C:\Users\Fares\Desktop\FreeRIP MP3 Converter.lnk
2014-02-19 21:22 - 2014-02-19 21:22 - 00000000 ____D () C:\Users\Fares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRIP MP3 Converter
2014-02-19 21:22 - 2014-02-19 21:22 - 00000000 ____D () C:\ProgramData\FreeRIP MP3 Converter
2014-02-19 21:22 - 2014-02-19 21:22 - 00000000 ____D () C:\Program Files (x86)\FreeRIP
2014-02-19 21:16 - 2014-02-19 21:16 - 00001419 _____ () C:\Users\Fares\Desktop\Die Installation von Free Audio CD to MP3 Converter fortsetzen.lnk
2014-02-19 19:41 - 2014-02-19 19:41 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-02-19 19:41 - 2014-02-19 19:41 - 00000000 ____D () C:\Users\Fares\AppData\Roaming\TuneUp Software
2014-02-19 19:41 - 2014-02-19 19:41 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-02-19 19:41 - 2014-02-19 19:41 - 00000000 _____ () C:\END
2014-02-19 19:38 - 2014-02-19 21:05 - 00000000 ____D () C:\Users\Fares\AppData\Roaming\DVDVideoSoft
2014-02-19 19:38 - 2014-02-19 19:38 - 00001464 _____ () C:\Users\Public\Desktop\Free Audio Converter.lnk
2014-02-19 19:38 - 2014-02-19 19:38 - 00000000 ____D () C:\Users\Fares\AppData\Roaming\OpenCandy
2014-02-19 19:38 - 2014-02-19 19:38 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-02-18 23:21 - 2014-02-18 23:21 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-02-18 23:21 - 2014-02-18 23:21 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-02-18 23:21 - 2014-02-18 23:21 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-18 23:19 - 2014-02-08 19:34 - 31432480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 25256224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 23683360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 18257576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 17715784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 15740232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 14669032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 12324640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-02-18 23:19 - 2014-02-08 19:34 - 11636176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 11589272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 09728064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 09690424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 03142432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 02956576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 02782496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 02410784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 01885472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433489.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 01515296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433489.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00892192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00875296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00863520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00844576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00483104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00408352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00378656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00353504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00333600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2014-02-17 20:51 - 2014-02-17 20:51 - 00001805 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-17 20:50 - 2014-02-17 20:51 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-17 20:50 - 2014-02-17 20:51 - 00000000 ____D () C:\Program Files\iTunes
2014-02-17 20:50 - 2014-02-17 20:51 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-17 20:50 - 2014-02-17 20:50 - 00000000 ____D () C:\Program Files\iPod
2014-02-17 00:32 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2014-02-11 22:31 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-11 22:31 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-11 22:30 - 2014-01-09 09:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-11 22:30 - 2014-01-09 08:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-11 22:30 - 2014-01-09 08:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-11 22:30 - 2014-01-09 08:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-11 22:30 - 2014-01-09 08:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-11 22:30 - 2014-01-09 08:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-11 22:30 - 2014-01-09 08:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-11 22:30 - 2014-01-09 08:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-11 22:30 - 2014-01-09 08:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-11 22:30 - 2014-01-09 08:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-11 22:30 - 2014-01-07 08:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-11 22:30 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-11 22:30 - 2014-01-04 21:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-11 22:30 - 2014-01-04 20:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-11 22:30 - 2014-01-04 15:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-11 22:30 - 2014-01-04 15:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-11 22:30 - 2014-01-04 14:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-11 22:30 - 2014-01-04 14:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-11 22:30 - 2014-01-04 14:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-11 22:30 - 2014-01-04 14:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-11 22:30 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-11 22:30 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-11 22:30 - 2013-12-20 11:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-11 22:30 - 2013-12-20 07:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-11 21:29 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-11 21:29 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-11 21:29 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-11 21:29 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-11 21:29 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-11 21:29 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-11 21:29 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-11 21:29 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-11 21:29 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-11 21:29 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-11 21:29 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-11 21:29 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-11 21:29 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-11 21:29 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-11 21:29 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-11 21:29 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-11 21:29 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-11 21:29 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-11 21:29 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-11 21:29 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-11 21:29 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-11 21:29 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-11 21:29 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-11 21:29 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-11 21:29 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-11 21:29 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-11 21:29 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-11 21:29 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-11 21:29 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-11 21:29 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-11 21:29 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-11 21:29 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-11 21:29 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-11 21:29 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-11 21:29 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-11 21:29 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-11 21:29 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-11 21:29 - 2014-01-07 06:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-11 21:29 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-11 21:29 - 2013-12-09 01:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-11 21:29 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-11 21:29 - 2013-11-21 07:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-11 21:29 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-11 21:28 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-11 21:28 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-10 19:44 - 2014-02-10 19:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-01-25 22:06 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-01-25 22:06 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-01-25 22:06 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-01-25 22:06 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-01-25 22:06 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-01-25 22:06 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-01-25 22:06 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-01-25 22:06 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-01-25 22:06 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-01-25 22:06 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-01-25 22:06 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-01-25 22:06 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-01-25 22:06 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-01-25 22:06 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-01-25 22:06 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-01-25 22:06 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-01-25 22:06 - 2013-11-27 05:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-01-25 22:06 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-01-25 22:06 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-01-25 22:06 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-01-25 22:06 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-01-25 22:06 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-01-25 22:06 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-01-25 22:06 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-01-25 22:06 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-01-25 22:06 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-01-25 22:06 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-01-25 22:06 - 2013-11-25 02:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-01-25 22:06 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-01-25 22:06 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-01-25 22:06 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-01-25 22:06 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-01-25 22:06 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-01-25 22:06 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-01-25 22:06 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-01-25 22:06 - 2013-11-23 08:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-01-25 22:06 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-01-25 22:06 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-01-25 22:06 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-01-25 22:06 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-01-25 22:06 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-01-25 22:06 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-01-25 22:06 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-01-25 22:06 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-01-25 22:06 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-01-25 22:06 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-01-25 22:06 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-01-25 22:06 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-01-25 22:06 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-01-25 22:06 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-01-25 22:06 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-01-25 22:06 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-01-25 22:06 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-01-25 22:06 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-01-25 22:06 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-01-25 14:06 - 2014-01-25 14:06 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-01-25 14:06 - 2014-01-25 14:06 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-01-25 14:06 - 2014-01-25 14:06 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-01-25 14:06 - 2014-01-25 14:06 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-01-25 14:06 - 2014-01-25 14:06 - 00000000 ____D () C:\ProgramData\Sun
2014-01-25 14:06 - 2014-01-25 14:06 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-25 14:06 - 2014-01-25 14:06 - 00000000 ____D () C:\Program Files (x86)\Java

==================== One Month Modified Files and Folders =======

2014-02-24 21:28 - 2014-02-24 21:28 - 00022352 _____ () C:\Users\Fares\Downloads\FRST.txt
2014-02-24 21:28 - 2014-02-24 21:28 - 00000000 ____D () C:\FRST
2014-02-24 21:27 - 2014-02-24 21:27 - 02156032 _____ (Farbar) C:\Users\Fares\Downloads\FRST64.exe
2014-02-24 21:27 - 2013-09-30 05:14 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-24 21:27 - 2013-09-30 04:56 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-02-24 21:27 - 2013-09-30 04:56 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-02-24 21:26 - 2013-04-17 18:08 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1916057237-1336084813-2840200523-1002
2014-02-24 21:23 - 2013-11-16 10:15 - 01295735 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-24 21:22 - 2013-10-04 08:51 - 00002428 _____ () C:\Users\Fares\Desktop\Google Chrome.lnk
2014-02-24 21:20 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-24 21:20 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-24 21:16 - 2013-10-04 08:51 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1916057237-1336084813-2840200523-1002UA.job
2014-02-24 21:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-24 20:05 - 2013-11-16 10:44 - 00003938 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{80E87508-0EB5-46D3-87AF-C6012DD95941}
2014-02-24 20:04 - 2013-07-22 18:34 - 00000000 ____D () C:\Users\Fares\AppData\Local\Adobe
2014-02-24 20:01 - 2013-11-16 10:38 - 00000000 __RDO () C:\Users\Fares\SkyDrive
2014-02-23 16:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-23 09:43 - 2013-09-29 20:04 - 00007988 _____ () C:\WINDOWS\PFRO.log
2014-02-23 09:43 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\System
2014-02-23 09:29 - 2014-02-23 09:29 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\stflt.sys
2014-02-23 09:15 - 2013-08-10 21:52 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-02-23 08:52 - 2013-12-14 21:42 - 00029261 _____ () C:\Users\Fares\Desktop\Icon Mugs Completely.xlsm
2014-02-19 23:26 - 2013-06-10 22:09 - 00000000 ____D () C:\Program Files\Recuva
2014-02-19 22:45 - 2012-11-27 20:44 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-19 21:23 - 2014-02-19 21:23 - 00001534 _____ () C:\ProgramData\ss.ini
2014-02-19 21:23 - 2013-04-17 18:00 - 00000000 ____D () C:\Users\Fares\AppData\Local\VirtualStore
2014-02-19 21:22 - 2014-02-19 21:22 - 00001024 _____ () C:\Users\Fares\Desktop\FreeRIP MP3 Converter.lnk
2014-02-19 21:22 - 2014-02-19 21:22 - 00000000 ____D () C:\Users\Fares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRIP MP3 Converter
2014-02-19 21:22 - 2014-02-19 21:22 - 00000000 ____D () C:\ProgramData\FreeRIP MP3 Converter
2014-02-19 21:22 - 2014-02-19 21:22 - 00000000 ____D () C:\Program Files (x86)\FreeRIP
2014-02-19 21:16 - 2014-02-19 21:16 - 00001419 _____ () C:\Users\Fares\Desktop\Die Installation von Free Audio CD to MP3 Converter fortsetzen.lnk
2014-02-19 21:05 - 2014-02-19 19:38 - 00000000 ____D () C:\Users\Fares\AppData\Roaming\DVDVideoSoft
2014-02-19 19:41 - 2014-02-19 19:41 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-02-19 19:41 - 2014-02-19 19:41 - 00000000 ____D () C:\Users\Fares\AppData\Roaming\TuneUp Software
2014-02-19 19:41 - 2014-02-19 19:41 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-02-19 19:41 - 2014-02-19 19:41 - 00000000 _____ () C:\END
2014-02-19 19:38 - 2014-02-19 19:38 - 00001464 _____ () C:\Users\Public\Desktop\Free Audio Converter.lnk
2014-02-19 19:38 - 2014-02-19 19:38 - 00000000 ____D () C:\Users\Fares\AppData\Roaming\OpenCandy
2014-02-19 19:38 - 2014-02-19 19:38 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-02-18 23:31 - 2013-10-12 07:47 - 00000022 _____ () C:\WINDOWS\GPU-Z.INI
2014-02-18 23:30 - 2013-10-12 20:49 - 00001254 _____ () C:\Users\Public\Desktop\3DMark 11.lnk
2014-02-18 23:30 - 2013-08-03 22:36 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-18 23:30 - 2013-04-29 13:09 - 00000000 ____D () C:\Program Files\Futuremark
2014-02-18 23:30 - 2013-04-29 08:17 - 00000000 ____D () C:\Program Files (x86)\Futuremark
2014-02-18 23:30 - 2012-11-22 14:14 - 00054231 _____ () C:\WINDOWS\DirectX.log
2014-02-18 23:21 - 2014-02-18 23:21 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-02-18 23:21 - 2014-02-18 23:21 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-02-18 23:21 - 2014-02-18 23:21 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-18 23:21 - 2013-11-16 10:15 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-18 23:21 - 2013-11-16 10:15 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-17 22:00 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-02-17 22:00 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-17 20:51 - 2014-02-17 20:51 - 00001805 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-17 20:51 - 2014-02-17 20:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-17 20:51 - 2014-02-17 20:50 - 00000000 ____D () C:\Program Files\iTunes
2014-02-17 20:51 - 2014-02-17 20:50 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-17 20:50 - 2014-02-17 20:50 - 00000000 ____D () C:\Program Files\iPod
2014-02-16 21:36 - 2013-07-24 22:40 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-16 21:35 - 2013-04-18 22:00 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-16 16:16 - 2013-10-04 08:51 - 00000878 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1916057237-1336084813-2840200523-1002Core.job
2014-02-16 16:11 - 2013-10-04 08:51 - 00003876 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1916057237-1336084813-2840200523-1002UA
2014-02-16 16:11 - 2013-10-04 08:51 - 00003496 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1916057237-1336084813-2840200523-1002Core
2014-02-15 10:50 - 2013-08-22 15:46 - 00344940 _____ () C:\WINDOWS\setupact.log
2014-02-12 19:41 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-12 19:13 - 2013-07-27 07:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-11 23:35 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-11 23:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-11 23:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-11 23:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-10 19:52 - 2014-02-10 19:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-08 19:34 - 2014-02-18 23:19 - 31432480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 25256224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 23683360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 18257576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 17715784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 15740232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 14669032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 12324640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-02-08 19:34 - 2014-02-18 23:19 - 11636176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 11589272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 09728064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 09690424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 03142432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 02956576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 02782496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 02410784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 01885472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433489.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 01515296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433489.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00892192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00875296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00863520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00844576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00483104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00408352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00378656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00353504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00333600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2014-02-08 19:34 - 2013-11-01 09:31 - 03090184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-02-08 19:34 - 2013-11-01 09:31 - 02713728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-02-08 19:34 - 2013-11-01 09:31 - 00947296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2014-02-08 19:34 - 2013-11-01 09:31 - 00832424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-02-08 19:34 - 2013-11-01 09:31 - 00174296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-02-08 19:34 - 2013-11-01 09:31 - 00148528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-02-08 19:34 - 2013-11-01 09:31 - 00024544 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-02-08 18:42 - 2013-11-16 10:15 - 06712608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-02-08 18:42 - 2013-11-16 10:15 - 03498272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-02-08 18:42 - 2013-11-16 10:15 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-02-08 18:42 - 2013-11-16 10:15 - 01075488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2014-02-08 18:42 - 2013-11-16 10:15 - 00923936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-02-08 18:42 - 2013-11-16 10:15 - 00386336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-02-08 18:42 - 2013-11-16 10:15 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2014-02-08 18:42 - 2013-11-16 10:15 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-02-06 13:16 - 2014-02-11 21:29 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-11 21:29 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-11 21:29 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-11 21:29 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-11 21:29 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-11 21:29 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-11 21:29 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-11 21:29 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-06 11:49 - 2014-02-11 21:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-11 21:29 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-11 21:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-11 21:29 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-11 21:29 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-11 21:29 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-11 21:29 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-06 11:11 - 2014-02-11 21:29 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-11 21:29 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-11 21:29 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-11 21:29 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-11 21:29 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-11 21:29 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-11 21:29 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-11 21:29 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-06 10:47 - 2014-02-11 21:29 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-11 21:29 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-11 21:29 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-11 21:29 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-11 21:29 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-06 10:22 - 2014-02-11 21:29 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-11 21:29 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-11 21:29 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-11 21:29 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-11 21:29 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-11 21:29 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-11 21:29 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-11 21:29 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-11 21:29 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-06 00:02 - 2013-08-10 21:52 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-02-05 18:52 - 2013-11-16 10:15 - 03573739 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-01-25 22:22 - 2013-04-17 18:01 - 00000000 ___RD () C:\Users\Fares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-25 22:22 - 2013-04-17 18:01 - 00000000 ___RD () C:\Users\Fares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-25 22:11 - 2013-08-22 15:44 - 05123200 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-25 22:11 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-01-25 22:11 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-01-25 14:06 - 2014-01-25 14:06 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-01-25 14:06 - 2014-01-25 14:06 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-01-25 14:06 - 2014-01-25 14:06 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-01-25 14:06 - 2014-01-25 14:06 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-01-25 14:06 - 2014-01-25 14:06 - 00000000 ____D () C:\ProgramData\Sun
2014-01-25 14:06 - 2014-01-25 14:06 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-25 14:06 - 2014-01-25 14:06 - 00000000 ____D () C:\Program Files (x86)\Java

Some content of TEMP:
====================
C:\Users\Fares\AppData\Local\Temp\avgnt.exe
C:\Users\Fares\AppData\Local\Temp\COMAP.EXE
C:\Users\Fares\AppData\Local\Temp\ICReinstall_COMPUTER_BILD-Download-Manager_fuer_FreeAudioCDToMP3Converter.exe
C:\Users\Fares\AppData\Local\Temp\nsaBE14.exe
C:\Users\Fares\AppData\Local\Temp\nsdAD37.exe
C:\Users\Fares\AppData\Local\Temp\nsn8223.exe
C:\Users\Fares\AppData\Local\Temp\nsoAE61.exe
C:\Users\Fares\AppData\Local\Temp\nsvBF2E.exe
C:\Users\Fares\AppData\Local\Temp\tmpA147.tmp.exe
C:\Users\Fares\AppData\Local\Temp\tmpBB77.tmp.exe
C:\Users\Fares\AppData\Local\Temp\UNINSTALL.EXE


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-23 09:35

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-02-2014
Ran by Fares at 2014-02-24 21:28:56
Running from C:\Users\Fares\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

„Windows Live Essentials“ (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 16.4.3503.0728 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 16.4.3503.0728 - „Microsoft Corporation“) Hidden
3DMark (HKLM-x32\...\{F1A6C690-C12C-4E7A-B4BD-958678215418}) (Version: 1.1 - Futuremark)
3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark)
3DMark 11 (Version: 1.0.132.0 - Futuremark) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 17.3.1.204 - AVG Technologies)
Avira Antivirus Premium (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.2.286 - Avira)
Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1208.0301 - Micro-Star International Co., Ltd.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 4.0.1211.2101 - Micro-Star International Co., Ltd.)
CyberLink PowerDVD 13 (HKLM-x32\...\InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}) (Version: 13.0.3520.58 - CyberLink Corp.)
CyberLink PowerDVD 13 (x32 Version: 13.0.3520.58 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DriverNavigator 3.3.2 (HKLM\...\DriverNavigator_is1) (Version: 3.3.2.0 - Easeware)
ETDWare PS/2-X64 11.13.2.4_WHQL (HKLM\...\Elantech) (Version: 11.13.2.4 - ELAN Microelectronic Corp.)
FastStone Capture 5.3 (HKLM-x32\...\FastStone Capture) (Version: 5.3 - FastStone Soft)
File Repair (HKLM-x32\...\File Repair_is1) (Version:  - File Repair)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Fotoattēlu galerija (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogaléria (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalerii (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Foto-galerija (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Free Audio Converter version 5.0.33.213 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.33.213 - DVDVideoSoft Ltd.)
FreeRIP MP3 Converter 4.4.1 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 4.4.1 - GreenTree Applications SRL)
Futuremark SystemInfo (HKLM-x32\...\{032DC00A-51D1-4D28-BFB7-1D0E85291E11}) (Version: 4.25.366 - Futuremark)
Galeria de Fotografias (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iDevice Manager (HKLM-x32\...\FE5AE7DC-7B01-4263-A94C-B4526C276550_is1) (Version: 3.2.4.0 - Marx Software)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.10.1550 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.3000.0512 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 16.1.1.0084 - Intel Corporation) Hidden
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{828af006-cb5e-4d60-957a-523098a1b0f8}) (Version: 16.1.3 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.3000.0254 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{96B53CA8-5ABB-49D8-96F1-F6C0D73A76C6}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
KB9X Radio Switch Driver (HKLM\...\B16388B2E5D3CBA8F0EE88A8C5459BADAF4DE251) (Version: 1.0.7112.20593 - ENE TECHNOLOGY INC.)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{10748DB6-7848-42D8-825A-A522CFB5F887}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe 2013 Premium (HKLM-x32\...\MAGIX_{1B5AC129-F6CC-491E-84DE-1FF2996A0367}) (Version: 12.0.1.4 - MAGIX AG)
MAGIX Video deluxe 2013 Premium (Version: 12.0.1.4 - MAGIX AG) Hidden
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.3.0 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
MSI Remind Manager (HKLM-x32\...\{7359585E-A828-4EFC-8177-7D1883DDA0B5}) (Version: 2.12.1003 - MSI)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PC Inspector File Recovery (HKLM-x32\...\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}) (Version: 4.0 - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version: 5.1.2 - CEWE COLOR AG u Co. OHG)
Poczta usługi Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.28144 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.47 - Piriform)
SCM (HKLM\...\{FA8AB91A-0B41-4797-9015-9B3FBC7834CC}) (Version: 10.012.09132 -  )
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.21 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.010 - MSI)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
The Dark Eye: Chains of Satinav (HKLM-x32\...\Steam App 203830) (Version:  - Daedalic Entertainment)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
THX TruStudio Pro (HKLM-x32\...\{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}) (Version: 1.04.02 - Creative Technology Limited)
Valokuvavalikoima (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Driver Package - Intel (NETwNe64) net  (09/12/2012 15.5.4.45) (HKLM\...\A007E57753F87B14A4737DA95057F173950A6A3D) (Version: 09/12/2012 15.5.4.45 - Intel)
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3503.0728 - společnost Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3503.0728 - Корпорація Майкрософт) Hidden
Windows Live Messenger (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3503.0728 - společnost Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3503.0728 - Корпорация Майкрософт) Hidden
Windows Live Messenger (x32 Version: 16.4.3503.0728 - Корпорація Майкрософт) Hidden
Windows Live MIME IFilter (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Pošta (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live メール (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live 메일 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live 필수 패키지 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Liven peruspaketti (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Συλλογή φωτογραφιών (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 16.4.3503.0728 - Корпорация Майкрософт) Hidden
Фотоальбом (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Фотоколекція (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
フォト ギャラリー (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
معرض الصور (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
사진 갤러리 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

11-02-2014 20:36:44 Windows Update
16-02-2014 20:35:05 Windows Update
18-02-2014 22:30:02 3DMark 11
22-02-2014 19:30:57 Windows Update

==================== Hosts content: ==========================

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {07E4225A-768D-4EC9-8A7B-AD63D0334B3F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1916057237-1336084813-2840200523-1002UA => C:\Users\Fares\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-04] (Google Inc.)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1020491E-5C45-4626-AE64-451554F97907} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {1B7106D2-3439-4ADC-BEC1-CDB115CE1630} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {58585897-4626-4C2A-B690-917015579088} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1916057237-1336084813-2840200523-1002Core => C:\Users\Fares\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-04] (Google Inc.)
Task: {5F7ACA35-8634-4EDA-B513-26017B90CFDC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {69B1A265-8DCE-49E3-9933-723499E8037F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {826FDFE4-3265-41C2-98C9-EC4DADB8635C} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-starslider@gmx.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {BAD2E31E-C35D-4268-A20A-604610B78101} - System32\Tasks\DriverNavigator Scheduled Scan => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe [2013-05-10] (Easeware)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E928EB34-D68B-412B-8DCA-1F7F2175E2DA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\SYSTEM32\MRT.EXE [2014-02-16] (Microsoft Corporation)
Task: {F85E0BB0-EACB-4153-8EB4-B44008897323} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\DriverNavigator Scheduled Scan.job => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1916057237-1336084813-2840200523-1002Core.job => C:\Users\Fares\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1916057237-1336084813-2840200523-1002UA.job => C:\Users\Fares\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-01 09:31 - 2014-02-08 19:34 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-11-16 10:15 - 2014-02-08 18:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-11 18:48 - 2013-08-23 14:45 - 00386216 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-09-11 18:48 - 2013-10-31 09:08 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-09-11 18:48 - 2013-10-31 09:07 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2014-01-06 09:02 - 2014-01-06 09:02 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
2012-11-27 21:03 - 2010-05-04 20:00 - 00237056 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-08-10 21:52 - 2014-02-06 00:02 - 02535448 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2013-04-21 00:51 - 2013-04-21 00:47 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-13 18:22 - 2013-05-16 09:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-09-13 18:22 - 2013-05-16 09:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-09-13 18:22 - 2013-05-16 09:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-09-13 18:22 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-09-13 18:22 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-01-06 09:02 - 2014-01-06 09:02 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll
2014-01-24 08:42 - 2013-12-12 23:19 - 00142848 _____ () D:\Games\Skyrim\libavresample-1.dll
2014-01-24 08:42 - 2013-11-05 02:12 - 00890592 _____ () D:\Games\Skyrim\libavutil-52.dll
2014-02-19 19:32 - 2014-02-11 03:34 - 00751616 _____ () D:\Games\Skyrim\SDL2.dll
2014-02-21 18:07 - 2014-02-20 00:07 - 01135296 _____ () D:\Games\Skyrim\bin\chromehtml.DLL
2014-01-28 20:18 - 2014-01-11 00:33 - 20625832 _____ () D:\Games\Skyrim\bin\libcef.dll
2013-09-13 18:45 - 2013-06-15 00:49 - 01100800 _____ () D:\Games\Skyrim\bin\avcodec-53.dll
2013-09-13 18:45 - 2013-06-15 00:49 - 00124416 _____ () D:\Games\Skyrim\bin\avutil-51.dll
2013-09-13 18:45 - 2013-06-15 00:49 - 00192000 _____ () D:\Games\Skyrim\bin\avformat-53.dll
2013-11-01 09:31 - 2014-02-08 19:34 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-11-16 17:56 - 2013-11-29 02:26 - 00866056 _____ () C:\Program Files (x86)\CyberLink\PowerDVD13\common\UNO\UNO.dll
2013-11-16 17:56 - 2013-05-02 01:06 - 00081920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD13\Common\koan\_ctypes.pyd
2013-11-16 17:56 - 2013-05-02 01:06 - 00053248 _____ () C:\Program Files (x86)\CyberLink\PowerDVD13\Common\Koan\_socket.pyd
2013-11-16 17:56 - 2013-05-02 01:06 - 00655360 _____ () C:\Program Files (x86)\CyberLink\PowerDVD13\Common\Koan\_ssl.pyd
2013-11-16 17:56 - 2013-11-29 02:25 - 00043272 _____ () C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DHProcedure\DHProcedure.dll
2013-08-03 23:05 - 2013-05-31 12:30 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Fares\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/24/2014 09:22:16 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (02/24/2014 09:20:45 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName1".
Die Einstellung "hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName" ist nicht registriert.

Error: (02/24/2014 08:13:31 PM) (Source: Microsoft-Windows-Defrag) (User: )
Description: Das Volume "\\?\Volume{fe819165-d734-465f-b5f2-a00ce9416b5e}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (02/24/2014 08:13:31 PM) (Source: Microsoft-Windows-Defrag) (User: )
Description: Das Volume "WinRE tools" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (02/24/2014 08:02:20 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (02/24/2014 00:26:41 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (02/23/2014 11:48:03 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (02/23/2014 10:14:36 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1203

Error: (02/23/2014 10:14:36 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1203

Error: (02/23/2014 10:14:36 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (02/24/2014 09:21:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Email Schutz" wurde mit dem folgenden dienstspezifischen Fehler beendet: 
%%1

Error: (02/24/2014 09:20:45 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%14001

Error: (02/24/2014 08:58:13 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (02/24/2014 08:04:06 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/24/2014 00:50:58 AM) (Source: Service Control Manager) (User: )
Description: Dienst "CyberLink PowerDVD 13 Media Server Service" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (02/23/2014 11:50:15 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (02/23/2014 04:38:08 PM) (Source: Service Control Manager) (User: )
Description: Dienst "CyberLink PowerDVD 13 Media Server Service" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (02/23/2014 10:14:33 AM) (Source: Service Control Manager) (User: )
Description: Dienst "CyberLink PowerDVD 13 Media Server Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/23/2014 10:00:00 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/23/2014 09:44:04 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Email Schutz" wurde mit dem folgenden dienstspezifischen Fehler beendet: 
%%1


Microsoft Office Sessions:
=========================
Error: (02/24/2014 09:22:16 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (02/24/2014 09:20:45 PM) (Source: SideBySide)(User: )
Description: hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayNameC:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

Error: (02/24/2014 08:13:31 PM) (Source: Microsoft-Windows-Defrag)(User: )
Description: \\?\Volume{fe819165-d734-465f-b5f2-a00ce9416b5e}\Falscher Parameter. (0x80070057)

Error: (02/24/2014 08:13:31 PM) (Source: Microsoft-Windows-Defrag)(User: )
Description: WinRE toolsFalscher Parameter. (0x80070057)

Error: (02/24/2014 08:02:20 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (02/24/2014 00:26:41 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (02/23/2014 11:48:03 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (02/23/2014 10:14:36 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1203

Error: (02/23/2014 10:14:36 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1203

Error: (02/23/2014 10:14:36 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info =========================== 

Percentage of memory in use: 24%
Total physical RAM: 8080.59 MB
Available physical RAM: 6087.7 MB
Total Pagefile: 9360.59 MB
Available Pagefile: 7131.14 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (OS_Install) (Fixed) (Total:117.9 GB) (Free:39.83 GB) NTFS
Drive d: (Data) (Fixed) (Total:677.87 GB) (Free:545.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 84AC5DEB)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 119 GB) (Disk ID: 84AC5C0A)

Partition: GPT Partition Type.

==================== End Of Log ============================
         


Alt 25.02.2014, 18:47   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Entfernung der "AVG Security Toolbar" schlägt fehl! - Standard

Entfernung der "AVG Security Toolbar" schlägt fehl!



Revo Uninstaller - Download - Filepony
damit deinstallieren, Reste entfernen lassen



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Entfernung der "AVG Security Toolbar" schlägt fehl!

Alt 25.02.2014, 23:22   #7
StarSlider
 
Entfernung der "AVG Security Toolbar" schlägt fehl! - Standard

Entfernung der "AVG Security Toolbar" schlägt fehl!



So, hier zu später Stunde die entsprechenden Logdateien:

1. Malwarebytes
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.25.12

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16518
Fares :: STARSLIDER [Administrator]

25/02/2014 23:45:26
mbam-log-2014-02-25 (23-45-26).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | PUP | PUM
Deaktivierte Suchlaufeinstellungen: HeuristiKs/Shuriken | P2P
Durchsuchte Objekte: 226663
Laufzeit: 3 Minute(n), 34 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 3
C:\Users\Fares\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Fares\AppData\Roaming\OpenCandy\B3598C8044E647B282AEA12D011F3ABC (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Fares\AppData\Roaming\OpenCandy\C6E8A9977E2D4DF99B66A6A5FB9CC028 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 9
C:\Users\Fares\AppData\Roaming\OpenCandy\B3598C8044E647B282AEA12D011F3ABC\SSStub_SearchProtect_p1v0.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\temp\SoftonicDownloader_fuer_file-repair.exe (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Fares\AppData\Local\Temp\nsaBE14.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Fares\AppData\Local\Temp\nsdAD37.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Fares\AppData\Local\Temp\nsn8223.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Fares\AppData\Local\Temp\nsoAE61.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Fares\AppData\Local\Temp\nsvBF2E.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Fares\AppData\Local\Temp\nsa8CCD\SpSetup.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Fares\AppData\Roaming\OpenCandy\C6E8A9977E2D4DF99B66A6A5FB9CC028\Trial-14.0.1000.89_de-DE_1004733_DE-2.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
2. AdwCleaner
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.019 - Bericht erstellt am 26/02/2014 um 00:00:20
# Aktualisiert 17/02/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Fares - STARSLIDER
# Gestartet von : C:\temp\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : vToolbarUpdater17.3.0

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\AVG SafeGuard toolbar
Ordner Gelöscht : C:\ProgramData\simplitec
Ordner Gelöscht : C:\Program Files (x86)\AVG SafeGuard toolbar
Ordner Gelöscht : C:\Program Files (x86)\FreeRIP
Ordner Gelöscht : C:\Program Files (x86)\software4u
Ordner Gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gelöscht : C:\Users\Fares\AppData\Local\AVG SafeGuard toolbar
Ordner Gelöscht : C:\Users\Fares\AppData\LocalLow\AVG SafeGuard toolbar
Ordner Gelöscht : C:\Users\Fares\AppData\Roaming\simplitec
Ordner Gelöscht : C:\Users\Fares\AppData\Roaming\software4u
Ordner Gelöscht : C:\Users\Fares\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Fares\AppData\Local\Temp\Uninstall.exe

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\AVG SafeGuard toolbar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\AVG SafeGuard toolbar
Schlüssel Gelöscht : HKLM\Software\AVG Security Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{501451DE-5808-4599-B544-8BD0915B6B24}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Google Chrome v

[ Datei : C:\Users\Fares\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage
Gelöscht : icon_url

*************************

AdwCleaner[R0].txt - [8412 octets] - [25/02/2014 23:57:46]
AdwCleaner[S0].txt - [7601 octets] - [26/02/2014 00:00:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7661 octets] ##########
         
--- --- ---


3. Junkware Removal Tool
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8.1 x64
Ran by Fares on 26/02/2014 at  0:07:54.80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26/02/2014 at  0:10:02.27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
4. Neue Log zu Farbar's Recovery Scan Tool

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-02-2014
Ran by Fares (administrator) on STARSLIDER on 26-02-2014 00:15:24
Running from C:\temp
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Valve Corporation) D:\Games\Skyrim\Steam.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-03-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Radio Manager] - C:\Program Files (x86)\SCM\Radio Manager.exe [403848 2012-09-13] (MSI)
HKLM\...\Run: [SCM] - C:\Program Files (x86)\SCM\SCM.exe [399776 2012-09-13] (MSI)
HKLM\...\Run: [THXCfg64] - C:\Windows\system32\THXCfg64.dll [25600 2010-09-14] (Creative Technology Ltd.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7818040 2013-09-19] (Motorola Solutions, Inc.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2013-10-18] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [THX Audio Control Panel] - C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1517056 2011-08-30] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super-Charger] - C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [502328 2012-05-23] (MSI)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [PowerDVD13Agent] - C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe [517144 2013-11-29] (CyberLink Corp.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1916057237-1336084813-2840200523-1002\...\Run: [Steam] - D:\Games\Skyrim\Steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-1916057237-1336084813-2840200523-1002\...\Run: [iDevice Manager Launcher] - "C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IDMLauncher.exe" /run
HKU\S-1-5-21-1916057237-1336084813-2840200523-1002\...\Run: [Google Update] - C:\Users\Fares\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-04] (Google Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [148528 2014-02-08] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi13.msn.com
SearchScopes: HKLM - DefaultScope {9D374A47-E713-4C72-85B0-7083622D9CAD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM - {9D374A47-E713-4C72-85B0-7083622D9CAD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM-x32 - {9D374A47-E713-4C72-85B0-7083622D9CAD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKCU - DefaultScope {9D374A47-E713-4C72-85B0-7083622D9CAD} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {9D374A47-E713-4C72-85B0-7083622D9CAD} URL = 
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Chrome: 
=======
CHR HomePage: homepage_is_newtabpage
CHR Extension: (Google Docs) - C:\Users\Fares\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-04]
CHR Extension: (Google Drive) - C:\Users\Fares\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-04]
CHR Extension: (YouTube) - C:\Users\Fares\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-04]
CHR Extension: (Google Search) - C:\Users\Fares\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-04]
CHR Extension: (No Name) - C:\Users\Fares\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-10-04]
CHR Extension: (Google Wallet) - C:\Users\Fares\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-04]
CHR Extension: (Gmail) - C:\Users\Fares\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-04]

==================== Services (Whitelisted) =================

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [896056 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-11-29] (CyberLink)
R2 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-11-29] (CyberLink)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-28] (Futuremark)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2012-09-13] (Micro-Star International Co., Ltd.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [142904 2012-05-23] (MSI)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-02] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-02] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [17936 2011-12-12] (Windows (R) Win 7 DDK provider)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99800 2013-05-31] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (MSI)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [3293008 2011-07-26] (Windows (R) Win 7 DDK provider)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S3 SjtWinIo; C:\Windows\System32\drivers\SjtWinIo.sys [9216 2013-05-18] (SpeedJet Technology INC.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-16] (Microsoft Corporation)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-01-24] ()
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [32456 2013-11-29] (CyberLink Corp.)
S1 BfLwf; \SystemRoot\system32\DRIVERS\bwcW8x64.sys [X]
S3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 GPUZ; \??\C:\WINDOWS\TEMP\GPUZ.sys [X]
S3 Ke2200; \SystemRoot\system32\DRIVERS\e22w8x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-26 00:10 - 2014-02-26 00:10 - 00000614 _____ () C:\Users\Fares\Desktop\JRT.txt
2014-02-26 00:07 - 2014-02-26 00:07 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-26 00:04 - 2014-02-26 00:04 - 00007761 _____ () C:\Users\Fares\Desktop\AdwCleaner[S0].txt
2014-02-25 23:57 - 2014-02-26 00:00 - 00000000 ____D () C:\AdwCleaner
2014-02-25 23:42 - 2014-02-25 23:42 - 00000000 ____D () C:\Users\Fares\AppData\Roaming\Malwarebytes
2014-02-25 23:41 - 2014-02-25 23:41 - 00001135 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-25 23:41 - 2014-02-25 23:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-25 23:41 - 2014-02-25 23:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-25 23:41 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-02-24 21:30 - 2014-02-24 21:30 - 00036382 _____ () C:\Users\Fares\Desktop\Addition.txt
2014-02-24 21:29 - 2014-02-24 21:29 - 00061990 _____ () C:\Users\Fares\Desktop\FRST.txt
2014-02-24 21:28 - 2014-02-26 00:15 - 00000000 ____D () C:\FRST
2014-02-24 21:28 - 2014-02-24 21:29 - 00061990 _____ () C:\Users\Fares\Downloads\FRST.txt
2014-02-24 21:28 - 2014-02-24 21:29 - 00036382 _____ () C:\Users\Fares\Downloads\Addition.txt
2014-02-24 21:27 - 2014-02-24 21:27 - 02156032 _____ (Farbar) C:\Users\Fares\Downloads\FRST64.exe
2014-02-23 09:29 - 2014-02-23 09:29 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\stflt.sys
2014-02-19 21:23 - 2014-02-19 21:23 - 00001534 _____ () C:\ProgramData\ss.ini
2014-02-19 21:22 - 2014-02-19 21:22 - 00001024 _____ () C:\Users\Fares\Desktop\FreeRIP MP3 Converter.lnk
2014-02-19 21:22 - 2014-02-19 21:22 - 00000000 ____D () C:\Users\Fares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRIP MP3 Converter
2014-02-19 21:22 - 2014-02-19 21:22 - 00000000 ____D () C:\ProgramData\FreeRIP MP3 Converter
2014-02-19 21:16 - 2014-02-19 21:16 - 00001419 _____ () C:\Users\Fares\Desktop\Die Installation von Free Audio CD to MP3 Converter fortsetzen.lnk
2014-02-19 19:41 - 2014-02-19 19:41 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-02-19 19:41 - 2014-02-19 19:41 - 00000000 ____D () C:\Users\Fares\AppData\Roaming\TuneUp Software
2014-02-19 19:41 - 2014-02-19 19:41 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-02-19 19:38 - 2014-02-19 21:05 - 00000000 ____D () C:\Users\Fares\AppData\Roaming\DVDVideoSoft
2014-02-19 19:38 - 2014-02-19 19:38 - 00001464 _____ () C:\Users\Public\Desktop\Free Audio Converter.lnk
2014-02-19 19:38 - 2014-02-19 19:38 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-02-18 23:21 - 2014-02-18 23:21 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-02-18 23:21 - 2014-02-18 23:21 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-02-18 23:21 - 2014-02-18 23:21 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-18 23:19 - 2014-02-08 19:34 - 31432480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 25256224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 23683360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 18257576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 17715784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 15740232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 14669032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 12324640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-02-18 23:19 - 2014-02-08 19:34 - 11636176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 11589272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 09728064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 09690424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 03142432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 02956576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 02782496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 02410784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 01885472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433489.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 01515296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433489.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00892192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00875296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00863520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00844576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00483104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00408352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00378656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00353504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00333600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-02-18 23:19 - 2014-02-08 19:34 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2014-02-17 20:51 - 2014-02-17 20:51 - 00001805 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-17 20:50 - 2014-02-17 20:51 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-17 20:50 - 2014-02-17 20:51 - 00000000 ____D () C:\Program Files\iTunes
2014-02-17 20:50 - 2014-02-17 20:51 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-17 20:50 - 2014-02-17 20:50 - 00000000 ____D () C:\Program Files\iPod
2014-02-17 00:32 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2014-02-11 22:31 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-11 22:31 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-11 22:30 - 2014-01-09 09:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-11 22:30 - 2014-01-09 08:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-11 22:30 - 2014-01-09 08:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-11 22:30 - 2014-01-09 08:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-11 22:30 - 2014-01-09 08:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-11 22:30 - 2014-01-09 08:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-11 22:30 - 2014-01-09 08:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-11 22:30 - 2014-01-09 08:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-11 22:30 - 2014-01-09 08:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-11 22:30 - 2014-01-09 08:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-11 22:30 - 2014-01-07 08:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-11 22:30 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-11 22:30 - 2014-01-04 21:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-11 22:30 - 2014-01-04 20:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-11 22:30 - 2014-01-04 15:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-11 22:30 - 2014-01-04 15:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-11 22:30 - 2014-01-04 14:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-11 22:30 - 2014-01-04 14:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-11 22:30 - 2014-01-04 14:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-11 22:30 - 2014-01-04 14:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-11 22:30 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-11 22:30 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-11 22:30 - 2013-12-20 11:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-11 22:30 - 2013-12-20 07:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-11 21:29 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-11 21:29 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-11 21:29 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-11 21:29 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-11 21:29 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-11 21:29 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-11 21:29 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-11 21:29 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-11 21:29 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-11 21:29 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-11 21:29 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-11 21:29 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-11 21:29 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-11 21:29 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-11 21:29 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-11 21:29 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-11 21:29 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-11 21:29 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-11 21:29 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-11 21:29 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-11 21:29 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-11 21:29 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-11 21:29 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-11 21:29 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-11 21:29 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-11 21:29 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-11 21:29 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-11 21:29 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-11 21:29 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-11 21:29 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-11 21:29 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-11 21:29 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-11 21:29 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-11 21:29 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-11 21:29 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-11 21:29 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-11 21:29 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-11 21:29 - 2014-01-07 06:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-11 21:29 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-11 21:29 - 2013-12-09 01:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-11 21:29 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-11 21:29 - 2013-11-21 07:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-11 21:29 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-11 21:28 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-11 21:28 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-10 19:44 - 2014-02-10 19:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

==================== One Month Modified Files and Folders =======

2014-02-26 00:15 - 2014-02-24 21:28 - 00000000 ____D () C:\FRST
2014-02-26 00:13 - 2013-04-17 18:08 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1916057237-1336084813-2840200523-1002
2014-02-26 00:10 - 2014-02-26 00:10 - 00000614 _____ () C:\Users\Fares\Desktop\JRT.txt
2014-02-26 00:08 - 2013-09-30 05:14 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-26 00:08 - 2013-09-30 04:56 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-02-26 00:08 - 2013-09-30 04:56 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-02-26 00:07 - 2014-02-26 00:07 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-26 00:04 - 2014-02-26 00:04 - 00007761 _____ () C:\Users\Fares\Desktop\AdwCleaner[S0].txt
2014-02-26 00:01 - 2013-11-16 10:38 - 00000000 __RDO () C:\Users\Fares\SkyDrive
2014-02-26 00:01 - 2013-10-04 08:51 - 00002428 _____ () C:\Users\Fares\Desktop\Google Chrome.lnk
2014-02-26 00:01 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-26 00:00 - 2014-02-25 23:57 - 00000000 ____D () C:\AdwCleaner
2014-02-26 00:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-26 00:00 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-25 23:51 - 2013-09-29 20:04 - 00011256 _____ () C:\WINDOWS\PFRO.log
2014-02-25 23:42 - 2014-02-25 23:42 - 00000000 ____D () C:\Users\Fares\AppData\Roaming\Malwarebytes
2014-02-25 23:41 - 2014-02-25 23:41 - 00001135 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-25 23:41 - 2014-02-25 23:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-25 23:41 - 2014-02-25 23:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-25 23:16 - 2013-10-04 08:51 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1916057237-1336084813-2840200523-1002UA.job
2014-02-25 23:09 - 2013-11-16 10:15 - 01537031 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-25 20:39 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-25 20:36 - 2013-07-22 18:34 - 00000000 ____D () C:\Users\Fares\AppData\Local\Adobe
2014-02-25 20:32 - 2013-11-16 10:44 - 00003938 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{80E87508-0EB5-46D3-87AF-C6012DD95941}
2014-02-24 21:30 - 2014-02-24 21:30 - 00036382 _____ () C:\Users\Fares\Desktop\Addition.txt
2014-02-24 21:29 - 2014-02-24 21:29 - 00061990 _____ () C:\Users\Fares\Desktop\FRST.txt
2014-02-24 21:29 - 2014-02-24 21:28 - 00061990 _____ () C:\Users\Fares\Downloads\FRST.txt
2014-02-24 21:29 - 2014-02-24 21:28 - 00036382 _____ () C:\Users\Fares\Downloads\Addition.txt
2014-02-24 21:27 - 2014-02-24 21:27 - 02156032 _____ (Farbar) C:\Users\Fares\Downloads\FRST64.exe
2014-02-23 09:43 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\System
2014-02-23 09:29 - 2014-02-23 09:29 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\stflt.sys
2014-02-23 08:52 - 2013-12-14 21:42 - 00029261 _____ () C:\Users\Fares\Desktop\Icon Mugs Completely.xlsm
2014-02-19 23:26 - 2013-06-10 22:09 - 00000000 ____D () C:\Program Files\Recuva
2014-02-19 22:45 - 2012-11-27 20:44 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-19 21:23 - 2014-02-19 21:23 - 00001534 _____ () C:\ProgramData\ss.ini
2014-02-19 21:23 - 2013-04-17 18:00 - 00000000 ____D () C:\Users\Fares\AppData\Local\VirtualStore
2014-02-19 21:22 - 2014-02-19 21:22 - 00001024 _____ () C:\Users\Fares\Desktop\FreeRIP MP3 Converter.lnk
2014-02-19 21:22 - 2014-02-19 21:22 - 00000000 ____D () C:\Users\Fares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRIP MP3 Converter
2014-02-19 21:22 - 2014-02-19 21:22 - 00000000 ____D () C:\ProgramData\FreeRIP MP3 Converter
2014-02-19 21:16 - 2014-02-19 21:16 - 00001419 _____ () C:\Users\Fares\Desktop\Die Installation von Free Audio CD to MP3 Converter fortsetzen.lnk
2014-02-19 21:05 - 2014-02-19 19:38 - 00000000 ____D () C:\Users\Fares\AppData\Roaming\DVDVideoSoft
2014-02-19 19:41 - 2014-02-19 19:41 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-02-19 19:41 - 2014-02-19 19:41 - 00000000 ____D () C:\Users\Fares\AppData\Roaming\TuneUp Software
2014-02-19 19:41 - 2014-02-19 19:41 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-02-19 19:38 - 2014-02-19 19:38 - 00001464 _____ () C:\Users\Public\Desktop\Free Audio Converter.lnk
2014-02-19 19:38 - 2014-02-19 19:38 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-02-18 23:31 - 2013-10-12 07:47 - 00000022 _____ () C:\WINDOWS\GPU-Z.INI
2014-02-18 23:30 - 2013-10-12 20:49 - 00001254 _____ () C:\Users\Public\Desktop\3DMark 11.lnk
2014-02-18 23:30 - 2013-08-03 22:36 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-18 23:30 - 2013-04-29 13:09 - 00000000 ____D () C:\Program Files\Futuremark
2014-02-18 23:30 - 2013-04-29 08:17 - 00000000 ____D () C:\Program Files (x86)\Futuremark
2014-02-18 23:30 - 2012-11-22 14:14 - 00054231 _____ () C:\WINDOWS\DirectX.log
2014-02-18 23:21 - 2014-02-18 23:21 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-02-18 23:21 - 2014-02-18 23:21 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-02-18 23:21 - 2014-02-18 23:21 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-18 23:21 - 2013-11-16 10:15 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-18 23:21 - 2013-11-16 10:15 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-17 22:00 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-02-17 22:00 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-17 20:51 - 2014-02-17 20:51 - 00001805 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-17 20:51 - 2014-02-17 20:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-17 20:51 - 2014-02-17 20:50 - 00000000 ____D () C:\Program Files\iTunes
2014-02-17 20:51 - 2014-02-17 20:50 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-17 20:50 - 2014-02-17 20:50 - 00000000 ____D () C:\Program Files\iPod
2014-02-16 21:36 - 2013-07-24 22:40 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-16 21:35 - 2013-04-18 22:00 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-16 16:16 - 2013-10-04 08:51 - 00000878 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1916057237-1336084813-2840200523-1002Core.job
2014-02-16 16:11 - 2013-10-04 08:51 - 00003876 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1916057237-1336084813-2840200523-1002UA
2014-02-16 16:11 - 2013-10-04 08:51 - 00003496 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1916057237-1336084813-2840200523-1002Core
2014-02-15 10:50 - 2013-08-22 15:46 - 00344940 _____ () C:\WINDOWS\setupact.log
2014-02-12 19:41 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-12 19:13 - 2013-07-27 07:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-11 23:35 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-11 23:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-11 23:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-11 23:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-10 19:52 - 2014-02-10 19:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-08 19:34 - 2014-02-18 23:19 - 31432480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 25256224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 23683360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 18257576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 17715784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 15740232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 14669032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 12324640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-02-08 19:34 - 2014-02-18 23:19 - 11636176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 11589272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 09728064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 09690424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 03142432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 02956576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 02782496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 02410784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 01885472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433489.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 01515296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433489.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00892192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00875296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00863520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00844576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00483104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00408352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00378656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00353504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00333600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-02-08 19:34 - 2014-02-18 23:19 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2014-02-08 19:34 - 2013-11-01 09:31 - 03090184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-02-08 19:34 - 2013-11-01 09:31 - 02713728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-02-08 19:34 - 2013-11-01 09:31 - 00947296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2014-02-08 19:34 - 2013-11-01 09:31 - 00832424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-02-08 19:34 - 2013-11-01 09:31 - 00174296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-02-08 19:34 - 2013-11-01 09:31 - 00148528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-02-08 19:34 - 2013-11-01 09:31 - 00024544 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-02-08 18:42 - 2013-11-16 10:15 - 06712608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-02-08 18:42 - 2013-11-16 10:15 - 03498272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-02-08 18:42 - 2013-11-16 10:15 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-02-08 18:42 - 2013-11-16 10:15 - 01075488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2014-02-08 18:42 - 2013-11-16 10:15 - 00923936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-02-08 18:42 - 2013-11-16 10:15 - 00386336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-02-08 18:42 - 2013-11-16 10:15 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2014-02-08 18:42 - 2013-11-16 10:15 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-02-06 13:16 - 2014-02-11 21:29 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-11 21:29 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-11 21:29 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-11 21:29 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-11 21:29 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-11 21:29 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-11 21:29 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-11 21:29 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-06 11:49 - 2014-02-11 21:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-11 21:29 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-11 21:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-11 21:29 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-11 21:29 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-11 21:29 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-11 21:29 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-06 11:11 - 2014-02-11 21:29 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-11 21:29 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-11 21:29 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-11 21:29 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-11 21:29 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-11 21:29 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-11 21:29 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-11 21:29 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-06 10:47 - 2014-02-11 21:29 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-11 21:29 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-11 21:29 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-11 21:29 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-11 21:29 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-06 10:22 - 2014-02-11 21:29 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-11 21:29 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-11 21:29 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-11 21:29 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-11 21:29 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-11 21:29 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-11 21:29 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-11 21:29 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-11 21:29 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-05 18:52 - 2013-11-16 10:15 - 03573739 _____ () C:\WINDOWS\system32\nvcoproc.bin

Some content of TEMP:
====================
C:\Users\Fares\AppData\Local\Temp\avgnt.exe
C:\Users\Fares\AppData\Local\Temp\COMAP.EXE
C:\Users\Fares\AppData\Local\Temp\ICReinstall_COMPUTER_BILD-Download-Manager_fuer_FreeAudioCDToMP3Converter.exe
C:\Users\Fares\AppData\Local\Temp\Quarantine.exe
C:\Users\Fares\AppData\Local\Temp\tmpA147.tmp.exe
C:\Users\Fares\AppData\Local\Temp\tmpBB77.tmp.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-24 21:41

==================== End Of Log ============================
         
--- --- ---

Alt 26.02.2014, 15:35   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Entfernung der "AVG Security Toolbar" schlägt fehl! - Standard

Entfernung der "AVG Security Toolbar" schlägt fehl!




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.02.2014, 23:05   #9
StarSlider
 
Entfernung der "AVG Security Toolbar" schlägt fehl! - Icon24

Entfernung der "AVG Security Toolbar" schlägt fehl!



So, hier nun die letzten beiden Logs, wie gewünscht...
Eines kann ich schon einmal sagen: Die Toolbar ist nicht mehr vorhanden!
Besten Dank schon einmal dafür!

1. Eset Smartinstaller
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=105a155cf4c30e48be3c84089768089a
# engine=17241
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-26 10:53:54
# local_time=2014-02-26 11:53:54 (+0100, Mitteleuropäische Zeit)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode=5893 16776574 100 94 12940632 18336527 0 0
# scanned=246596
# found=0
# cleaned=0
# scan_time=1908
         
2. SecurityCheck
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.79  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
Avira Desktop      
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 51  
 Adobe Reader XI  
 Mozilla Thunderbird (24.3.0) 
 Google Chrome 32.0.1700.107  
 Google Chrome 33.0.1750.117  
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled! 
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
Und findest Du noch irgendwelche unschönen Dinge, die da nicht hingehören?
Und an welcher Stelle verschwand denn nun eigentlich die Toolbar definitiv?

Besten Dank nochmals!
Star.

Alt 27.02.2014, 17:35   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Entfernung der "AVG Security Toolbar" schlägt fehl! - Standard

Entfernung der "AVG Security Toolbar" schlägt fehl!



AdwCleaner hat sie entfernt.

Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.02.2014, 20:55   #11
StarSlider
 
Entfernung der "AVG Security Toolbar" schlägt fehl! - Standard

Entfernung der "AVG Security Toolbar" schlägt fehl!



Und warum ist AVG jetzt so bösartig?
Bzw. wie bezeichnet man eigentlich so eine "böse" Toolbar?

Und das mit dem "Defogger" und dem "ComboFix" habe ich nicht ganz verstanden, weil weder die eine noch die andere benutzt wurde!?
Ich vermute mal, dass das eine allgemeingültige Vorgehensbeschreibung darstellen soll??
Und daher gehe ich davon aus, dass ich "DelFix" dennoch benutzen soll??

Geändert von StarSlider (27.02.2014 um 21:02 Uhr)

Alt 28.02.2014, 19:26   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Entfernung der "AVG Security Toolbar" schlägt fehl! - Standard

Entfernung der "AVG Security Toolbar" schlägt fehl!



genau, gleich Delfix. Dieser Toolbar-Kram nennt sich PUP, potenziell unerwünschtes Programm.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.03.2014, 04:48   #13
StarSlider
 
Entfernung der "AVG Security Toolbar" schlägt fehl! - Standard

Entfernung der "AVG Security Toolbar" schlägt fehl!



@schrauber
Du, ich habe mir mal all die Programme angeschaut, die man unter der Systemsteuerung deinstallieren könnte.

Sagen Dir diese Einträge etwas?
OpenAL
Recuva
SCM
Windows Essentials 2012
Spybot - Search & Destroy

Ich könnte natürlich auch danach googeln, aber vielleicht kannst Du mir Deine Einschätzung geben, ob ich diese - auch im Vergleich zu Deinen Tool-Vorschlägen, die Du mir hier in diesem Thread mitgeteilt hast, um das System sicherer zu halten - entfernen sollte?

Alt 03.03.2014, 07:12   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Entfernung der "AVG Security Toolbar" schlägt fehl! - Standard

Entfernung der "AVG Security Toolbar" schlägt fehl!



Spybot kann weg, total alt. Rest ist in ordnung.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Entfernung der "AVG Security Toolbar" schlägt fehl!
aktuelle, avg security toolbar, avg toolbar, avira, deinstallation, einfach, frage, hängt, neu, pup.optional.conduit.a, pup.optional.opencandy, pup.optional.searchprotect.a, pup.optional.softonic, schlägt, systemsteuerung, version, warum, ärgerlich



Ähnliche Themen: Entfernung der "AVG Security Toolbar" schlägt fehl!


  1. Eset findet "Win32/Bundled.Toolbar.Google.D" und "Win32/OpenCandy.C"
    Plagegeister aller Art und deren Bekämpfung - 22.09.2015 (10)
  2. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  3. AVG 2014 Update schlägt fehl und meldet "allgemeiner Fehler"
    Log-Analyse und Auswertung - 13.04.2014 (5)
  4. Windows 7 "PUP Babylon Toolbar" und "a variant of Win32/Bundled.Toolbar.Ask.D" gefunden
    Log-Analyse und Auswertung - 26.09.2013 (9)
  5. "NAV-Links" und "Certified-Toolbar (Search)" rauben mir den letzten Nerv! Was tun?
    Log-Analyse und Auswertung - 23.08.2013 (8)
  6. Infektion "Internet Security Pro"/ "wmdefender.exe" unter Vista; Keine Erkennung mit MBAM
    Log-Analyse und Auswertung - 22.08.2013 (19)
  7. TrendMicro Worry Free Business Security meldet: "At1.job" und "ojswjz.ouu" (Mal_DownadJ und WORM_DOWNAD.AD)
    Plagegeister aller Art und deren Bekämpfung - 25.03.2013 (28)
  8. Ukash schlägt zu "Der Computer ist für die Verletzung der Gesetze der Bundesrepublik Deutschland wurde blockiert"
    Plagegeister aller Art und deren Bekämpfung - 13.10.2012 (2)
  9. Hilfe zur Entfernung des "Live Security Platinum" Trojaners
    Log-Analyse und Auswertung - 03.09.2012 (33)
  10. Nicht sicher, ob PC nach "System Fix" Entfernung wieder "sauber"
    Log-Analyse und Auswertung - 07.01.2012 (18)
  11. Probleme nach der "Entfernung" von AV Security Suite
    Plagegeister aller Art und deren Bekämpfung - 25.07.2010 (33)
  12. "Security Trobuleshooting" und "Online Security Guide"
    Plagegeister aller Art und deren Bekämpfung - 10.06.2008 (4)
  13. Hilfe bei Entfernung Security Toolbar 7.1
    Log-Analyse und Auswertung - 27.02.2008 (4)
  14. "Security Toolbar" und Trojan-Downloader.Win32.
    Plagegeister aller Art und deren Bekämpfung - 26.11.2007 (10)
  15. Kann HJT-Eintrag nicht fixen - "Security Toolbar 7.1"
    Log-Analyse und Auswertung - 24.10.2007 (22)
  16. Logfile nach auftreten des Problems "Security Toolbar 7.1"
    Log-Analyse und Auswertung - 05.10.2007 (4)
  17. Problem u.a. mit "Security Toolbar 7.1"
    Plagegeister aller Art und deren Bekämpfung - 03.10.2007 (2)

Zum Thema Entfernung der "AVG Security Toolbar" schlägt fehl! - Hallo zusammen, ich bin neu hier und hoffe, dass ich mit meiner Anfrage hier überhaupt richtig bin, denn ich weiß nicht wirklich weiter... Scheinbar durch irgendeine Unachtsamkeit habe ich mir - Entfernung der "AVG Security Toolbar" schlägt fehl!...
Archiv
Du betrachtest: Entfernung der "AVG Security Toolbar" schlägt fehl! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.