Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Download protect lässt sich aus Google Chrome nicht entfernen ! (https://www.trojaner-board.de/155559-download-protect-laesst-google-chrome-entfernen.html)

tamore123 21.06.2014 15:58
Download protect lässt sich aus Google Chrome nicht entfernen !
 
Hallo liebe Community ,

seit ein paar Tagen ist mir aufgefallen das sich in den Erweiterungen zu Google Chrome
Download Protect 2.2.1 drinstehen habe und ich es nicht löschen kann.:killpc:

Wenn ich den Taskmanager aufrufe und dann den prozess : dlprotect32.exe beende sehe ich das Download protect symbol in der Leiste unten zwar nicht mehr aber ich kann die Erweiterung aus Google Chrome immer noch nicht entfernen. :heulen:

ich hoffe sehr dass ihr mir helfen könnt.

Anbei die Daten zu meinem Rechner :


Windows 7 64 Bit Version Home Premium Service Pack 1

Google Chromeversion : 35.0.1916.153 m

deeprybka 21.06.2014 15:58
:hallo:

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...:abklatsch:
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab.
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean :daumenhoc bekommst.



Los geht's:

Schritt 1
http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://deeprybka.trojaner-board.de/tdss/codetags.gif

tamore123 21.06.2014 16:11
Hallo anbei meine Logfiles :
FRST .txt.



FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014 01
Ran by Jawad (administrator) on JAWAD-PC on 21-06-2014 17:01:41
Running from C:\Users\Jawad\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Dassault Systemes) C:\Program Files (x86)\Dassault Systemes\B21\intel_a\code\bin\CATSysDemon.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
() C:\Windows\System32\upnp64.exe
() C:\Windows\System32\DlProtectSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Lenovo.) C:\Windows\System32\TPHDEXLG64.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Google Inc.) C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Spotify Ltd) C:\Users\Jawad\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Jawad\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2473568 2010-11-12] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\System32\TpShocks.exe [231264 2009-09-02] (Lenovo.)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-02-09] (Lenovo)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4462496 2010-04-23] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7069600 2010-11-22] (Lenovo (Beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-02-09] (Lenovo)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Download Protect] => C:\ProgramData\dlprotect.exe [12800 2014-05-03] ()
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [183376 2014-05-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [Google Update] => C:\Users\Jawad\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-08] (Google Inc.)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [MusicManager] => C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7631872 2014-05-15] (Google Inc.)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [Spotify Web Helper] => C:\Users\Jawad\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-02-20] (Spotify Ltd)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [5C92979F8DBDEF8735FA7EB193D56A2885590DF3._service_run] => C:\program files (x86)\google\chrome\application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [GoogleChromeAutoLaunch_ABC9EFE06A534EF852305D94A2DD8580] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\MountPoints2: {532245b0-b2ef-11e1-9e02-1c75086b9a8b} - F:\Autoplay.exe -auto
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\MountPoints2: {900eee4a-c35a-11e1-8a27-642737859151} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\MountPoints2: {b929e006-be91-11e2-a63b-1c75086b9a8b} - F:\LaunchU3.exe -a
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\MountPoints2: {eaff5cb9-b3df-11e1-8994-1c75086b9a8b} - F:\Autoplay.exe -auto
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MediaServer.lnk
ShortcutTarget: MediaServer.lnk -> C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: VeriFace Enc -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll ()
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=DE&userid=1bef5340-db48-49f4-8685-0f9e7ddb9ef2&searchtype=hp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=DE&userid=1bef5340-db48-49f4-8685-0f9e7ddb9ef2&searchtype=ds&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=DE&userid=1bef5340-db48-49f4-8685-0f9e7ddb9ef2&searchtype=ds&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=DE&userid=1bef5340-db48-49f4-8685-0f9e7ddb9ef2&searchtype=ds&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=DE&userid=1bef5340-db48-49f4-8685-0f9e7ddb9ef2&searchtype=ds&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://javadl-esd.sun.com/update/1.6.0/jinstall-6u30-windows-i586.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5CDE7ACD-49EC-4E58-A6AD-7FC80B3642E9}: [NameServer]139.7.30.125,139.7.30.126

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Jawad\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Jawad\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Jawad\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Jawad\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Jawad\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Jawad\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [{29090E1C-8CC6-4845-BADE-9320483961E7}] - C:\windows\Installer\{8528CF35-D69E-429A-8B2E-688E2A2FEA66}\{29090E1C-8CC6-4845-BADE-9320483961E7}.xpi
FF Extension: Download Protect - C:\windows\Installer\{8528CF35-D69E-429A-8B2E-688E2A2FEA66}\{29090E1C-8CC6-4845-BADE-9320483961E7}.xpi [2014-06-15]
FF HKCU\...\Firefox\Extensions: [{2828fb93-77f7-413f-a235-e897454636fa}] - C:\Program Files (x86)\bettermarkit\150.xpi
FF Extension: No Name - C:\Program Files (x86)\bettermarkit\150.xpi [2014-05-03]

Chrome:
=======
CHR HomePage: hxxp://www.googlemail.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-11]
CHR Extension: (Google Drive) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-11]
CHR Extension: (YouTube) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-11]
CHR Extension: (Adblock Plus) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-04]
CHR Extension: (Google-Suche) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-11]
CHR Extension: (Google Kalender) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-05-04]
CHR Extension: (Stealthy) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2014-05-04]
CHR Extension: (DvdVideoSoft Free Youtube Download) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2014-05-04]
CHR Extension: (Google Wallet) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-11]
CHR Extension: (Download Protect) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnodbngghncaikgllkeebaneekkihhp [2014-06-15]
CHR Extension: (Google Mail) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-11]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Jawad\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-09-09]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-09-09]
CHR HKLM-x32\...\Chrome\Extension: [mpnkngdlkfogmplnfcbphiekcjgbnckb] - C:\Program Files (x86)\bettermarkit\150.crx [2014-05-03]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [123984 2014-05-14] (Avira Operations GmbH & Co. KG)
R2 BBDemon; C:\Program Files (x86)\Dassault Systemes\B21\intel_a\code\bin\CATSysDemon.exe [38400 2011-01-08] (Dassault Systemes) [File not signed]
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [903456 2010-04-20] (Broadcom Corporation.)
R2 dialer64; C:\windows\system32\upnp64.exe [120832 2014-05-03] () [File not signed]
R2 DlProtectSvc; C:\Windows\System32\DlProtectSvc.exe [124928 2014-05-03] () [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2012-06-13] (Macrovision Europe Ltd.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [545608 2012-07-09] ()
R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [549704 2012-07-09] (PacketVideo)
R2 TwonkyWebDav; C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe [271176 2012-07-09] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-11-04] (DT Soft Ltd)
R1 LUMDriver; C:\windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
U3 BcmSqlStartupSvc;
U2 CLKMSVC10_3A60B698;
U2 CLKMSVC10_C3B3B687;
U2 DriverService;
U2 iATAgentService;
U2 idealife Update Service;
U3 IGRS;
U2 IviRegMgr;
U2 nvUpdatusService;
U2 Oasis2Service;
U2 PCCarerService;
U2 ReadyComm.DirectRouter;
U2 RichVideo;
U2 RtLedService;
U2 SeaPort;
U2 SoftwareService;
U3 SQLWriter;
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-21 17:01 - 2014-06-21 17:03 - 00030089 _____ () C:\Users\Jawad\Downloads\FRST.txt
2014-06-21 17:01 - 2014-06-21 17:02 - 00000000 ____D () C:\FRST
2014-06-21 17:00 - 2014-06-21 17:00 - 02083328 _____ (Farbar) C:\Users\Jawad\Downloads\FRST64.exe
2014-06-21 15:59 - 2014-06-21 15:59 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\Avira
2014-06-21 15:57 - 2014-06-21 15:55 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2014-06-21 15:53 - 2014-05-27 17:12 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-06-21 15:53 - 2014-05-27 17:12 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-06-21 15:53 - 2014-05-27 17:12 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2014-06-21 15:47 - 2014-06-21 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-21 15:47 - 2014-06-21 15:53 - 00000000 ____D () C:\ProgramData\Avira
2014-06-21 15:47 - 2014-06-21 15:53 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-06-21 15:47 - 2014-06-21 15:47 - 00001097 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-06-21 15:46 - 2014-06-21 15:46 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jawad\Downloads\avira_de_av_4042837637__ws.exe
2014-06-21 15:46 - 2014-06-21 15:46 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-19 15:22 - 2014-06-19 15:22 - 00349756 _____ () C:\Users\Jawad\Downloads\sitemap515.20130528.xml.gz
2014-06-18 09:24 - 2014-06-18 09:24 - 00000000 ____D () C:\Users\Jawad\Downloads\Runtastic PRO v5.0.2
2014-06-18 09:23 - 2014-06-18 09:24 - 16009683 _____ () C:\Users\Jawad\Downloads\Runtastic PRO v5.0.2.rar
2014-06-12 17:49 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-12 17:49 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-12 17:49 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-06-12 17:49 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-12 17:49 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-06-12 17:49 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-12 17:49 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-06-12 17:49 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-12 17:49 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-12 17:49 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-06-12 17:49 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-06-12 17:49 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-06-12 17:49 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-06-12 17:49 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-12 17:49 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-12 17:49 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-12 17:49 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-12 17:49 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-12 17:49 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 17:49 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-12 17:49 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-12 17:49 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-06-12 17:49 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-12 17:49 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-12 17:49 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-06-12 17:49 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-12 17:49 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-12 17:49 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-12 17:49 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-12 17:49 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-06-12 17:49 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-12 17:49 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-06-12 17:49 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-06-12 17:49 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-06-12 17:49 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-12 17:49 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-12 17:49 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 17:49 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-12 17:49 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-12 17:49 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-12 17:49 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-12 17:49 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-12 17:49 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-12 17:49 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-06-12 17:49 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-12 17:49 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-12 17:49 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-12 17:49 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-12 17:49 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-12 17:49 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-12 17:49 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-06-12 17:49 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-06-12 17:49 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-12 17:49 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-12 17:49 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-06-12 17:49 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2014-06-12 17:49 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-12 17:49 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 17:49 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-06-12 17:49 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-12 17:49 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-06-12 17:49 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-06-12 17:49 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-06-12 17:49 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-12 17:49 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-06-12 17:49 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-06-09 13:59 - 2014-06-09 13:59 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\Mozilla
2014-06-02 18:49 - 2014-06-02 18:49 - 23424432 _____ (Windows 7 - Codec Pack) C:\Users\Jawad\Downloads\windows.7.codec.pack.v4.0.9.setup.exe
2014-06-01 17:36 - 2014-06-01 17:39 - 87179530 _____ () C:\Users\Jawad\Downloads\gapps-kk-20140105-signed.zip
2014-05-27 23:14 - 2014-05-27 23:18 - 00000000 ____D () C:\Users\Jawad\Desktop\27.05.2014
2014-05-27 23:06 - 2014-05-27 23:18 - 00000000 ____D () C:\Users\Jawad\Desktop\26.05.2014
2014-05-27 17:58 - 2014-05-27 18:02 - 174538954 _____ () C:\Users\Jawad\Downloads\Photos_downloaded_by_AirDroid.zip

==================== One Month Modified Files and Folders =======

2014-06-21 17:03 - 2014-06-21 17:01 - 00030089 _____ () C:\Users\Jawad\Downloads\FRST.txt
2014-06-21 17:03 - 2012-02-09 14:07 - 01696834 _____ () C:\windows\WindowsUpdate.log
2014-06-21 17:02 - 2014-06-21 17:01 - 00000000 ____D () C:\FRST
2014-06-21 17:00 - 2014-06-21 17:00 - 02083328 _____ (Farbar) C:\Users\Jawad\Downloads\FRST64.exe
2014-06-21 17:00 - 2009-07-14 06:45 - 00028928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-21 17:00 - 2009-07-14 06:45 - 00028928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-21 16:54 - 2012-06-16 21:20 - 00001120 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000UA.job
2014-06-21 16:52 - 2012-02-09 14:33 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-21 16:48 - 2012-12-09 01:50 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-06-21 16:44 - 2012-02-09 14:39 - 01045888 _____ () C:\windows\system32\TPHDLOG0.LOG
2014-06-21 16:42 - 2012-06-08 15:34 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\Skype
2014-06-21 16:14 - 2012-02-09 14:43 - 01897126 _____ () C:\FaceProv.log
2014-06-21 16:00 - 2013-06-28 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Portrait Professional Studio 10
2014-06-21 16:00 - 2013-06-28 16:05 - 00000000 ____D () C:\Program Files (x86)\Portrait Professional Studio 10
2014-06-21 15:59 - 2014-06-21 15:59 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\Avira
2014-06-21 15:55 - 2014-06-21 15:57 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2014-06-21 15:54 - 2014-06-21 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-21 15:53 - 2014-06-21 15:47 - 00000000 ____D () C:\ProgramData\Avira
2014-06-21 15:53 - 2014-06-21 15:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-06-21 15:47 - 2014-06-21 15:47 - 00001097 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-06-21 15:46 - 2014-06-21 15:46 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jawad\Downloads\avira_de_av_4042837637__ws.exe
2014-06-21 15:46 - 2014-06-21 15:46 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-21 13:16 - 2013-06-30 19:09 - 00003930 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{A31A9D57-64D4-48B9-B93F-182C18DEEE4D}
2014-06-21 11:52 - 2012-02-09 14:33 - 00001120 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-21 09:47 - 2012-02-09 14:39 - 00658944 _____ () C:\windows\system32\TPAPSLOG.LOG
2014-06-21 09:44 - 2012-02-09 14:43 - 00000000 ____D () C:\ProgramData\VeriFace
2014-06-21 02:00 - 2012-06-10 15:16 - 00000000 ____D () C:\Users\Jawad\AppData\Local\Adobe
2014-06-20 23:48 - 2014-05-03 23:58 - 00000390 _____ () C:\windows\Tasks\bettermarkit Update.job
2014-06-20 17:54 - 2012-06-16 21:20 - 00001068 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000Core.job
2014-06-20 17:50 - 2012-11-04 23:52 - 00003510 _____ () C:\windows\System32\Tasks\AutoKMS
2014-06-20 16:55 - 2012-06-08 15:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-06-20 11:47 - 2012-02-09 14:33 - 00004120 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 11:47 - 2012-02-09 14:33 - 00003868 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 11:26 - 2009-07-14 06:51 - 00185878 _____ () C:\windows\setupact.log
2014-06-19 20:08 - 2014-05-20 23:35 - 00000000 ____D () C:\ProgramData\TwonkyServer
2014-06-19 15:22 - 2014-06-19 15:22 - 00349756 _____ () C:\Users\Jawad\Downloads\sitemap515.20130528.xml.gz
2014-06-18 09:24 - 2014-06-18 09:24 - 00000000 ____D () C:\Users\Jawad\Downloads\Runtastic PRO v5.0.2
2014-06-18 09:24 - 2014-06-18 09:23 - 16009683 _____ () C:\Users\Jawad\Downloads\Runtastic PRO v5.0.2.rar
2014-06-17 17:49 - 2012-06-16 21:20 - 00004090 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000UA
2014-06-17 17:49 - 2012-06-16 21:20 - 00003694 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000Core
2014-06-15 20:35 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2014-06-15 11:42 - 2012-02-09 14:50 - 01100012 _____ () C:\windows\system32\fastboot.set
2014-06-15 11:16 - 2014-03-06 23:04 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-15 11:14 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-15 11:10 - 2010-11-21 05:47 - 00270300 _____ () C:\windows\PFRO.log
2014-06-13 00:12 - 2013-08-15 19:07 - 00000000 ____D () C:\windows\system32\MRT
2014-06-13 00:10 - 2012-06-13 01:15 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-13 00:09 - 2012-06-08 23:54 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-13 00:05 - 2012-06-23 17:40 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\Spotify
2014-06-12 17:58 - 2014-05-04 17:22 - 00002135 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-09 13:59 - 2014-06-09 13:59 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\Mozilla
2014-06-08 22:18 - 2012-06-23 17:40 - 00000000 ____D () C:\Users\Jawad\AppData\Local\Spotify
2014-06-05 18:36 - 2014-03-22 22:26 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-06-04 19:11 - 2013-06-26 19:01 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-02 18:49 - 2014-06-02 18:49 - 23424432 _____ (Windows 7 - Codec Pack) C:\Users\Jawad\Downloads\windows.7.codec.pack.v4.0.9.setup.exe
2014-06-02 16:38 - 2012-06-08 15:34 - 00000000 ____D () C:\ProgramData\Skype
2014-06-02 16:37 - 2014-03-27 20:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-01 17:39 - 2014-06-01 17:36 - 87179530 _____ () C:\Users\Jawad\Downloads\gapps-kk-20140105-signed.zip
2014-05-30 12:21 - 2014-06-12 17:49 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-12 17:49 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-12 17:49 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-12 17:49 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-12 17:49 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-12 17:49 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-12 17:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-12 17:49 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-12 17:49 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-12 17:49 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-12 17:49 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-12 17:49 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-12 17:49 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-12 17:49 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-12 17:49 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-12 17:49 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-12 17:49 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-12 17:49 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-12 17:49 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-12 17:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-12 17:49 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-12 17:49 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-12 17:49 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-12 17:49 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-12 17:49 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-12 17:49 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-12 17:49 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-12 17:49 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-12 17:49 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-12 17:49 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-12 17:49 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-12 17:49 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-12 17:49 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-12 17:49 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-12 17:49 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-12 17:49 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-12 17:49 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-12 17:49 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-12 17:49 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-12 17:49 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-12 17:49 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-12 17:49 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-12 17:49 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-12 17:49 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-12 17:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-12 17:49 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-12 17:49 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-12 17:49 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-12 17:49 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-12 17:49 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-12 17:49 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-12 17:49 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-05-29 19:06 - 2012-07-23 12:41 - 00000000 ____D () C:\Users\Jawad\AppData\Local\Microsoft Games
2014-05-27 23:18 - 2014-05-27 23:14 - 00000000 ____D () C:\Users\Jawad\Desktop\27.05.2014
2014-05-27 23:18 - 2014-05-27 23:06 - 00000000 ____D () C:\Users\Jawad\Desktop\26.05.2014
2014-05-27 18:02 - 2014-05-27 17:58 - 174538954 _____ () C:\Users\Jawad\Downloads\Photos_downloaded_by_AirDroid.zip
2014-05-27 17:12 - 2014-06-21 15:53 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-05-27 17:12 - 2014-06-21 15:53 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-05-27 17:12 - 2014-06-21 15:53 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2014-05-22 11:22 - 2013-01-11 15:38 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\vlc

Files to move or delete:
====================
C:\ProgramData\dlprotect.exe


Some content of TEMP:
====================
C:\Users\Jawad\AppData\Local\Temp\appinstal1.exe
C:\Users\Jawad\AppData\Local\Temp\avgnt.exe
C:\Users\Jawad\AppData\Local\Temp\CMInstaller.exe
C:\Users\Jawad\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Jawad\AppData\Local\Temp\muzaf1.dll
C:\Users\Jawad\AppData\Local\Temp\muzapp.dll
C:\Users\Jawad\AppData\Local\Temp\muzapp.exe
C:\Users\Jawad\AppData\Local\Temp\muzwmts.dll
C:\Users\Jawad\AppData\Local\Temp\ose00001.exe
C:\Users\Jawad\AppData\Local\Temp\set-app.exe
C:\Users\Jawad\AppData\Local\Temp\setapp.exe
C:\Users\Jawad\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jawad\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Jawad\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\Jawad\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\Jawad\AppData\Local\Temp\_is81B.exe
C:\Users\Jawad\AppData\Local\Temp\_isA054.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 09:55

==================== End Of Log ============================
--- --- ---



und hier noch meine Addition.txt

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2014 01
Ran by Jawad at 2014-06-21 17:04:42
Running from C:\Users\Jawad\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Active Protection System (HKLM-x32\...\{F493761C-E465-4B9E-9FC1-A312F161DE0A}) (Version: 1.70.08 - Lenovo)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.600 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.5.0.600 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS3 (HKLM-x32\...\Adobe_c015d5ef39552390a753ee735d16041) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Illustrator CS3 (x32 Version: 13.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 3.6 64-bit (HKLM\...\{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}) (Version: 3.6.1 - Adobe)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.)
Avira (HKLM-x32\...\{68e29fba-92b1-4f6f-a604-1d8679da3a9f}) (Version: 1.1.13.24161 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.13.24161 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
bettermarkit (HKLM-x32\...\a207c8e9-8b5d-4b7f-9763-8986c6ca8939) (Version:  - bettermarkitnet Soft) <==== ATTENTION
Bia2 Radio (HKLM-x32\...\com.adobe.radio.372F4266994BA18A839D42D56BA652959166B005.1) (Version: 1.2 - UNKNOWN)
Bia2 Radio (x32 Version: 1.2 - UNKNOWN) Hidden
Brother MFL-Pro Suite DCP-J525W (HKLM-x32\...\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}) (Version: 1.1.6.0 - Brother Industries, Ltd.)
CM Installer (HKLM-x32\...\{681544C2-FFA2-4CFD-A9AD-2A3D25DF8D22}) (Version: 1.0.0.0 - Cyanogen Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Dassault Systemes Software B21 (HKLM\...\Dassault Systemes B21_0) (Version:  - )
Dassault Systemes Software Prerequisites x86-x64 (HKLM\...\{CF1EB598-B424-436A-B15F-B763846BA970}) (Version: 8.1.3 - Dassault Systemes)
Dassault Systemes Software VC9 Prerequisites x86-x64 (HKLM\...\{F2F2DEA7-36AB-4E13-907C-D8BDE775EF97}) (Version: 9.1.2 - Dassault Systemes)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)
Dojotech Spotify Recorder (HKLM-x32\...\{D149DB2E-392E-48CC-8036-88BECC09C50A}) (Version: 3.2 - Dojotech Software)
Download Protect (HKCU\...\{132401a7-2006-4342-b43c-ccf5f02c2b01}) (Version:  - Download Protect)
Elements 10 Organizer (x32 Version: 10.0 - Ihr Firmenname) Hidden
Energy Management (HKLM-x32\...\{0CE226F3-EB27-4ECD-BBF5-F088716779FD}) (Version: 5.4.2.6 - Lenovo)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Video to Android Converter version 5.0.32.1230 (HKLM-x32\...\Free Video to Android Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.32.327 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.32.327 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.30.903 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.30.903 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Drive (HKLM-x32\...\{D9F75285-4864-461D-83DA-8D056BAC44D1}) (Version: 1.16.6866.4367 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java 7 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417017FF}) (Version: 7.0.170 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 17 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170170}) (Version: 1.7.0.170 - Oracle)
Java(TM) 6 Update 30 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216030FF}) (Version: 6.0.300 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1900 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.10.1004.1 - Lenovo EasyCamera)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.7 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1230 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1230 - CyberLink Corp.) Hidden
Lenovo Security Suite (HKLM-x32\...\InstallShield_{8B404231-6BB1-44F6-8488-6A7C307B576F}) (Version: 1.0.4.6 - Lenovo)
Lenovo Security Suite (x32 Version: 1.0.4.6 - Lenovo) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3728 - CyberLink Corp.) Hidden
MCCI(r)Firmware Update Driver for MTK (HKLM-x32\...\{13E92303-C1AC-4012-9E22-54EACBF54888}) (Version: 1.00.0000 - MCCI)
MediaManager (HKLM-x32\...\MediaManager) (Version: 3.0.3 (60) - PacketVideo)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Manager (HKCU\...\MusicManager) (Version:  - Google, Inc.)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.4 - F.J. Wechselberger)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Portrait Professional Studio 10.8 (HKLM-x32\...\PortraitProfessionalStudio10_is1) (Version: 10.8 - Anthropics Technology Ltd.)
PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6201 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.1.0 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
Twonky Windows Components (HKLM-x32\...\{7CC673E7-5271-409D-B196-BB76DA60300B}) (Version: 3.0.3 - PacketVideo)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VBA (3821b) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.1.0126 - Lenovo)
Visual Basic for Applications (R) Core - English (x32 Version: 6.5.10.32 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core (x32 Version: 6.5.10.53 - Microsoft Corporation) Hidden
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Windows 7 Codec Pack 4.0.9 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.9 - Windows 7 Codec Pack)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (01/20/2010 6.4.0.1) (HKLM\...\E1DBB3EF910E1B47C70220D60E673F3798130C6D) (Version: 01/20/2010 6.4.0.1 - Lenovo)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wolfram Mathematica 8 (M-WIN-T 8.0.4 2615567) (HKLM\...\M-WIN-T 8.0.4 2615567_is1) (Version: 8.0.4 - Wolfram Research, Inc.)
WYSIWYG Web Builder 8  (HKLM-x32\...\WYSIWYG_Web_Builder_8) (Version:  - )

==================== Restore Points  =========================

03-06-2014 11:32:09 Windows Update
06-06-2014 21:05:57 Windows Update
10-06-2014 15:05:50 Windows Update
12-06-2014 22:06:21 Windows Update
17-06-2014 15:59:49 Windows Update
20-06-2014 23:27:15 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2012-10-05 12:48 - 00001056 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1        activate.adobe.com
127.0.0.1        adobe-dns-1.adobe.com
127.0.0.1        adobe-dns-2.adobe.com
127.0.0.1        adobe-dns-2.adobe.com
127.0.0.1        adobe-dns-3.adobe.com
127.0.0.1        adobe-dns-3.adobe.com
127.0.0.1        adobe-dns-4.adobe.com


==================== Scheduled Tasks (whitelisted) =============

Task: {2F51C98A-FC48-4FF8-ADBE-5D42F0AC0585} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000UA => C:\Users\Jawad\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-08] (Google Inc.)
Task: {50991E6F-7564-4979-AAE6-DFA656F07197} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-09] (Google Inc.)
Task: {6AE1266B-96F9-41FD-9D1B-6046120430FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-09] (Google Inc.)
Task: {82A6E515-007D-4194-98AB-21A80FEB393C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {89A76BC7-DA62-4E89-9437-A35E8D738085} - System32\Tasks\bettermarkit Update => C:\Program Files (x86)\bettermarkit\markitup.exe [2014-05-03] () <==== ATTENTION
Task: {90EC5CDA-DE57-4F17-A3F2-3F345B80766A} - System32\Tasks\AdobeAAMUpdater-1.0-Jawad-PC-Jawad => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {D5412A55-5EE5-43C8-9046-1401A4D51F35} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000Core => C:\Users\Jawad\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-08] (Google Inc.)
Task: {EB68D752-AA8B-4D98-85C6-7594772D44DE} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29] (CyberLink)
Task: {ED5996A9-6AF9-4B30-9396-45AC5877D054} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2012-11-04] ()
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\bettermarkit Update.job => C:\Program Files (x86)\bettermarkit\markitup.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000Core.job => C:\Users\Jawad\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000UA.job => C:\Users\Jawad\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-05-03 23:58 - 2014-05-03 23:58 - 00120832 _____ () C:\windows\system32\upnp64.exe
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-05-03 23:58 - 2014-05-03 23:58 - 00124928 _____ () C:\Windows\System32\DlProtectSvc.exe
2012-07-09 20:51 - 2012-07-09 20:51 - 00545608 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
2012-07-09 20:50 - 2012-07-09 20:50 - 00271176 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe
2012-07-09 20:51 - 2012-07-09 20:51 - 01672008 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\TwonkyServer.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-04-20 15:29 - 2010-04-20 15:29 - 00173344 _____ () C:\Program Files\Lenovo\Bluetooth Software\btkeyind.dll
2012-02-09 14:52 - 2009-07-15 17:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2012-02-09 14:52 - 2009-07-15 17:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2013-06-08 14:11 - 2013-06-08 14:11 - 00048200 _____ () C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
2013-11-18 00:06 - 2005-04-22 06:36 - 00143360 _____ () C:\windows\system32\BrSNMP64.dll
2012-07-09 20:51 - 2012-07-09 20:51 - 00176968 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\wmdrmdll.dll
2014-02-13 04:45 - 2014-02-13 04:45 - 00170496 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\14c2655e9e6031c4deed9c4b77689b9e\IsdiInterop.ni.dll
2012-02-09 14:18 - 2010-03-03 22:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 10683392 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 07741952 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 02248192 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 01681408 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
2014-05-15 23:20 - 2014-05-15 23:20 - 00117248 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2014-05-15 23:20 - 2014-05-15 23:20 - 00231936 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2014-05-15 23:21 - 2014-05-15 23:21 - 00253440 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2014-05-15 23:24 - 2014-05-15 23:24 - 00344064 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 00026624 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2012-02-09 14:43 - 2012-02-09 14:43 - 00013664 _____ () C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
2014-05-17 15:37 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-05-17 15:38 - 2012-08-28 11:51 - 00978944 ____N () C:\Program Files (x86)\ControlCenter4\BrImgProc.dll
2014-05-07 23:54 - 2014-06-15 11:16 - 00012288 _____ () C:\Program Files (x86)\Google\Chrome\Application\WTSAPI32.dll
2014-06-12 17:57 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-12 17:57 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-12 17:58 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-12 17:58 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-12 17:57 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-05-14 14:27 - 2014-05-14 14:27 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-05-14 14:27 - 2014-05-14 14:27 - 00065616 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-06-21 15:54 - 2014-05-14 14:27 - 00049744 _____ () C:\Users\Jawad\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/18/2014 10:48:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/06/18 22:48:56.522]: [00002528]: Initialize TwdsMain Class failed!

Error: (06/18/2014 10:48:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/06/18 22:48:56.446]: [00002528]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (06/18/2014 03:40:00 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/06/18 15:40:00.457]: [00002528]: Initialize TwdsMain Class failed!

Error: (06/18/2014 03:40:00 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/06/18 15:40:00.457]: [00002528]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (06/18/2014 03:36:36 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/06/18 15:36:36.420]: [00002528]: Initialize TwdsMain Class failed!

Error: (06/18/2014 03:36:36 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/06/18 15:36:36.419]: [00002528]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (06/18/2014 03:28:51 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/06/18 15:28:51.641]: [00002528]: Initialize TwdsMain Class failed!

Error: (06/18/2014 03:28:51 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/06/18 15:28:51.641]: [00002528]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (06/16/2014 07:24:22 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/06/16 19:24:22.135]: [00002528]: Initialize TwdsMain Class failed!

Error: (06/16/2014 07:24:22 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/06/16 19:24:22.134]: [00002528]: ##### Fatal ERROR!! Create STI-device failed! #####


System errors:
=============
Error: (06/20/2014 08:33:30 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Die beiderseitige Authentifizierung zwischen dem lokalen Bluetooth-Adapter und einem Gerät mit Bluetooth-Adapteradresse (20:13:e0:a7:66:9c) ist fehlgeschlagen.

Error: (06/19/2014 05:00:16 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst TeamViewer9 erreicht.

Error: (06/15/2014 11:15:34 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/15/2014 11:15:29 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (06/15/2014 11:13:40 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎15.‎06.‎2014 um 11:12:57 unerwartet heruntergefahren.

Error: (06/15/2014 11:11:30 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007045b

Error: (06/13/2014 00:05:10 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (06/10/2014 04:53:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (06/10/2014 01:58:34 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{3A664781-6492-455F-9C1C-4DFD8F3F7AEE} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (06/10/2014 01:58:03 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst IPBusEnum erreicht.


Microsoft Office Sessions:
=========================
Error: (06/18/2014 10:48:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/06/18 22:48:56.522]: [00002528]: Initialize TwdsMain Class failed!

Error: (06/18/2014 10:48:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/06/18 22:48:56.446]: [00002528]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (06/18/2014 03:40:00 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/06/18 15:40:00.457]: [00002528]: Initialize TwdsMain Class failed!

Error: (06/18/2014 03:40:00 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/06/18 15:40:00.457]: [00002528]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (06/18/2014 03:36:36 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/06/18 15:36:36.420]: [00002528]: Initialize TwdsMain Class failed!

Error: (06/18/2014 03:36:36 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/06/18 15:36:36.419]: [00002528]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (06/18/2014 03:28:51 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/06/18 15:28:51.641]: [00002528]: Initialize TwdsMain Class failed!

Error: (06/18/2014 03:28:51 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/06/18 15:28:51.641]: [00002528]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (06/16/2014 07:24:22 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/06/16 19:24:22.135]: [00002528]: Initialize TwdsMain Class failed!

Error: (06/16/2014 07:24:22 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/06/16 19:24:22.134]: [00002528]: ##### Fatal ERROR!! Create STI-device failed! #####


==================== Memory info ===========================

Percentage of memory in use: 75%
Total physical RAM: 3893.86 MB
Available physical RAM: 971.26 MB
Total Pagefile: 7785.9 MB
Available Pagefile: 3589.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:254.14 GB) (Free:93.36 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: F9C454B0)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=254 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=15 GB) - (Type=12)

==================== End Of Log ============================
Danke euch schonmal für die Antwort .... :-)

deeprybka 21.06.2014 16:19
Hi,

für was ist das denn?

Code:
127.0.0.1        activate.adobe.com
127.0.0.1        adobe-dns-1.adobe.com
127.0.0.1        adobe-dns-2.adobe.com
127.0.0.1        adobe-dns-2.adobe.com
127.0.0.1        adobe-dns-3.adobe.com
127.0.0.1        adobe-dns-3.adobe.com
127.0.0.1        adobe-dns-4.adobe.com

tamore123 21.06.2014 16:22
hallo

um ehrlich zu sein , habe ich keine Ahnung wofür das ist.
Kann man das entfernen oder schadet es dem system , bzw. brauche ich das ?

deeprybka 21.06.2014 16:25
An Deinem PC müssen wir einiges machen, daher frage ich vorher nach ob Du die Adobe Software legal erworben, sprich gekauft hast. Sonst können wir hier nicht weiterhelfen.

http://www.trojaner-board.de/95394-c...-software.html

tamore123 21.06.2014 16:33
Mit Illustrater und Co. (jetzt weiss ich was mit adobe gemeint ist ) arbeite ich beruflich Dafür und für die anderen Produkte habe ich eine Hochschul- , bzw. Betriebslizenz von meinem Arbeitgeber.

Lg

deeprybka 21.06.2014 16:39
Hi, so geht's weiter... ;)

Schritt 1

Bitte deinstalliere folgende Programme:

bettermarkit
Java 7 Update 17
Java 7 Update 55
Java(TM) 6 Update 30
Download Protect


Versuche es bei Windows 7 http://deeprybka.trojaner-board.de/b...ne/revo/w7.png zunächst über Systemsteuerung/Programme deinstallieren.

Sollte das nicht gehen, lade Dir bitte Revo Uninstallerhttp://deeprybka.trojaner-board.de/b...ninstaller.pnghier herunter. Entpacke die zip-Datei auf den Desktop.
Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:

Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3

http://filepony.de/icon/malwarebytes_anti_malware.png Malwarebytes Antimalware
  • Download-Link
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
  • Unter Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Klicke im Anschluss auf "Suchlauf", wähle den Bedrohungssuchlauf aus, aktualisiere die Datenbanken und klicke auf "Suchlauf jetzt starten".
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. (geht so...)
  • Poste mir den Inhalt der Logdatei (geht so...). Klicke dazu auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Klicke auf "In Zwischenablage kopieren" poste mir den Inhalt in Code-Tags als Antwort in den Thread.

Schritt 4
Downloade Dir HitmanProhttp://deeprybka.trojaner-board.de/b.../hitmanpro.pngauf Deinen Desktop:

HitmanPro - 32 Bit
HitmanPro - 64 Bit
  • Starte die HitmanPro.exe
  • Klicke auf Weiter und akzeptiere die Lizenzbedingungen. Klicke auf Weiter.
  • Wähle "Nein, ich möchte nur einen Einmalscan zur Überprüfung dieses Computers ausführen" aus und klicke auf Weiter.
  • Lass am Ende des Suchlaufs alle auftretende Funde in die Quarantäne verschieben und klicke auf Weiter.
  • Wähle unten links auf der Button-Leiste Logdatei speichern und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro.
  • Poste bitte den Inhalt der HitmanPro_<Datum_Uhrzeit>.txt mit Deiner nächsten Antwort.

tamore123 21.06.2014 19:01
So Jürgen ,

anbei die erste Datei vom AdW cleaner

Code:
# AdwCleaner v3.212 - Bericht erstellt am 21/06/2014 um 18:38:34
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Jawad - JAWAD-PC
# Gestartet von : C:\Users\Jawad\Downloads\adwcleaner_3.212.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Program Files (x86)\bettermarkit
Ordner Gelöscht : C:\Program Files (x86)\MediaViewV1
Ordner Gelöscht : C:\Program Files (x86)\MediaWatchV1
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Users\Jawad\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Datei Gelöscht : C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage
Datei Gelöscht : C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal
Datei Gelöscht : C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage
Datei Gelöscht : C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage-journal
Datei Gelöscht : C:\windows\Tasks\bettermarkit Update.job
Datei Gelöscht : C:\windows\System32\Tasks\bettermarkit Update

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\SweetIM
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKLM\Software\SweetIM
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Google Chrome v35.0.1916.153

[ Datei : C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&appid=177&systemid=2&sr=0&q={searchTerms}
Gelöscht [Search Provider] : hxxp://www.qipu.de/stoebern/{searchTerms}/shop/relevance/
Gelöscht [Search Provider] : hxxp://www.sm.de/?q={searchTerms}
Gelöscht [Extension] : nikpibnbobmbdbheedjfogjlikpgpnhp

*************************

AdwCleaner[R0].txt - [6909 octets] - [21/06/2014 18:37:30]
AdwCleaner[S0].txt - [5775 octets] - [21/06/2014 18:38:34]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5835 octets] ##########
Hier folgt die Malwarebyte Antimalware log datei :

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 21.06.2014
Suchlauf-Zeit: 18:51:50
Logdatei:
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.21.08
Rootkit Datenbank: v2014.06.20.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Jawad

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 291249
Verstrichene Zeit: 27 Min, 26 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 1
PUP.Optional.HDPlus.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PlusSHD-9.9, Löschen bei Neustart, [299680fa6f0c3006012f5959cf332ed2],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 13
PUP.BundleInstaller.DW, C:\$RECYCLE.BIN\S-1-5-21-423967124-2091797172-957535332-1000\$RU8Z6D9.exe, In Quarantäne, [b10e94e6a4d71c1ae8d929df0ef341bf],
PUP.Optional.MediaBuzz.A, C:\Users\Jawad\AppData\Local\Temp\appinstal1.exe, In Quarantäne, [f0cf0f6bfd7e0036c681614cf80c0df3],
PUP.Optional.MediaWatch.A, C:\Users\Jawad\AppData\Local\Temp\set-app.exe, In Quarantäne, [bd025b1ff18ad95d9f9f901cad5713ed],
PUP.Optional.MediaView.A, C:\Users\Jawad\AppData\Local\Temp\setapp.exe, In Quarantäne, [5f602d4d6b10b97dd448076ccf32b34d],
PUP.Optional.Breitschopp, C:\Users\Jawad\Downloads\setuptango-downloader.exe, In Quarantäne, [02bd0575de9d66d029b3c8a1877dd62a],
PUP.Optional.Softonic.A, C:\Users\Jawad\Downloads\SoftonicDownloader_fuer_free-avi-video-converter.exe, In Quarantäne, [249b522855267cba78c0cc583ec3649c],
PUP.BundleInstaller.DW, C:\Users\Jawad\Downloads\TheSixthSense1999DVDripXviDDTSCD1-WAFavi.exe, In Quarantäne, [cef17307d6a5a393289955b381807c84],
PUP.Optional.OpenCandy.A, C:\Users\Jawad\Downloads\windows.7.codec.pack.v4.0.8.setup.exe, In Quarantäne, [d1ee2159b3c8e254df9ec280ba46e31d],
PUP.Optional.Amonetize.A, C:\Users\Jawad\Downloads\Unlimited Downloads__3339_i390819676_il50.exe, In Quarantäne, [c0ffa7d38cef82b42f2f9e9bb94729d7],
PUP.Optional.Ciuvo.A, C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_api.ciuvo.com_0.localstorage, In Quarantäne, [e4db7efcf388c0761a2eefbae81af20e],
PUP.Optional.Ciuvo.A, C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_api.ciuvo.com_0.localstorage-journal, In Quarantäne, [a31cb5c5314ae155e7617534a65cfc04],
PUP.Optional.LiveLyrics.A, C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.livelyrics00.live-lyrics.com_0.localstorage, In Quarantäne, [10afc6b4453679bd25b75f510ef41be5],
PUP.Optional.LiveLyrics.A, C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.livelyrics00.live-lyrics.com_0.localstorage-journal, In Quarantäne, [8f307307b2c95adc8656852bc33f1ee2],

Physische Sektoren: 0
(No malicious items detected)


(end)


Und zum Schluss noch die Hitman pro logfile :

Code:
HitmanPro 3.7.9.216
www.hitmanpro.com

  Computer name . . . . : JAWAD-PC
  Windows . . . . . . . : 6.1.1.7601.X64/4
  User name . . . . . . : Jawad-PC\Jawad
  UAC . . . . . . . . . : Enabled
  License . . . . . . . : Trial (30 days left)

  Scan date . . . . . . : 2014-06-21 19:35:07
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 9m 39s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : No

  Threats . . . . . . . : 2
  Traces  . . . . . . . : 63

  Objects scanned . . . : 2.022.515
  Files scanned . . . . : 74.191
  Remnants scanned  . . : 686.505 files / 1.261.819 keys

Malware _____________________________________________________________________

  C:\Users\Jawad\Desktop\Alles andere !!!\keygen.exe -> Quarantined
      Size . . . . . . . : 400.920 bytes
      Age  . . . . . . . : 740.0 days (2012-06-11 19:50:05)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : 876EA98BA8DE8E0AF48B18ACAA02A22CA89D5903E51FD78D39F19565B05D306E
    > G Data . . . . . . : Trojan.Generic.KDV.362519 (Engine-A)
      Fuzzy  . . . . . . : 116.0

  C:\Users\Jawad\Downloads\Alles andere\WYSIWYG-Web-Builder-8.5.1-Keygen_www.PlusCrack.com\keygen\Keygen.exe -> Quarantined
      Size . . . . . . . : 71.168 bytes
      Age  . . . . . . . : 587.0 days (2012-11-11 18:54:52)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : 29D6C5E099116AF9E0FE0C9CB11E1F1E70F8D63A32E5DC2F9CB0184D7E9D2FBD
    > G Data . . . . . . : Gen:Variant.Vilsel.2 (Engine A)
      Fuzzy  . . . . . . : 118.0


Potential Unwanted Programs _________________________________________________

  HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}\ (FLV Player) -> Deleted
  HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}\ (FLV Player) -> Deleted
  HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}\ (FLV Player) -> Deleted
  HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}\ (FLV Player) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467\ (FLV Player) -> Deleted
  HKU\S-1-5-21-423967124-2091797172-957535332-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\SnapDo.exe (FLV Player) -> Deleted
  HKU\S-1-5-21-423967124-2091797172-957535332-1000_Classes\Wow6432Node\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}\ (Yontoo) -> Deleted

Cookies _____________________________________________________________________

  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:112.2o7.net
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:2o7.net
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.zanox.com
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.displayincloud.com
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.qipu.de
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:autoscout24.112.2o7.net
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:blau.122.2o7.net
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:conrad.122.2o7.net
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:de.sitestat.com
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:deutschepostag.112.2o7.net
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:exoclick.com
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:hertz.122.2o7.net
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:in.getclicky.com
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:int.sitestat.com
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:ltur.112.2o7.net
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:microsoftsto.112.2o7.net
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:paypal.112.2o7.net
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:philips.112.2o7.net
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:pornhub.com
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:pornmd.com
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:solutions.tradedoubler.com
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:stat.dealtime.com
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:stats.complex.com
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:stats.paypal.com
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:stats.signal-iduna.de
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:survey.g.doubleclick.net
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:tradedoubler.com
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.etracker.de
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.pornhub.com
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.pornmd.com
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:xiti.com
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:yadro.ru
  C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Cookies:youporn.com
  C:\Users\Jawad\AppData\Roaming\Microsoft\Windows\Cookies\8H89WKK6.txt
  C:\Users\Jawad\AppData\Roaming\Microsoft\Windows\Cookies\A237BXHF.txt
  C:\Users\Jawad\AppData\Roaming\Microsoft\Windows\Cookies\BGR7VE0H.txt
  C:\Users\Jawad\AppData\Roaming\Microsoft\Windows\Cookies\CKMWQ6X3.txt
  C:\Users\Jawad\AppData\Roaming\Microsoft\Windows\Cookies\CTK8ZAY4.txt
  C:\Users\Jawad\AppData\Roaming\Microsoft\Windows\Cookies\D3UO7SVQ.txt
  C:\Users\Jawad\AppData\Roaming\Microsoft\Windows\Cookies\H2DASDUB.txt
  C:\Users\Jawad\AppData\Roaming\Microsoft\Windows\Cookies\LBZ8L87O.txt
  C:\Users\Jawad\AppData\Roaming\Microsoft\Windows\Cookies\T9ADRB5V.txt
  C:\Users\Jawad\AppData\Roaming\Microsoft\Windows\Cookies\UY1CTL6J.txt
  C:\Users\Jawad\AppData\Roaming\Microsoft\Windows\Cookies\W6O2R34V.txt
  C:\Users\Jawad\AppData\Roaming\Microsoft\Windows\Cookies\X8NVP41S.txt
  C:\Users\Jawad\AppData\Roaming\Microsoft\Windows\Cookies\Y4MURQ6X.txt
  C:\Users\Jawad\AppData\Roaming\Microsoft\Windows\Cookies\Y8QS85LV.txt
so das sind jetzt alle schritte soweit.


LG

deeprybka 21.06.2014 19:07
Dann weiter...

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt 2

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

http://www.trojaner-board.de/extra/lesestoff.pngGibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

tamore123 21.06.2014 22:54
Hallo Jürgen , der Scan ist jetzt endlich zuende gelaufen und das ist die protokolldatei dazu :

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=8e46921b1051104d948a637cee899ed7
# engine=18819
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-06-21 09:31:28
# local_time=2014-06-21 11:31:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 17444 2182723 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 27386 155016138 0 0
# scanned=387117
# found=30
# cleaned=0
# scan_time=11583
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=410B32FD3FE4642644AD91AC60C69B86EC2762DD ft=1 fh=0e378a435beab91a vn="Variante von Win32/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=16068B8977B4DC562AE782D91BC009472667E331 ft=1 fh=c3b5a87b7d152749 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jawad\AppData\Local\Temp\OCS\ocs_v71a.exe.vir"
sh=B9A96D9AE94C4B42CA5499933F6DF218B3903768 ft=1 fh=966b3592656dc188 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\offercast_avirav7_.exe"
sh=81C2C3354F11ECE49D7667538CEFE9F2B2395319 ft=1 fh=cca4b3788ffc60aa vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnIC.dll"
sh=99DD33D629341F95D9853B1E63FCE454EC654560 ft=1 fh=08803d4e54260720 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnToolbarInstaller.exe"
sh=D5C0EBA99844D9D26694E4239140549C8B4FCF04 ft=1 fh=e6733903589b0a67 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\ProgramData\Avira\My Avira\Temp\antivirus.exe"
sh=D5C0EBA99844D9D26694E4239140549C8B4FCF04 ft=1 fh=e6733903589b0a67 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Users\All Users\Avira\My Avira\Temp\antivirus.exe"
sh=972017344AE501C2CBDED4A0EE28D349503F8D04 ft=1 fh=db2ce9540ac6be2f vn="Win32/AdWare.1ClickDownload.AR Anwendung" ac=I fn="C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000"
sh=7E6A2F306533F388DA8AC048E6000BC950F89258 ft=1 fh=6e54de3527023d13 vn="Win32/Adware.1ClickDownload.Y Anwendung" ac=I fn="C:\Users\Jawad\Desktop\Alles andere !!!\Sicherung Handy\11-12-2013_22-55\0\Download\codec_pack_13665_ch.exe"
sh=21012288115E449DAC0E1209419BA712A6FAB431 ft=1 fh=c71c00119c0eb899 vn="Variante von Win32/InstallCore.IO evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jawad\Desktop\Neuer Ordner (2)\Downloads\FileZilla_3.7.3_win32-setup.exe"
sh=D50C6E8F7CF2A2D344E64294EA4288FEEE16C2E4 ft=1 fh=bb6e0eb68d7d3dcf vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Jawad\Downloads\FreeYouTubeDownload.exe"
sh=4D2C19D476A1D81CBDF255D9B304080E20B29EBD ft=1 fh=4ca5ffb32abf4c55 vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jawad\Downloads\windows.7.codec.pack.v4.0.9.setup.exe"
sh=4743C9C447DE0F25D3AC8B6009D7265F5721DF05 ft=1 fh=ed5c003ddd01741e vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Jawad\Downloads\Alles andere\DTLite4454-0314.exe"
sh=1BF3475345E6003C06C9330575F45E2CE4CA9860 ft=1 fh=0b6cdf15c941b6d9 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Jawad\Downloads\Alles andere\DTLite4454-0315.exe"
sh=9B23B496EDA4F1954E0FB55029D43CA8E8D41262 ft=1 fh=64b798144e295fed vn="Variante von Win32/Somoto.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jawad\Downloads\Alles andere\etypesetup.exe"
sh=005C0CE0A5F0289E301983D72762CD2A0B48EC81 ft=1 fh=1021508dd5014d82 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jawad\Downloads\Alles andere\FreeYouTubeDownload (1).exe"
sh=AACEB38727983D4DECD027AB03C85A036DF0A43D ft=1 fh=2b4998118a2cda77 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jawad\Downloads\Alles andere\FreeYouTubeDownload.exe"
sh=2898AC44F5B280E0A16E3ECEAED861EA6C1B122F ft=1 fh=90c5cb6befc06df7 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jawad\Downloads\Alles andere\FreeYouTubeToMP3Converter (1).exe"
sh=474BBF68C7AAC25A6ADBFD471993F52584CAEA89 ft=1 fh=7302f6233443ba92 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jawad\Downloads\Alles andere\FreeYouTubeToMP3Converter.exe"
sh=C4EC6C1860F3DAD5C70254E2B5EADCC393495C9F ft=1 fh=7bbbbe3afa059adb vn="Win32/Adware.1ClickDownload.W Anwendung" ac=I fn="C:\Users\Jawad\Downloads\Alles andere\hdplugin_chrome.exe"
sh=5543317AB6CC3C84B018F7262CD7F6048CA22C4B ft=1 fh=1b57474b1411cddc vn="Win32/InstallMonetizer.AH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jawad\Downloads\Alles andere\MyPhoneExplorer_Setup_1.8.4 (1).exe"
sh=5543317AB6CC3C84B018F7262CD7F6048CA22C4B ft=1 fh=1b57474b1411cddc vn="Win32/InstallMonetizer.AH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jawad\Downloads\Alles andere\MyPhoneExplorer_Setup_1.8.4.exe"
sh=0A6B1E92572093F7E468ED8144C91DBE734C3D3D ft=1 fh=94b3b1ed5d4693f0 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Users\Jawad\Downloads\Alles andere\PamelaCRSetup (1).exe"
sh=FEE56A1B6250EB20612E6C07195677396C4A6E99 ft=1 fh=ca2ae2b03a020f05 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Users\Jawad\Downloads\Alles andere\PamelaCRSetup.exe"
sh=F712C91E3FD9F9E828B3F82EA6F31FDAEB817631 ft=1 fh=da5c83cf563652e3 vn="Variante von Win32/Keygen.DO potenziell unsichere Anwendung" ac=I fn="C:\Users\Jawad\Downloads\Alles andere\Adobe.Photoshop.Lightroom.v4.0.Multilingual.xxxl.Keymaker-CORE\keygen.exe"
sh=7CA5F99D8960EEF2A6E0B8FA694A7FFEE61F3747 ft=1 fh=8fd8a1dab65a1ade vn="Variante von Win32/Packed.VMProtect.ABA Trojaner" ac=I fn="C:\Users\Jawad\Downloads\Anthropics.Portrait.Professional.Studio.v10.8.2\Crack\PortraitProfessionalStudio.exe"
sh=404CDDFF97EEBC3C533010991FAD5B3FBAFE61AD ft=0 fh=0000000000000000 vn="Variante von Win32/Keygen.BH potenziell unsichere Anwendung" ac=I fn="C:\Users\Jawad\Downloads\Winrar Ordner\Adobe.Dreamweaver.CS5.v11.0.4909.Multilingual.Incl.Keymaker-CORE.zip"
sh=E347F10799FA33F0C1A114CFBCA9BDA0E0B37422 ft=0 fh=0000000000000000 vn="Variante von Win32/Keygen.DO potenziell unsichere Anwendung" ac=I fn="C:\Users\Jawad\Downloads\Winrar Ordner\Adobe.Photoshop.Lightroom.v4.0.Multilingual.xxxl.Keymaker-CORE.rar"
sh=D322957DD5AE5EB62C52296514B8F1F9740D44A7 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.VMProtect.ABA Trojaner" ac=I fn="C:\Users\Jawad\Downloads\Winrar Ordner\Anthropics.Portrait.Professional.Studio.v10.8.2.rar"

hier ist die FRST Logfile :


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014 01
Ran by Jawad (administrator) on JAWAD-PC on 21-06-2014 23:48:10
Running from C:\Users\Jawad\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Dassault Systemes) C:\Program Files (x86)\Dassault Systemes\B21\intel_a\code\bin\CATSysDemon.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Lenovo.) C:\Windows\System32\TPHDEXLG64.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Google Inc.) C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Spotify Ltd) C:\Users\Jawad\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Jawad\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2473568 2010-11-12] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\System32\TpShocks.exe [231264 2009-09-02] (Lenovo.)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-02-09] (Lenovo)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4462496 2010-04-23] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7069600 2010-11-22] (Lenovo (Beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-02-09] (Lenovo)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Download Protect] => C:\ProgramData\dlprotect.exe
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [183376 2014-05-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [Google Update] => C:\Users\Jawad\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-08] (Google Inc.)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [MusicManager] => C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7631872 2014-05-15] (Google Inc.)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [Spotify Web Helper] => C:\Users\Jawad\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-02-20] (Spotify Ltd)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [5C92979F8DBDEF8735FA7EB193D56A2885590DF3._service_run] => C:\program files (x86)\google\chrome\application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [GoogleChromeAutoLaunch_ABC9EFE06A534EF852305D94A2DD8580] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\MountPoints2: {532245b0-b2ef-11e1-9e02-1c75086b9a8b} - F:\Autoplay.exe -auto
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\MountPoints2: {900eee4a-c35a-11e1-8a27-642737859151} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\MountPoints2: {b929e006-be91-11e2-a63b-1c75086b9a8b} - F:\LaunchU3.exe -a
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\MountPoints2: {eaff5cb9-b3df-11e1-8994-1c75086b9a8b} - F:\Autoplay.exe -auto
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MediaServer.lnk
ShortcutTarget: MediaServer.lnk -> C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: VeriFace Enc -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll ()
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5CDE7ACD-49EC-4E58-A6AD-7FC80B3642E9}: [NameServer]139.7.30.125,139.7.30.126

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin - C:\Program Files (x86)\Java\jre6\bin\npDeployJava1.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Jawad\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Jawad\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Jawad\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Jawad\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Jawad\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Jawad\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [{29090E1C-8CC6-4845-BADE-9320483961E7}] - C:\windows\Installer\{8528CF35-D69E-429A-8B2E-688E2A2FEA66}\{29090E1C-8CC6-4845-BADE-9320483961E7}.xpi
FF Extension: Download Protect - C:\windows\Installer\{8528CF35-D69E-429A-8B2E-688E2A2FEA66}\{29090E1C-8CC6-4845-BADE-9320483961E7}.xpi [2014-06-15]
FF HKCU\...\Firefox\Extensions: [{2828fb93-77f7-413f-a235-e897454636fa}] - C:\Program Files (x86)\bettermarkit\150.xpi

Chrome:
=======
CHR HomePage: hxxp://www.googlemail.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-11]
CHR Extension: (Google Drive) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-11]
CHR Extension: (YouTube) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-11]
CHR Extension: (Adblock Plus) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-04]
CHR Extension: (Google-Suche) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-11]
CHR Extension: (Google Kalender) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-05-04]
CHR Extension: (Stealthy) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2014-05-04]
CHR Extension: (No Name) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2014-05-04]
CHR Extension: (Google Wallet) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-11]
CHR Extension: (Download Protect) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnodbngghncaikgllkeebaneekkihhp [2014-06-15]
CHR Extension: (Google Mail) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-11]
CHR HKLM-x32\...\Chrome\Extension: [mpnkngdlkfogmplnfcbphiekcjgbnckb] - C:\Program Files (x86)\bettermarkit\150.crx [2013-09-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [123984 2014-05-14] (Avira Operations GmbH & Co. KG)
R2 BBDemon; C:\Program Files (x86)\Dassault Systemes\B21\intel_a\code\bin\CATSysDemon.exe [38400 2011-01-08] (Dassault Systemes) [File not signed]
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [903456 2010-04-20] (Broadcom Corporation.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2012-06-13] (Macrovision Europe Ltd.) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [545608 2012-07-09] ()
R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [549704 2012-07-09] (PacketVideo)
R2 TwonkyWebDav; C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe [271176 2012-07-09] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-11-04] (DT Soft Ltd)
R1 LUMDriver; C:\windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
U3 BcmSqlStartupSvc;
U2 CLKMSVC10_3A60B698;
U2 CLKMSVC10_C3B3B687;
U2 DriverService;
U2 iATAgentService;
U2 idealife Update Service;
U3 IGRS;
U2 IviRegMgr;
U2 nvUpdatusService;
U2 Oasis2Service;
U2 PCCarerService;
U2 ReadyComm.DirectRouter;
U2 RichVideo;
U2 RtLedService;
U2 SeaPort;
U2 SoftwareService;
U3 SQLWriter;
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-21 20:13 - 2014-06-21 20:13 - 02347384 _____ (ESET) C:\Users\Jawad\Downloads\esetsmartinstaller_deu.exe
2014-06-21 19:52 - 2014-06-21 19:52 - 00016792 _____ () C:\Users\Jawad\Desktop\Neues Textdokument (2).txt
2014-06-21 19:47 - 2014-06-21 19:47 - 00014566 _____ () C:\Users\Jawad\Desktop\HitmanPro_20140621_1947.log
2014-06-21 19:46 - 2014-06-21 19:46 - 00012872 _____ (SurfRight B.V.) C:\windows\system32\bootdelete.exe
2014-06-21 19:34 - 2014-06-21 19:49 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-06-21 19:33 - 2014-06-21 19:33 - 10971424 _____ (SurfRight B.V.) C:\Users\Jawad\Downloads\HitmanPro_x64.exe
2014-06-21 18:49 - 2014-06-21 19:56 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-21 18:48 - 2014-06-21 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-21 18:48 - 2014-06-21 18:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-21 18:48 - 2014-06-21 18:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-21 18:48 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-06-21 18:48 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-06-21 18:48 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-06-21 18:46 - 2014-06-21 18:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jawad\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-21 18:37 - 2014-06-21 18:38 - 00000000 ____D () C:\AdwCleaner
2014-06-21 18:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-06-21 18:23 - 2014-06-21 18:23 - 01333465 _____ () C:\Users\Jawad\Downloads\adwcleaner_3.212.exe
2014-06-21 17:04 - 2014-06-21 17:07 - 00043670 _____ () C:\Users\Jawad\Downloads\Addition.txt
2014-06-21 17:01 - 2014-06-21 23:49 - 00026409 _____ () C:\Users\Jawad\Downloads\FRST.txt
2014-06-21 17:01 - 2014-06-21 23:48 - 00000000 ____D () C:\FRST
2014-06-21 17:00 - 2014-06-21 17:00 - 02083328 _____ (Farbar) C:\Users\Jawad\Downloads\FRST64.exe
2014-06-21 15:59 - 2014-06-21 15:59 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\Avira
2014-06-21 15:57 - 2014-06-21 15:55 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2014-06-21 15:53 - 2014-05-27 17:12 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-06-21 15:53 - 2014-05-27 17:12 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-06-21 15:53 - 2014-05-27 17:12 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2014-06-21 15:47 - 2014-06-21 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-21 15:47 - 2014-06-21 15:53 - 00000000 ____D () C:\ProgramData\Avira
2014-06-21 15:47 - 2014-06-21 15:53 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-06-21 15:47 - 2014-06-21 15:47 - 00001097 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-06-21 15:46 - 2014-06-21 15:46 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jawad\Downloads\avira_de_av_4042837637__ws.exe
2014-06-21 15:46 - 2014-06-21 15:46 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-19 15:22 - 2014-06-19 15:22 - 00349756 _____ () C:\Users\Jawad\Downloads\sitemap515.20130528.xml.gz
2014-06-18 09:24 - 2014-06-18 09:24 - 00000000 ____D () C:\Users\Jawad\Downloads\Runtastic PRO v5.0.2
2014-06-18 09:23 - 2014-06-18 09:24 - 16009683 _____ () C:\Users\Jawad\Downloads\Runtastic PRO v5.0.2.rar
2014-06-12 17:49 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-12 17:49 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-12 17:49 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-06-12 17:49 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-12 17:49 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-06-12 17:49 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-12 17:49 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-06-12 17:49 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-12 17:49 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-12 17:49 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-06-12 17:49 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-06-12 17:49 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-06-12 17:49 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-06-12 17:49 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-12 17:49 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-12 17:49 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-12 17:49 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-12 17:49 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-12 17:49 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 17:49 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-12 17:49 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-12 17:49 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-06-12 17:49 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-12 17:49 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-12 17:49 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-06-12 17:49 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-12 17:49 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-12 17:49 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-12 17:49 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-12 17:49 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-06-12 17:49 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-12 17:49 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-06-12 17:49 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-06-12 17:49 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-06-12 17:49 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-12 17:49 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-12 17:49 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 17:49 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-12 17:49 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-12 17:49 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-12 17:49 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-12 17:49 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-12 17:49 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-12 17:49 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-06-12 17:49 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-12 17:49 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-12 17:49 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-12 17:49 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-12 17:49 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-12 17:49 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-12 17:49 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-06-12 17:49 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-06-12 17:49 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-12 17:49 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-12 17:49 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-06-12 17:49 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2014-06-12 17:49 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-12 17:49 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 17:49 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-06-12 17:49 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-12 17:49 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-06-12 17:49 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-06-12 17:49 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-06-12 17:49 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-12 17:49 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-06-12 17:49 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-06-09 13:59 - 2014-06-09 13:59 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\Mozilla
2014-06-02 18:49 - 2014-06-02 18:49 - 23424432 _____ (Windows 7 - Codec Pack) C:\Users\Jawad\Downloads\windows.7.codec.pack.v4.0.9.setup.exe
2014-06-01 17:36 - 2014-06-01 17:39 - 87179530 _____ () C:\Users\Jawad\Downloads\gapps-kk-20140105-signed.zip
2014-05-27 23:14 - 2014-05-27 23:18 - 00000000 ____D () C:\Users\Jawad\Desktop\27.05.2014
2014-05-27 23:06 - 2014-05-27 23:18 - 00000000 ____D () C:\Users\Jawad\Desktop\26.05.2014
2014-05-27 17:58 - 2014-05-27 18:02 - 174538954 _____ () C:\Users\Jawad\Downloads\Photos_downloaded_by_AirDroid.zip

==================== One Month Modified Files and Folders =======

2014-06-21 23:49 - 2014-06-21 17:01 - 00026409 _____ () C:\Users\Jawad\Downloads\FRST.txt
2014-06-21 23:48 - 2014-06-21 17:01 - 00000000 ____D () C:\FRST
2014-06-21 23:48 - 2012-12-09 01:50 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-06-21 23:06 - 2012-06-08 15:34 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\Skype
2014-06-21 22:55 - 2012-02-09 14:39 - 01046784 _____ () C:\windows\system32\TPHDLOG0.LOG
2014-06-21 22:54 - 2012-06-16 21:20 - 00001120 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000UA.job
2014-06-21 22:52 - 2012-02-09 14:33 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-21 22:06 - 2012-02-09 14:07 - 01732748 _____ () C:\windows\WindowsUpdate.log
2014-06-21 20:25 - 2014-05-20 23:35 - 00000000 ____D () C:\ProgramData\TwonkyServer
2014-06-21 20:13 - 2014-06-21 20:13 - 02347384 _____ (ESET) C:\Users\Jawad\Downloads\esetsmartinstaller_deu.exe
2014-06-21 20:11 - 2012-02-09 14:43 - 01903061 _____ () C:\FaceProv.log
2014-06-21 20:02 - 2009-07-14 06:45 - 00028928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-21 20:02 - 2009-07-14 06:45 - 00028928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-21 19:57 - 2012-11-04 23:52 - 00003510 _____ () C:\windows\System32\Tasks\AutoKMS
2014-06-21 19:57 - 2012-02-09 14:50 - 01126578 _____ () C:\windows\system32\fastboot.set
2014-06-21 19:57 - 2012-02-09 14:43 - 00000000 ____D () C:\ProgramData\VeriFace
2014-06-21 19:56 - 2014-06-21 18:49 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-21 19:55 - 2012-02-09 14:33 - 00001120 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-21 19:54 - 2010-11-21 05:47 - 00407482 _____ () C:\windows\PFRO.log
2014-06-21 19:54 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-21 19:54 - 2009-07-14 06:51 - 00185990 _____ () C:\windows\setupact.log
2014-06-21 19:52 - 2014-06-21 19:52 - 00016792 _____ () C:\Users\Jawad\Desktop\Neues Textdokument (2).txt
2014-06-21 19:49 - 2014-06-21 19:34 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-06-21 19:47 - 2014-06-21 19:47 - 00014566 _____ () C:\Users\Jawad\Desktop\HitmanPro_20140621_1947.log
2014-06-21 19:46 - 2014-06-21 19:46 - 00012872 _____ (SurfRight B.V.) C:\windows\system32\bootdelete.exe
2014-06-21 19:46 - 2014-01-06 12:26 - 00000000 ___RD () C:\Users\Jawad\Desktop\Alles andere !!!
2014-06-21 19:33 - 2014-06-21 19:33 - 10971424 _____ (SurfRight B.V.) C:\Users\Jawad\Downloads\HitmanPro_x64.exe
2014-06-21 18:48 - 2014-06-21 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-21 18:48 - 2014-06-21 18:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-21 18:48 - 2014-06-21 18:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-21 18:47 - 2014-06-21 18:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jawad\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-21 18:44 - 2012-02-09 14:39 - 00659008 _____ () C:\windows\system32\TPAPSLOG.LOG
2014-06-21 18:38 - 2014-06-21 18:37 - 00000000 ____D () C:\AdwCleaner
2014-06-21 18:35 - 2012-08-06 21:33 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-21 18:23 - 2014-06-21 18:23 - 01333465 _____ () C:\Users\Jawad\Downloads\adwcleaner_3.212.exe
2014-06-21 18:05 - 2013-04-07 15:46 - 00000000 ____D () C:\Program Files\Java
2014-06-21 17:54 - 2012-06-16 21:20 - 00001068 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000Core.job
2014-06-21 17:07 - 2014-06-21 17:04 - 00043670 _____ () C:\Users\Jawad\Downloads\Addition.txt
2014-06-21 17:00 - 2014-06-21 17:00 - 02083328 _____ (Farbar) C:\Users\Jawad\Downloads\FRST64.exe
2014-06-21 16:00 - 2013-06-28 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Portrait Professional Studio 10
2014-06-21 16:00 - 2013-06-28 16:05 - 00000000 ____D () C:\Program Files (x86)\Portrait Professional Studio 10
2014-06-21 15:59 - 2014-06-21 15:59 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\Avira
2014-06-21 15:55 - 2014-06-21 15:57 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2014-06-21 15:54 - 2014-06-21 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-21 15:53 - 2014-06-21 15:47 - 00000000 ____D () C:\ProgramData\Avira
2014-06-21 15:53 - 2014-06-21 15:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-06-21 15:47 - 2014-06-21 15:47 - 00001097 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-06-21 15:46 - 2014-06-21 15:46 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jawad\Downloads\avira_de_av_4042837637__ws.exe
2014-06-21 15:46 - 2014-06-21 15:46 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-21 13:16 - 2013-06-30 19:09 - 00003930 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{A31A9D57-64D4-48B9-B93F-182C18DEEE4D}
2014-06-21 02:00 - 2012-06-10 15:16 - 00000000 ____D () C:\Users\Jawad\AppData\Local\Adobe
2014-06-20 16:55 - 2012-06-08 15:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-06-20 11:47 - 2012-02-09 14:33 - 00004120 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 11:47 - 2012-02-09 14:33 - 00003868 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 15:22 - 2014-06-19 15:22 - 00349756 _____ () C:\Users\Jawad\Downloads\sitemap515.20130528.xml.gz
2014-06-18 09:24 - 2014-06-18 09:24 - 00000000 ____D () C:\Users\Jawad\Downloads\Runtastic PRO v5.0.2
2014-06-18 09:24 - 2014-06-18 09:23 - 16009683 _____ () C:\Users\Jawad\Downloads\Runtastic PRO v5.0.2.rar
2014-06-17 17:49 - 2012-06-16 21:20 - 00004090 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000UA
2014-06-17 17:49 - 2012-06-16 21:20 - 00003694 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000Core
2014-06-15 20:35 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2014-06-15 11:16 - 2014-03-06 23:04 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-13 00:12 - 2013-08-15 19:07 - 00000000 ____D () C:\windows\system32\MRT
2014-06-13 00:10 - 2012-06-13 01:15 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-13 00:09 - 2012-06-08 23:54 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-13 00:05 - 2012-06-23 17:40 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\Spotify
2014-06-12 17:58 - 2014-05-04 17:22 - 00002135 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-09 13:59 - 2014-06-09 13:59 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\Mozilla
2014-06-08 22:18 - 2012-06-23 17:40 - 00000000 ____D () C:\Users\Jawad\AppData\Local\Spotify
2014-06-05 18:36 - 2014-03-22 22:26 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-06-04 19:11 - 2013-06-26 19:01 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-02 18:49 - 2014-06-02 18:49 - 23424432 _____ (Windows 7 - Codec Pack) C:\Users\Jawad\Downloads\windows.7.codec.pack.v4.0.9.setup.exe
2014-06-02 16:38 - 2012-06-08 15:34 - 00000000 ____D () C:\ProgramData\Skype
2014-06-02 16:37 - 2014-03-27 20:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-01 17:39 - 2014-06-01 17:36 - 87179530 _____ () C:\Users\Jawad\Downloads\gapps-kk-20140105-signed.zip
2014-05-30 12:21 - 2014-06-12 17:49 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-12 17:49 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-12 17:49 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-12 17:49 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-12 17:49 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-12 17:49 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-12 17:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-12 17:49 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-12 17:49 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-12 17:49 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-12 17:49 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-12 17:49 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-12 17:49 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-12 17:49 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-12 17:49 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-12 17:49 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-12 17:49 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-12 17:49 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-12 17:49 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-12 17:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-12 17:49 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-12 17:49 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-12 17:49 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-12 17:49 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-12 17:49 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-12 17:49 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-12 17:49 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-12 17:49 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-12 17:49 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-12 17:49 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-12 17:49 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-12 17:49 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-12 17:49 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-12 17:49 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-12 17:49 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-12 17:49 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-12 17:49 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-12 17:49 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-12 17:49 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-12 17:49 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-12 17:49 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-12 17:49 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-12 17:49 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-12 17:49 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-12 17:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-12 17:49 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-12 17:49 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-12 17:49 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-12 17:49 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-12 17:49 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-12 17:49 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-12 17:49 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-05-29 19:06 - 2012-07-23 12:41 - 00000000 ____D () C:\Users\Jawad\AppData\Local\Microsoft Games
2014-05-27 23:18 - 2014-05-27 23:14 - 00000000 ____D () C:\Users\Jawad\Desktop\27.05.2014
2014-05-27 23:18 - 2014-05-27 23:06 - 00000000 ____D () C:\Users\Jawad\Desktop\26.05.2014
2014-05-27 18:02 - 2014-05-27 17:58 - 174538954 _____ () C:\Users\Jawad\Downloads\Photos_downloaded_by_AirDroid.zip
2014-05-27 17:12 - 2014-06-21 15:53 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-05-27 17:12 - 2014-06-21 15:53 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-05-27 17:12 - 2014-06-21 15:53 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2014-05-22 11:22 - 2013-01-11 15:38 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\vlc

Some content of TEMP:
====================
C:\Users\Jawad\AppData\Local\Temp\avgnt.exe
C:\Users\Jawad\AppData\Local\Temp\CMInstaller.exe
C:\Users\Jawad\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Jawad\AppData\Local\Temp\muzaf1.dll
C:\Users\Jawad\AppData\Local\Temp\muzapp.dll
C:\Users\Jawad\AppData\Local\Temp\muzapp.exe
C:\Users\Jawad\AppData\Local\Temp\muzwmts.dll
C:\Users\Jawad\AppData\Local\Temp\ose00001.exe
C:\Users\Jawad\AppData\Local\Temp\Quarantine.exe
C:\Users\Jawad\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jawad\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Jawad\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\Jawad\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\Jawad\AppData\Local\Temp\_is81B.exe
C:\Users\Jawad\AppData\Local\Temp\_isA054.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 09:55

==================== End Of Log ============================
--- --- ---



und hier die addition.txt logfile:

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2014 01
Ran by Jawad at 2014-06-21 23:49:56
Running from C:\Users\Jawad\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Active Protection System (HKLM-x32\...\{F493761C-E465-4B9E-9FC1-A312F161DE0A}) (Version: 1.70.08 - Lenovo)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.600 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.5.0.600 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS3 (HKLM-x32\...\Adobe_c015d5ef39552390a753ee735d16041) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Illustrator CS3 (x32 Version: 13.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 3.6 64-bit (HKLM\...\{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}) (Version: 3.6.1 - Adobe)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.)
Avira (HKLM-x32\...\{68e29fba-92b1-4f6f-a604-1d8679da3a9f}) (Version: 1.1.13.24161 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.13.24161 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
bettermarkit (HKLM-x32\...\a207c8e9-8b5d-4b7f-9763-8986c6ca8939) (Version:  - bettermarkitnet Soft) <==== ATTENTION
Bia2 Radio (HKLM-x32\...\com.adobe.radio.372F4266994BA18A839D42D56BA652959166B005.1) (Version: 1.2 - UNKNOWN)
Bia2 Radio (x32 Version: 1.2 - UNKNOWN) Hidden
Brother MFL-Pro Suite DCP-J525W (HKLM-x32\...\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}) (Version: 1.1.6.0 - Brother Industries, Ltd.)
CM Installer (HKLM-x32\...\{681544C2-FFA2-4CFD-A9AD-2A3D25DF8D22}) (Version: 1.0.0.0 - Cyanogen Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Dassault Systemes Software B21 (HKLM\...\Dassault Systemes B21_0) (Version:  - )
Dassault Systemes Software Prerequisites x86-x64 (HKLM\...\{CF1EB598-B424-436A-B15F-B763846BA970}) (Version: 8.1.3 - Dassault Systemes)
Dassault Systemes Software VC9 Prerequisites x86-x64 (HKLM\...\{F2F2DEA7-36AB-4E13-907C-D8BDE775EF97}) (Version: 9.1.2 - Dassault Systemes)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)
Dojotech Spotify Recorder (HKLM-x32\...\{D149DB2E-392E-48CC-8036-88BECC09C50A}) (Version: 3.2 - Dojotech Software)
Elements 10 Organizer (x32 Version: 10.0 - Ihr Firmenname) Hidden
Energy Management (HKLM-x32\...\{0CE226F3-EB27-4ECD-BBF5-F088716779FD}) (Version: 5.4.2.6 - Lenovo)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Video to Android Converter version 5.0.32.1230 (HKLM-x32\...\Free Video to Android Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.32.327 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.32.327 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.30.903 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.30.903 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Drive (HKLM-x32\...\{D9F75285-4864-461D-83DA-8D056BAC44D1}) (Version: 1.16.6866.4367 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java SE Development Kit 7 Update 17 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170170}) (Version: 1.7.0.170 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1900 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.10.1004.1 - Lenovo EasyCamera)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.7 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1230 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1230 - CyberLink Corp.) Hidden
Lenovo Security Suite (HKLM-x32\...\InstallShield_{8B404231-6BB1-44F6-8488-6A7C307B576F}) (Version: 1.0.4.6 - Lenovo)
Lenovo Security Suite (x32 Version: 1.0.4.6 - Lenovo) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3728 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MCCI(r)Firmware Update Driver for MTK (HKLM-x32\...\{13E92303-C1AC-4012-9E22-54EACBF54888}) (Version: 1.00.0000 - MCCI)
MediaManager (HKLM-x32\...\MediaManager) (Version: 3.0.3 (60) - PacketVideo)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Manager (HKCU\...\MusicManager) (Version:  - Google, Inc.)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.4 - F.J. Wechselberger)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Portrait Professional Studio 10.8 (HKLM-x32\...\PortraitProfessionalStudio10_is1) (Version: 10.8 - Anthropics Technology Ltd.)
PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6201 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.1.0 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
Twonky Windows Components (HKLM-x32\...\{7CC673E7-5271-409D-B196-BB76DA60300B}) (Version: 3.0.3 - PacketVideo)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VBA (3821b) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.1.0126 - Lenovo)
Visual Basic for Applications (R) Core - English (x32 Version: 6.5.10.32 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core (x32 Version: 6.5.10.53 - Microsoft Corporation) Hidden
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Windows 7 Codec Pack 4.0.9 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.9 - Windows 7 Codec Pack)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (01/20/2010 6.4.0.1) (HKLM\...\E1DBB3EF910E1B47C70220D60E673F3798130C6D) (Version: 01/20/2010 6.4.0.1 - Lenovo)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wolfram Mathematica 8 (M-WIN-T 8.0.4 2615567) (HKLM\...\M-WIN-T 8.0.4 2615567_is1) (Version: 8.0.4 - Wolfram Research, Inc.)
WYSIWYG Web Builder 8  (HKLM-x32\...\WYSIWYG_Web_Builder_8) (Version:  - )

==================== Restore Points  =========================

03-06-2014 11:32:09 Windows Update
06-06-2014 21:05:57 Windows Update
10-06-2014 15:05:50 Windows Update
12-06-2014 22:06:21 Windows Update
17-06-2014 15:59:49 Windows Update
20-06-2014 23:27:15 Windows Update
21-06-2014 16:02:28 Removed Java 7 Update 17 (64-bit)
21-06-2014 16:21:31 Removed Java 7 Update 55
21-06-2014 16:27:20 Removed Java(TM) 6 Update 30

==================== Hosts content: ==========================

2009-07-14 04:34 - 2012-10-05 12:48 - 00001056 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1        activate.adobe.com
127.0.0.1        adobe-dns-1.adobe.com
127.0.0.1        adobe-dns-2.adobe.com
127.0.0.1        adobe-dns-2.adobe.com
127.0.0.1        adobe-dns-3.adobe.com
127.0.0.1        adobe-dns-3.adobe.com
127.0.0.1        adobe-dns-4.adobe.com


==================== Scheduled Tasks (whitelisted) =============

Task: {2F51C98A-FC48-4FF8-ADBE-5D42F0AC0585} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000UA => C:\Users\Jawad\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-08] (Google Inc.)
Task: {50991E6F-7564-4979-AAE6-DFA656F07197} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-09] (Google Inc.)
Task: {6AE1266B-96F9-41FD-9D1B-6046120430FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-09] (Google Inc.)
Task: {82A6E515-007D-4194-98AB-21A80FEB393C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {89A76BC7-DA62-4E89-9437-A35E8D738085} - \bettermarkit Update No Task File <==== ATTENTION
Task: {90EC5CDA-DE57-4F17-A3F2-3F345B80766A} - System32\Tasks\AdobeAAMUpdater-1.0-Jawad-PC-Jawad => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {D5412A55-5EE5-43C8-9046-1401A4D51F35} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000Core => C:\Users\Jawad\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-08] (Google Inc.)
Task: {EB68D752-AA8B-4D98-85C6-7594772D44DE} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29] (CyberLink)
Task: {ED5996A9-6AF9-4B30-9396-45AC5877D054} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2012-11-04] ()
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000Core.job => C:\Users\Jawad\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000UA.job => C:\Users\Jawad\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-18 00:06 - 2005-04-22 06:36 - 00143360 _____ () C:\windows\system32\BrSNMP64.dll
2012-07-09 20:51 - 2012-07-09 20:51 - 00545608 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
2012-07-09 20:51 - 2012-07-09 20:51 - 01672008 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\TwonkyServer.exe
2012-07-09 20:50 - 2012-07-09 20:50 - 00271176 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-04-20 15:29 - 2010-04-20 15:29 - 00173344 _____ () C:\Program Files\Lenovo\Bluetooth Software\btkeyind.dll
2012-02-09 14:52 - 2009-07-15 17:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2012-02-09 14:52 - 2009-07-15 17:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2013-06-08 14:11 - 2013-06-08 14:11 - 00048200 _____ () C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
2012-07-09 20:51 - 2012-07-09 20:51 - 00176968 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\wmdrmdll.dll
2014-05-14 14:27 - 2014-05-14 14:27 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-05-14 14:27 - 2014-05-14 14:27 - 00065616 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 10683392 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 07741952 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 02248192 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 01681408 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
2014-05-15 23:20 - 2014-05-15 23:20 - 00117248 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2014-05-15 23:20 - 2014-05-15 23:20 - 00231936 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2014-05-15 23:21 - 2014-05-15 23:21 - 00253440 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2014-05-15 23:24 - 2014-05-15 23:24 - 00344064 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 00026624 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
2014-05-07 23:54 - 2014-06-15 11:16 - 00012288 _____ () C:\Program Files (x86)\Google\Chrome\Application\WTSAPI32.dll
2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-02-09 14:43 - 2012-02-09 14:43 - 00013664 _____ () C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
2014-06-12 17:57 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-12 17:57 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-05-17 15:37 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-06-21 15:54 - 2014-05-14 14:27 - 00049744 _____ () C:\Users\Jawad\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-06-12 17:58 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-12 17:58 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-12 17:57 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-02-13 04:45 - 2014-02-13 04:45 - 00170496 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\14c2655e9e6031c4deed9c4b77689b9e\IsdiInterop.ni.dll
2012-02-09 14:18 - 2010-03-03 22:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/21/2014 11:46:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/21/2014 11:34:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/21/2014 08:14:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/21/2014 08:13:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/21/2014 07:55:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/21/2014 06:42:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2014 10:48:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/06/18 22:48:56.522]: [00002528]: Initialize TwdsMain Class failed!

Error: (06/18/2014 10:48:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/06/18 22:48:56.446]: [00002528]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (06/18/2014 03:40:00 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/06/18 15:40:00.457]: [00002528]: Initialize TwdsMain Class failed!

Error: (06/18/2014 03:40:00 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/06/18 15:40:00.457]: [00002528]: ##### Fatal ERROR!! Create STI-device failed! #####


System errors:
=============
Error: (06/21/2014 07:56:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/21/2014 07:55:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (06/21/2014 06:42:29 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/21/2014 06:42:24 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (06/20/2014 08:33:30 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Die beiderseitige Authentifizierung zwischen dem lokalen Bluetooth-Adapter und einem Gerät mit Bluetooth-Adapteradresse (20:13:e0:a7:66:9c) ist fehlgeschlagen.

Error: (06/19/2014 05:00:16 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst TeamViewer9 erreicht.

Error: (06/15/2014 11:15:34 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/15/2014 11:15:29 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (06/15/2014 11:13:40 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎15.‎06.‎2014 um 11:12:57 unerwartet heruntergefahren.

Error: (06/15/2014 11:11:30 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007045b


Microsoft Office Sessions:
=========================
Error: (06/21/2014 11:46:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jawad\Downloads\esetsmartinstaller_deu.exe

Error: (06/21/2014 11:34:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (06/21/2014 08:14:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jawad\Downloads\esetsmartinstaller_deu.exe

Error: (06/21/2014 08:13:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jawad\Downloads\esetsmartinstaller_deu.exe

Error: (06/21/2014 07:55:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/21/2014 06:42:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2014 10:48:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/06/18 22:48:56.522]: [00002528]: Initialize TwdsMain Class failed!

Error: (06/18/2014 10:48:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/06/18 22:48:56.446]: [00002528]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (06/18/2014 03:40:00 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/06/18 15:40:00.457]: [00002528]: Initialize TwdsMain Class failed!

Error: (06/18/2014 03:40:00 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/06/18 15:40:00.457]: [00002528]: ##### Fatal ERROR!! Create STI-device failed! #####


==================== Memory info ===========================

Percentage of memory in use: 61%
Total physical RAM: 3893.86 MB
Available physical RAM: 1515.92 MB
Total Pagefile: 7785.9 MB
Available Pagefile: 4998.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:254.14 GB) (Free:92.81 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: F9C454B0)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=254 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=15 GB) - (Type=12)

==================== End Of Log ============================

Danke dir soweit für deine Hilfe .... :sleepy:

Welchen Schritt muss ich als nächstes gehen ?

Gruss

deeprybka 21.06.2014 23:06
So hier ist dann jetzt auch erstmal Feierabend....

Code:
C:\Users\Jawad\Downloads\Alles andere\Adobe.Photoshop.Lightroom.v4.0.Multilingual.xxxl.Keymaker-CORE\keygen.exe
Zitat:
Zitat von tamore123 (Beitrag 1319733)
Mit Illustrater und Co. (jetzt weiss ich was mit adobe gemeint ist ) arbeite ich beruflich Dafür und für die anderen Produkte habe ich eine Hochschul- , bzw. Betriebslizenz von meinem Arbeitgeber.

Lg
http://www.trojaner-board.de/95394-c...-software.html

tamore123 23.06.2014 18:17
So lieber Jürgen nach löschung der Dateien die ich bei Sicht selbst gefunden habe , send eich hier meine FRST logdatei zu :



FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2014
Ran by Jawad (administrator) on JAWAD-PC on 23-06-2014 19:11:53
Running from C:\Users\Jawad\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Dassault Systemes) C:\Program Files (x86)\Dassault Systemes\B21\intel_a\code\bin\CATSysDemon.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo.) C:\Windows\System32\TPHDEXLG64.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Google Inc.) C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Spotify Ltd) C:\Users\Jawad\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Jawad\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2473568 2010-11-12] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\System32\TpShocks.exe [231264 2009-09-02] (Lenovo.)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-02-09] (Lenovo)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4462496 2010-04-23] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7069600 2010-11-22] (Lenovo (Beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-02-09] (Lenovo)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Download Protect] => C:\ProgramData\dlprotect.exe
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [183376 2014-05-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [Google Update] => C:\Users\Jawad\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-08] (Google Inc.)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [MusicManager] => C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7631872 2014-05-15] (Google Inc.)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [Spotify Web Helper] => C:\Users\Jawad\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-02-20] (Spotify Ltd)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [5C92979F8DBDEF8735FA7EB193D56A2885590DF3._service_run] => C:\program files (x86)\google\chrome\application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\Run: [GoogleChromeAutoLaunch_ABC9EFE06A534EF852305D94A2DD8580] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\MountPoints2: {532245b0-b2ef-11e1-9e02-1c75086b9a8b} - F:\Autoplay.exe -auto
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\MountPoints2: {900eee4a-c35a-11e1-8a27-642737859151} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\MountPoints2: {b929e006-be91-11e2-a63b-1c75086b9a8b} - F:\LaunchU3.exe -a
HKU\S-1-5-21-423967124-2091797172-957535332-1000\...\MountPoints2: {eaff5cb9-b3df-11e1-8994-1c75086b9a8b} - F:\Autoplay.exe -auto
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MediaServer.lnk
ShortcutTarget: MediaServer.lnk -> C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: VeriFace Enc -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll ()
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5CDE7ACD-49EC-4E58-A6AD-7FC80B3642E9}: [NameServer]139.7.30.125,139.7.30.126

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin - C:\Program Files (x86)\Java\jre6\bin\npDeployJava1.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Jawad\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Jawad\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Jawad\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Jawad\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Jawad\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Jawad\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [{29090E1C-8CC6-4845-BADE-9320483961E7}] - C:\windows\Installer\{8528CF35-D69E-429A-8B2E-688E2A2FEA66}\{29090E1C-8CC6-4845-BADE-9320483961E7}.xpi
FF Extension: Download Protect - C:\windows\Installer\{8528CF35-D69E-429A-8B2E-688E2A2FEA66}\{29090E1C-8CC6-4845-BADE-9320483961E7}.xpi [2014-06-15]
FF HKCU\...\Firefox\Extensions: [{2828fb93-77f7-413f-a235-e897454636fa}] - C:\Program Files (x86)\bettermarkit\150.xpi

Chrome:
=======
CHR HomePage: hxxp://www.googlemail.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Google Drive) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-11]
CHR Extension: (YouTube) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-11]
CHR Extension: (Google-Suche) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-11]
CHR Extension: (Google Kalender) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-05-04]
CHR Extension: (No Name) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2014-05-04]
CHR Extension: (Google Wallet) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-11]
CHR Extension: (Download Protect) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnodbngghncaikgllkeebaneekkihhp [2014-06-15]
CHR Extension: (Google Mail) - C:\Users\Jawad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-11]
CHR HKLM-x32\...\Chrome\Extension: [mpnkngdlkfogmplnfcbphiekcjgbnckb] - C:\Program Files (x86)\bettermarkit\150.crx [2013-09-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [123984 2014-05-14] (Avira Operations GmbH & Co. KG)
R2 BBDemon; C:\Program Files (x86)\Dassault Systemes\B21\intel_a\code\bin\CATSysDemon.exe [38400 2011-01-08] (Dassault Systemes) [File not signed]
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [903456 2010-04-20] (Broadcom Corporation.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2012-06-13] (Macrovision Europe Ltd.) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [545608 2012-07-09] ()
R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [549704 2012-07-09] (PacketVideo)
R2 TwonkyWebDav; C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe [271176 2012-07-09] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-11-04] (DT Soft Ltd)
R1 LUMDriver; C:\windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
U3 BcmSqlStartupSvc;
U2 CLKMSVC10_3A60B698;
U2 CLKMSVC10_C3B3B687;
U2 DriverService;
U2 iATAgentService;
U2 idealife Update Service;
U3 IGRS;
U2 IviRegMgr;
U2 nvUpdatusService;
U2 Oasis2Service;
U2 PCCarerService;
U2 ReadyComm.DirectRouter;
U2 RichVideo;
U2 RtLedService;
U2 SeaPort;
U2 SoftwareService;
U3 SQLWriter;
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-23 19:11 - 2014-06-23 19:11 - 00000000 ____D () C:\Users\Jawad\Downloads\FRST-OlderVersion
2014-06-21 20:13 - 2014-06-21 20:13 - 02347384 _____ (ESET) C:\Users\Jawad\Downloads\esetsmartinstaller_deu.exe
2014-06-21 19:52 - 2014-06-21 19:52 - 00016792 _____ () C:\Users\Jawad\Desktop\Neues Textdokument (2).txt
2014-06-21 19:47 - 2014-06-21 19:47 - 00014566 _____ () C:\Users\Jawad\Desktop\HitmanPro_20140621_1947.log
2014-06-21 19:46 - 2014-06-21 19:46 - 00012872 _____ (SurfRight B.V.) C:\windows\system32\bootdelete.exe
2014-06-21 19:34 - 2014-06-21 19:49 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-06-21 19:33 - 2014-06-21 19:33 - 10971424 _____ (SurfRight B.V.) C:\Users\Jawad\Downloads\HitmanPro_x64.exe
2014-06-21 18:49 - 2014-06-21 19:56 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-21 18:48 - 2014-06-21 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-21 18:48 - 2014-06-21 18:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-21 18:48 - 2014-06-21 18:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-21 18:48 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-06-21 18:48 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-06-21 18:48 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-06-21 18:46 - 2014-06-21 18:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jawad\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-21 18:37 - 2014-06-21 18:38 - 00000000 ____D () C:\AdwCleaner
2014-06-21 18:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-06-21 18:23 - 2014-06-21 18:23 - 01333465 _____ () C:\Users\Jawad\Downloads\adwcleaner_3.212.exe
2014-06-21 17:04 - 2014-06-22 10:40 - 00047896 _____ () C:\Users\Jawad\Downloads\Addition.txt
2014-06-21 17:01 - 2014-06-23 19:12 - 00026451 _____ () C:\Users\Jawad\Downloads\FRST.txt
2014-06-21 17:01 - 2014-06-23 19:11 - 00000000 ____D () C:\FRST
2014-06-21 17:00 - 2014-06-23 19:11 - 02082816 _____ (Farbar) C:\Users\Jawad\Downloads\FRST64.exe
2014-06-21 15:59 - 2014-06-21 15:59 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\Avira
2014-06-21 15:57 - 2014-06-21 15:55 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2014-06-21 15:53 - 2014-05-27 17:12 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-06-21 15:53 - 2014-05-27 17:12 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-06-21 15:53 - 2014-05-27 17:12 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2014-06-21 15:47 - 2014-06-21 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-21 15:47 - 2014-06-21 15:53 - 00000000 ____D () C:\ProgramData\Avira
2014-06-21 15:47 - 2014-06-21 15:53 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-06-21 15:47 - 2014-06-21 15:47 - 00001097 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-06-21 15:46 - 2014-06-21 15:46 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jawad\Downloads\avira_de_av_4042837637__ws.exe
2014-06-21 15:46 - 2014-06-21 15:46 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-19 15:22 - 2014-06-19 15:22 - 00349756 _____ () C:\Users\Jawad\Downloads\sitemap515.20130528.xml.gz
2014-06-18 09:24 - 2014-06-18 09:24 - 00000000 ____D () C:\Users\Jawad\Downloads\Runtastic PRO v5.0.2
2014-06-18 09:23 - 2014-06-18 09:24 - 16009683 _____ () C:\Users\Jawad\Downloads\Runtastic PRO v5.0.2.rar
2014-06-12 17:49 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-12 17:49 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-12 17:49 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-06-12 17:49 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-12 17:49 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-06-12 17:49 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-12 17:49 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-06-12 17:49 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-12 17:49 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-12 17:49 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-06-12 17:49 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-06-12 17:49 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-06-12 17:49 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-06-12 17:49 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-12 17:49 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-12 17:49 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-12 17:49 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-12 17:49 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-12 17:49 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 17:49 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-12 17:49 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-12 17:49 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-06-12 17:49 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-12 17:49 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-12 17:49 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-06-12 17:49 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-12 17:49 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-12 17:49 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-12 17:49 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-12 17:49 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-06-12 17:49 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-12 17:49 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-06-12 17:49 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-06-12 17:49 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-06-12 17:49 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-12 17:49 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-12 17:49 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 17:49 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-12 17:49 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-12 17:49 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-12 17:49 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-12 17:49 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-12 17:49 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-12 17:49 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-06-12 17:49 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-12 17:49 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-12 17:49 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-12 17:49 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-12 17:49 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-12 17:49 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-12 17:49 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-06-12 17:49 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-06-12 17:49 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-12 17:49 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-12 17:49 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-06-12 17:49 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2014-06-12 17:49 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-12 17:49 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 17:49 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-06-12 17:49 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-12 17:49 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-06-12 17:49 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-06-12 17:49 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-06-12 17:49 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-12 17:49 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-06-12 17:49 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-06-09 13:59 - 2014-06-09 13:59 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\Mozilla
2014-06-02 18:49 - 2014-06-02 18:49 - 23424432 _____ (Windows 7 - Codec Pack) C:\Users\Jawad\Downloads\windows.7.codec.pack.v4.0.9.setup.exe
2014-06-01 17:36 - 2014-06-01 17:39 - 87179530 _____ () C:\Users\Jawad\Downloads\gapps-kk-20140105-signed.zip
2014-05-27 23:14 - 2014-05-27 23:18 - 00000000 ____D () C:\Users\Jawad\Desktop\27.05.2014
2014-05-27 23:06 - 2014-05-27 23:18 - 00000000 ____D () C:\Users\Jawad\Desktop\26.05.2014
2014-05-27 17:58 - 2014-05-27 18:02 - 174538954 _____ () C:\Users\Jawad\Downloads\Photos_downloaded_by_AirDroid.zip

==================== One Month Modified Files and Folders =======

2014-06-23 19:12 - 2014-06-21 17:01 - 00026451 _____ () C:\Users\Jawad\Downloads\FRST.txt
2014-06-23 19:12 - 2012-02-09 14:07 - 01820808 _____ () C:\windows\WindowsUpdate.log
2014-06-23 19:11 - 2014-06-23 19:11 - 00000000 ____D () C:\Users\Jawad\Downloads\FRST-OlderVersion
2014-06-23 19:11 - 2014-06-21 17:01 - 00000000 ____D () C:\FRST
2014-06-23 19:11 - 2014-06-21 17:00 - 02082816 _____ (Farbar) C:\Users\Jawad\Downloads\FRST64.exe
2014-06-23 19:09 - 2013-06-28 17:37 - 00000000 ____D () C:\Users\Jawad\Downloads\Wolfram.Research.Mathematica.v9.0.1
2014-06-23 19:06 - 2013-06-28 16:03 - 00000000 ____D () C:\Users\Jawad\Downloads\Anthropics.Portrait.Professional.Studio.v10.8.2
2014-06-23 19:01 - 2012-06-08 15:34 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\Skype
2014-06-23 18:54 - 2012-06-16 21:20 - 00001120 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000UA.job
2014-06-23 18:52 - 2012-02-09 14:33 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-23 18:48 - 2012-12-09 01:50 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-06-23 18:46 - 2012-02-09 14:39 - 01049472 _____ () C:\windows\system32\TPHDLOG0.LOG
2014-06-23 18:26 - 2014-05-20 23:35 - 00000000 ____D () C:\ProgramData\TwonkyServer
2014-06-23 17:54 - 2012-06-16 21:20 - 00001068 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000Core.job
2014-06-23 15:37 - 2013-06-30 19:09 - 00003930 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{A31A9D57-64D4-48B9-B93F-182C18DEEE4D}
2014-06-23 14:51 - 2012-02-09 14:33 - 00001120 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-23 14:49 - 2012-02-09 14:39 - 00659328 _____ () C:\windows\system32\TPAPSLOG.LOG
2014-06-23 14:46 - 2012-06-10 15:16 - 00000000 ____D () C:\Users\Jawad\AppData\Local\Adobe
2014-06-23 14:46 - 2012-02-09 14:43 - 01907734 _____ () C:\FaceProv.log
2014-06-23 14:46 - 2012-02-09 14:43 - 00000000 ____D () C:\ProgramData\VeriFace
2014-06-23 14:46 - 2009-07-14 06:51 - 00186326 _____ () C:\windows\setupact.log
2014-06-22 20:03 - 2009-07-14 06:45 - 00028928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-22 20:03 - 2009-07-14 06:45 - 00028928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-22 19:58 - 2012-11-04 23:52 - 00003510 _____ () C:\windows\System32\Tasks\AutoKMS
2014-06-22 10:40 - 2014-06-21 17:04 - 00047896 _____ () C:\Users\Jawad\Downloads\Addition.txt
2014-06-22 10:36 - 2013-06-08 22:29 - 00000000 ____D () C:\Users\Jawad\Downloads\Alles andere
2014-06-22 07:42 - 2014-02-19 23:47 - 00001062 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-22 07:42 - 2014-02-19 23:47 - 00001050 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-06-21 20:13 - 2014-06-21 20:13 - 02347384 _____ (ESET) C:\Users\Jawad\Downloads\esetsmartinstaller_deu.exe
2014-06-21 19:57 - 2012-02-09 14:50 - 01126578 _____ () C:\windows\system32\fastboot.set
2014-06-21 19:56 - 2014-06-21 18:49 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-21 19:54 - 2010-11-21 05:47 - 00407482 _____ () C:\windows\PFRO.log
2014-06-21 19:54 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-21 19:52 - 2014-06-21 19:52 - 00016792 _____ () C:\Users\Jawad\Desktop\Neues Textdokument (2).txt
2014-06-21 19:49 - 2014-06-21 19:34 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-06-21 19:47 - 2014-06-21 19:47 - 00014566 _____ () C:\Users\Jawad\Desktop\HitmanPro_20140621_1947.log
2014-06-21 19:46 - 2014-06-21 19:46 - 00012872 _____ (SurfRight B.V.) C:\windows\system32\bootdelete.exe
2014-06-21 19:46 - 2014-01-06 12:26 - 00000000 ___RD () C:\Users\Jawad\Desktop\Alles andere !!!
2014-06-21 19:33 - 2014-06-21 19:33 - 10971424 _____ (SurfRight B.V.) C:\Users\Jawad\Downloads\HitmanPro_x64.exe
2014-06-21 18:48 - 2014-06-21 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-21 18:48 - 2014-06-21 18:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-21 18:48 - 2014-06-21 18:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-21 18:47 - 2014-06-21 18:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jawad\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-21 18:38 - 2014-06-21 18:37 - 00000000 ____D () C:\AdwCleaner
2014-06-21 18:35 - 2012-08-06 21:33 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-21 18:23 - 2014-06-21 18:23 - 01333465 _____ () C:\Users\Jawad\Downloads\adwcleaner_3.212.exe
2014-06-21 18:05 - 2013-04-07 15:46 - 00000000 ____D () C:\Program Files\Java
2014-06-21 16:00 - 2013-06-28 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Portrait Professional Studio 10
2014-06-21 16:00 - 2013-06-28 16:05 - 00000000 ____D () C:\Program Files (x86)\Portrait Professional Studio 10
2014-06-21 15:59 - 2014-06-21 15:59 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\Avira
2014-06-21 15:55 - 2014-06-21 15:57 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2014-06-21 15:54 - 2014-06-21 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-21 15:53 - 2014-06-21 15:47 - 00000000 ____D () C:\ProgramData\Avira
2014-06-21 15:53 - 2014-06-21 15:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-06-21 15:47 - 2014-06-21 15:47 - 00001097 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-06-21 15:46 - 2014-06-21 15:46 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jawad\Downloads\avira_de_av_4042837637__ws.exe
2014-06-21 15:46 - 2014-06-21 15:46 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-20 16:55 - 2012-06-08 15:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-06-20 11:47 - 2012-02-09 14:33 - 00004120 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 11:47 - 2012-02-09 14:33 - 00003868 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 15:22 - 2014-06-19 15:22 - 00349756 _____ () C:\Users\Jawad\Downloads\sitemap515.20130528.xml.gz
2014-06-18 09:24 - 2014-06-18 09:24 - 00000000 ____D () C:\Users\Jawad\Downloads\Runtastic PRO v5.0.2
2014-06-18 09:24 - 2014-06-18 09:23 - 16009683 _____ () C:\Users\Jawad\Downloads\Runtastic PRO v5.0.2.rar
2014-06-17 17:49 - 2012-06-16 21:20 - 00004090 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000UA
2014-06-17 17:49 - 2012-06-16 21:20 - 00003694 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000Core
2014-06-15 20:35 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2014-06-15 11:16 - 2014-03-06 23:04 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-13 00:12 - 2013-08-15 19:07 - 00000000 ____D () C:\windows\system32\MRT
2014-06-13 00:10 - 2012-06-13 01:15 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-13 00:09 - 2012-06-08 23:54 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-13 00:05 - 2012-06-23 17:40 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\Spotify
2014-06-12 17:58 - 2014-05-04 17:22 - 00002135 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-09 13:59 - 2014-06-09 13:59 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\Mozilla
2014-06-08 22:18 - 2012-06-23 17:40 - 00000000 ____D () C:\Users\Jawad\AppData\Local\Spotify
2014-06-05 18:36 - 2014-03-22 22:26 - 00000000 ____D () C:\Users\Jawad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-06-04 19:11 - 2013-06-26 19:01 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-02 18:49 - 2014-06-02 18:49 - 23424432 _____ (Windows 7 - Codec Pack) C:\Users\Jawad\Downloads\windows.7.codec.pack.v4.0.9.setup.exe
2014-06-02 16:38 - 2012-06-08 15:34 - 00000000 ____D () C:\ProgramData\Skype
2014-06-02 16:37 - 2014-03-27 20:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-01 17:39 - 2014-06-01 17:36 - 87179530 _____ () C:\Users\Jawad\Downloads\gapps-kk-20140105-signed.zip
2014-05-30 12:21 - 2014-06-12 17:49 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-12 17:49 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-12 17:49 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-12 17:49 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-12 17:49 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-12 17:49 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-12 17:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-12 17:49 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-12 17:49 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-12 17:49 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-12 17:49 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-12 17:49 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-12 17:49 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-12 17:49 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-12 17:49 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-12 17:49 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-12 17:49 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-12 17:49 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-12 17:49 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-12 17:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-12 17:49 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-12 17:49 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-12 17:49 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-12 17:49 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-12 17:49 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-12 17:49 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-12 17:49 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-12 17:49 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-12 17:49 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-12 17:49 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-12 17:49 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-12 17:49 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-12 17:49 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-12 17:49 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-12 17:49 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-12 17:49 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-12 17:49 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-12 17:49 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-12 17:49 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-12 17:49 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-12 17:49 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-12 17:49 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-12 17:49 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-12 17:49 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-12 17:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-12 17:49 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-12 17:49 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-12 17:49 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-12 17:49 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-12 17:49 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-12 17:49 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-12 17:49 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-05-29 19:06 - 2012-07-23 12:41 - 00000000 ____D () C:\Users\Jawad\AppData\Local\Microsoft Games
2014-05-27 23:18 - 2014-05-27 23:14 - 00000000 ____D () C:\Users\Jawad\Desktop\27.05.2014
2014-05-27 23:18 - 2014-05-27 23:06 - 00000000 ____D () C:\Users\Jawad\Desktop\26.05.2014
2014-05-27 18:02 - 2014-05-27 17:58 - 174538954 _____ () C:\Users\Jawad\Downloads\Photos_downloaded_by_AirDroid.zip
2014-05-27 17:12 - 2014-06-21 15:53 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-05-27 17:12 - 2014-06-21 15:53 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-05-27 17:12 - 2014-06-21 15:53 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys

Some content of TEMP:
====================
C:\Users\Jawad\AppData\Local\Temp\avgnt.exe
C:\Users\Jawad\AppData\Local\Temp\CMInstaller.exe
C:\Users\Jawad\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Jawad\AppData\Local\Temp\muzaf1.dll
C:\Users\Jawad\AppData\Local\Temp\muzapp.dll
C:\Users\Jawad\AppData\Local\Temp\muzapp.exe
C:\Users\Jawad\AppData\Local\Temp\muzwmts.dll
C:\Users\Jawad\AppData\Local\Temp\ose00001.exe
C:\Users\Jawad\AppData\Local\Temp\Quarantine.exe
C:\Users\Jawad\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jawad\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Jawad\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\Jawad\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\Jawad\AppData\Local\Temp\_is81B.exe
C:\Users\Jawad\AppData\Local\Temp\_isA054.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 09:55

==================== End Of Log ============================
--- --- ---




und anbei noch meinen Addition.txt logfile :


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2014
Ran by Jawad at 2014-06-23 19:13:35
Running from C:\Users\Jawad\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Active Protection System (HKLM-x32\...\{F493761C-E465-4B9E-9FC1-A312F161DE0A}) (Version: 1.70.08 - Lenovo)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.600 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.5.0.600 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS3 (HKLM-x32\...\Adobe_c015d5ef39552390a753ee735d16041) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Illustrator CS3 (x32 Version: 13.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 3.6 64-bit (HKLM\...\{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}) (Version: 3.6.1 - Adobe)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.)
Avira (HKLM-x32\...\{68e29fba-92b1-4f6f-a604-1d8679da3a9f}) (Version: 1.1.13.24161 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.13.24161 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
bettermarkit (HKLM-x32\...\a207c8e9-8b5d-4b7f-9763-8986c6ca8939) (Version:  - bettermarkitnet Soft) <==== ATTENTION
Bia2 Radio (HKLM-x32\...\com.adobe.radio.372F4266994BA18A839D42D56BA652959166B005.1) (Version: 1.2 - UNKNOWN)
Bia2 Radio (x32 Version: 1.2 - UNKNOWN) Hidden
Brother MFL-Pro Suite DCP-J525W (HKLM-x32\...\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}) (Version: 1.1.6.0 - Brother Industries, Ltd.)
CM Installer (HKLM-x32\...\{681544C2-FFA2-4CFD-A9AD-2A3D25DF8D22}) (Version: 1.0.0.0 - Cyanogen Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Dassault Systemes Software B21 (HKLM\...\Dassault Systemes B21_0) (Version:  - )
Dassault Systemes Software Prerequisites x86-x64 (HKLM\...\{CF1EB598-B424-436A-B15F-B763846BA970}) (Version: 8.1.3 - Dassault Systemes)
Dassault Systemes Software VC9 Prerequisites x86-x64 (HKLM\...\{F2F2DEA7-36AB-4E13-907C-D8BDE775EF97}) (Version: 9.1.2 - Dassault Systemes)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)
Dojotech Spotify Recorder (HKLM-x32\...\{D149DB2E-392E-48CC-8036-88BECC09C50A}) (Version: 3.2 - Dojotech Software)
Elements 10 Organizer (x32 Version: 10.0 - Ihr Firmenname) Hidden
Energy Management (HKLM-x32\...\{0CE226F3-EB27-4ECD-BBF5-F088716779FD}) (Version: 5.4.2.6 - Lenovo)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Video to Android Converter version 5.0.32.1230 (HKLM-x32\...\Free Video to Android Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.32.327 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.32.327 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.30.903 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.30.903 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Drive (HKLM-x32\...\{D9F75285-4864-461D-83DA-8D056BAC44D1}) (Version: 1.16.6866.4367 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java SE Development Kit 7 Update 17 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170170}) (Version: 1.7.0.170 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1900 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.10.1004.1 - Lenovo EasyCamera)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.7 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1230 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1230 - CyberLink Corp.) Hidden
Lenovo Security Suite (HKLM-x32\...\InstallShield_{8B404231-6BB1-44F6-8488-6A7C307B576F}) (Version: 1.0.4.6 - Lenovo)
Lenovo Security Suite (x32 Version: 1.0.4.6 - Lenovo) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3728 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MCCI(r)Firmware Update Driver for MTK (HKLM-x32\...\{13E92303-C1AC-4012-9E22-54EACBF54888}) (Version: 1.00.0000 - MCCI)
MediaManager (HKLM-x32\...\MediaManager) (Version: 3.0.3 (60) - PacketVideo)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Manager (HKCU\...\MusicManager) (Version:  - Google, Inc.)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.4 - F.J. Wechselberger)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Portrait Professional Studio 10.8 (HKLM-x32\...\PortraitProfessionalStudio10_is1) (Version: 10.8 - Anthropics Technology Ltd.)
PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6201 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.1.0 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29480 - TeamViewer)
Twonky Windows Components (HKLM-x32\...\{7CC673E7-5271-409D-B196-BB76DA60300B}) (Version: 3.0.3 - PacketVideo)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VBA (3821b) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.1.0126 - Lenovo)
Visual Basic for Applications (R) Core - English (x32 Version: 6.5.10.32 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core (x32 Version: 6.5.10.53 - Microsoft Corporation) Hidden
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Windows 7 Codec Pack 4.0.9 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.9 - Windows 7 Codec Pack)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (01/20/2010 6.4.0.1) (HKLM\...\E1DBB3EF910E1B47C70220D60E673F3798130C6D) (Version: 01/20/2010 6.4.0.1 - Lenovo)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wolfram Mathematica 8 (M-WIN-T 8.0.4 2615567) (HKLM\...\M-WIN-T 8.0.4 2615567_is1) (Version: 8.0.4 - Wolfram Research, Inc.)
WYSIWYG Web Builder 8  (HKLM-x32\...\WYSIWYG_Web_Builder_8) (Version:  - )

==================== Restore Points  =========================

03-06-2014 11:32:09 Windows Update
06-06-2014 21:05:57 Windows Update
10-06-2014 15:05:50 Windows Update
12-06-2014 22:06:21 Windows Update
17-06-2014 15:59:49 Windows Update
20-06-2014 23:27:15 Windows Update
21-06-2014 16:02:28 Removed Java 7 Update 17 (64-bit)
21-06-2014 16:21:31 Removed Java 7 Update 55
21-06-2014 16:27:20 Removed Java(TM) 6 Update 30

==================== Hosts content: ==========================

2009-07-14 04:34 - 2012-10-05 12:48 - 00001056 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1        activate.adobe.com
127.0.0.1        adobe-dns-1.adobe.com
127.0.0.1        adobe-dns-2.adobe.com
127.0.0.1        adobe-dns-2.adobe.com
127.0.0.1        adobe-dns-3.adobe.com
127.0.0.1        adobe-dns-3.adobe.com
127.0.0.1        adobe-dns-4.adobe.com


==================== Scheduled Tasks (whitelisted) =============

Task: {2F51C98A-FC48-4FF8-ADBE-5D42F0AC0585} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000UA => C:\Users\Jawad\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-08] (Google Inc.)
Task: {50991E6F-7564-4979-AAE6-DFA656F07197} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-09] (Google Inc.)
Task: {6AE1266B-96F9-41FD-9D1B-6046120430FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-09] (Google Inc.)
Task: {82A6E515-007D-4194-98AB-21A80FEB393C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {89A76BC7-DA62-4E89-9437-A35E8D738085} - \bettermarkit Update No Task File <==== ATTENTION
Task: {90EC5CDA-DE57-4F17-A3F2-3F345B80766A} - System32\Tasks\AdobeAAMUpdater-1.0-Jawad-PC-Jawad => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {D5412A55-5EE5-43C8-9046-1401A4D51F35} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000Core => C:\Users\Jawad\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-08] (Google Inc.)
Task: {EB68D752-AA8B-4D98-85C6-7594772D44DE} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29] (CyberLink)
Task: {ED5996A9-6AF9-4B30-9396-45AC5877D054} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2012-11-04] ()
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000Core.job => C:\Users\Jawad\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423967124-2091797172-957535332-1000UA.job => C:\Users\Jawad\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-18 00:06 - 2005-04-22 06:36 - 00143360 _____ () C:\windows\system32\BrSNMP64.dll
2012-07-09 20:51 - 2012-07-09 20:51 - 00545608 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
2012-07-09 20:51 - 2012-07-09 20:51 - 01672008 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\TwonkyServer.exe
2012-07-09 20:50 - 2012-07-09 20:50 - 00271176 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-04-20 15:29 - 2010-04-20 15:29 - 00173344 _____ () C:\Program Files\Lenovo\Bluetooth Software\btkeyind.dll
2012-02-09 14:43 - 2012-02-09 14:43 - 00628064 _____ () C:\windows\system32\SimpleExt.dll
2012-02-09 14:52 - 2009-07-15 17:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2012-02-09 14:52 - 2009-07-15 17:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2012-07-09 20:51 - 2012-07-09 20:51 - 00176968 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\wmdrmdll.dll
2014-05-14 14:27 - 2014-05-14 14:27 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-05-14 14:27 - 2014-05-14 14:27 - 00065616 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 10683392 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 07741952 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 02248192 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 01681408 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
2014-05-15 23:20 - 2014-05-15 23:20 - 00117248 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2014-05-15 23:20 - 2014-05-15 23:20 - 00231936 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2014-05-15 23:21 - 2014-05-15 23:21 - 00253440 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2014-05-15 23:24 - 2014-05-15 23:24 - 00344064 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 00026624 _____ () C:\Users\Jawad\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
2014-05-07 23:54 - 2014-06-15 11:16 - 00012288 _____ () C:\Program Files (x86)\Google\Chrome\Application\WTSAPI32.dll
2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-02-09 14:43 - 2012-02-09 14:43 - 00013664 _____ () C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
2014-06-12 17:57 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-12 17:57 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-05-17 15:37 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-06-21 15:54 - 2014-05-14 14:27 - 00049744 _____ () C:\Users\Jawad\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-06-12 17:58 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-12 17:58 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-12 17:57 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-02-13 04:45 - 2014-02-13 04:45 - 00170496 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\14c2655e9e6031c4deed9c4b77689b9e\IsdiInterop.ni.dll
2012-02-09 14:18 - 2010-03-03 22:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-06-12 17:58 - 2014-06-05 15:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00144896 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 02376192 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00282112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00084992 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libaout_directx_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00086528 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00114688 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectx_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00071680 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmxext\libmemcpymmxext_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00224768 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00134656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00293888 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00081408 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00079360 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00469504 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libstream_filter_httplive_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00693760 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libstream_filter_dash_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00074240 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00120320 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00071168 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libstream_filter_record_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00143360 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 01405440 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00335872 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 01285120 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00087552 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00072704 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00229888 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 11387904 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00122880 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00070656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00124928 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_http_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00325632 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00122368 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00077312 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00074240 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00071680 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00221696 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00074240 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 01338880 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00086016 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 01759232 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00076288 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00393728 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00181248 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00072192 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00387584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00279552 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00968704 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00340480 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00076800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00078336 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00287232 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfluidsynth_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00074752 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00077312 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 08026112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00218112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00107520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00164864 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00740352 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 01551872 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00072192 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libconverter_fixed_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00070144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00086016 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00077824 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00073216 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00071680 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00403968 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00071680 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00172032 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00085504 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00070656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00082432 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00076800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00069632 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat32_mixer_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00111104 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00076288 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00074240 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00075264 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00091136 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00071680 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00073216 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00076800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00071680 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00071680 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2013-06-07 23:22 - 2013-06-07 23:22 - 00070656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2013-06-07 23:21 - 2013-06-07 23:21 - 00115712 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/22/2014 05:59:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GoogleUpdate.exe, Version: 1.3.21.103, Zeitstempel: 0x4f3c6d6c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000223e0
ID des fehlerhaften Prozesses: 0xaa4
Startzeit der fehlerhaften Anwendung: 0xGoogleUpdate.exe0
Pfad der fehlerhaften Anwendung: GoogleUpdate.exe1
Pfad des fehlerhaften Moduls: GoogleUpdate.exe2
Berichtskennung: GoogleUpdate.exe3

Error: (06/21/2014 11:46:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/21/2014 11:34:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/21/2014 08:14:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/21/2014 08:13:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/21/2014 07:55:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/21/2014 06:42:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2014 10:48:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/06/18 22:48:56.522]: [00002528]: Initialize TwdsMain Class failed!

Error: (06/18/2014 10:48:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/06/18 22:48:56.446]: [00002528]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (06/18/2014 03:40:00 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/06/18 15:40:00.457]: [00002528]: Initialize TwdsMain Class failed!


System errors:
=============
Error: (06/21/2014 07:56:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/21/2014 07:55:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (06/21/2014 06:42:29 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/21/2014 06:42:24 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (06/20/2014 08:33:30 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Die beiderseitige Authentifizierung zwischen dem lokalen Bluetooth-Adapter und einem Gerät mit Bluetooth-Adapteradresse (20:13:e0:a7:66:9c) ist fehlgeschlagen.

Error: (06/19/2014 05:00:16 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst TeamViewer9 erreicht.

Error: (06/15/2014 11:15:34 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/15/2014 11:15:29 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (06/15/2014 11:13:40 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎15.‎06.‎2014 um 11:12:57 unerwartet heruntergefahren.

Error: (06/15/2014 11:11:30 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007045b


Microsoft Office Sessions:
=========================
Error: (06/22/2014 05:59:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GoogleUpdate.exe1.3.21.1034f3c6d6cntdll.dll6.1.7601.18247521ea8e7c0000005000223e0aa401cf8e322eb6f692C:\Users\Jawad\AppData\Local\Google\Update\GoogleUpdate.exeC:\windows\SysWOW64\ntdll.dll3ea769e6-fa26-11e3-8722-642737859151

Error: (06/21/2014 11:46:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jawad\Downloads\esetsmartinstaller_deu.exe

Error: (06/21/2014 11:34:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (06/21/2014 08:14:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jawad\Downloads\esetsmartinstaller_deu.exe

Error: (06/21/2014 08:13:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jawad\Downloads\esetsmartinstaller_deu.exe

Error: (06/21/2014 07:55:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/21/2014 06:42:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2014 10:48:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/06/18 22:48:56.522]: [00002528]: Initialize TwdsMain Class failed!

Error: (06/18/2014 10:48:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/06/18 22:48:56.446]: [00002528]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (06/18/2014 03:40:00 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/06/18 15:40:00.457]: [00002528]: Initialize TwdsMain Class failed!


==================== Memory info ===========================

Percentage of memory in use: 65%
Total physical RAM: 3893.86 MB
Available physical RAM: 1360.54 MB
Total Pagefile: 7785.9 MB
Available Pagefile: 4108.37 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:254.14 GB) (Free:105.91 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: F9C454B0)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=254 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=15 GB) - (Type=12)

==================== End Of Log ============================

Gruss

tamore123

deeprybka 23.06.2014 19:19
Hallo, ich wiederhole mich gerne. Der Support ist unterbrochen bis jegliche illegale Software entfernt wurde.
http://www.trojaner-board.de/95394-c...-software.html


Alle Zeitangaben in WEZ +1. Es ist jetzt 08:37 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131