Trojaner-Board - RunDll BackgroundContainer.dll

Tag,

wenn der PC immer hochfährt erscheint die Fehler-Meldung:
Problem beim Start von C:\Users\Benutzername\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll
Das angegebene Modul wurde nicht gefunden.
Meine Logfiles:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-12-2013
Ran by tarik (administrator) on TARIK-BOSS on 26-12-2013 12:42:25
Running from C:\Users\tarik\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Google Inc.) C:\Users\tarik\AppData\Local\Google\Update\GoogleUpdate.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13219984 2012-11-07] (Realtek Semiconductor)
HKLM\...\Run: [VDownloader] - E:\Program Files\VDownloader\VDownloader.exe [879104 2013-03-27] (Vitzo)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492248 2012-12-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [EKStatusMonitor] - C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [YTDownloader] - C:\Program Files (x86)\YTDownloader\YTDownloader.exe [2050408 2013-11-25] (YTDownloader)
HKLM-x32\...\Run: [spup] - C:\Users\tarik\AppData\Roaming\ShinyProfile\spup.exe [197664 2013-11-12] ()
HKLM-x32\...\Run: [Conime] - %windir%\system32\conime.exe
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKCU\...\Run: [AppLauncher] - C:\Program Files (x86)\Ashampoo\Ashampoo AppLauncher\AppLauncher.exe [969632 2012-08-10] (Ashampoo)
HKCU\...\Run: [Google Update] - C:\Users\tarik\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-22] (Google Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKCU\...\Run: [Browser Infrastructure Helper] - C:\Users\tarik\AppData\Local\Smartbar\Application\Smartbar.exe startup
HKCU\...\Run: [BackgroundContainer] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\tarik\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKCU\...\Run: [Facebook Update] - "C:\Users\tarik\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKCU\...\Run: [Spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)
AppInit_DLLs: C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1317152 2013-12-16] (Conduit)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1009440 2013-12-16] (Conduit)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=31a8324e-6e47-2296-769c-4ccdb5fdc7cc&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=25/11/2013&type=hp1000
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1387317149&from=epom2&uid=ST1000DM003-1CH162_Z1D55B8SXXXXZ1D55B8S
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=31a8324e-6e47-2296-769c-4ccdb5fdc7cc&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=25/11/2013&type=hp1000
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1387317149&from=epom2&uid=ST1000DM003-1CH162_Z1D55B8SXXXXZ1D55B8S&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1387317149&from=epom2&uid=ST1000DM003-1CH162_Z1D55B8SXXXXZ1D55B8S
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1387317149&from=epom2&uid=ST1000DM003-1CH162_Z1D55B8SXXXXZ1D55B8S
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1387317149&from=epom2&uid=ST1000DM003-1CH162_Z1D55B8SXXXXZ1D55B8S&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1387317149&from=epom2&uid=ST1000DM003-1CH162_Z1D55B8SXXXXZ1D55B8S&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1387317149&from=epom2&uid=ST1000DM003-1CH162_Z1D55B8SXXXXZ1D55B8S
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1387317149&from=epom2&uid=ST1000DM003-1CH162_Z1D55B8SXXXXZ1D55B8S
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1387317149&from=epom2&uid=ST1000DM003-1CH162_Z1D55B8SXXXXZ1D55B8S&q={searchTerms}
URLSearchHook: HKLM-x32 - Connect DLC 5 Toolbar - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
StartMenuInternet: IEXPLORE.EXE - c:\program files\internet explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1387317149&from=epom2&uid=ST1000DM003-1CH162_Z1D55B8SXXXXZ1D55B8S
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1387317149&from=epom2&uid=ST1000DM003-1CH162_Z1D55B8SXXXXZ1D55B8S&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1387317149&from=epom2&uid=ST1000DM003-1CH162_Z1D55B8SXXXXZ1D55B8S&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1387317149&from=epom2&uid=ST1000DM003-1CH162_Z1D55B8SXXXXZ1D55B8S&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=31a8324e-6e47-2296-769c-4ccdb5fdc7cc&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=25/11/2013&type=hp1000
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1387317149&from=epom2&uid=ST1000DM003-1CH162_Z1D55B8SXXXXZ1D55B8S&q={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3318522&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPB98DCE1F-AC0E-42D9-818E-CF4E79BC5258&q={searchTerms}&SSPV=
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=31a8324e-6e47-2296-769c-4ccdb5fdc7cc&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=25/11/2013&type=hp1000
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3318522&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPB98DCE1F-AC0E-42D9-818E-CF4E79BC5258&q={searchTerms}&SSPV=
SearchScopes: HKCU - {9D1AA200-1F1F-4EEC-9736-66EEED2FC03A} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3306061&CUI=UN62442495711764206&UM=2
BHO: iWebar - {11111111-1111-1111-1111-110311551110} - C:\Program Files (x86)\iWebar\iWebar-bho64.dll (iWebar)
BHO: No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: iWebar - {11111111-1111-1111-1111-110311551110} - C:\Program Files (x86)\iWebar\iWebar-bho.dll (iWebar)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: ShinyProfile Class - {C8B7D03D-30D7-493A-95E5-6547E2FAC2FE} - C:\Users\tarik\AppData\Roaming\ShinyProfile\shinyprofile.dll (TODO: <Company name>)
BHO-x32: Connect DLC 5 Toolbar - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
BHO-x32: Value Apps plugin - {F63AAEDC-3602-49EF-AA45-262380A98980} - C:\Users\tarik\AppData\Roaming\ValueApps\IE\MonPrx.dll (Conduit Ltd.)
BHO-x32: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKLM - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Toolbar: HKLM-x32 - Connect DLC 5 Toolbar - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKCU - No Name - {D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8214E2B7-6A0E-413D-A34C-003CBA11CD8F}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\tarik\AppData\Roaming\Mozilla\Firefox\Profiles\ykzujjau.default-1385314951015
FF user.js: detected! => C:\Users\tarik\AppData\Roaming\Mozilla\Firefox\Profiles\ykzujjau.default-1385314951015\user.js
FF NewTab: hxxp://search.conduit.com/?ctid=CT3318522&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=2&UP=SPB98DCE1F-AC0E-42D9-818E-CF4E79BC5258
FF Homepage: hxxp://search.conduit.com/?ctid=CT3318522&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPB98DCE1F-AC0E-42D9-818E-CF4E79BC5258&SSPV=
FF Keyword.URL: hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=31a8324e-6e47-2296-769c-4ccdb5fdc7cc&searchtype=ds&fr=linkury-tb&installDate=25/11/2013&type=hp1000&p=
FF NetworkProxy: "ftp", "109.207.61.168"
FF NetworkProxy: "ftp_port", 8090
FF NetworkProxy: "http", "109.207.61.168"
FF NetworkProxy: "http_port", 8090
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "109.207.61.168"
FF NetworkProxy: "socks_port", 8090
FF NetworkProxy: "ssl", "109.207.61.168"
FF NetworkProxy: "ssl_port", 8090
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\tarik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\tarik\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\tarik\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\tarik\AppData\Roaming\Mozilla\Firefox\Profiles\ykzujjau.default-1385314951015\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\tarik\AppData\Roaming\Mozilla\Firefox\Profiles\ykzujjau.default-1385314951015\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\nationzoom.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: iWebar - C:\Users\tarik\AppData\Roaming\Mozilla\Firefox\Profiles\ykzujjau.default-1385314951015\Extensions\2eb528f3-950d-48a3-be4b-5d7de6c8331e@a41e199b-6ca4-4d23-ab87-73f2d1973314.com
FF Extension: Connect DLC 5 - C:\Users\tarik\AppData\Roaming\Mozilla\Firefox\Profiles\ykzujjau.default-1385314951015\Extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}
FF Extension: Stealthy - C:\Users\tarik\AppData\Roaming\Mozilla\Firefox\Profiles\ykzujjau.default-1385314951015\Extensions\stealthyextension@gmail.com.xpi
FF Extension: Cookie Controller - C:\Users\tarik\AppData\Roaming\Mozilla\Firefox\Profiles\ykzujjau.default-1385314951015\Extensions\{ac2cfa60-bc96-11e0-962b-0800200c9a66}.xpi
FF Extension: Edit Cookies - C:\Users\tarik\AppData\Roaming\Mozilla\Firefox\Profiles\ykzujjau.default-1385314951015\Extensions\{ea2b95c2-9be8-48ed-bdd1-5fcd2ad0ff99}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKCU\...\Firefox\Extensions: [{f978a5de-bf48-4412-bf07-712b84fb7052}] - C:\Program Files (x86)\Show-Password\135.xpi

Chrome:
=======
CHR HomePage: hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=48&cc=&mi=b2e30684000000000000d43d7eaf5c4f
CHR RestoreOnStartup: "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=48&cc=&mi=b2e30684000000000000d43d7eaf5c4f","hxxp://search.conduit.com/?ctid=CT3306061&SearchSource=48&CUI=UN10932845621478624&UM=2","hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=31a8324e-6e47-2296-769c-4ccdb5fdc7cc&searchtype=hp&fr=linkury-tb&installDate=25/11/2013&type=hp1000","hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPF9BD5CA9-C067-48C8-8044-507DB3D24655&SSPV=","hxxp://www.nationzoom.com/?type=hp&ts=1387317149&from=epom2&uid=ST1000DM003-1CH162_Z1D55B8SXXXXZ1D55B8S"
CHR DefaultSearchURL: http:\/\/search.conduit.com\/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPB98DCE1F-AC0E-42D9-818E-CF4E79BC5258&q={searchTerms}&SSPV=
CHR DefaultNewTabURL:
CHR Extension: (Yahoo Community Smartbar) - C:\Users\tarik\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0
CHR Extension: (Google Docs) - C:\Users\tarik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\tarik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\tarik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Extended Protection) - C:\Users\tarik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0
CHR Extension: (iWebar) - C:\Users\tarik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.25.164_0
CHR Extension: (Google Search) - C:\Users\tarik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: () - C:\Users\tarik\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.4.1311_0
CHR Extension: (Lightning Newtab) - C:\Users\tarik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\1.1.7.9_0
CHR Extension: (Value apps) - C:\Users\tarik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.0.0_0
CHR Extension: (Connect DLC 5) - C:\Users\tarik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lipgolpfajiadodbcbljdpmbmbdmfcil\10.22.5.510_0
CHR Extension: (Google Wallet) - C:\Users\tarik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\tarik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\tarik\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM-x32\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\tarik\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx
CHR HKLM-x32\...\Chrome\Extension: [logekkkdbdidmmcgkonmmonclldogceg] - C:\Program Files (x86)\Show-Password\135.crx

==================== Services (Whitelisted) =================

R2 ACT2_Service; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe [1421216 2011-08-22] ()
R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-12] (Avira Operations GmbH & Co. KG)
S2 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-11] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-11] (BonanzaDeals)
S2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2251552 2013-12-16] (Conduit)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [121616 2013-11-07] (McAfee, Inc.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-08] (NVIDIA Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [499856 2013-12-17] (Cherished Technololgy LIMITED)

==================== Drivers (Whitelisted) ====================

R2 ACT2PM; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [15160 2011-06-10] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2013-12-11] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-11-25] (Disc Soft Ltd)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-11-29] (LogMeIn Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2013-12-11] ()
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
S3 RTL8192cu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1576080 2012-08-07] (Realtek Semiconductor Corporation )
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1576080 2012-08-07] (Realtek Semiconductor Corporation )
R2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58728 2013-11-25] (YTDownloader)
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-26 12:42 - 2013-12-26 12:43 - 00030081 _____ C:\Users\tarik\Downloads\FRST.txt
2013-12-26 12:42 - 2013-12-26 12:42 - 00000000 ____D C:\FRST
2013-12-26 12:41 - 2013-12-26 12:41 - 01928716 _____ (Farbar) C:\Users\tarik\Downloads\FRST64.exe
2013-12-26 12:34 - 2013-12-26 12:34 - 00000744 _____ C:\Users\tarik\Desktop\quarantaene.txt
2013-12-26 12:23 - 2013-12-26 12:23 - 00000000 _____ C:\Users\tarik\agent.log
2013-12-26 03:28 - 2013-12-26 03:28 - 00002007 _____ C:\Windows\wininit.ini
2013-12-26 02:38 - 2013-12-26 02:38 - 00436320 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-26 02:03 - 2013-12-26 02:03 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-12-26 02:03 - 2013-12-26 02:03 - 00000000 _____ C:\autoexec.bat
2013-12-25 21:00 - 2013-12-26 02:17 - 00000000 __SHD C:\Users\tarik\VOKYV
2013-12-25 00:16 - 2013-12-25 02:00 - 00007064 _____ C:\Users\xampp\xampp-control.log
2013-12-24 20:46 - 2013-12-25 13:59 - 00000000 ____D C:\Users\xampp\tomcat
2013-12-24 20:45 - 2013-12-25 13:59 - 00000000 ____D C:\Users\xampp
2013-12-23 12:55 - 2013-12-24 20:17 - 00000000 __SHD C:\Users\tarik\AppData\Local\.#
2013-12-22 18:21 - 2013-12-22 18:21 - 00000000 ____D C:\ProgramData\Package Cache
2013-12-22 13:32 - 2013-12-22 13:32 - 00000000 ____D C:\Users\tarik\AppData\Roaming\MySQL
2013-12-22 13:21 - 2013-12-22 13:22 - 00000000 ____D C:\Program Files\MySQL
2013-12-22 13:18 - 2013-12-26 02:34 - 00000000 ____D C:\Program Files (x86)\MySQL
2013-12-22 13:18 - 2013-12-22 13:21 - 00000000 ____D C:\ProgramData\MySQL
2013-12-21 22:05 - 2013-12-26 02:26 - 00000000 ____D C:\Users\tarik\AppData\Roaming\TS3Client
2013-12-21 22:04 - 2013-12-21 22:05 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-12-21 22:02 - 2013-12-21 22:03 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\tarik\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe
2013-12-21 21:06 - 2013-12-21 21:06 - 00000888 _____ C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Switchbotv3.lnk
2013-12-21 11:30 - 2013-12-21 11:38 - 00000000 ____D C:\Users\tarik\AppData\Roaming\XnView
2013-12-21 11:30 - 2013-12-21 11:30 - 00000923 _____ C:\Users\tarik\Desktop\XnView.lnk
2013-12-21 11:30 - 2013-12-21 11:30 - 00000000 ____D C:\Program Files (x86)\XnView
2013-12-21 11:29 - 2013-12-21 11:29 - 14995648 _____ (Gougelet Pierre-e ) C:\Users\tarik\Downloads\XnView-win-full_2.13.exe
2013-12-20 23:19 - 2013-12-20 23:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-20 22:07 - 2013-12-20 22:09 - 177998496 _____ (NVIDIA Corporation) C:\Users\tarik\Downloads\306.23-desktop-win8-win7-winvista-32bit-international-whql.exe
2013-12-19 17:04 - 2013-12-22 11:42 - 00000000 ____D C:\ProgramData\bcb
2013-12-19 17:04 - 2013-12-22 11:42 - 00000000 ____D C:\ProgramData\avs
2013-12-19 17:03 - 2013-12-19 17:03 - 00000000 ____D C:\Users\tarik\avt
2013-12-18 22:48 - 2013-12-18 22:48 - 00004004 _____ C:\Users\tarik\AppData\Local\recently-used.xbel
2013-12-18 22:41 - 2013-12-18 22:41 - 00000000 ____D C:\Users\tarik\AppData\Local\SearchProtect
2013-12-18 22:41 - 2013-12-18 22:41 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-12-18 17:29 - 2013-12-19 16:36 - 00000000 ____D C:\extract
2013-12-18 16:31 - 2013-12-18 17:16 - 00000000 ____D C:\Users\tarik\Documents\Navicat
2013-12-18 16:19 - 2013-12-18 16:19 - 00000600 _____ C:\Users\tarik\AppData\Local\PUTTY.RND
2013-12-18 16:01 - 2013-12-18 16:06 - 123794144 _____ (BitNami) C:\Users\tarik\Downloads\xampp-win32-1.8.3-2-VC11-installer.exe
2013-12-18 15:38 - 2013-12-18 15:38 - 00000000 ____D C:\ProgramData\LogMeIn
2013-12-18 15:33 - 2013-12-19 16:29 - 00000000 ____D C:\Users\tarik\.VirtualBox
2013-12-17 23:24 - 2013-11-29 17:44 - 00252688 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-12-17 23:24 - 2013-11-29 17:43 - 00126736 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-12-17 22:52 - 2013-12-26 11:53 - 00000312 _____ C:\Windows\Tasks\Dealply.job
2013-12-17 22:52 - 2013-12-17 23:58 - 00000000 ____D C:\Users\tarik\AppData\Local\CatalinaGroup
2013-12-17 22:52 - 2013-12-17 22:53 - 00002650 _____ C:\Windows\System32\Tasks\Dealply
2013-12-17 22:52 - 2013-12-17 22:53 - 00000000 ____D C:\ProgramData\WPM
2013-12-17 22:52 - 2013-12-17 22:52 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Dealply
2013-12-17 19:03 - 2013-12-26 03:05 - 00000000 ____D C:\Program Files (x86)\PremiumSoft
2013-12-17 19:03 - 2009-07-10 12:33 - 01589248 _____ C:\Windows\SysWOW64\libmysql_d.dll
2013-12-17 16:45 - 2013-12-18 16:22 - 00000000 ____D C:\Users\tarik\AppData\Roaming\FileZilla
2013-12-16 23:28 - 2013-12-16 23:28 - 00000000 ____D C:\Windows\SysWOW64\SearchProtect
2013-12-16 19:56 - 2013-12-16 19:56 - 00000000 ____D C:\ProgramData\SPEEDbit
2013-12-16 19:51 - 2013-12-16 19:51 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2013-12-16 19:51 - 2013-12-16 19:51 - 00000000 ____D C:\ProgramData\Freemake
2013-12-16 19:51 - 2013-12-16 19:51 - 00000000 ____D C:\Program Files (x86)\Freemake
2013-12-16 19:47 - 2009-09-27 09:39 - 00369152 ___SH (The Public) C:\Windows\SysWOW64\avisynth.dll
2013-12-16 19:47 - 2005-07-14 12:31 - 00032256 ___SH C:\Windows\SysWOW64\AVSredirect.dll
2013-12-16 19:47 - 2004-02-22 10:11 - 00719872 ___SH (Abysmal Software) C:\Windows\SysWOW64\devil.dll
2013-12-16 19:47 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2013-12-16 19:47 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\i420vfw.dll
2013-12-16 19:27 - 2013-12-16 19:27 - 00000000 ____D C:\Users\tarik\AppData\Roaming\eCyber
2013-12-16 19:26 - 2013-12-16 19:26 - 00000000 ____D C:\Windows\system32\log
2013-12-16 19:26 - 2013-12-16 19:26 - 00000000 ____D C:\Users\tarik\AppData\Roaming\ShinyProfile
2013-12-16 19:26 - 2013-12-16 19:26 - 00000000 ____D C:\Users\tarik\AppData\Local\C
2013-12-16 19:25 - 2013-12-16 19:28 - 00000000 ____D C:\Users\tarik\AppData\Roaming\iSafe
2013-12-16 19:25 - 2004-10-10 09:50 - 00278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2013-12-16 19:25 - 2004-07-02 16:33 - 00327749 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drvc.dll
2013-12-16 19:21 - 2013-12-16 19:21 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Converter
2013-12-16 19:19 - 2013-12-16 20:19 - 00001243 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-12-16 18:21 - 2013-12-26 03:15 - 00000000 ____D C:\Users\tarik\Desktop\Burak
2013-12-16 18:18 - 2013-12-16 18:18 - 00000000 ____D C:\Fraps
2013-12-16 18:10 - 2013-12-16 18:10 - 00000000 ____D C:\Users\tarik\AppData\Roaming\BANDISOFT
2013-12-16 18:09 - 2013-12-16 18:09 - 00000992 _____ C:\Users\UpdatusUser\Desktop\Bandicam.lnk
2013-12-15 20:54 - 2013-12-16 22:06 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Audacity
2013-12-15 20:54 - 2013-12-15 20:54 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-12-15 20:32 - 2013-12-22 11:37 - 00000950 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002UA.job
2013-12-15 20:32 - 2013-12-21 20:37 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002Core.job
2013-12-15 20:32 - 2013-12-15 20:32 - 00003798 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002UA
2013-12-15 20:32 - 2013-12-15 20:32 - 00003448 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002Core
2013-12-15 20:07 - 2013-12-15 20:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2013-12-15 20:07 - 2013-12-15 20:07 - 00000000 ____D C:\Program Files (x86)\Code Laboratories
2013-12-12 12:05 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 12:05 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 12:05 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 12:05 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-12 12:05 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 12:05 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 12:05 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 12:05 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-12 12:05 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 12:05 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 12:05 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 12:05 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 12:05 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 12:05 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 12:05 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-12 12:05 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-12 12:04 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 12:04 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 12:04 - 2013-11-07 00:18 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 12:04 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 12:04 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 12:04 - 2013-10-25 07:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-12-12 12:04 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 12:04 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 12:04 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 12:04 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-12 12:04 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2013-12-12 12:04 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 12:04 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 12:04 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 12:04 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2013-12-12 12:04 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 12:04 - 2013-10-09 02:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-12-12 12:04 - 2013-10-08 23:30 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-12-12 12:04 - 2013-10-08 23:30 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-12-12 12:04 - 2013-10-08 23:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-12-12 12:04 - 2013-10-08 23:30 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-12-12 12:04 - 2013-10-08 23:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-12-12 12:04 - 2013-10-08 23:27 - 03279872 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-12-12 12:04 - 2013-10-08 23:27 - 01622016 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-12-12 12:04 - 2013-10-08 23:27 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-12-12 12:04 - 2013-10-08 23:27 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-12-12 12:04 - 2013-10-08 23:27 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-12-12 12:04 - 2013-10-08 23:27 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-12-12 12:04 - 2013-10-08 23:27 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-12-12 12:04 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-12-12 12:04 - 2013-10-03 23:09 - 00385528 _____ C:\Windows\system32\ApnDatabase.xml
2013-12-12 12:04 - 2013-10-02 03:50 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-12-12 12:04 - 2013-09-28 06:48 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-12-12 12:04 - 2013-09-28 04:58 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-12-12 12:04 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-12 12:04 - 2013-09-19 08:32 - 01455448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-12-12 12:04 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2013-12-12 12:04 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2013-12-12 12:04 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2013-12-12 12:04 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2013-12-11 20:51 - 2013-12-26 12:08 - 00002250 _____ C:\Windows\Tasks\iWebar-firefoxinstaller.job
2013-12-11 20:51 - 2013-12-26 12:08 - 00002184 _____ C:\Windows\Tasks\iWebar-chromeinstaller.job
2013-12-11 20:51 - 2013-12-26 12:08 - 00001582 _____ C:\Windows\Tasks\iWebar-updater.job
2013-12-11 20:51 - 2013-12-26 12:08 - 00001484 _____ C:\Windows\Tasks\iWebar-codedownloader.job
2013-12-11 20:51 - 2013-12-26 12:08 - 00001384 _____ C:\Windows\Tasks\iWebar-enabler.job
2013-12-11 20:51 - 2013-12-11 20:51 - 00015115 _____ C:\Users\tarik\AppData\Loca
2013-12-11 20:51 - 2013-12-11 20:51 - 00004586 _____ C:\Windows\System32\Tasks\iWebar-updater
2013-12-11 20:51 - 2013-12-11 20:51 - 00004488 _____ C:\Windows\System32\Tasks\iWebar-codedownloader
2013-12-11 20:51 - 2013-12-11 20:51 - 00004388 _____ C:\Windows\System32\Tasks\iWebar-enabler
2013-12-11 20:51 - 2013-12-11 20:51 - 00000000 ____D C:\Program Files (x86)\iWebar
2013-12-11 20:50 - 2013-12-11 20:51 - 00003726 _____ C:\Windows\System32\Tasks\SMupdate1
2013-12-11 20:50 - 2013-12-11 20:51 - 00003576 _____ C:\Windows\System32\Tasks\YTDownloaderUpd
2013-12-11 20:50 - 2013-12-11 20:50 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
2013-12-11 20:50 - 2013-12-11 20:50 - 00000000 ____D C:\Users\tarik\AppData\Local\CrashRpt
2013-12-11 20:50 - 2013-12-11 20:50 - 00000000 ____D C:\Program Files (x86)\YTDownloader
2013-12-11 20:49 - 2013-12-26 02:43 - 00000000 ____D C:\Users\tarik\AppData\Roaming\uTorrent
2013-12-11 20:36 - 2013-12-11 20:45 - 00310984 _____ C:\Windows\system32\Drivers\atksgt.sys
2013-12-11 20:36 - 2013-12-11 20:36 - 00042696 _____ C:\Windows\system32\Drivers\lirsgt.sys
2013-12-11 20:36 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2013-12-11 19:42 - 2013-12-11 19:53 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sytexis Software
2013-12-11 19:42 - 2013-12-11 19:42 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Sytexis Software
2013-12-11 19:42 - 2013-12-11 19:42 - 00000000 ____D C:\Program Files (x86)\Sytexis Software
2013-12-08 00:25 - 2013-12-17 00:02 - 00000000 ____D C:\Windows\Minidump
2013-12-07 12:18 - 2013-12-20 20:47 - 00000474 ____H C:\Windows\Tasks\Norton Security Scan for tarik.job
2013-12-07 12:18 - 2013-12-07 12:18 - 00003620 _____ C:\Windows\System32\Tasks\Norton Security Scan for tarik
2013-12-07 12:18 - 2013-12-07 12:18 - 00001457 _____ C:\Users\Public\Desktop\Norton Security Scan.LNK
2013-12-07 12:18 - 2013-12-07 12:18 - 00000000 ____D C:\Windows\system32\Drivers\NSSx64
2013-12-07 12:18 - 2013-12-07 12:18 - 00000000 ____D C:\ProgramData\Symantec
2013-12-07 12:18 - 2013-12-07 12:18 - 00000000 ____D C:\ProgramData\Norton
2013-12-07 12:18 - 2013-12-07 12:18 - 00000000 ____D C:\Program Files (x86)\Norton Security Scan
2013-12-07 01:01 - 2013-12-07 01:01 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-12-06 12:19 - 2013-12-06 12:19 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2013-12-06 11:42 - 2013-12-08 00:25 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-12-06 11:42 - 2013-12-06 11:42 - 00000000 ____D C:\ProgramData\McAfee
2013-12-06 11:41 - 2013-12-26 02:38 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-12-02 20:14 - 2013-12-02 20:14 - 00000000 ____D C:\Users\tarik\AppData\Roaming\NVIDIA
2013-12-02 20:09 - 2013-12-07 12:14 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2013-12-01 16:39 - 2013-12-01 16:39 - 00000000 ____D C:\Program Files (x86)\Hex-Editor MX
2013-12-01 16:05 - 2013-12-01 16:05 - 00000000 ____D C:\Users\tarik\Desktop\USB
2013-11-29 17:43 - 2013-11-29 17:43 - 00140560 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-11-29 17:40 - 2013-11-29 17:40 - 00204048 ____N (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2013-11-29 16:19 - 2013-11-29 16:19 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2013-11-27 20:06 - 2013-11-27 20:06 - 00003296 _____ C:\Windows\System32\Tasks\{23AEC637-6674-4DDF-A8D1-469D6B823D8E}
2013-11-27 18:02 - 2013-11-27 18:02 - 00003370 _____ C:\Windows\System32\Tasks\BackgroundContainer Startup Task
2013-11-27 18:02 - 2013-11-27 18:02 - 00001052 _____ C:\Users\UpdatusUser\Desktop\ZIP Password Recovery Magic.lnk
2013-11-27 18:02 - 2013-11-27 18:02 - 00000000 ____D C:\Users\tarik\AppData\Local\NativeMessaging
2013-11-27 18:02 - 2013-11-27 18:02 - 00000000 ____D C:\Users\tarik\AppData\Local\CRE
2013-11-27 18:02 - 2013-11-27 18:02 - 00000000 ____D C:\ProgramData\Conduit
2013-11-27 18:02 - 2013-11-27 18:02 - 00000000 ____D C:\Program Files (x86)\Connect_DLC_5
2013-11-27 18:02 - 2013-11-27 18:02 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-11-27 17:48 - 2013-11-27 17:49 - 00001052 _____ C:\Users\UpdatusUser\Desktop\RAR Password Recovery Magic.lnk
2013-11-27 17:25 - 2013-11-27 17:25 - 00000000 ____D C:\Program Files (x86)\Intelore
2013-11-27 17:04 - 2013-11-27 17:04 - 00000000 ____D C:\Windows\System32\Tasks\SONY
2013-11-27 16:08 - 2013-11-27 16:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf

==================== One Month Modified Files and Folders =======

2013-12-26 12:43 - 2013-12-26 12:42 - 00030081 _____ C:\Users\tarik\Downloads\FRST.txt
2013-12-26 12:42 - 2013-12-26 12:42 - 00000000 ____D C:\FRST
2013-12-26 12:41 - 2013-12-26 12:41 - 01928716 _____ (Farbar) C:\Users\tarik\Downloads\FRST64.exe
2013-12-26 12:39 - 2013-10-11 14:23 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-26 12:34 - 2013-12-26 12:34 - 00000744 _____ C:\Users\tarik\Desktop\quarantaene.txt
2013-12-26 12:23 - 2013-12-26 12:23 - 00000000 _____ C:\Users\tarik\agent.log
2013-12-26 12:23 - 2013-10-05 15:41 - 00000000 ____D C:\Users\tarik
2013-12-26 12:13 - 2013-10-05 16:34 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-572523149-2183776862-3084368599-1002
2013-12-26 12:08 - 2013-12-11 20:51 - 00002250 _____ C:\Windows\Tasks\iWebar-firefoxinstaller.job
2013-12-26 12:08 - 2013-12-11 20:51 - 00002184 _____ C:\Windows\Tasks\iWebar-chromeinstaller.job
2013-12-26 12:08 - 2013-12-11 20:51 - 00001582 _____ C:\Windows\Tasks\iWebar-updater.job
2013-12-26 12:08 - 2013-12-11 20:51 - 00001484 _____ C:\Windows\Tasks\iWebar-codedownloader.job
2013-12-26 12:08 - 2013-12-11 20:51 - 00001384 _____ C:\Windows\Tasks\iWebar-enabler.job
2013-12-26 12:08 - 2013-11-24 04:54 - 00000426 _____ C:\Windows\Tasks\Show-Password Update.job
2013-12-26 12:08 - 2013-10-11 19:03 - 00000946 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-12-26 12:08 - 2013-10-11 19:03 - 00000942 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-12-26 12:08 - 2013-10-11 14:23 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-26 12:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2013-12-26 11:53 - 2013-12-17 22:52 - 00000312 _____ C:\Windows\Tasks\Dealply.job
2013-12-26 11:47 - 2013-10-25 18:47 - 00000310 _____ C:\Windows\Tasks\FoxTab.job
2013-12-26 11:45 - 2013-10-22 10:30 - 00001142 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002UA.job
2013-12-26 03:28 - 2013-12-26 03:28 - 00002007 _____ C:\Windows\wininit.ini
2013-12-26 03:15 - 2013-12-16 18:21 - 00000000 ____D C:\Users\tarik\Desktop\Burak
2013-12-26 03:10 - 2013-10-22 11:28 - 00093184 ___SH C:\Users\tarik\Downloads\Thumbs.db
2013-12-26 03:09 - 2013-03-22 14:08 - 00752930 _____ C:\Windows\system32\perfh007.dat
2013-12-26 03:09 - 2013-03-22 14:08 - 00156156 _____ C:\Windows\system32\perfc007.dat
2013-12-26 03:09 - 2012-07-26 08:28 - 01748838 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-26 03:05 - 2013-12-17 19:03 - 00000000 ____D C:\Program Files (x86)\PremiumSoft
2013-12-26 03:03 - 2013-10-11 14:31 - 00666624 ___SH C:\Users\tarik\Desktop\Thumbs.db
2013-12-26 03:02 - 2013-10-21 22:16 - 00000000 ____D C:\ProgramData\Kodak
2013-12-26 03:02 - 2013-05-29 13:47 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-26 03:02 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-26 03:02 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-12-26 02:43 - 2013-12-11 20:49 - 00000000 ____D C:\Users\tarik\AppData\Roaming\uTorrent
2013-12-26 02:38 - 2013-12-26 02:38 - 00436320 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-26 02:38 - 2013-12-06 11:41 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-12-26 02:37 - 2013-10-22 10:45 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2013-12-26 02:37 - 2013-10-05 20:52 - 00000000 ____D C:\Users\tarik\Documents\StreamTransport
2013-12-26 02:36 - 2013-11-24 18:53 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-26 02:35 - 2013-11-24 18:52 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-12-26 02:35 - 2013-10-05 19:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-26 02:34 - 2013-12-22 13:18 - 00000000 ____D C:\Program Files (x86)\MySQL
2013-12-26 02:32 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\registration
2013-12-26 02:31 - 2013-10-05 20:31 - 00000000 ____D C:\Users\tarik\AppData\Local\Mozilla
2013-12-26 02:31 - 2013-10-05 15:41 - 00000000 ____D C:\Users\tarik\AppData\Local\Packages
2013-12-26 02:28 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-12-26 02:26 - 2013-12-21 22:05 - 00000000 ____D C:\Users\tarik\AppData\Roaming\TS3Client
2013-12-26 02:17 - 2013-12-25 21:00 - 00000000 __SHD C:\Users\tarik\VOKYV
2013-12-26 02:03 - 2013-12-26 02:03 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-12-26 02:03 - 2013-12-26 02:03 - 00000000 _____ C:\autoexec.bat
2013-12-25 13:59 - 2013-12-24 20:46 - 00000000 ____D C:\Users\xampp\tomcat
2013-12-25 13:59 - 2013-12-24 20:45 - 00000000 ____D C:\Users\xampp
2013-12-25 02:00 - 2013-12-25 00:16 - 00007064 _____ C:\Users\xampp\xampp-control.log
2013-12-24 20:17 - 2013-12-23 12:55 - 00000000 __SHD C:\Users\tarik\AppData\Local\.#
2013-12-22 18:21 - 2013-12-22 18:21 - 00000000 ____D C:\ProgramData\Package Cache
2013-12-22 13:32 - 2013-12-22 13:32 - 00000000 ____D C:\Users\tarik\AppData\Roaming\MySQL
2013-12-22 13:22 - 2013-12-22 13:21 - 00000000 ____D C:\Program Files\MySQL
2013-12-22 13:21 - 2013-12-22 13:18 - 00000000 ____D C:\ProgramData\MySQL
2013-12-22 11:42 - 2013-12-19 17:04 - 00000000 ____D C:\ProgramData\bcb
2013-12-22 11:42 - 2013-12-19 17:04 - 00000000 ____D C:\ProgramData\avs
2013-12-22 11:37 - 2013-12-15 20:32 - 00000950 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002UA.job
2013-12-21 22:05 - 2013-12-21 22:04 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-12-21 22:03 - 2013-12-21 22:02 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\tarik\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe
2013-12-21 21:06 - 2013-12-21 21:06 - 00000888 _____ C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Switchbotv3.lnk
2013-12-21 20:37 - 2013-12-15 20:32 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002Core.job
2013-12-21 20:03 - 2013-10-11 19:03 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-12-21 16:45 - 2013-10-22 10:30 - 00001090 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002Core.job
2013-12-21 11:38 - 2013-12-21 11:30 - 00000000 ____D C:\Users\tarik\AppData\Roaming\XnView
2013-12-21 11:30 - 2013-12-21 11:30 - 00000923 _____ C:\Users\tarik\Desktop\XnView.lnk
2013-12-21 11:30 - 2013-12-21 11:30 - 00000000 ____D C:\Program Files (x86)\XnView
2013-12-21 11:29 - 2013-12-21 11:29 - 14995648 _____ (Gougelet Pierre-e ) C:\Users\tarik\Downloads\XnView-win-full_2.13.exe
2013-12-20 23:19 - 2013-12-20 23:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-20 22:09 - 2013-12-20 22:07 - 177998496 _____ (NVIDIA Corporation) C:\Users\tarik\Downloads\306.23-desktop-win8-win7-winvista-32bit-international-whql.exe
2013-12-20 20:47 - 2013-12-07 12:18 - 00000474 ____H C:\Windows\Tasks\Norton Security Scan for tarik.job
2013-12-19 17:03 - 2013-12-19 17:03 - 00000000 ____D C:\Users\tarik\avt
2013-12-19 16:53 - 2013-03-25 11:31 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-19 16:36 - 2013-12-18 17:29 - 00000000 ____D C:\extract
2013-12-19 16:29 - 2013-12-18 15:33 - 00000000 ____D C:\Users\tarik\.VirtualBox
2013-12-18 22:48 - 2013-12-18 22:48 - 00004004 _____ C:\Users\tarik\AppData\Local\recently-used.xbel
2013-12-18 22:48 - 2013-10-22 10:43 - 00000000 ____D C:\Users\tarik\.gimp-2.8
2013-12-18 22:46 - 2013-10-22 10:53 - 00000000 ____D C:\Users\tarik\AppData\Local\gtk-2.0
2013-12-18 22:41 - 2013-12-18 22:41 - 00000000 ____D C:\Users\tarik\AppData\Local\SearchProtect
2013-12-18 22:41 - 2013-12-18 22:41 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-12-18 22:41 - 2013-10-16 22:41 - 00000000 _____ C:\end
2013-12-18 21:04 - 2013-10-22 10:45 - 00000000 ____D C:\Users\tarik\AppData\Roaming\NCH Software
2013-12-18 21:04 - 2013-10-22 10:45 - 00000000 ____D C:\ProgramData\NCH Software
2013-12-18 21:04 - 2013-10-22 10:44 - 00000000 ____D C:\Program Files (x86)\NCH Software
2013-12-18 17:16 - 2013-12-18 16:31 - 00000000 ____D C:\Users\tarik\Documents\Navicat
2013-12-18 16:22 - 2013-12-17 16:45 - 00000000 ____D C:\Users\tarik\AppData\Roaming\FileZilla
2013-12-18 16:19 - 2013-12-18 16:19 - 00000600 _____ C:\Users\tarik\AppData\Local\PUTTY.RND
2013-12-18 16:06 - 2013-12-18 16:01 - 123794144 _____ (BitNami) C:\Users\tarik\Downloads\xampp-win32-1.8.3-2-VC11-installer.exe
2013-12-18 15:38 - 2013-12-18 15:38 - 00000000 ____D C:\ProgramData\LogMeIn
2013-12-17 23:58 - 2013-12-17 22:52 - 00000000 ____D C:\Users\tarik\AppData\Local\CatalinaGroup
2013-12-17 22:53 - 2013-12-17 22:52 - 00002650 _____ C:\Windows\System32\Tasks\Dealply
2013-12-17 22:53 - 2013-12-17 22:52 - 00000000 ____D C:\ProgramData\WPM
2013-12-17 22:52 - 2013-12-17 22:52 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Dealply
2013-12-17 22:52 - 2013-11-25 19:53 - 00002310 _____ C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-12-17 22:52 - 2013-10-22 10:31 - 00002570 _____ C:\Users\tarik\Desktop\Google Chrome.lnk
2013-12-17 22:52 - 2013-10-05 19:56 - 00001359 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-17 22:52 - 2013-10-05 15:42 - 00002075 _____ C:\Users\Public\Desktop\eBay.lnk
2013-12-17 22:52 - 2013-10-05 15:42 - 00002065 _____ C:\Users\tarik\Desktop\MEDION Serviceportal.lnk
2013-12-17 22:52 - 2013-10-05 15:42 - 00001662 _____ C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-17 22:52 - 2013-10-05 15:41 - 00001237 _____ C:\Users\tarik\Desktop\Windows 8 Info.lnk
2013-12-17 00:02 - 2013-12-08 00:25 - 00000000 ____D C:\Windows\Minidump
2013-12-17 00:02 - 2013-11-25 19:52 - 00000000 ____D C:\Users\tarik\AppData\Roaming\DAEMON Tools Lite
2013-12-16 23:58 - 2012-07-26 09:12 - 00000000 __RHD C:\Users\Public\Libraries
2013-12-16 23:55 - 2013-10-25 18:47 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Systweak
2013-12-16 23:55 - 2013-10-05 15:42 - 00000000 ___RD C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-16 23:28 - 2013-12-16 23:28 - 00000000 ____D C:\Windows\SysWOW64\SearchProtect
2013-12-16 22:06 - 2013-12-15 20:54 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Audacity
2013-12-16 20:19 - 2013-12-16 19:19 - 00001243 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-12-16 20:19 - 2013-10-25 18:56 - 00000000 ____D C:\Users\tarik\AppData\Roaming\DVDVideoSoft
2013-12-16 20:19 - 2013-10-25 18:56 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-12-16 19:56 - 2013-12-16 19:56 - 00000000 ____D C:\ProgramData\SPEEDbit
2013-12-16 19:51 - 2013-12-16 19:51 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2013-12-16 19:51 - 2013-12-16 19:51 - 00000000 ____D C:\ProgramData\Freemake
2013-12-16 19:51 - 2013-12-16 19:51 - 00000000 ____D C:\Program Files (x86)\Freemake
2013-12-16 19:28 - 2013-12-16 19:25 - 00000000 ____D C:\Users\tarik\AppData\Roaming\iSafe
2013-12-16 19:27 - 2013-12-16 19:27 - 00000000 ____D C:\Users\tarik\AppData\Roaming\eCyber
2013-12-16 19:26 - 2013-12-16 19:26 - 00000000 ____D C:\Windows\system32\log
2013-12-16 19:26 - 2013-12-16 19:26 - 00000000 ____D C:\Users\tarik\AppData\Roaming\ShinyProfile
2013-12-16 19:26 - 2013-12-16 19:26 - 00000000 ____D C:\Users\tarik\AppData\Local\C
2013-12-16 19:26 - 2013-10-10 23:19 - 00001779 _____ C:\Users\UpdatusUser\Desktop\MEDION Serviceportal.lnk
2013-12-16 19:26 - 2013-10-10 23:19 - 00000977 _____ C:\Users\UpdatusUser\Desktop\Windows 8 Info.lnk
2013-12-16 19:21 - 2013-12-16 19:21 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Converter
2013-12-16 18:18 - 2013-12-16 18:18 - 00000000 ____D C:\Fraps
2013-12-16 18:10 - 2013-12-16 18:10 - 00000000 ____D C:\Users\tarik\AppData\Roaming\BANDISOFT
2013-12-16 18:09 - 2013-12-16 18:09 - 00000992 _____ C:\Users\UpdatusUser\Desktop\Bandicam.lnk
2013-12-15 20:54 - 2013-12-15 20:54 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-12-15 20:32 - 2013-12-15 20:32 - 00003798 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002UA
2013-12-15 20:32 - 2013-12-15 20:32 - 00003448 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002Core
2013-12-15 20:07 - 2013-12-15 20:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2013-12-15 20:07 - 2013-12-15 20:07 - 00000000 ____D C:\Program Files (x86)\Code Laboratories
2013-12-15 15:02 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2013-12-15 12:32 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2013-12-14 12:15 - 2013-10-06 18:17 - 00000000 ____D C:\Windows\system32\MRT
2013-12-14 12:12 - 2013-03-22 18:03 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-14 12:08 - 2013-10-25 18:58 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-12-13 16:40 - 2013-10-11 14:23 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-12 13:29 - 2013-11-24 18:06 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-12 13:29 - 2013-11-24 18:06 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-12 13:29 - 2013-11-24 18:06 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-12 12:15 - 2013-10-21 17:32 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 12:13 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\oobe
2013-12-11 20:51 - 2013-12-11 20:51 - 00015115 _____ C:\Users\tarik\AppData\Loca
2013-12-11 20:51 - 2013-12-11 20:51 - 00004586 _____ C:\Windows\System32\Tasks\iWebar-updater
2013-12-11 20:51 - 2013-12-11 20:51 - 00004488 _____ C:\Windows\System32\Tasks\iWebar-codedownloader
2013-12-11 20:51 - 2013-12-11 20:51 - 00004388 _____ C:\Windows\System32\Tasks\iWebar-enabler
2013-12-11 20:51 - 2013-12-11 20:51 - 00000000 ____D C:\Program Files (x86)\iWebar
2013-12-11 20:51 - 2013-12-11 20:50 - 00003726 _____ C:\Windows\System32\Tasks\SMupdate1
2013-12-11 20:51 - 2013-12-11 20:50 - 00003576 _____ C:\Windows\System32\Tasks\YTDownloaderUpd
2013-12-11 20:51 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Common Files\System
2013-12-11 20:50 - 2013-12-11 20:50 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
2013-12-11 20:50 - 2013-12-11 20:50 - 00000000 ____D C:\Users\tarik\AppData\Local\CrashRpt
2013-12-11 20:50 - 2013-12-11 20:50 - 00000000 ____D C:\Program Files (x86)\YTDownloader
2013-12-11 20:45 - 2013-12-11 20:36 - 00310984 _____ C:\Windows\system32\Drivers\atksgt.sys
2013-12-11 20:36 - 2013-12-11 20:36 - 00042696 _____ C:\Windows\system32\Drivers\lirsgt.sys
2013-12-11 19:53 - 2013-12-11 19:42 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sytexis Software
2013-12-11 19:42 - 2013-12-11 19:42 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Sytexis Software
2013-12-11 19:42 - 2013-12-11 19:42 - 00000000 ____D C:\Program Files (x86)\Sytexis Software
2013-12-08 00:25 - 2013-12-06 11:42 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-12-07 12:18 - 2013-12-07 12:18 - 00003620 _____ C:\Windows\System32\Tasks\Norton Security Scan for tarik
2013-12-07 12:18 - 2013-12-07 12:18 - 00001457 _____ C:\Users\Public\Desktop\Norton Security Scan.LNK
2013-12-07 12:18 - 2013-12-07 12:18 - 00000000 ____D C:\Windows\system32\Drivers\NSSx64
2013-12-07 12:18 - 2013-12-07 12:18 - 00000000 ____D C:\ProgramData\Symantec
2013-12-07 12:18 - 2013-12-07 12:18 - 00000000 ____D C:\ProgramData\Norton
2013-12-07 12:18 - 2013-12-07 12:18 - 00000000 ____D C:\Program Files (x86)\Norton Security Scan
2013-12-07 12:14 - 2013-12-02 20:09 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2013-12-07 01:01 - 2013-12-07 01:01 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-12-06 16:40 - 2013-10-22 10:30 - 00004088 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002UA
2013-12-06 16:40 - 2013-10-22 10:30 - 00003708 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002Core
2013-12-06 12:19 - 2013-12-06 12:19 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2013-12-06 11:42 - 2013-12-06 11:42 - 00000000 ____D C:\ProgramData\McAfee
2013-12-06 11:41 - 2013-10-25 18:56 - 00000000 ____D C:\Users\tarik\AppData\Roaming\OpenCandy
2013-12-05 16:34 - 2013-10-11 14:23 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-05 16:34 - 2013-10-11 14:23 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-04 01:53 - 2013-11-17 14:19 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-04 01:53 - 2013-11-17 14:19 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-03 19:45 - 2013-10-22 11:43 - 00000000 ____D C:\Users\tarik\Documents\Outlook-Dateien
2013-12-02 20:14 - 2013-12-02 20:14 - 00000000 ____D C:\Users\tarik\AppData\Roaming\NVIDIA
2013-12-01 16:39 - 2013-12-01 16:39 - 00000000 ____D C:\Program Files (x86)\Hex-Editor MX
2013-12-01 16:05 - 2013-12-01 16:05 - 00000000 ____D C:\Users\tarik\Desktop\USB
2013-11-29 17:44 - 2013-12-17 23:24 - 00252688 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2013-11-29 17:43 - 2013-12-17 23:24 - 00126736 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2013-11-29 17:43 - 2013-11-29 17:43 - 00140560 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2013-11-29 17:40 - 2013-11-29 17:40 - 00204048 ____N (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2013-11-29 16:19 - 2013-11-29 16:19 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2013-11-27 20:06 - 2013-11-27 20:06 - 00003296 _____ C:\Windows\System32\Tasks\{23AEC637-6674-4DDF-A8D1-469D6B823D8E}
2013-11-27 18:02 - 2013-11-27 18:02 - 00003370 _____ C:\Windows\System32\Tasks\BackgroundContainer Startup Task
2013-11-27 18:02 - 2013-11-27 18:02 - 00001052 _____ C:\Users\UpdatusUser\Desktop\ZIP Password Recovery Magic.lnk
2013-11-27 18:02 - 2013-11-27 18:02 - 00000000 ____D C:\Users\tarik\AppData\Local\NativeMessaging
2013-11-27 18:02 - 2013-11-27 18:02 - 00000000 ____D C:\Users\tarik\AppData\Local\CRE
2013-11-27 18:02 - 2013-11-27 18:02 - 00000000 ____D C:\ProgramData\Conduit
2013-11-27 18:02 - 2013-11-27 18:02 - 00000000 ____D C:\Program Files (x86)\Connect_DLC_5
2013-11-27 18:02 - 2013-11-27 18:02 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-11-27 17:49 - 2013-11-27 17:48 - 00001052 _____ C:\Users\UpdatusUser\Desktop\RAR Password Recovery Magic.lnk
2013-11-27 17:37 - 2013-10-05 15:41 - 00000000 ____D C:\Users\tarik\AppData\Local\VirtualStore
2013-11-27 17:25 - 2013-11-27 17:25 - 00000000 ____D C:\Program Files (x86)\Intelore
2013-11-27 17:04 - 2013-11-27 17:04 - 00000000 ____D C:\Windows\System32\Tasks\SONY
2013-11-27 16:08 - 2013-11-27 16:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf

Some content of TEMP:
====================
C:\Users\tarik\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-12-18 18:27

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-12-2013
Ran by tarik at 2013-12-26 12:43:17
Running from C:\Users\tarik\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

Adblock Plus für Firefox Packages (HKCU)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.6.147)
aioscnnr (x32 Version: 7.6.13.10)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Ashampoo AppLauncher v.1.0.0 (x32 Version: 1.0.0)
Ashampoo Burning Studio 11 v.11.0.4 (x32 Version: 11.0.4)
Ashampoo Core Tuner 2 v.2.0.1 (x32 Version: 2.01)
Ashampoo GetBack Photo v.1.0.1 (x32 Version: 1.0.1)
Ashampoo HDD Control 2 v.2.1.0 (x32 Version: 2.1.0)
Ashampoo Music Studio 4 v.4.0.1 (x32 Version: 4.0.1)
Ashampoo Photo Commander 10 v.10.1.3 (x32 Version: 10.1.3)
Ashampoo Photo Optimizer 5 v.5.1.2 (x32 Version: 5.1.2)
Ashampoo Slideshow Studio HD 2 v.2.0.5 (x32 Version: 2.0.5)
Ashampoo Snap 5 v.5.1.5 (x32 Version: 5.1.5)
Ashampoo UnInstaller 4 v.4.30 (x32 Version: 4.3.0)
Ashampoo Video Styler v.1.0.1 (x32 Version: 1.0.1)
Ashampoo WinOptimizer 9 v.9.04.31 (x32 Version: 9.04.31)
Audacity 2.0.5 (x32 Version: 2.0.5)
Avira Free Antivirus (x32 Version: 14.0.2.286)
Avira SearchFree Toolbar (x32 Version: 12.6.0.1898)
Bonanza Deals (remove only) (x32 Version: 5.0.1.0) <==== ATTENTION
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 4.06)
center (x32 Version: 7.7.2.0)
Cheat Engine 6.3 (x32)
CL-Eye Driver (x32 Version: 5.3.0.0341)
Connect DLC 5 Toolbar for IE (x32 Version: 6.17.2.8) <==== ATTENTION
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3807_46074)
CyberLink Power2Go 8 (x32 Version: 8.0.0.2426b)
CyberLink PowerDVD 10 (x32 Version: 10.0.5211.02)
CyberLink PowerDVD Copy 1.5 (x32 Version: 1.5.0.3725)
CyberLink PowerRecover (Version: 5.7.0.0913)
CyberLink PowerRecover (x32 Version: 5.7.0.0913)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.48.1.0347)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
essentials (x32 Version: 7.7.2.0)
Express Burn (x32)
Express Zip (x32 Version: 2.18)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
Fotogalerie (x32 Version: 16.4.3505.0912)
Fotogalerija (x32 Version: 16.4.3505.0912)
Fotogalleri (x32 Version: 16.4.3505.0912)
Fotogalleriet (x32 Version: 16.4.3505.0912)
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912)
Fotótár (x32 Version: 16.4.3505.0912)
Foxtab (x32) <==== ATTENTION
Fraps (remove only) (x32)
Free YouTube Download version 3.2.18.1128 (x32 Version: 3.2.18.1128)
Free YouTube Uploader version 4.0.8.1125 (x32 Version: 4.0.8.1125)
Freemake Video Converter Version 4.1.2 (x32 Version: 4.1.2)
Galeria de Fotografias (x32 Version: 16.4.3505.0912)
Galería de fotos (x32 Version: 16.4.3505.0912)
Galeria fotografii (x32 Version: 16.4.3505.0912)
Galerie de photos (x32 Version: 16.4.3505.0912)
GeForce Experience NvStream Client Components (Version: 1.6.28)
GIMP 2.8.6 (Version: 2.8.6)
Google Chrome (HKCU Version: 31.0.1650.63)
Google Earth Plug-in (x32 Version: 7.1.2.2041)
Google Update Helper (x32 Version: 1.3.22.3)
Hex-Editor MX (x32 Version: 6.0)
HxD Hex Editor version 1.7.7.0 (x32 Version: 1.7.7.0)
iDevice Manager (x32 Version: 3.2.3.0)
Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.36702)
Intel(R) Management Engine Components (x32 Version: 9.0.0.1310)
Intel(R) Rapid Storage Technology (Version: 12.5.0.1066)
Intel® Trusted Connect Service Client (Version: 1.27.757.1)
ipswDownloader 2.0 (x32 Version: 2.0)
iTunes (Version: 11.1.3.8)
iWebar (x32 Version: 1.31.153.0)
Java(TM) 6 Update 7 (x32 Version: 1.6.0.70)
Kodak AIO Printer (Version: 7.7.2.0)
KODAK All-in-One Software (x32 Version: 7.7.6.0)
McAfee SiteAdvisor (x32 Version: 3.6.160)
Mediathek (x32 Version: 1.4.0)
Medion Home Cinema 10 (x32 Version: 10.0)
Medion Home Cinema 10 (x32 Version: 10.2419)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (x32 Version: 15.0.4454.1510)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0)
Mozilla Maintenance Service (x32 Version: 26.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
Norton Security Scan (x32 Version: 4.0.3.24)
Notepad++ (x32 Version: 6.5)
NVIDIA 3D Vision Controller-Treiber 326.01 (Version: 326.01)
NVIDIA 3D Vision Treiber 327.23 (Version: 327.23)
NVIDIA GeForce Experience 1.7.1 (Version: 1.7.1)
NVIDIA Grafiktreiber 327.23 (Version: 327.23)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.140.952)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)
NVIDIA ShadowPlay 9.3.21 (Version: 9.3.21)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2723)
NVIDIA Systemsteuerung 327.23 (Version: 327.23)
NVIDIA Update 9.3.21 (Version: 9.3.21)
NVIDIA Update Components (Version: 9.3.21)
NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9)
ocr (x32 Version: 6.2.3.50)
Photo Common (x32 Version: 16.4.3505.0912)
Photo Gallery (x32 Version: 16.4.3505.0912)
PhotoPad Foto-Editor (x32 Version: 2.36)
PhotoStage Diashow-Ersteller (x32)
Pixillion Imagedatei-Konverter (x32 Version: 2.61)
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912)
ppt_2010_tipps (x32 Version: 2.0.0.0)
PreReq (x32 Version: 6.2.4.0)
PrintProjects (x32 Version: 1.0.0.9282)
Prism Videodatei-Konverter (x32 Version: 2.02)
PS3 Media Server (x32 Version: 1.90.1)
Raccolta foto (x32 Version: 16.4.3505.0912)
Realtek Ethernet Controller Driver (x32 Version: 8.10.1226.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6777)
Remote Play with PlayStation 3 (x32 Version: 1.0.0.15090)
Search Protect (x32 Version: 2.9.8.2) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
SHIELD Streaming (Version: 1.6.53)
Spybot - Search & Destroy (x32 Version: 2.2.25)
StreamTransport version: 1.0.2.2171 (x32)
swMSM (x32 Version: 12.0.0.1)
TeamSpeak 3 Client (x32 Version: 3.0.13)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition
Valokuvavalikoima (x32 Version: 16.4.3505.0912)
ValueApps (HKCU Version: 1.1.0.6)
Video Converter (HKCU)
VLC media player 2.1.0 (Version: 2.1.0)
Windows Live (x32 Version: 16.4.3505.0912)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live Temel Parçalar (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Liven peruspaketti (x32 Version: 16.4.3505.0912)
WinRAR archiver
WPM17.8.0.3159 (x32 Version: 17.8.0.3159) <==== ATTENTION
XnView 2.13 (x32 Version: 2.13)
Yahoo Community Smartbar (x32 Version: 1.185.66.12678) <==== ATTENTION
Yahoo Community Smartbar Engine (HKCU Version: 1.185.66.12678) <==== ATTENTION
YTDownloader (x32)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912)

==================== Restore Points =========================

19-12-2013 17:00:58 Removed LogMeIn Hamachi
22-12-2013 12:17:53 Installed MySQL Installer
26-12-2013 00:29:18 S
26-12-2013 01:29:11 Wiederherstellungsvorgang

==================== Hosts content: ==========================

2012-07-26 06:26 - 2013-12-21 11:55 - 00000164 ____A C:\Windows\system32\Drivers\etc\hosts
virscan.org
virustotal.com
google.de
google.com
facebook.com
elitepvpers.com
chip.de
paypal.de
youtube.com
gronkh.de
gutefrage.net
ask.com
twitter.com

==================== Scheduled Tasks (whitelisted) =============

Task: {15F86806-1029-4CCC-8679-4C89C39C2ED4} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {1949E392-D1F9-4A2C-B1DE-EC5E8C63E417} - System32\Tasks\BonanzaDealsUpdate => C:\Program <==== ATTENTION
Task: {1A87C7E5-9B58-4AA2-B420-97923D357A34} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-11] (BonanzaDeals) <==== ATTENTION
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2075DE94-99C3-47D2-9815-50E92853636D} - System32\Tasks\SomotoUpdateCheckerAutoStart => C:\Users\tarik\AppData\Local\FilesFrog Update Checker\update_checker.exe
Task: {218CEA49-B1DE-46CE-A8B8-A61A16613E44} - System32\Tasks\iWebar-firefoxinstaller => C:\Program Files (x86)\iWebar\iWebar-firefoxinstaller.exe [2013-12-11] (iWebar)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {246886AC-F615-4F65-8154-80F665D1BAC7} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3
Task: {2C784609-A6A6-4DA9-9A6C-C4F71F91A131} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002Core => C:\Users\tarik\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-22] (Google Inc.)
Task: {3406FD02-FA1B-423D-B82C-84CC0B4EDBE6} - System32\Tasks\FoxTab => C:\Users\tarik\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - \Microsoft\Windows\Live\Roaming\SynchronizeWithStorage No Task File
Task: {4B594701-2700-425C-9968-0A52A90BA1D1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002Core => C:\Users\tarik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {4D3739B0-51A4-462A-9076-7F58E3C5B5B6} - System32\Tasks\iWebar-enabler => C:\Program Files (x86)\iWebar\iWebar-enabler.exe [2013-12-11] (iWebar)
Task: {51EF71E0-EF25-4199-AFF2-63F28886D9D9} - System32\Tasks\Show-Password Update => C:\Program Files (x86)\Show-Password\Show_Password.exe
Task: {6683E0CF-F85A-4232-8163-0A93F83E130C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {67EAEBD7-B801-4BB6-91AB-4B13267068A1} - System32\Tasks\NCH Software\PixillionDowngrade => C:\Program Files (x86)\NCH Software\Pixillion\pixillion.exe [2013-06-25] (NCH Software)
Task: {806E7BF9-425F-4AF1-AB1F-39E67346207F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {8A40E156-2BC5-46B4-8DB5-0B0DDEA36BE0} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {8E3AADF0-244D-4759-84F0-BEF8D3AF39D7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-11] (Google Inc.)
Task: {9141A024-833F-46F7-8F97-818D007CF6C7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002UA => C:\Users\tarik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {98B35C98-0CF1-43C7-A80C-87D965AD1B8C} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1
Task: {A5DA05B5-9B27-4275-9388-366EF537091B} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-11] (BonanzaDeals) <==== ATTENTION
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {A800277E-E202-4492-AD38-3312641CBC04} - \Microsoft\Windows\Live\Roaming\MaintenanceTask No Task File
Task: {A833B69B-690B-423A-A2F9-C71F168D94C0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {A886EFF4-3B86-45AC-B131-356608076A12} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002UA => C:\Users\tarik\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-22] (Google Inc.)
Task: {B63BD430-AB6A-453D-A924-B8F8FFF632B8} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2
Task: {B80F2588-B296-40DC-8768-965703CF5C50} - System32\Tasks\Norton Security Scan for tarik => C:\Program Files (x86)\Norton Security Scan\Engine\4.0.3.24\Nss.exe [2013-08-19] (Symantec Corporation)
Task: {BF420A6C-9961-4B64-A264-F5FB93F1AF1F} - System32\Tasks\Dealply => C:\Users\tarik\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D182DEE2-9849-4FB6-AC65-17B8FCFD868F} - System32\Tasks\iWebar-updater => C:\Program Files (x86)\iWebar\iWebar-updater.exe [2013-12-11] (iWebar)
Task: {D90E32CD-002D-4D11-A829-1D38A9C7EDA4} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {DFFE3988-5ABF-4F27-BFE1-6C5FC40A0658} - System32\Tasks\iWebar-chromeinstaller => C:\Program Files (x86)\iWebar\iWebar-chromeinstaller.exe [2013-12-11] (iWebar)
Task: {E2E6D338-B56C-42AC-AB03-0B7D472C8615} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-11] (Google Inc.)
Task: {E579883B-708A-4EC8-B812-5D774BAF0E2A} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\Updater.exe [2013-11-25] (Goobzo)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {EE5E44BC-F8D0-48C1-87AF-145E22CE45C7} - System32\Tasks\iWebar-codedownloader => C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe [2013-12-11] (iWebar)
Task: {EF86CD3A-10D1-44A8-AE81-38471715A7F9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {F66A618A-A638-4B76-B295-D802F1FFD909} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\tarik\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTION
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\Dealply.job => C:\Users\tarik\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002Core.job => C:\Users\tarik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002UA.job => C:\Users\tarik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FoxTab.job => C:\Users\tarik\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002Core.job => C:\Users\tarik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002UA.job => C:\Users\tarik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\iWebar-chromeinstaller.job => C:\Program Files (x86)\iWebar\iWebar-chromeinstaller.exe
Task: C:\Windows\Tasks\iWebar-codedownloader.job => C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe
Task: C:\Windows\Tasks\iWebar-enabler.job => C:\Program Files (x86)\iWebar\iWebar-enabler.exe
Task: C:\Windows\Tasks\iWebar-firefoxinstaller.job => C:\Program Files (x86)\iWebar\iWebar-firefoxinstaller.exe
Task: C:\Windows\Tasks\iWebar-updater.job => C:\Program Files (x86)\iWebar\iWebar-updater.exe
Task: C:\Windows\Tasks\Norton Security Scan for tarik.job => C:\PROGRA~2\NORTON~2\Engine\403~1.24\Nss.exe
Task: C:\Windows\Tasks\Show-Password Update.job => C:\Program Files (x86)\Show-Password\Show_Password.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-12-18 21:04 - 2013-12-18 21:04 - 00088576 _____ () C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll
2013-10-21 19:16 - 2009-12-12 14:12 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-11-24 18:06 - 2013-10-31 19:25 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-24 18:53 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-11-24 18:53 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-11-24 18:53 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-11-24 18:53 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-11-24 18:53 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-05-29 13:40 - 2013-02-16 01:17 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-05-29 15:36 - 2013-03-05 04:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 11:41 - 2013-03-05 11:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-12-20 23:19 - 2013-12-20 23:19 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-11-24 18:06 - 2013-10-31 19:25 - 00394808 _____ () c:\program files (x86)\avira\antivir desktop\sqlite3.dll
2013-11-24 18:06 - 2013-10-31 19:25 - 00394808 _____ () C:\program files (x86)\avira\antivir desktop\sqlite3.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:862BDB1A
AlternateDataStreams: C:\ProgramData\Temp:AD022376

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (12/26/2013 00:17:56 PM) (Source: Application Hang) (User: )
Description: Programm avscan.exe, Version 14.0.2.254 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1794

Startzeit: 01cf022b8abceedc

Endzeit: 60000

Anwendungspfad: c:\program files (x86)\avira\antivir desktop\avscan.exe

Berichts-ID: 341dda46-6e1f-11e3-be9d-d43d7eaf5c4f

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/26/2013 03:29:25 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8156

Error: (12/26/2013 03:29:25 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8156

Error: (12/26/2013 03:29:25 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/26/2013 03:29:24 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7015

Error: (12/26/2013 03:29:24 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7015

Error: (12/26/2013 03:29:24 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/26/2013 03:29:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5875

Error: (12/26/2013 03:29:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5875

Error: (12/26/2013 03:29:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

System errors:
=============
Error: (12/26/2013 03:02:52 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (12/26/2013 03:02:52 AM) (Source: Application Popup) (User: )
Description: atksgt.sys

Error: (12/26/2013 02:39:57 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (12/26/2013 02:39:57 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Updating Service erreicht.

Error: (12/26/2013 02:39:25 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (12/26/2013 02:39:25 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (12/26/2013 02:38:50 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (12/26/2013 02:38:50 AM) (Source: Application Popup) (User: )
Description: atksgt.sys

Error: (12/26/2013 02:16:19 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (12/26/2013 02:16:19 AM) (Source: Application Popup) (User: )
Description: atksgt.sys

Microsoft Office Sessions:
=========================
Error: (12/26/2013 00:17:56 PM) (Source: Application Hang)(User: )
Description: avscan.exe14.0.2.254179401cf022b8abceedc60000c:\program files (x86)\avira\antivir desktop\avscan.exe341dda46-6e1f-11e3-be9d-d43d7eaf5c4f

Error: (12/26/2013 03:29:25 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8156

Error: (12/26/2013 03:29:25 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8156

Error: (12/26/2013 03:29:25 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/26/2013 03:29:24 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7015

Error: (12/26/2013 03:29:24 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7015

Error: (12/26/2013 03:29:24 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/26/2013 03:29:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5875

Error: (12/26/2013 03:29:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5875

Error: (12/26/2013 03:29:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

==================== Memory info ===========================

Percentage of memory in use: 43%
Total physical RAM: 6101.14 MB
Available physical RAM: 3460.03 MB
Total Pagefile: 12245.14 MB
Available Pagefile: 9269.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:868.77 GB) (Free:797.6 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60.69 GB) (Free:41.97 GB) NTFS
Drive e: () (Fixed) (Total:139.69 GB) (Free:105.99 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: () (Fixed) (Total:195.31 GB) (Free:188.39 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 00000000)

Partition: GPT Partition Type
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 335 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=140 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Burak

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-12-2013

Ran by tarik (administrator) on TARIK-BOSS on 26-12-2013 16:29:31

Running from C:\Users\tarik\Downloads

Windows 8 (X64) OS Language: German Standard

Internet Explorer Version 10

Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

() C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe

() C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe

(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe

(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Microsoft Corporation) C:\Windows\splwow64.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Microsoft Corporation) C:\Windows\splwow64.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

(YTDownloader) C:\Program Files (x86)\YTDownloader\YTDownloader.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

() C:\Users\tarik\Downloads\adwcleaner(1).exe

(Farbar) C:\Users\tarik\Downloads\FRST64(1).exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13219984 2012-11-07] (Realtek Semiconductor)

HKLM\...\Run: [VDownloader] - E:\Program Files\VDownloader\VDownloader.exe [879104 2013-03-27] (Vitzo)

HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-08] (NVIDIA Corporation)

HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)

HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-05] (CyberLink)

HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492248 2012-12-26] (CyberLink Corp.)

HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)

HKLM-x32\...\Run: [EKStatusMonitor] - C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)

HKLM-x32\...\Run: [YTDownloader] - C:\Program Files (x86)\YTDownloader\YTDownloader.exe [2050408 2013-11-25] (YTDownloader)

HKLM-x32\...\Run: [spup] - C:\Users\tarik\AppData\Roaming\ShinyProfile\spup.exe

HKLM-x32\...\Run: [Conime] - %windir%\system32\conime.exe

HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1

HKCU\...\Run: [AppLauncher] - C:\Program Files (x86)\Ashampoo\Ashampoo AppLauncher\AppLauncher.exe [969632 2012-08-10] (Ashampoo)

HKCU\...\Run: [Google Update] - C:\Users\tarik\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-22] (Google Inc.)

HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)

HKCU\...\Run: [Facebook Update] - "C:\Users\tarik\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

HKCU\...\Run: [Spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)

BootExecute: autocheck autochk * sdnclean64.exe
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1387317149&from=epom2&uid=ST1000DM003-1CH162_Z1D55B8SXXXXZ1D55B8S&q={searchTerms}

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Nation Zoom

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Nation Zoom

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1387317149&from=epom2&uid=ST1000DM003-1CH162_Z1D55B8SXXXXZ1D55B8S&q={searchTerms}

StartMenuInternet: IEXPLORE.EXE - iexplore.exe

SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1387317149&from=epom2&uid=ST1000DM003-1CH162_Z1D55B8SXXXXZ1D55B8S&q={searchTerms}

SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1387317149&from=epom2&uid=ST1000DM003-1CH162_Z1D55B8SXXXXZ1D55B8S&q={searchTerms}

SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=31a8324e-6e47-2296-769c-4ccdb5fdc7cc&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=25/11/2013&type=hp1000

SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 

BHO: iWebar - {11111111-1111-1111-1111-110311551110} - C:\Program Files (x86)\iWebar\iWebar-bho64.dll No File

BHO: No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File

BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)

BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: ShinyProfile Class - {C8B7D03D-30D7-493A-95E5-6547E2FAC2FE} - C:\Users\tarik\AppData\Roaming\ShinyProfile\shinyprofile.dll No File

Toolbar: HKLM - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File

Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File

Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{8214E2B7-6A0E-413D-A34C-003CBA11CD8F}: [NameServer]8.8.8.8,8.8.4.4
 

FireFox:

========

FF ProfilePath: C:\Users\tarik\AppData\Roaming\Mozilla\Firefox\Profiles\ykzujjau.default-1385314951015

FF Keyword.URL: hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=31a8324e-6e47-2296-769c-4ccdb5fdc7cc&searchtype=ds&fr=linkury-tb&installDate=25/11/2013&type=hp1000&p=

FF NetworkProxy: "ftp", "109.207.61.168"

FF NetworkProxy: "ftp_port", 8090

FF NetworkProxy: "http", "109.207.61.168"

FF NetworkProxy: "http_port", 8090

FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"

FF NetworkProxy: "share_proxy_settings", true

FF NetworkProxy: "socks", "109.207.61.168"

FF NetworkProxy: "socks_port", 8090

FF NetworkProxy: "ssl", "109.207.61.168"

FF NetworkProxy: "ssl_port", 8090

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\tarik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\tarik\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\tarik\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF SearchPlugin: C:\Users\tarik\AppData\Roaming\Mozilla\Firefox\Profiles\ykzujjau.default-1385314951015\searchplugins\conduit-search.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: Connect DLC 5  - C:\Users\tarik\AppData\Roaming\Mozilla\Firefox\Profiles\ykzujjau.default-1385314951015\Extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}

FF Extension: Stealthy - C:\Users\tarik\AppData\Roaming\Mozilla\Firefox\Profiles\ykzujjau.default-1385314951015\Extensions\stealthyextension@gmail.com.xpi

FF Extension: Cookie Controller - C:\Users\tarik\AppData\Roaming\Mozilla\Firefox\Profiles\ykzujjau.default-1385314951015\Extensions\{ac2cfa60-bc96-11e0-962b-0800200c9a66}.xpi

FF Extension: Edit Cookies - C:\Users\tarik\AppData\Roaming\Mozilla\Firefox\Profiles\ykzujjau.default-1385314951015\Extensions\{ea2b95c2-9be8-48ed-bdd1-5fcd2ad0ff99}.xpi

FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor

FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor

FF HKCU\...\Firefox\Extensions: [{f978a5de-bf48-4412-bf07-712b84fb7052}] - C:\Program Files (x86)\Show-Password\135.xpi
 

Chrome: 

=======

CHR DefaultSearchKeyword: conduit.search

CHR DefaultSearchProvider: Conduit Search

CHR DefaultSearchURL: hxxp://search.conduit.com/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPB98DCE1F-AC0E-42D9-818E-CF4E79BC5258&q={searchTerms}&SSPV=

CHR DefaultNewTabURL: 

CHR Extension: (iWebar) - C:\Users\tarik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.25.164_0

CHR Extension: (SiteAdvisor) - C:\Users\tarik\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.4.1311_2

CHR Extension: (Connect DLC 5) - C:\Users\tarik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lipgolpfajiadodbcbljdpmbmbdmfcil\10.22.5.10_0

CHR Extension: (Google Wallet) - C:\Users\tarik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1

CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx

CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx

CHR HKLM-x32\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\tarik\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx

CHR HKLM-x32\...\Chrome\Extension: [logekkkdbdidmmcgkonmmonclldogceg] - C:\Program Files (x86)\Show-Password\135.crx
 

==================== Services (Whitelisted) =================
 

R2 ACT2_Service; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe [1421216 2011-08-22] ()

R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] ()

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-10-31] (Avira Operations GmbH & Co. KG)

R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-12] (Avira Operations GmbH & Co. KG)

R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)

R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)

R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)

S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)

R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [121616 2013-11-07] (McAfee, Inc.)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-08] (NVIDIA Corporation)

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)

R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)

R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
 

==================== Drivers (Whitelisted) ====================
 

R2 ACT2PM; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [15160 2011-06-10] ()

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2013-12-11] ()

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)

R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-12] (Avira Operations GmbH & Co. KG)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)

R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-11-25] (Disc Soft Ltd)

S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-11-29] (LogMeIn Inc.)

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2013-12-11] ()

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)

S3 RTL8192cu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1576080 2012-08-07] (Realtek Semiconductor Corporation                           )

S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1576080 2012-08-07] (Realtek Semiconductor Corporation                           )

R2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58728 2013-11-25] (YTDownloader)

S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-12-26 16:29 - 2013-12-26 16:29 - 01233962 _____ C:\Users\tarik\Downloads\adwcleaner(1).exe

2013-12-26 16:23 - 2013-12-26 16:23 - 01928716 _____ (Farbar) C:\Users\tarik\Downloads\FRST64(1).exe

2013-12-26 13:05 - 2013-12-26 16:29 - 00000000 ____D C:\AdwCleaner

2013-12-26 13:05 - 2013-12-26 13:05 - 00000000 ____D C:\Windows\ERUNT

2013-12-26 13:04 - 2013-12-26 13:04 - 01233962 _____ C:\Users\tarik\Downloads\adwcleaner.exe

2013-12-26 13:04 - 2013-12-26 13:04 - 01034531 _____ (Thisisu) C:\Users\tarik\Downloads\JRT.exe

2013-12-26 13:02 - 2013-12-26 13:02 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-12-26 13:02 - 2013-12-26 13:02 - 00000055 _____ C:\Users\tarik\AppData\Roaming\mbam.context.scan

2013-12-26 13:02 - 2013-12-26 13:02 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Malwarebytes

2013-12-26 13:02 - 2013-12-26 13:02 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-12-26 13:02 - 2013-12-26 13:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-12-26 13:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2013-12-26 13:01 - 2013-12-26 13:01 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\tarik\Downloads\mbam-setup-1.75.0.1300.exe

2013-12-26 12:53 - 2013-12-26 16:20 - 00067424 _____ C:\Windows\PFRO.log

2013-12-26 12:43 - 2013-12-26 16:25 - 00028037 _____ C:\Users\tarik\Downloads\Addition.txt

2013-12-26 12:42 - 2013-12-26 16:29 - 00022452 _____ C:\Users\tarik\Downloads\FRST.txt

2013-12-26 12:42 - 2013-12-26 12:42 - 00000000 ____D C:\FRST

2013-12-26 12:41 - 2013-12-26 12:41 - 01928716 _____ (Farbar) C:\Users\tarik\Downloads\FRST64.exe

2013-12-26 12:23 - 2013-12-26 12:23 - 00000000 _____ C:\Users\tarik\agent.log

2013-12-26 03:28 - 2013-12-26 03:28 - 00002007 _____ C:\Windows\wininit.ini

2013-12-26 02:38 - 2013-12-26 02:38 - 00436320 _____ C:\Windows\system32\FNTCACHE.DAT

2013-12-26 02:03 - 2013-12-26 02:03 - 00000000 ____D C:\Program Files\Enigma Software Group

2013-12-26 02:03 - 2013-12-26 02:03 - 00000000 _____ C:\autoexec.bat

2013-12-25 21:00 - 2013-12-26 02:17 - 00000000 __SHD C:\Users\tarik\VOKYV

2013-12-25 00:16 - 2013-12-25 02:00 - 00007064 _____ C:\Users\xampp\xampp-control.log

2013-12-24 20:46 - 2013-12-25 13:59 - 00000000 ____D C:\Users\xampp\tomcat

2013-12-24 20:45 - 2013-12-25 13:59 - 00000000 ____D C:\Users\xampp

2013-12-23 12:55 - 2013-12-24 20:17 - 00000000 __SHD C:\Users\tarik\AppData\Local\.#

2013-12-22 18:21 - 2013-12-22 18:21 - 00000000 ____D C:\ProgramData\Package Cache

2013-12-22 13:32 - 2013-12-22 13:32 - 00000000 ____D C:\Users\tarik\AppData\Roaming\MySQL

2013-12-22 13:21 - 2013-12-22 13:22 - 00000000 ____D C:\Program Files\MySQL

2013-12-22 13:18 - 2013-12-26 02:34 - 00000000 ____D C:\Program Files (x86)\MySQL

2013-12-22 13:18 - 2013-12-22 13:21 - 00000000 ____D C:\ProgramData\MySQL

2013-12-21 22:05 - 2013-12-26 02:26 - 00000000 ____D C:\Users\tarik\AppData\Roaming\TS3Client

2013-12-21 22:04 - 2013-12-21 22:05 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client

2013-12-21 22:02 - 2013-12-21 22:03 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\tarik\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe

2013-12-21 21:06 - 2013-12-21 21:06 - 00000888 _____ C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Switchbotv3.lnk

2013-12-21 11:30 - 2013-12-21 11:38 - 00000000 ____D C:\Users\tarik\AppData\Roaming\XnView

2013-12-21 11:30 - 2013-12-21 11:30 - 00000923 _____ C:\Users\tarik\Desktop\XnView.lnk

2013-12-21 11:30 - 2013-12-21 11:30 - 00000000 ____D C:\Program Files (x86)\XnView

2013-12-21 11:29 - 2013-12-21 11:29 - 14995648 _____ (Gougelet Pierre-e                                           ) C:\Users\tarik\Downloads\XnView-win-full_2.13.exe

2013-12-20 23:19 - 2013-12-20 23:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-12-20 22:07 - 2013-12-20 22:09 - 177998496 _____ (NVIDIA Corporation) C:\Users\tarik\Downloads\306.23-desktop-win8-win7-winvista-32bit-international-whql.exe

2013-12-19 17:04 - 2013-12-22 11:42 - 00000000 ____D C:\ProgramData\bcb

2013-12-19 17:04 - 2013-12-22 11:42 - 00000000 ____D C:\ProgramData\avs

2013-12-19 17:03 - 2013-12-19 17:03 - 00000000 ____D C:\Users\tarik\avt

2013-12-18 22:48 - 2013-12-18 22:48 - 00004004 _____ C:\Users\tarik\AppData\Local\recently-used.xbel

2013-12-18 17:29 - 2013-12-19 16:36 - 00000000 ____D C:\extract

2013-12-18 16:31 - 2013-12-18 17:16 - 00000000 ____D C:\Users\tarik\Documents\Navicat

2013-12-18 16:19 - 2013-12-18 16:19 - 00000600 _____ C:\Users\tarik\AppData\Local\PUTTY.RND

2013-12-18 16:01 - 2013-12-18 16:06 - 123794144 _____ (BitNami) C:\Users\tarik\Downloads\xampp-win32-1.8.3-2-VC11-installer.exe

2013-12-18 15:38 - 2013-12-18 15:38 - 00000000 ____D C:\ProgramData\LogMeIn

2013-12-18 15:33 - 2013-12-19 16:29 - 00000000 ____D C:\Users\tarik\.VirtualBox

2013-12-17 23:24 - 2013-11-29 17:44 - 00252688 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys

2013-12-17 23:24 - 2013-11-29 17:43 - 00126736 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys

2013-12-17 22:52 - 2013-12-26 16:20 - 00000000 ____D C:\ProgramData\WPM

2013-12-17 22:52 - 2013-12-26 12:53 - 00000312 _____ C:\Windows\Tasks\Dealply.job

2013-12-17 22:52 - 2013-12-17 23:58 - 00000000 ____D C:\Users\tarik\AppData\Local\CatalinaGroup

2013-12-17 22:52 - 2013-12-17 22:53 - 00002650 _____ C:\Windows\System32\Tasks\Dealply

2013-12-17 19:03 - 2013-12-26 03:05 - 00000000 ____D C:\Program Files (x86)\PremiumSoft

2013-12-17 19:03 - 2009-07-10 12:33 - 01589248 _____ C:\Windows\SysWOW64\libmysql_d.dll

2013-12-17 16:45 - 2013-12-18 16:22 - 00000000 ____D C:\Users\tarik\AppData\Roaming\FileZilla

2013-12-16 23:28 - 2013-12-16 23:28 - 00000000 ____D C:\Windows\SysWOW64\SearchProtect

2013-12-16 19:56 - 2013-12-16 19:56 - 00000000 ____D C:\ProgramData\SPEEDbit

2013-12-16 19:51 - 2013-12-16 19:51 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake

2013-12-16 19:51 - 2013-12-16 19:51 - 00000000 ____D C:\ProgramData\Freemake

2013-12-16 19:51 - 2013-12-16 19:51 - 00000000 ____D C:\Program Files (x86)\Freemake

2013-12-16 19:47 - 2009-09-27 09:39 - 00369152 ___SH (The Public) C:\Windows\SysWOW64\avisynth.dll

2013-12-16 19:47 - 2005-07-14 12:31 - 00032256 ___SH C:\Windows\SysWOW64\AVSredirect.dll

2013-12-16 19:47 - 2004-02-22 10:11 - 00719872 ___SH (Abysmal Software) C:\Windows\SysWOW64\devil.dll

2013-12-16 19:47 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll

2013-12-16 19:47 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\SysWOW64\i420vfw.dll

2013-12-16 19:27 - 2013-12-16 19:27 - 00000000 ____D C:\Users\tarik\AppData\Roaming\eCyber

2013-12-16 19:26 - 2013-12-16 19:26 - 00000000 ____D C:\Windows\system32\log

2013-12-16 19:26 - 2013-12-16 19:26 - 00000000 ____D C:\Users\tarik\AppData\Local\C

2013-12-16 19:25 - 2004-10-10 09:50 - 00278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll

2013-12-16 19:25 - 2004-07-02 16:33 - 00327749 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drvc.dll

2013-12-16 19:21 - 2013-12-16 19:21 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Converter

2013-12-16 19:19 - 2013-12-16 20:19 - 00001243 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk

2013-12-16 18:21 - 2013-12-26 03:15 - 00000000 ____D C:\Users\tarik\Desktop\Burak

2013-12-16 18:18 - 2013-12-16 18:18 - 00000000 ____D C:\Fraps

2013-12-16 18:10 - 2013-12-16 18:10 - 00000000 ____D C:\Users\tarik\AppData\Roaming\BANDISOFT

2013-12-16 18:09 - 2013-12-16 18:09 - 00000992 _____ C:\Users\UpdatusUser\Desktop\Bandicam.lnk

2013-12-15 20:54 - 2013-12-16 22:06 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Audacity

2013-12-15 20:54 - 2013-12-15 20:54 - 00000000 ____D C:\Program Files (x86)\Audacity

2013-12-15 20:32 - 2013-12-22 11:37 - 00000950 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002UA.job

2013-12-15 20:32 - 2013-12-21 20:37 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002Core.job

2013-12-15 20:32 - 2013-12-15 20:32 - 00003798 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002UA

2013-12-15 20:32 - 2013-12-15 20:32 - 00003448 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002Core

2013-12-15 20:07 - 2013-12-15 20:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf

2013-12-15 20:07 - 2013-12-15 20:07 - 00000000 ____D C:\Program Files (x86)\Code Laboratories

2013-12-12 12:05 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-12-12 12:05 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-12-12 12:05 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-12-12 12:05 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-12-12 12:05 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-12-12 12:05 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-12-12 12:05 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-12-12 12:05 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-12-12 12:05 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-12-12 12:05 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-12-12 12:05 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-12-12 12:05 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-12-12 12:05 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-12-12 12:05 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-12-12 12:05 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-12-12 12:05 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-12-12 12:04 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

2013-12-12 12:04 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2013-12-12 12:04 - 2013-11-07 00:18 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-12-12 12:04 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll

2013-12-12 12:04 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll

2013-12-12 12:04 - 2013-10-25 07:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll

2013-12-12 12:04 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-12-12 12:04 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll

2013-12-12 12:04 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll

2013-12-12 12:04 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe

2013-12-12 12:04 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll

2013-12-12 12:04 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll

2013-12-12 12:04 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx

2013-12-12 12:04 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe

2013-12-12 12:04 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll

2013-12-12 12:04 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll

2013-12-12 12:04 - 2013-10-09 02:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2013-12-12 12:04 - 2013-10-08 23:30 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2013-12-12 12:04 - 2013-10-08 23:30 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2013-12-12 12:04 - 2013-10-08 23:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2013-12-12 12:04 - 2013-10-08 23:30 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2013-12-12 12:04 - 2013-10-08 23:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2013-12-12 12:04 - 2013-10-08 23:27 - 03279872 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2013-12-12 12:04 - 2013-10-08 23:27 - 01622016 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2013-12-12 12:04 - 2013-10-08 23:27 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2013-12-12 12:04 - 2013-10-08 23:27 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll

2013-12-12 12:04 - 2013-10-08 23:27 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll

2013-12-12 12:04 - 2013-10-08 23:27 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2013-12-12 12:04 - 2013-10-08 23:27 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2013-12-12 12:04 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys

2013-12-12 12:04 - 2013-10-03 23:09 - 00385528 _____ C:\Windows\system32\ApnDatabase.xml

2013-12-12 12:04 - 2013-10-02 03:50 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS

2013-12-12 12:04 - 2013-09-28 06:48 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll

2013-12-12 12:04 - 2013-09-28 04:58 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll

2013-12-12 12:04 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

2013-12-12 12:04 - 2013-09-19 08:32 - 01455448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2013-12-12 12:04 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll

2013-12-12 12:04 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll

2013-12-12 12:04 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll

2013-12-12 12:04 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll

2013-12-11 20:51 - 2013-12-11 20:51 - 00015115 _____ C:\Users\tarik\AppData\Loca

2013-12-11 20:50 - 2013-12-11 20:51 - 00003726 _____ C:\Windows\System32\Tasks\SMupdate1

2013-12-11 20:50 - 2013-12-11 20:51 - 00003576 _____ C:\Windows\System32\Tasks\YTDownloaderUpd

2013-12-11 20:50 - 2013-12-11 20:50 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader

2013-12-11 20:50 - 2013-12-11 20:50 - 00000000 ____D C:\Users\tarik\AppData\Local\CrashRpt

2013-12-11 20:50 - 2013-12-11 20:50 - 00000000 ____D C:\Program Files (x86)\YTDownloader

2013-12-11 20:49 - 2013-12-26 02:43 - 00000000 ____D C:\Users\tarik\AppData\Roaming\uTorrent

2013-12-11 20:36 - 2013-12-11 20:45 - 00310984 _____ C:\Windows\system32\Drivers\atksgt.sys

2013-12-11 20:36 - 2013-12-11 20:36 - 00042696 _____ C:\Windows\system32\Drivers\lirsgt.sys

2013-12-11 20:36 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll

2013-12-11 19:42 - 2013-12-11 19:53 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sytexis Software

2013-12-11 19:42 - 2013-12-11 19:42 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Sytexis Software

2013-12-11 19:42 - 2013-12-11 19:42 - 00000000 ____D C:\Program Files (x86)\Sytexis Software

2013-12-08 00:25 - 2013-12-17 00:02 - 00000000 ____D C:\Windows\Minidump

2013-12-07 12:18 - 2013-12-20 20:47 - 00000474 ____H C:\Windows\Tasks\Norton Security Scan for tarik.job

2013-12-07 12:18 - 2013-12-07 12:18 - 00003620 _____ C:\Windows\System32\Tasks\Norton Security Scan for tarik

2013-12-07 12:18 - 2013-12-07 12:18 - 00001457 _____ C:\Users\Public\Desktop\Norton Security Scan.LNK

2013-12-07 12:18 - 2013-12-07 12:18 - 00000000 ____D C:\Windows\system32\Drivers\NSSx64

2013-12-07 12:18 - 2013-12-07 12:18 - 00000000 ____D C:\ProgramData\Symantec

2013-12-07 12:18 - 2013-12-07 12:18 - 00000000 ____D C:\ProgramData\Norton

2013-12-07 12:18 - 2013-12-07 12:18 - 00000000 ____D C:\Program Files (x86)\Norton Security Scan

2013-12-07 01:01 - 2013-12-07 01:01 - 00000000 ____D C:\Windows\SysWOW64\Adobe

2013-12-06 12:19 - 2013-12-06 12:19 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike

2013-12-06 11:42 - 2013-12-08 00:25 - 00000000 ____D C:\Program Files (x86)\McAfee

2013-12-06 11:42 - 2013-12-06 11:42 - 00000000 ____D C:\ProgramData\McAfee

2013-12-06 11:41 - 2013-12-26 02:38 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3

2013-12-02 20:14 - 2013-12-02 20:14 - 00000000 ____D C:\Users\tarik\AppData\Roaming\NVIDIA

2013-12-02 20:09 - 2013-12-07 12:14 - 00000000 ____D C:\ProgramData\BlueStacksSetup

2013-12-01 16:39 - 2013-12-01 16:39 - 00000000 ____D C:\Program Files (x86)\Hex-Editor MX

2013-12-01 16:05 - 2013-12-01 16:05 - 00000000 ____D C:\Users\tarik\Desktop\USB

2013-11-29 17:43 - 2013-11-29 17:43 - 00140560 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys

2013-11-29 17:40 - 2013-11-29 17:40 - 00204048 ____N (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll

2013-11-29 16:19 - 2013-11-29 16:19 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys

2013-11-27 20:06 - 2013-11-27 20:06 - 00003296 _____ C:\Windows\System32\Tasks\{23AEC637-6674-4DDF-A8D1-469D6B823D8E}

2013-11-27 18:02 - 2013-12-26 13:07 - 00000000 ____D C:\ProgramData\Conduit

2013-11-27 18:02 - 2013-11-27 18:02 - 00003370 _____ C:\Windows\System32\Tasks\BackgroundContainer Startup Task

2013-11-27 18:02 - 2013-11-27 18:02 - 00001052 _____ C:\Users\UpdatusUser\Desktop\ZIP Password Recovery Magic.lnk

2013-11-27 18:02 - 2013-11-27 18:02 - 00000000 ____D C:\Users\tarik\AppData\Local\NativeMessaging

2013-11-27 18:02 - 2013-11-27 18:02 - 00000000 ____D C:\Program Files (x86)\Conduit

2013-11-27 17:48 - 2013-11-27 17:49 - 00001052 _____ C:\Users\UpdatusUser\Desktop\RAR Password Recovery Magic.lnk

2013-11-27 17:25 - 2013-11-27 17:25 - 00000000 ____D C:\Program Files (x86)\Intelore

2013-11-27 17:04 - 2013-11-27 17:04 - 00000000 ____D C:\Windows\System32\Tasks\SONY

2013-11-27 16:08 - 2013-11-27 16:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
 

==================== One Month Modified Files and Folders =======
 

2013-12-26 16:29 - 2013-12-26 16:29 - 01233962 _____ C:\Users\tarik\Downloads\adwcleaner(1).exe

2013-12-26 16:29 - 2013-12-26 13:05 - 00000000 ____D C:\AdwCleaner

2013-12-26 16:29 - 2013-12-26 12:42 - 00022452 _____ C:\Users\tarik\Downloads\FRST.txt

2013-12-26 16:26 - 2013-10-05 16:34 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-572523149-2183776862-3084368599-1002

2013-12-26 16:26 - 2013-03-22 14:08 - 00752930 _____ C:\Windows\system32\perfh007.dat

2013-12-26 16:26 - 2013-03-22 14:08 - 00156156 _____ C:\Windows\system32\perfc007.dat

2013-12-26 16:26 - 2012-07-26 08:28 - 01748838 _____ C:\Windows\system32\PerfStringBackup.INI

2013-12-26 16:25 - 2013-12-26 12:43 - 00028037 _____ C:\Users\tarik\Downloads\Addition.txt

2013-12-26 16:23 - 2013-12-26 16:23 - 01928716 _____ (Farbar) C:\Users\tarik\Downloads\FRST64(1).exe

2013-12-26 16:21 - 2013-11-24 04:54 - 00000426 _____ C:\Windows\Tasks\Show-Password Update.job

2013-12-26 16:21 - 2013-10-11 14:23 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-12-26 16:20 - 2013-12-26 12:53 - 00067424 _____ C:\Windows\PFRO.log

2013-12-26 16:20 - 2013-12-17 22:52 - 00000000 ____D C:\ProgramData\WPM

2013-12-26 16:20 - 2013-10-21 22:16 - 00000000 ____D C:\ProgramData\Kodak

2013-12-26 16:20 - 2013-05-29 13:47 - 00000000 ____D C:\ProgramData\NVIDIA

2013-12-26 16:20 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-12-26 13:07 - 2013-11-27 18:02 - 00000000 ____D C:\ProgramData\Conduit

2013-12-26 13:05 - 2013-12-26 13:05 - 00000000 ____D C:\Windows\ERUNT

2013-12-26 13:04 - 2013-12-26 13:04 - 01233962 _____ C:\Users\tarik\Downloads\adwcleaner.exe

2013-12-26 13:04 - 2013-12-26 13:04 - 01034531 _____ (Thisisu) C:\Users\tarik\Downloads\JRT.exe

2013-12-26 13:02 - 2013-12-26 13:02 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-12-26 13:02 - 2013-12-26 13:02 - 00000055 _____ C:\Users\tarik\AppData\Roaming\mbam.context.scan

2013-12-26 13:02 - 2013-12-26 13:02 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Malwarebytes

2013-12-26 13:02 - 2013-12-26 13:02 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-12-26 13:02 - 2013-12-26 13:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-12-26 13:01 - 2013-12-26 13:01 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\tarik\Downloads\mbam-setup-1.75.0.1300.exe

2013-12-26 13:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru

2013-12-26 12:53 - 2013-12-17 22:52 - 00000312 _____ C:\Windows\Tasks\Dealply.job

2013-12-26 12:47 - 2013-10-25 18:47 - 00000310 _____ C:\Windows\Tasks\FoxTab.job

2013-12-26 12:45 - 2013-10-22 10:30 - 00001142 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002UA.job

2013-12-26 12:42 - 2013-12-26 12:42 - 00000000 ____D C:\FRST

2013-12-26 12:41 - 2013-12-26 12:41 - 01928716 _____ (Farbar) C:\Users\tarik\Downloads\FRST64.exe

2013-12-26 12:39 - 2013-10-11 14:23 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-12-26 12:23 - 2013-12-26 12:23 - 00000000 _____ C:\Users\tarik\agent.log

2013-12-26 12:23 - 2013-10-05 15:41 - 00000000 ____D C:\Users\tarik

2013-12-26 03:28 - 2013-12-26 03:28 - 00002007 _____ C:\Windows\wininit.ini

2013-12-26 03:15 - 2013-12-16 18:21 - 00000000 ____D C:\Users\tarik\Desktop\Burak

2013-12-26 03:10 - 2013-10-22 11:28 - 00093184 ___SH C:\Users\tarik\Downloads\Thumbs.db

2013-12-26 03:05 - 2013-12-17 19:03 - 00000000 ____D C:\Program Files (x86)\PremiumSoft

2013-12-26 03:03 - 2013-10-11 14:31 - 00666624 ___SH C:\Users\tarik\Desktop\Thumbs.db

2013-12-26 03:02 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI

2013-12-26 02:43 - 2013-12-11 20:49 - 00000000 ____D C:\Users\tarik\AppData\Roaming\uTorrent

2013-12-26 02:38 - 2013-12-26 02:38 - 00436320 _____ C:\Windows\system32\FNTCACHE.DAT

2013-12-26 02:38 - 2013-12-06 11:41 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3

2013-12-26 02:37 - 2013-10-22 10:45 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software

2013-12-26 02:37 - 2013-10-05 20:52 - 00000000 ____D C:\Users\tarik\Documents\StreamTransport

2013-12-26 02:36 - 2013-11-24 18:53 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

2013-12-26 02:35 - 2013-11-24 18:52 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2

2013-12-26 02:35 - 2013-10-05 19:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2013-12-26 02:34 - 2013-12-22 13:18 - 00000000 ____D C:\Program Files (x86)\MySQL

2013-12-26 02:32 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\registration

2013-12-26 02:31 - 2013-10-05 20:31 - 00000000 ____D C:\Users\tarik\AppData\Local\Mozilla

2013-12-26 02:31 - 2013-10-05 15:41 - 00000000 ____D C:\Users\tarik\AppData\Local\Packages

2013-12-26 02:28 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent

2013-12-26 02:26 - 2013-12-21 22:05 - 00000000 ____D C:\Users\tarik\AppData\Roaming\TS3Client

2013-12-26 02:17 - 2013-12-25 21:00 - 00000000 __SHD C:\Users\tarik\VOKYV

2013-12-26 02:03 - 2013-12-26 02:03 - 00000000 ____D C:\Program Files\Enigma Software Group

2013-12-26 02:03 - 2013-12-26 02:03 - 00000000 _____ C:\autoexec.bat

2013-12-25 13:59 - 2013-12-24 20:46 - 00000000 ____D C:\Users\xampp\tomcat

2013-12-25 13:59 - 2013-12-24 20:45 - 00000000 ____D C:\Users\xampp

2013-12-25 02:00 - 2013-12-25 00:16 - 00007064 _____ C:\Users\xampp\xampp-control.log

2013-12-24 20:17 - 2013-12-23 12:55 - 00000000 __SHD C:\Users\tarik\AppData\Local\.#

2013-12-22 18:21 - 2013-12-22 18:21 - 00000000 ____D C:\ProgramData\Package Cache

2013-12-22 13:32 - 2013-12-22 13:32 - 00000000 ____D C:\Users\tarik\AppData\Roaming\MySQL

2013-12-22 13:22 - 2013-12-22 13:21 - 00000000 ____D C:\Program Files\MySQL

2013-12-22 13:21 - 2013-12-22 13:18 - 00000000 ____D C:\ProgramData\MySQL

2013-12-22 11:42 - 2013-12-19 17:04 - 00000000 ____D C:\ProgramData\bcb

2013-12-22 11:42 - 2013-12-19 17:04 - 00000000 ____D C:\ProgramData\avs

2013-12-22 11:37 - 2013-12-15 20:32 - 00000950 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002UA.job

2013-12-21 22:05 - 2013-12-21 22:04 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client

2013-12-21 22:03 - 2013-12-21 22:02 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\tarik\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe

2013-12-21 21:06 - 2013-12-21 21:06 - 00000888 _____ C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Switchbotv3.lnk

2013-12-21 20:37 - 2013-12-15 20:32 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002Core.job

2013-12-21 16:45 - 2013-10-22 10:30 - 00001090 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002Core.job

2013-12-21 11:38 - 2013-12-21 11:30 - 00000000 ____D C:\Users\tarik\AppData\Roaming\XnView

2013-12-21 11:30 - 2013-12-21 11:30 - 00000923 _____ C:\Users\tarik\Desktop\XnView.lnk

2013-12-21 11:30 - 2013-12-21 11:30 - 00000000 ____D C:\Program Files (x86)\XnView

2013-12-21 11:29 - 2013-12-21 11:29 - 14995648 _____ (Gougelet Pierre-e                                           ) C:\Users\tarik\Downloads\XnView-win-full_2.13.exe

2013-12-20 23:19 - 2013-12-20 23:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-12-20 22:09 - 2013-12-20 22:07 - 177998496 _____ (NVIDIA Corporation) C:\Users\tarik\Downloads\306.23-desktop-win8-win7-winvista-32bit-international-whql.exe

2013-12-20 20:47 - 2013-12-07 12:18 - 00000474 ____H C:\Windows\Tasks\Norton Security Scan for tarik.job

2013-12-19 17:03 - 2013-12-19 17:03 - 00000000 ____D C:\Users\tarik\avt

2013-12-19 16:53 - 2013-03-25 11:31 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2013-12-19 16:36 - 2013-12-18 17:29 - 00000000 ____D C:\extract

2013-12-19 16:29 - 2013-12-18 15:33 - 00000000 ____D C:\Users\tarik\.VirtualBox

2013-12-18 22:48 - 2013-12-18 22:48 - 00004004 _____ C:\Users\tarik\AppData\Local\recently-used.xbel

2013-12-18 22:48 - 2013-10-22 10:43 - 00000000 ____D C:\Users\tarik\.gimp-2.8

2013-12-18 22:46 - 2013-10-22 10:53 - 00000000 ____D C:\Users\tarik\AppData\Local\gtk-2.0

2013-12-18 22:41 - 2013-10-16 22:41 - 00000000 _____ C:\end

2013-12-18 21:04 - 2013-10-22 10:45 - 00000000 ____D C:\Users\tarik\AppData\Roaming\NCH Software

2013-12-18 21:04 - 2013-10-22 10:45 - 00000000 ____D C:\ProgramData\NCH Software

2013-12-18 21:04 - 2013-10-22 10:44 - 00000000 ____D C:\Program Files (x86)\NCH Software

2013-12-18 17:16 - 2013-12-18 16:31 - 00000000 ____D C:\Users\tarik\Documents\Navicat

2013-12-18 16:22 - 2013-12-17 16:45 - 00000000 ____D C:\Users\tarik\AppData\Roaming\FileZilla

2013-12-18 16:19 - 2013-12-18 16:19 - 00000600 _____ C:\Users\tarik\AppData\Local\PUTTY.RND

2013-12-18 16:06 - 2013-12-18 16:01 - 123794144 _____ (BitNami) C:\Users\tarik\Downloads\xampp-win32-1.8.3-2-VC11-installer.exe

2013-12-18 15:38 - 2013-12-18 15:38 - 00000000 ____D C:\ProgramData\LogMeIn

2013-12-17 23:58 - 2013-12-17 22:52 - 00000000 ____D C:\Users\tarik\AppData\Local\CatalinaGroup

2013-12-17 22:53 - 2013-12-17 22:52 - 00002650 _____ C:\Windows\System32\Tasks\Dealply

2013-12-17 22:52 - 2013-11-25 19:53 - 00002310 _____ C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk

2013-12-17 22:52 - 2013-10-22 10:31 - 00002570 _____ C:\Users\tarik\Desktop\Google Chrome.lnk

2013-12-17 22:52 - 2013-10-05 19:56 - 00001359 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2013-12-17 22:52 - 2013-10-05 15:42 - 00002075 _____ C:\Users\Public\Desktop\eBay.lnk

2013-12-17 22:52 - 2013-10-05 15:42 - 00002065 _____ C:\Users\tarik\Desktop\MEDION Serviceportal.lnk

2013-12-17 22:52 - 2013-10-05 15:42 - 00001662 _____ C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-12-17 22:52 - 2013-10-05 15:41 - 00001237 _____ C:\Users\tarik\Desktop\Windows 8 Info.lnk

2013-12-17 00:02 - 2013-12-08 00:25 - 00000000 ____D C:\Windows\Minidump

2013-12-17 00:02 - 2013-11-25 19:52 - 00000000 ____D C:\Users\tarik\AppData\Roaming\DAEMON Tools Lite

2013-12-16 23:58 - 2012-07-26 09:12 - 00000000 __RHD C:\Users\Public\Libraries

2013-12-16 23:55 - 2013-10-05 15:42 - 00000000 ___RD C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-12-16 23:28 - 2013-12-16 23:28 - 00000000 ____D C:\Windows\SysWOW64\SearchProtect

2013-12-16 22:06 - 2013-12-15 20:54 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Audacity

2013-12-16 20:19 - 2013-12-16 19:19 - 00001243 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk

2013-12-16 20:19 - 2013-10-25 18:56 - 00000000 ____D C:\Users\tarik\AppData\Roaming\DVDVideoSoft

2013-12-16 20:19 - 2013-10-25 18:56 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft

2013-12-16 19:56 - 2013-12-16 19:56 - 00000000 ____D C:\ProgramData\SPEEDbit

2013-12-16 19:51 - 2013-12-16 19:51 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake

2013-12-16 19:51 - 2013-12-16 19:51 - 00000000 ____D C:\ProgramData\Freemake

2013-12-16 19:51 - 2013-12-16 19:51 - 00000000 ____D C:\Program Files (x86)\Freemake

2013-12-16 19:27 - 2013-12-16 19:27 - 00000000 ____D C:\Users\tarik\AppData\Roaming\eCyber

2013-12-16 19:26 - 2013-12-16 19:26 - 00000000 ____D C:\Windows\system32\log

2013-12-16 19:26 - 2013-12-16 19:26 - 00000000 ____D C:\Users\tarik\AppData\Local\C

2013-12-16 19:26 - 2013-10-10 23:19 - 00001779 _____ C:\Users\UpdatusUser\Desktop\MEDION Serviceportal.lnk

2013-12-16 19:26 - 2013-10-10 23:19 - 00000977 _____ C:\Users\UpdatusUser\Desktop\Windows 8 Info.lnk

2013-12-16 19:21 - 2013-12-16 19:21 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Converter

2013-12-16 18:18 - 2013-12-16 18:18 - 00000000 ____D C:\Fraps

2013-12-16 18:10 - 2013-12-16 18:10 - 00000000 ____D C:\Users\tarik\AppData\Roaming\BANDISOFT

2013-12-16 18:09 - 2013-12-16 18:09 - 00000992 _____ C:\Users\UpdatusUser\Desktop\Bandicam.lnk

2013-12-15 20:54 - 2013-12-15 20:54 - 00000000 ____D C:\Program Files (x86)\Audacity

2013-12-15 20:32 - 2013-12-15 20:32 - 00003798 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002UA

2013-12-15 20:32 - 2013-12-15 20:32 - 00003448 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002Core

2013-12-15 20:07 - 2013-12-15 20:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf

2013-12-15 20:07 - 2013-12-15 20:07 - 00000000 ____D C:\Program Files (x86)\Code Laboratories

2013-12-15 15:02 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache

2013-12-15 12:32 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\SecureBootUpdates

2013-12-14 12:15 - 2013-10-06 18:17 - 00000000 ____D C:\Windows\system32\MRT

2013-12-14 12:12 - 2013-03-22 18:03 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2013-12-14 12:08 - 2013-10-25 18:58 - 00000000 ____D C:\ProgramData\TuneUp Software

2013-12-13 16:40 - 2013-10-11 14:23 - 00000000 ____D C:\Program Files (x86)\Google

2013-12-12 13:29 - 2013-11-24 18:06 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2013-12-12 13:29 - 2013-11-24 18:06 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2013-12-12 13:29 - 2013-11-24 18:06 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2013-12-12 12:15 - 2013-10-21 17:32 - 00000000 ____D C:\ProgramData\Microsoft Help

2013-12-12 12:13 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\oobe

2013-12-11 20:51 - 2013-12-11 20:51 - 00015115 _____ C:\Users\tarik\AppData\Loca

2013-12-11 20:51 - 2013-12-11 20:50 - 00003726 _____ C:\Windows\System32\Tasks\SMupdate1

2013-12-11 20:51 - 2013-12-11 20:50 - 00003576 _____ C:\Windows\System32\Tasks\YTDownloaderUpd

2013-12-11 20:51 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Common Files\System

2013-12-11 20:50 - 2013-12-11 20:50 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader

2013-12-11 20:50 - 2013-12-11 20:50 - 00000000 ____D C:\Users\tarik\AppData\Local\CrashRpt

2013-12-11 20:50 - 2013-12-11 20:50 - 00000000 ____D C:\Program Files (x86)\YTDownloader

2013-12-11 20:45 - 2013-12-11 20:36 - 00310984 _____ C:\Windows\system32\Drivers\atksgt.sys

2013-12-11 20:36 - 2013-12-11 20:36 - 00042696 _____ C:\Windows\system32\Drivers\lirsgt.sys

2013-12-11 19:53 - 2013-12-11 19:42 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sytexis Software

2013-12-11 19:42 - 2013-12-11 19:42 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Sytexis Software

2013-12-11 19:42 - 2013-12-11 19:42 - 00000000 ____D C:\Program Files (x86)\Sytexis Software

2013-12-08 00:25 - 2013-12-06 11:42 - 00000000 ____D C:\Program Files (x86)\McAfee

2013-12-07 12:18 - 2013-12-07 12:18 - 00003620 _____ C:\Windows\System32\Tasks\Norton Security Scan for tarik

2013-12-07 12:18 - 2013-12-07 12:18 - 00001457 _____ C:\Users\Public\Desktop\Norton Security Scan.LNK

2013-12-07 12:18 - 2013-12-07 12:18 - 00000000 ____D C:\Windows\system32\Drivers\NSSx64

2013-12-07 12:18 - 2013-12-07 12:18 - 00000000 ____D C:\ProgramData\Symantec

2013-12-07 12:18 - 2013-12-07 12:18 - 00000000 ____D C:\ProgramData\Norton

2013-12-07 12:18 - 2013-12-07 12:18 - 00000000 ____D C:\Program Files (x86)\Norton Security Scan

2013-12-07 12:14 - 2013-12-02 20:09 - 00000000 ____D C:\ProgramData\BlueStacksSetup

2013-12-07 01:01 - 2013-12-07 01:01 - 00000000 ____D C:\Windows\SysWOW64\Adobe

2013-12-06 16:40 - 2013-10-22 10:30 - 00004088 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002UA

2013-12-06 16:40 - 2013-10-22 10:30 - 00003708 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-572523149-2183776862-3084368599-1002Core

2013-12-06 12:19 - 2013-12-06 12:19 - 00000000 ____D C:\Users\tarik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike

2013-12-06 11:42 - 2013-12-06 11:42 - 00000000 ____D C:\ProgramData\McAfee

2013-12-05 16:34 - 2013-10-11 14:23 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2013-12-05 16:34 - 2013-10-11 14:23 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2013-12-04 01:53 - 2013-11-17 14:19 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-12-04 01:53 - 2013-11-17 14:19 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-12-03 19:45 - 2013-10-22 11:43 - 00000000 ____D C:\Users\tarik\Documents\Outlook-Dateien

2013-12-02 20:14 - 2013-12-02 20:14 - 00000000 ____D C:\Users\tarik\AppData\Roaming\NVIDIA

2013-12-01 16:39 - 2013-12-01 16:39 - 00000000 ____D C:\Program Files (x86)\Hex-Editor MX

2013-12-01 16:05 - 2013-12-01 16:05 - 00000000 ____D C:\Users\tarik\Desktop\USB

2013-11-29 17:44 - 2013-12-17 23:24 - 00252688 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys

2013-11-29 17:43 - 2013-12-17 23:24 - 00126736 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys

2013-11-29 17:43 - 2013-11-29 17:43 - 00140560 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys

2013-11-29 17:40 - 2013-11-29 17:40 - 00204048 ____N (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll

2013-11-29 16:19 - 2013-11-29 16:19 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys

2013-11-27 20:06 - 2013-11-27 20:06 - 00003296 _____ C:\Windows\System32\Tasks\{23AEC637-6674-4DDF-A8D1-469D6B823D8E}

2013-11-27 18:02 - 2013-11-27 18:02 - 00003370 _____ C:\Windows\System32\Tasks\BackgroundContainer Startup Task

2013-11-27 18:02 - 2013-11-27 18:02 - 00001052 _____ C:\Users\UpdatusUser\Desktop\ZIP Password Recovery Magic.lnk

2013-11-27 18:02 - 2013-11-27 18:02 - 00000000 ____D C:\Users\tarik\AppData\Local\NativeMessaging

2013-11-27 18:02 - 2013-11-27 18:02 - 00000000 ____D C:\Program Files (x86)\Conduit

2013-11-27 17:49 - 2013-11-27 17:48 - 00001052 _____ C:\Users\UpdatusUser\Desktop\RAR Password Recovery Magic.lnk

2013-11-27 17:37 - 2013-10-05 15:41 - 00000000 ____D C:\Users\tarik\AppData\Local\VirtualStore

2013-11-27 17:25 - 2013-11-27 17:25 - 00000000 ____D C:\Program Files (x86)\Intelore

2013-11-27 17:04 - 2013-11-27 17:04 - 00000000 ____D C:\Windows\System32\Tasks\SONY

2013-11-27 16:08 - 2013-11-27 16:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
 

Some content of TEMP:

====================

C:\Users\tarik\AppData\Local\Temp\avgnt.exe

C:\Users\tarik\AppData\Local\Temp\Quarantine.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-12-18 18:27
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Malwarebytes Anti-Malware (Test) 1.75.0.1300
Malwarebytes : Free Anti-Malware

Datenbank Version: v2013.12.26.04

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16750
tarik :: TARIK-BOSS [Administrator]

Schutz: Aktiviert

26.12.2013 16:34:05
mbam-log-2013-12-26 (16-34-05).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 239583
Laufzeit: 2 Minute(n), 46 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)