SoftwareUpdater.ui.exe öffnet sich regelmäßig

go7turs · 10.07.2013, 18:01

Hallo!
Auf meinem PC öffnet sich seit einigen Tagen bei jedem Start und auch manchmal zwischendurch SoftwareUpdater.Ui.exe. Ich kann das ganze dann nicht zulassen und es passiert nichts sichtbares, aber der PC ist seitdem das zum ersten Mal aufgetaucht ist, viel langsamer geworden.
Ich habe jetzt versucht, vorbildlich alle Schritte zu befolgen, hatte aber leider dabei einige Probleme:
defogger lief problemlos, aber OTL bleibt jedesmal bei "scanning firefox settings" hängen und arbeitet nicht weiter. Ich habe alle anderen Programme geschlossen, auch ein Neustart hat daran nichts geändert.
Bei GMER kommt nach einer Weile während des Scans die Meldung "gmer.exe: dieses Programm funktioniert nicht mehr und muss geschlossen werden". Ich habe auch hier alle Programme geschlossen und die Verbindung zum WLAN gekappt.
Hoffe, mir kann jemand helfen und beste Grüße!

cosinus · 10.07.2013, 18:06

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

go7turs · 10.07.2013, 18:34

Da habe ich nur eins von Avira:

Code:

ATTFilter

28.06.2013 23:46 [System Scanner] Malware gefunden
      Die Datei 'C:\Users\...\Downloads\FlashPlayer_V.156548524b.exe'
      enthielt einen Virus oder unerwünschtes Programm 'ADWARE/DomaIQ.BN' [adware].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '56c8a6e8.qua' 
      verschoben!

cosinus · 10.07.2013, 18:36

Ok, das ist nu Adware

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

go7turs · 10.07.2013, 18:55

Das hat funktioniert. Danke für die schnelle Antwort!

FRST.txt

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-07-2013 01
Ran by ... (administrator) on 10-07-2013 19:39:38
Running from C:\Users\Lorenz\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Sony Corporation) C:\Program Files\sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files\sony\Marketing Tools\MarketingTools.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Sony Corporation) C:\Program Files\sony\Network Utility\LANUtil.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Juniper Networks) C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Sony Corporation) C:\Program Files\sony\Network Utility\NSUService.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(ArcSoft, Inc.) C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6703648 2009-01-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [155648 2009-04-13] (Alps Electric Co., Ltd.)
HKLM\...\Run: [ISBMgr.exe] - "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [317288 2008-12-18] (Sony Corporation)
HKLM\...\Run: [StartCCC] - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [61440 2009-02-10] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [MarketingTools] - C:\Program Files\Sony\Marketing Tools\MarketingTools.exe [26624 2009-06-17] (Sony Corporation)
HKLM\...\Run: [avgnt] - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [348664 2012-08-08] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Windows Mobile-based device management] - %windir%\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\VESWinlogon: VESWinlogon.dll (Sony Corporation)
HKCU\...\Run: [NSUFloatingUI] - "C:\Program Files\Sony\Network Utility\LANUtil.exe" [274432 2008-12-21] (Sony Corporation)
HKCU\...\Run: [] -  [x]
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
MountPoints2: G - G:\setup.exe
MountPoints2: {2821e142-55da-11df-bf8c-002433e705ad} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\MSOCache\doWTP_RESTORE.exe
MountPoints2: {68ab49ba-e469-11de-abd5-002433e705ad} - G:\AutoRun.exe
MountPoints2: {6fcf7e88-ddc8-11de-a0f3-002433e705ad} - G:\AutoRun.exe
MountPoints2: {758e94b8-4129-11e1-a5fe-002433e705ad} - "H:\WD SmartWare.exe" autoplay=true
MountPoints2: {97a42634-9e4e-11de-bc2b-806e6f6e6963} - G:\setup.exe
MountPoints2: {e9852b36-dd6f-11de-993f-002433e705ad} - G:\AutoRun.exe
MountPoints2: {fba3c9d5-dd04-11de-965c-002433e705ad} - G:\AutoRun.exe
MountPoints2: {fba3c9ea-dd04-11de-965c-002433e705ad} - G:\AutoRun.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter [ 2009-04-11] (Microsoft Corporation)
HKU\Default\...\Run: [NSUFloatingUI] - "C:\Program Files\Sony\Network Utility\LANUtil.exe" [x]
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [NSUFloatingUI] - "C:\Program Files\Sony\Network Utility\LANUtil.exe" [x]
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DE&userid=4d659f3c-9f14-4836-8f07-6036b621dc21&searchtype=hp&installDate=25/06/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=EU01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DE&userid=4d659f3c-9f14-4836-8f07-6036b621dc21&searchtype=ds&q={searchTerms}&installDate=25/06/2013
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=SNYT
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=EU01
HKLM SearchScopes: DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DE&userid=4d659f3c-9f14-4836-8f07-6036b621dc21&searchtype=ds&q={searchTerms}&installDate=25/06/2013
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DE&userid=4d659f3c-9f14-4836-8f07-6036b621dc21&searchtype=ds&q={searchTerms}&installDate=25/06/2013
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DE&userid=4d659f3c-9f14-4836-8f07-6036b621dc21&searchtype=ds&q={searchTerms}&installDate=25/06/2013
BHO: Plus-HD-2.4 - {11111111-1111-1111-1111-110311341134} - C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-bho.dll (Plus HD)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Lorenz\AppData\Roaming\Mozilla\Firefox\Profiles\oumiyy0n.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.1.0 - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.1.0 - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Lorenz\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: No Name - C:\Users\Lorenz\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Firefox\Extensions: [{1BC4187C-4BB6-4C5A-A11A-3FB535AE04AB}] C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome: 
=======
CHR Extension: (SiteAdvisor) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0
CHR Extension: (Plus-HD-2.4) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmbfiljpkaijkdifoaacbpallpfkkf\1.23.9_0
CHR Extension: (RealDownloader) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.1.0_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0

========================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224 2012-05-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-08] (Avira Operations GmbH & Co. KG)
R2 dsNcService; C:\Program Files\Juniper Networks\Common Files\dsNcService.exe [611696 2010-02-10] (Juniper Networks)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-10-10] (Google)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [31920 2012-03-23] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [109088 2009-01-06] (Realtek Semiconductor)
S3 SOHCImp; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe [120104 2009-02-05] (Sony Corporation)
S3 SOHDBSvr; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-02-05] (Sony Corporation)
S3 SOHDms; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe [390440 2009-02-05] (Sony Corporation)
S3 SOHDs; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe [75048 2009-02-05] (Sony Corporation)
S3 SOHPlMgr; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-02-05] (Sony Corporation)
S2 SystemStoreService; C:\Program Files\SoftwareUpdater\SystemStore.exe [278016 2013-07-08] ()
R2 uCamMonitor; C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-01-21] (Sony Corporation)
R2 VCFw; C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [5184872 2009-01-14] (Sony Corporation)
S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [394536 2009-01-19] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [313264 2009-01-21] (Sony Corporation)
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [537592 2012-08-03] (Cisco Systems, Inc.)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2009-01-21] (Sony Corporation)
R2 yksvc; C:\Windows\System32\ykx32mpcoinst.dll [282624 2009-02-10] (Marvell)

==================== Drivers (Whitelisted) ====================

S3 acsint; C:\Windows\System32\DRIVERS\acsint.sys [38440 2012-08-03] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux.sys [57256 2012-08-03] (Cisco Systems, Inc.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [17920 2008-04-24] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [83392 2012-05-08] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137928 2012-05-08] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36000 2011-10-19] (Avira GmbH)
R3 dsNcAdpt; C:\Windows\System32\DRIVERS\dsNcAdpt.sys [23552 2010-02-10] (Juniper Networks)
S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [137600 2013-01-23] (Nokia)
S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2013-01-23] (Nokia)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [155808 2009-02-23] (Realtek Semiconductor Corp.)
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [83320 2007-02-08] (Protection Technology (StarForce))
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
R3 awdirpow; C:\awdirpow.sys [103680 2013-07-10] (GMER)
S3 igfx; system32\DRIVERS\igdkmd32.sys [x]
S3 IntcHdmiAddService; system32\drivers\IntcHdmi.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S4 UIUSys; system32\DRIVERS\UIUSYS.SYS [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-10 19:39 - 2013-07-10 19:39 - 00000000 ____D C:\FRST
2013-07-10 19:38 - 2013-07-10 19:38 - 01217140 ____A (Farbar) C:\Users\Lorenz\Downloads\FRST.exe
2013-07-10 19:31 - 2013-07-10 19:31 - 00000748 ____A C:\Users\Lorenz\Documents\Ereignisse.txt
2013-07-10 18:36 - 2013-07-10 18:36 - 00103680 ____A (GMER) C:\awdirpow.sys
2013-07-10 18:34 - 2013-07-10 18:35 - 00377856 ____A C:\Users\Lorenz\Downloads\gmer_2.1.19163.exe
2013-07-10 17:50 - 2013-07-10 17:50 - 00602112 ____A (OldTimer Tools) C:\Users\Lorenz\Downloads\OTL.exe
2013-07-10 17:49 - 2013-07-10 17:49 - 00000474 ____A C:\Users\Lorenz\Downloads\defogger_disable.log
2013-07-10 17:49 - 2013-07-10 17:49 - 00000000 ____A C:\Users\Lorenz\defogger_reenable
2013-07-10 17:48 - 2013-07-10 17:48 - 00050477 ____A C:\Users\Lorenz\Downloads\Defogger.exe
2013-07-05 11:30 - 2013-07-05 11:30 - 00000862 ____A C:\Users\Lorenz\Desktop\Skype - Verknüpfung.lnk
2013-07-04 23:21 - 2013-07-04 23:21 - 00000000 ____D C:\Program Files\Common Files\Java
2013-07-04 23:21 - 2013-07-04 23:20 - 00263592 ____A (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-04 23:21 - 2013-07-04 23:20 - 00175016 ____A (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-04 23:21 - 2013-07-04 23:20 - 00175016 ____A (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-04 23:21 - 2013-07-04 23:20 - 00094632 ____A (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-07-04 23:17 - 2013-07-04 23:17 - 00903080 ____A (Oracle Corporation) C:\Users\Lorenz\Downloads\jxpiinstall.exe
2013-06-27 18:49 - 2013-06-27 18:50 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-27 00:05 - 2013-05-02 02:06 - 00238872 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-06-25 20:32 - 2013-06-26 13:19 - 00000862 ____A C:\Windows\system32\InstallUtil.InstallLog
2013-06-25 20:06 - 2013-06-25 20:06 - 00000000 ____D C:\Users\Lorenz\AppData\Local\Freemium
2013-06-25 20:01 - 2013-07-10 18:22 - 00001184 ____A C:\Windows\Tasks\Plus-HD-2.4-updater.job
2013-06-25 20:01 - 2013-07-10 18:22 - 00001088 ____A C:\Windows\Tasks\Plus-HD-2.4-enabler.job
2013-06-25 20:00 - 2013-07-10 18:22 - 00001882 ____A C:\Windows\Tasks\Plus-HD-2.4-chromeinstaller.job
2013-06-25 20:00 - 2013-07-10 18:22 - 00001808 ____A C:\Windows\Tasks\Plus-HD-2.4-firefoxinstaller.job
2013-06-25 20:00 - 2013-07-10 18:22 - 00001188 ____A C:\Windows\Tasks\Plus-HD-2.4-codedownloader.job
2013-06-25 20:00 - 2013-06-25 20:01 - 00000000 ____D C:\Program Files\Plus-HD-2.4
2013-06-25 19:59 - 2013-06-25 20:00 - 00000000 ____D C:\Program Files\SoftwareUpdater
2013-06-25 19:59 - 2013-06-25 19:59 - 00001918 ____A C:\Users\Public\Desktop\Free System Utilities.lnk
2013-06-25 19:59 - 2013-06-25 19:59 - 00000000 ____D C:\ProgramData\Package Cache
2013-06-25 19:59 - 2013-06-25 19:59 - 00000000 ____D C:\ProgramData\FreeSystemUtilities
2013-06-25 19:59 - 2013-06-25 19:59 - 00000000 ____D C:\Program Files\Covus Freemium
2013-06-25 19:58 - 2013-06-25 19:58 - 00000000 ____D C:\Users\Lorenz\AppData\Local\DownloadGuide
2013-06-25 19:56 - 2013-06-25 19:56 - 00444408 ____A C:\Users\Lorenz\Downloads\free-system-utilities-DE.exe
2013-06-25 19:40 - 2013-06-25 19:40 - 00000000 ____D C:\ProgramData\PC Optimizer Pro
2013-06-17 20:08 - 2013-06-17 20:10 - 165538699 ____A C:\Users\Lorenz\Downloads\Electrocado - The Hass Effect - 2011 - MP3.zip
2013-06-17 20:01 - 2013-06-17 20:03 - 80101873 ____A C:\Users\Lorenz\Downloads\Electrocado - The Shepard Tone - 2012 - MP3 (1).zip
2013-06-16 20:43 - 2013-06-16 20:44 - 00000000 ____D C:\Users\Lorenz\Documents\WebCam Albums
2013-06-12 16:01 - 2013-05-17 05:50 - 01212928 ____A (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-06-12 16:01 - 2013-05-17 05:50 - 00916480 ____A (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-06-12 16:01 - 2013-05-17 05:50 - 00105984 ____A (Microsoft Corporation) C:\Windows\system32\url.dll
2013-06-12 16:01 - 2013-05-17 05:48 - 00206848 ____A (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-06-12 16:01 - 2013-05-17 05:46 - 06014464 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-06-12 16:01 - 2013-05-17 05:46 - 00611840 ____A (Microsoft Corporation) C:\Windows\system32\mstime.dll
2013-06-12 16:01 - 2013-05-17 05:46 - 00067072 ____A (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-06-12 16:01 - 2013-05-17 05:45 - 00630272 ____A (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-06-12 16:01 - 2013-05-17 05:44 - 11111424 ____A (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-06-12 16:01 - 2013-05-17 05:44 - 02004992 ____A (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-06-12 16:01 - 2013-05-17 05:44 - 01469440 ____A (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-06-12 16:01 - 2013-05-17 05:44 - 00387584 ____A (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-06-12 16:01 - 2013-05-17 05:44 - 00184320 ____A (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-06-12 16:01 - 2013-05-17 05:44 - 00164352 ____A (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-06-12 16:01 - 2013-05-17 05:44 - 00109056 ____A (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-06-12 16:01 - 2013-05-17 04:06 - 00385024 ____A (Microsoft Corporation) C:\Windows\system32\html.iec
2013-06-12 16:01 - 2013-05-17 02:20 - 00133632 ____A (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-06-12 16:01 - 2013-05-08 06:37 - 00905576 ____A (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-06-12 16:00 - 2013-05-17 05:45 - 00055296 ____A (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-06-12 16:00 - 2013-05-17 05:45 - 00043520 ____A (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-06-12 16:00 - 2013-05-17 05:45 - 00025600 ____A (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-06-12 16:00 - 2013-05-17 05:44 - 00071680 ____A (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-06-12 16:00 - 2013-05-17 05:44 - 00055808 ____A (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-06-12 16:00 - 2013-05-17 02:19 - 00174080 ____A (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-06-12 16:00 - 2013-05-17 02:18 - 01638912 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-06-12 16:00 - 2013-05-17 02:18 - 00013312 ____A (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-06-12 16:00 - 2013-05-03 00:03 - 03603832 ____A (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-06-12 16:00 - 2013-05-03 00:03 - 03551096 ____A (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-06-12 16:00 - 2013-05-02 06:04 - 00443904 ____A (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-06-12 16:00 - 2013-05-02 06:03 - 00037376 ____A (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-06-12 16:00 - 2013-04-24 06:00 - 00985600 ____A (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-06-12 16:00 - 2013-04-24 06:00 - 00133120 ____A (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-06-12 16:00 - 2013-04-24 06:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-06-12 16:00 - 2013-04-24 06:00 - 00041984 ____A (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-06-12 16:00 - 2013-04-24 03:46 - 00812544 ____A (Microsoft Corporation) C:\Windows\system32\certutil.exe

==================== One Month Modified Files and Folders =======

2013-07-10 19:39 - 2013-07-10 19:39 - 00000000 ____D C:\FRST
2013-07-10 19:38 - 2013-07-10 19:38 - 01217140 ____A (Farbar) C:\Users\Lorenz\Downloads\FRST.exe
2013-07-10 19:38 - 2006-11-02 14:47 - 00003616 ___AH C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-10 19:38 - 2006-11-02 14:47 - 00003616 ___AH C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-10 19:37 - 2011-10-11 08:57 - 00000000 ____D C:\Users\Lorenz\AppData\Roaming\Skype
2013-07-10 19:31 - 2013-07-10 19:31 - 00000748 ____A C:\Users\Lorenz\Documents\Ereignisse.txt
2013-07-10 19:26 - 2009-09-14 23:58 - 00001098 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-10 18:50 - 2012-07-15 21:49 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-10 18:43 - 2009-09-09 19:59 - 01613380 ____A C:\Windows\WindowsUpdate.log
2013-07-10 18:36 - 2013-07-10 18:36 - 00103680 ____A (GMER) C:\awdirpow.sys
2013-07-10 18:35 - 2013-07-10 18:34 - 00377856 ____A C:\Users\Lorenz\Downloads\gmer_2.1.19163.exe
2013-07-10 18:22 - 2013-06-25 20:01 - 00001184 ____A C:\Windows\Tasks\Plus-HD-2.4-updater.job
2013-07-10 18:22 - 2013-06-25 20:01 - 00001088 ____A C:\Windows\Tasks\Plus-HD-2.4-enabler.job
2013-07-10 18:22 - 2013-06-25 20:00 - 00001882 ____A C:\Windows\Tasks\Plus-HD-2.4-chromeinstaller.job
2013-07-10 18:22 - 2013-06-25 20:00 - 00001808 ____A C:\Windows\Tasks\Plus-HD-2.4-firefoxinstaller.job
2013-07-10 18:22 - 2013-06-25 20:00 - 00001188 ____A C:\Windows\Tasks\Plus-HD-2.4-codedownloader.job
2013-07-10 18:22 - 2009-09-14 23:58 - 00001094 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-10 18:22 - 2006-11-02 15:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-10 18:20 - 2009-05-15 10:57 - 00001076 ____A C:\Windows\bthservsdp.dat
2013-07-10 18:20 - 2006-11-02 15:01 - 00032558 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-10 17:55 - 2012-10-30 15:50 - 00000932 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2039305695-2997229018-844476368-1000UA.job
2013-07-10 17:50 - 2013-07-10 17:50 - 00602112 ____A (OldTimer Tools) C:\Users\Lorenz\Downloads\OTL.exe
2013-07-10 17:49 - 2013-07-10 17:49 - 00000474 ____A C:\Users\Lorenz\Downloads\defogger_disable.log
2013-07-10 17:49 - 2013-07-10 17:49 - 00000000 ____A C:\Users\Lorenz\defogger_reenable
2013-07-10 17:49 - 2009-09-09 20:01 - 00000000 ____D C:\Users\Lorenz
2013-07-10 17:48 - 2013-07-10 17:48 - 00050477 ____A C:\Users\Lorenz\Downloads\Defogger.exe
2013-07-07 16:53 - 2010-03-07 17:39 - 00000680 ____A C:\Users\Lorenz\AppData\Local\d3d9caps.dat
2013-07-07 14:55 - 2012-10-30 15:50 - 00000910 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2039305695-2997229018-844476368-1000Core.job
2013-07-06 11:36 - 2008-01-21 09:16 - 01445310 ____A C:\Windows\system32\PerfStringBackup.INI
2013-07-05 11:30 - 2013-07-05 11:30 - 00000862 ____A C:\Users\Lorenz\Desktop\Skype - Verknüpfung.lnk
2013-07-04 23:33 - 2006-11-02 14:52 - 00176637 ____A C:\Windows\setupact.log
2013-07-04 23:21 - 2013-07-04 23:21 - 00000000 ____D C:\Program Files\Common Files\Java
2013-07-04 23:20 - 2013-07-04 23:21 - 00263592 ____A (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-04 23:20 - 2013-07-04 23:21 - 00175016 ____A (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-04 23:20 - 2013-07-04 23:21 - 00175016 ____A (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-04 23:20 - 2013-07-04 23:21 - 00094632 ____A (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-07-04 23:20 - 2012-07-15 21:51 - 00867240 ____A (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-04 23:20 - 2010-05-07 16:26 - 00789416 ____A (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-04 23:20 - 2009-10-19 14:34 - 00000000 ____D C:\Program Files\Java
2013-07-04 23:17 - 2013-07-04 23:17 - 00903080 ____A (Oracle Corporation) C:\Users\Lorenz\Downloads\jxpiinstall.exe
2013-07-04 23:04 - 2013-05-28 22:08 - 00000000 ____D C:\ProgramData\Skype
2013-07-04 23:04 - 2013-05-28 22:08 - 00000000 ____D C:\Program Files\Skype
2013-07-04 23:03 - 2013-06-05 13:53 - 00362029 ____A C:\Windows\system32\sqlite3.dll
2013-07-04 19:20 - 2012-01-18 17:46 - 00000000 ____D C:\Users\Lorenz\Documents\Lebenshilfe
2013-07-03 14:39 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-07-02 15:26 - 2012-01-17 22:12 - 00000000 ____D C:\Users\Lorenz\Documents\Mathe
2013-06-29 21:43 - 2012-11-23 02:58 - 00000000 ____D C:\Users\Lorenz\AppData\Roaming\Spotify
2013-06-29 19:23 - 2012-11-23 03:06 - 00000000 ____D C:\Users\Lorenz\AppData\Local\Spotify
2013-06-28 10:49 - 2012-04-26 18:35 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-06-27 18:50 - 2013-06-27 18:49 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-27 17:59 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-06-26 23:55 - 2009-06-17 09:57 - 00000000 ____D C:\ProgramData\McAfee
2013-06-26 23:54 - 2008-01-21 04:47 - 00507564 ____A C:\Windows\PFRO.log
2013-06-26 13:19 - 2013-06-25 20:32 - 00000862 ____A C:\Windows\system32\InstallUtil.InstallLog
2013-06-25 20:47 - 2009-06-17 10:10 - 00000000 ____D C:\ProgramData\Symantec
2013-06-25 20:42 - 2009-09-09 20:04 - 00000000 ____D C:\Users\Lorenz\AppData\Local\Google
2013-06-25 20:10 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-06-25 20:06 - 2013-06-25 20:06 - 00000000 ____D C:\Users\Lorenz\AppData\Local\Freemium
2013-06-25 20:03 - 2009-06-17 10:05 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-06-25 20:01 - 2013-06-25 20:00 - 00000000 ____D C:\Program Files\Plus-HD-2.4
2013-06-25 20:00 - 2013-06-25 19:59 - 00000000 ____D C:\Program Files\SoftwareUpdater
2013-06-25 19:59 - 2013-06-25 19:59 - 00001918 ____A C:\Users\Public\Desktop\Free System Utilities.lnk
2013-06-25 19:59 - 2013-06-25 19:59 - 00000000 ____D C:\ProgramData\Package Cache
2013-06-25 19:59 - 2013-06-25 19:59 - 00000000 ____D C:\ProgramData\FreeSystemUtilities
2013-06-25 19:59 - 2013-06-25 19:59 - 00000000 ____D C:\Program Files\Covus Freemium
2013-06-25 19:58 - 2013-06-25 19:58 - 00000000 ____D C:\Users\Lorenz\AppData\Local\DownloadGuide
2013-06-25 19:56 - 2013-06-25 19:56 - 00444408 ____A C:\Users\Lorenz\Downloads\free-system-utilities-DE.exe
2013-06-25 19:40 - 2013-06-25 19:40 - 00000000 ____D C:\ProgramData\PC Optimizer Pro
2013-06-25 19:27 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Resources
2013-06-21 10:16 - 2009-09-14 23:59 - 00001971 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-06-17 20:10 - 2013-06-17 20:08 - 165538699 ____A C:\Users\Lorenz\Downloads\Electrocado - The Hass Effect - 2011 - MP3.zip
2013-06-17 20:03 - 2013-06-17 20:01 - 80101873 ____A C:\Users\Lorenz\Downloads\Electrocado - The Shepard Tone - 2012 - MP3 (1).zip
2013-06-16 20:44 - 2013-06-16 20:43 - 00000000 ____D C:\Users\Lorenz\Documents\WebCam Albums
2013-06-14 10:15 - 2012-12-28 16:27 - 00000000 ____D C:\Users\Lorenz\Documents\Erasmus
2013-06-12 23:33 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-06-12 19:00 - 2006-11-02 12:24 - 73381792 ____A (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-06-12 18:50 - 2012-07-15 21:49 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-06-12 18:50 - 2012-07-15 21:49 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-10 18:29

==================== End Of Log ============================

--- --- ---

--- --- ---

[/CODE]

Addition.txt

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-07-2013 01
Ran by ... at 2013-07-10 19:40:35
Running from C:\Users\Lorenz\Downloads
Boot Mode: Normal
==========================================================

2007 Microsoft Office Suite Service Pack 1 (SP1)
Adobe Flash Player 10 ActiveX (Version: 10.0.12.36)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader X (10.1.4) - Deutsch (Version: 10.1.4)
ADVANCED Version 1.11 (Version: 1.11)
Alps Pointing-device for VAIO
ArcSoft Magic-i Visual Effects 2 (Version: 2.0.1.39)
ArcSoft WebCam Companion 2
ATI Catalyst Install Manager (Version: 3.0.710.0)
Audacity 2.0.3 (Version: 2.0.3)
Avira Free Antivirus (Version: 12.1.9.2400)
AVS Image Converter 2.3.3.249 (Version: 2.3.3.249)
Canon Easy-PhotoPrint EX
Canon MG5100 series Benutzerregistrierung
Canon MG5100 series MP Drivers
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0210.2216.39965)
Catalyst Control Center Graphics Full Existing (Version: 2009.0210.2216.39965)
Catalyst Control Center Graphics Full New (Version: 2009.0210.2216.39965)
Catalyst Control Center Graphics Light (Version: 2009.0210.2216.39965)
Catalyst Control Center Graphics Previews Common (Version: 2009.0210.2216.39965)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0210.2216.39965)
Catalyst Control Center InstallProxy (Version: 2009.0210.2216.39965)
Catalyst Control Center Localization All (Version: 2009.0210.2216.39965)
CCC Help Chinese Standard (Version: 2009.0210.2215.39965)
CCC Help Chinese Traditional (Version: 2009.0210.2215.39965)
CCC Help Czech (Version: 2009.0210.2215.39965)
CCC Help Danish (Version: 2009.0210.2215.39965)
CCC Help Dutch (Version: 2009.0210.2215.39965)
CCC Help English (Version: 2009.0210.2215.39965)
CCC Help Finnish (Version: 2009.0210.2215.39965)
CCC Help French (Version: 2009.0210.2215.39965)
CCC Help German (Version: 2009.0210.2215.39965)
CCC Help Greek (Version: 2009.0210.2215.39965)
CCC Help Hungarian (Version: 2009.0210.2215.39965)
CCC Help Italian (Version: 2009.0210.2215.39965)
CCC Help Japanese (Version: 2009.0210.2215.39965)
CCC Help Korean (Version: 2009.0210.2215.39965)
CCC Help Norwegian (Version: 2009.0210.2215.39965)
CCC Help Polish (Version: 2009.0210.2215.39965)
CCC Help Portuguese (Version: 2009.0210.2215.39965)
CCC Help Russian (Version: 2009.0210.2215.39965)
CCC Help Spanish (Version: 2009.0210.2215.39965)
CCC Help Swedish (Version: 2009.0210.2215.39965)
CCC Help Thai (Version: 2009.0210.2215.39965)
CCC Help Turkish (Version: 2009.0210.2215.39965)
ccc-core-static (Version: 2009.0210.2216.39965)
ccc-utility (Version: 2009.0210.2216.39965)
CDBurnerXP (Version: 4.5.0.3717)
Choice Guard (Version: 1.2.87.0)
Cisco AnyConnect Secure Mobility Client  (Version: 3.1.00495)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.00495)
Click to Disc (Version: 1.2.60.13210)
Click to Disc Editor (Version: 2.0.00)
Compatibility Pack für 2007 Office System (Version: 12.0.4518.1014)
DivX Converter (Version: 7.1.0)
DivX Plus DirectShow Filters
DivX Version Checker (Version: 7.1.0.9)
DivX-Setup (Version: 2.5.0.8)
Dropbox (HKCU Version: 1.1.45)
Elecard MPEG-2 Decoder&Streaming Plug-in for WMP (Version: 3.7.90209)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Free M4a to MP3 Converter 7.0
Free System Utilities (Version: 1.1.0.95)
Free SystemUtilities (Version: 1.1.0.95)
Free YouTube Download version 3.1.39.1015 (Version: 3.1.39.1015)
Free YouTube to MP3 Converter version 3.11.26.706 (Version: 3.11.26.706)
Geographie Trainer (Version: 3.0)
GetDataBack for NTFS (Version: 4.00.000)
Google Chrome (Version: 27.0.1453.116)
Google Desktop (Version: 5.9.1005.12335)
Google Earth (Version: 7.0.3.8542)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.149)
Google Updater (Version: 2.4.2432.1652)
GTA2 (Version: 1.00.001)
HDAUDIO SoftV92 Data Fax Modem with SmartCP
ICQ
ICQ7.2 (Version: 7.2)
Icy Tower v1.4
Intel PROSet Wireless
Intel(R) PROSet/Wireless WiFi-Software (Version: 12.01.1000)
IrfanView (remove only) (Version: 4.35)
Jardinains 2!
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 29 (Version: 6.0.290)
JavaFX 2.1.1 (Version: 2.1.1)
Juniper Networks Network Connect 6.4.0 (Version: 6.4.0.15219)
Juniper Networks Setup Client (HKCU Version: 2.0.2.6379)
Juniper Networks Setup Client Activex Control (Version: 2.0.0.3)
Kastor Free Vimeo Downloader V 1.5 (Version: 1.0.0.0)
LAME v3.99.3 (for Windows)
Me&My VAIO (Version: 1.2.0.14020)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6215.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6215.1000)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6215.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6215.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.6213.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6213.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6213.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6213.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6215.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6215.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
MilkDrop for Winamp 2x (remove only)
Mozilla Firefox 22.0 (x86 de) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music Transfer (Version: 1.3.01.13160)
Nokia Connectivity Cable Driver (Version: 7.1.172.0)
Nokia Suite (Version: 3.8.30.0)
OpenMG Secure Module 5.3.00 (Version: 5.3.00.13080)
OpenOffice.org 3.1 (Version: 3.1.9420)
PC Connectivity Solution (Version: 12.0.109.0)
PDF24 Creator 4.2.0
Plus-HD-2.4 (Version: 1.27.153.6)
Primo (Version: 1.00.0000)
RealDownloader (Version: 1.1.0)
Realtek High Definition Audio Driver (Version: 6.0.1.5759)
Roxio Central Audio (Version: 3.7.0)
Roxio Central Copy (Version: 3.7.0)
Roxio Central Core (Version: 3.7.0)
Roxio Central Data (Version: 3.7.0)
Roxio Central Tools (Version: 3.7.0)
Roxio Easy Media Creator 10 LJ (Version: 10.1)
Roxio Easy Media Creator Home (Version: 10.1.311)
Runtime (Version: 1.00.0000)
Setting Utility Series (Version: 4.3.0.14120)
Skins (Version: 2009.0210.2216.39965)
Skype™ 6.5 (Version: 6.5.158)
Software Info for Me&My VAIO (Version: 1.0.0.14020)
Sony Home Network Library (Version: 1.4.0.14050)
Sony Picture Utility (Version: 4.2.12.14260)
Sony Video Shared Library (Version: 3.5.00)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Splashtop (Version: 1.0.7.2)
Spotify (HKCU Version: 0.9.0.133.gd18ed589)
The Final Quiz Game 1.04
TrackMania Nations ESWC 0.1.7.5
UMTS USB Modem Manager (Version: 11.002.04.02.52)
Unterstützung für VAIO-Präsentation (Version: 1.2.0.12240)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Office 2007 (KB946691)
VAIO Content Folder Setting (Version: 2.3.0.12220)
VAIO Content Folder Watcher (Version: 1.1.0.13140)
VAIO Content Metadata Intelligent Analyzing Manager (Version: 3.4.0.13192)
VAIO Content Metadata Manager Setting (Version: 3.4.0.13160)
VAIO Content Metadata XML Interface Library (Version: 3.4.0.13160)
VAIO Control Center (Version: 3.3.0.12240)
VAIO Data Restore Tool (Version: 1.1.00.13080)
VAIO DVD Menu Data Basic (Version: 1.0.00.08130)
VAIO Energie Verwaltung (Version: 3.3.0.12190)
VAIO Entertainment Platform (Version: 3.4.0.13210)
VAIO Event Service (Version: 4.3.0.13190)
VAIO Marketing Tools
VAIO Media plus (Version: 1.4.0.14050)
VAIO Media plus Opening Movie (Version: 1.2.0.09100)
VAIO Movie Story (Version: 1.4.00.13080)
VAIO Movie Story Template Data (Version: 1.4.00.13080)
VAIO MusicBox (Version: 2.2.0.13091)
VAIO MusicBox Sample Music (Version: 1.1.00.14140)
VAIO Original Function Setting (Version: 1.5.01.10310)
VAIO Smart Network (Version: 2.3.0.12210)
VAIO Update 4 (Version: 4.1.0.12180)
VAIO Wallpaper Contents (Version: 1.3.0.10310)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC media player 1.1.5 (Version: 1.1.5)
WIDCOMM Bluetooth Software (Version: 6.2.0.8000)
Winamp (Version: 5.56 )
Windows Live Anmelde-Assistent (Version: 5.000.817.1)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live Messenger (Version: 14.0.8050.1202)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
WinDVD for VAIO (Version: 8.0-B9.726)
WinRAR
 

==================== Restore Points  =========================

22-06-2013 18:39:52 Geplanter Prüfpunkt
23-06-2013 17:29:24 Geplanter Prüfpunkt
24-06-2013 18:56:06 Geplanter Prüfpunkt
25-06-2013 17:41:27 Removed Snap.Do
25-06-2013 17:43:40 Removed Snap.Do
25-06-2013 17:45:58 Removed Snap.Do
25-06-2013 17:50:02 Removed Snap.Do
25-06-2013 17:50:52 Removed Snap.Do
25-06-2013 17:58:48 Free System Utilities
25-06-2013 18:27:45 Free System Utilities 25.06.2013 20:27:39
25-06-2013 18:47:06 Norton Online Backup aktivieren wird entfernt
26-06-2013 22:04:18 Windows Update
26-06-2013 22:48:50 Windows Update
28-06-2013 20:15:46 Geplanter Prüfpunkt
29-06-2013 19:38:21 Geplanter Prüfpunkt
02-07-2013 09:27:40 Geplanter Prüfpunkt
02-07-2013 15:12:43 Windows Update
03-07-2013 22:43:22 Geplanter Prüfpunkt
04-07-2013 21:18:09 Installed Java 7 Update 25
05-07-2013 16:17:54 Geplanter Prüfpunkt
08-07-2013 16:26:16 Geplanter Prüfpunkt
09-07-2013 07:33:40 Windows Update
09-07-2013 20:55:49 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2006-11-02 12:23 - 2010-06-19 16:12 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {09DFC03B-4F94-4A7E-89E3-A6CB3A0C9F92} - System32\Tasks\Freemium1ClickMaint => C:\Users\Lorenz\Downloads\1Click.exe No File
Task: {0E74E40B-6326-4436-8AE1-06D6567F2FEA} - System32\Tasks\Plus-HD-2.4-chromeinstaller => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-chromeinstaller.exe [2013-06-25] (Plus HD)
Task: {197C4416-0C23-4F79-B8DD-F1ED54D9C28C} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-07-06] ()
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {2A375A8E-6541-447A-BC79-0A99A6300A65} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {2B4F65FB-B162-4985-99DF-26F7277E0BD8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2039305695-2997229018-844476368-1000Core => C:\Users\Lorenz\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-30] (Facebook Inc.)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {4DEF4CD5-9296-4403-B345-5C178EB9BA17} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2039305695-2997229018-844476368-1000UA => C:\Users\Lorenz\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-30] (Facebook Inc.)
Task: {5438258B-2188-4C43-822D-86EB975EA125} - System32\Tasks\Plus-HD-2.4-firefoxinstaller => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-firefoxinstaller.exe [2013-06-25] (Plus HD)
Task: {605A365B-8244-4544-AA4B-DF147224FF15} - System32\Tasks\Plus-HD-2.4-updater => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-updater.exe [2013-06-25] (Plus HD)
Task: {64CFF73F-4FAC-41D1-B7AD-D87B85B33181} - System32\Tasks\SONY\Me&My VAIO\Me&My VAIO => C:\Program Files\Sony\Me&amp;My VAIO\QLGuide.exe No File
Task: {8012DB7D-3D8B-4697-BA3C-BD3E1401010D} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Lorenz => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)
Task: {84391A5D-AFFC-49BC-802D-843D9479F6AB} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-15] (Google)
Task: {89222D58-8AA3-4A65-9811-4004B25540FB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {91D4D102-13F2-4D1E-B254-BE7FDB62ACE4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-14] (Google Inc.)
Task: {9C5C2753-6426-4E38-954B-DC4A6984E283} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {A78AC9AA-ED7C-4A84-B3C4-8BE0CEB53B0F} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe [2008-12-18] (Sony Corporation)
Task: {B47A014C-E861-4CCE-B337-9D34B8DF382B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-14] (Google Inc.)
Task: {BB2E925F-40FC-44A9-BE58-8D1FA90A29C9} - System32\Tasks\Plus-HD-2.4-enabler => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-enabler.exe [2013-06-25] (Plus HD)
Task: {BDCBFE7C-239E-4C7D-9FF0-05E2D0403E04} - System32\Tasks\Plus-HD-2.4-codedownloader => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-codedownloader.exe [2013-06-25] (Plus HD)
Task: {BEEA7EDB-1E8C-4A28-9B86-2F8D39F015E4} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {E652FD45-B33F-43ED-ADA5-EAD7C91CAF2F} - System32\Tasks\{39D9C307-A35A-4BDC-84B2-9361F0E715D5} => c:\program files\mozilla firefox\firefox.exe [2013-06-27] (Mozilla Corporation)
Task: {F11AD709-0D13-454D-B59D-C9FBF3C4F329} - System32\Tasks\Software Updater Ui => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-07-08] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2039305695-2997229018-844476368-1000Core.job => C:\Users\Lorenz\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2039305695-2997229018-844476368-1000UA.job => C:\Users\Lorenz\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\Google Software Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-chromeinstaller.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-chromeinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-codedownloader.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-codedownloader.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-enabler.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-enabler.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-firefoxinstaller.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-firefoxinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-updater.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-updater.exe

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: R5C592
Description: R5C592
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: RICOH
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: R5C822
Description: R5C822
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: RICOH
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Event log errors: =========================

Application errors:
==================
Error: (07/10/2013 06:43:04 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung gmer_2.1.19163.exe, Version 2.1.19163.0, Zeitstempel 0x515d31f0, fehlerhaftes Modul gmer_2.1.19163.exe, Version 2.1.19163.0, Zeitstempel 0x515d31f0, Ausnahmecode 0xc0000005, Fehleroffset 0x00012288,
Prozess-ID 0xa20, Anwendungsstartzeit gmer_2.1.19163.exe0.

Error: (07/10/2013 06:40:54 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung gmer_2.1.19163.exe, Version 2.1.19163.0, Zeitstempel 0x515d31f0, fehlerhaftes Modul gmer_2.1.19163.exe, Version 2.1.19163.0, Zeitstempel 0x515d31f0, Ausnahmecode 0xc0000005, Fehleroffset 0x00012288,
Prozess-ID 0xc3c, Anwendungsstartzeit gmer_2.1.19163.exe0.

Error: (07/10/2013 06:23:38 PM) (Source: VzCdbSvc) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)

Error: (07/10/2013 06:23:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2013 06:22:36 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/10/2013 06:22:36 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/10/2013 06:22:36 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/10/2013 06:22:36 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/10/2013 06:22:36 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/10/2013 06:22:36 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (07/10/2013 06:23:27 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (07/10/2013 04:58:21 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (07/10/2013 04:58:21 PM) (Source: Service Control Manager) (User: )
Description: 30000vpnagent

Error: (07/09/2013 03:49:29 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (07/09/2013 03:49:29 PM) (Source: Service Control Manager) (User: )
Description: 30000vpnagent

Error: (07/09/2013 09:27:59 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (07/09/2013 09:27:59 AM) (Source: Service Control Manager) (User: )
Description: 30000vpnagent

Error: (07/09/2013 09:27:09 AM) (Source: Print) (User: NT-AUTORITÄT)
Description: Der Druckspooler konnte den Drucker An OneNote 2007 senden nicht unter dem Namen An OneNote 2007 senden freigeben. Fehler: 2114. Der Drucker kann nicht von anderen Benutzern im Netzwerk verwendet werden.

Error: (07/08/2013 11:20:04 PM) (Source: Service Control Manager) (User: )
Description: Windows Presentation Foundation-Schriftartcache 3.0.0.0%%1053

Error: (07/08/2013 11:20:04 PM) (Source: Service Control Manager) (User: )
Description: 30000Windows Presentation Foundation-Schriftartcache 3.0.0.0


Microsoft Office Sessions:
=========================
Error: (01/22/2011 01:33:29 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 809 seconds with 540 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 45%
Total physical RAM: 3038.12 MB
Available physical RAM: 1656.32 MB
Total Pagefile: 6280.5 MB
Available Pagefile: 4796.98 MB
Total Virtual: 2047.88 MB
Available Virtual: 1903.76 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:287.9 GB) (Free:81.82 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: E1F14F2A)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=288 GB) - (Type=07 NTFS)

==================== End Of Log ============================

cosinus · 10.07.2013, 19:53

Recht unauffällig, Softwareupdater seh ich da zwar, aber as sollte eigentlich mit JRT/ADC zu entfernen sein

JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

go7turs · 10.07.2013, 21:09

Okay, beim Neustart ist dieses mal kein SoftwareUpdater gekommen.

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.0.4 (07.10.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by ... on 10.07.2013 at 21:51:33,81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\pc optimizer pro
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0033434.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0033434.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0033434.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0033434.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\CrossriderApp0033434.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\CrossriderApp0033434.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\CrossriderApp0033434.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\CrossriderApp0033434.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{11111111-1111-1111-1111-110311341134}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{22222222-2222-2222-2222-220322342234}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341134}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\pc optimizer pro"
Successfully deleted: [Folder] "C:\Users\...\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\...\appdata\local\downloadguide"



~~~ FireFox

Successfully deleted: [File] C:\Users\...\AppData\Roaming\mozilla\firefox\profiles\oumiyy0n.default-1368106338886\searchplugins\web search.xml
Successfully deleted the following from C:\Users\Lorenz\AppData\Roaming\mozilla\firefox\profiles\oumiyy0n.default-1368106338886\prefs.js

user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.backgroundjs", "\n\n/****************************************************
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.js", "\n\n  /************************************************************
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_104.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_120.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_123.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_13.name", "CrossriderAppUtils");
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_14.name", "CrossriderUtils");
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBack
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQu
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],regi
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){va
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.res
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_78.name", "CrossriderInfo");
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jqu
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_91.code", "(function(e){var l=(function(){var N=0;var V=\"
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"unde
user_pref("extensions.crossrider.bic", "13f7c808d33edd299ef81f47c36bfeb6");
user_pref("extensions.helperbar.SmartbarDisabled", true);
user_pref("extensions.helperbar.SmartbarStateMinimaized", true);
user_pref("iminent.webbooster.scripts.minibar.LayoutId", "1");
user_pref("iminent.webbooster.scripts.minibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
user_pref("iminent.webbooster.scripts.minibar.Services.BHPCode", "01");
user_pref("iminent.webbooster.scripts.minibar.Services.DefaultEvent", "000");
user_pref("iminent.webbooster.scripts.minibar.Services.DefaultWebSite", "000");
user_pref("iminent.webbooster.scripts.minibar.Services.IminentClientCode", "11");
user_pref("iminent.webbooster.scripts.minibar.Services.SmartFavCode", "02");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent102", "1372183385991");
user_pref("iminent.webbooster.scripts.sslminibar.LayoutId", "1");
user_pref("iminent.webbooster.scripts.sslminibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
user_pref("iminent.webbooster.scripts.sslminibar.Services.BHPCode", "01");
user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultEvent", "000");
user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultWebSite", "000");
user_pref("iminent.webbooster.scripts.sslminibar.Services.IminentClientCode", "11");
user_pref("iminent.webbooster.scripts.sslminibar.Services.SmartFavCode", "02");
user_pref("iminent.webbooster.scripts.sslminibar.ShowThankyouPixel", "0");
user_pref("iminent.webbooster.scripts.sslminibar.displayFavLinks", "0");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent109", "1372231973940");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent111", "1372231973961");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent112", "1372231996627");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent122", "1372231973979");
Emptied folder: C:\Users\...\AppData\Roaming\mozilla\firefox\profiles\oumiyy0n.default-1368106338886\minidumps [11 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.07.2013 at 21:54:24,95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v2.304 - Datei am 10/07/2013 um 21:56:22 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : ... - LORENZ-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\...\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : SystemStoreService

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\oumiyy0n.default-1368106338886\foxydeal.sqlite
Ordner Gelöscht : C:\Program Files\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Program Files\Covus Freemium
Ordner Gelöscht : C:\Program Files\SoftwareUpdater
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Covus Freemium
Ordner Gelöscht : C:\Users\...\AppData\Local\Temp\boost_interprocess

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\FoxyDeal
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\Software\DeviceVM
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Software

***** [Internet Browser] *****

-\\ Internet Explorer v8.0.6001.19437

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\...\AppData\Roaming\Mozilla\Firefox\Profiles\oumiyy0n.default-1368106338886\prefs.js

Gelöscht : user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.3343[...]
Gelöscht : user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.3343[...]
Gelöscht : user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.3343[...]

-\\ Google Chrome v27.0.1453.116

Datei : C:\Users\...\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [7733 octets] - [10/07/2013 21:56:22]

########## EOF - C:\AdwCleaner[S1].txt - [7793 octets] ##########

--- --- ---

[/CODE]

cosinus · 10.07.2013, 21:11

Ok, ein frisches Log mit FRST bitte

go7turs · 10.07.2013, 22:43

Vielen Dank schon mal an dieser Stelle!

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-07-2013 01
Ran by ... (administrator) on 10-07-2013 23:39:49
Running from C:\Users\...\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Juniper Networks) C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Sony Corporation) C:\Program Files\sony\Network Utility\NSUService.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(ArcSoft, Inc.) C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Sony Corporation) C:\Program Files\sony\ISB Utility\ISBMgr.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sony Corporation) C:\Program Files\sony\Marketing Tools\MarketingTools.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Sony Corporation) C:\Program Files\sony\Network Utility\LANUtil.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Google) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6703648 2009-01-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [155648 2009-04-13] (Alps Electric Co., Ltd.)
HKLM\...\Run: [ISBMgr.exe] - "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [317288 2008-12-18] (Sony Corporation)
HKLM\...\Run: [StartCCC] - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [61440 2009-02-10] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [MarketingTools] - C:\Program Files\Sony\Marketing Tools\MarketingTools.exe [26624 2009-06-17] (Sony Corporation)
HKLM\...\Run: [avgnt] - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [348664 2012-08-08] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Windows Mobile-based device management] - %windir%\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\VESWinlogon: VESWinlogon.dll (Sony Corporation)
HKCU\...\Run: [NSUFloatingUI] - "C:\Program Files\Sony\Network Utility\LANUtil.exe" [274432 2008-12-21] (Sony Corporation)
HKCU\...\Run: [] -  [x]
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-06-17] (Google Inc.)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
MountPoints2: G - G:\setup.exe
MountPoints2: {2821e142-55da-11df-bf8c-002433e705ad} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\MSOCache\doWTP_RESTORE.exe
MountPoints2: {68ab49ba-e469-11de-abd5-002433e705ad} - G:\AutoRun.exe
MountPoints2: {6fcf7e88-ddc8-11de-a0f3-002433e705ad} - G:\AutoRun.exe
MountPoints2: {758e94b8-4129-11e1-a5fe-002433e705ad} - "H:\WD SmartWare.exe" autoplay=true
MountPoints2: {97a42634-9e4e-11de-bc2b-806e6f6e6963} - G:\setup.exe
MountPoints2: {e9852b36-dd6f-11de-993f-002433e705ad} - G:\AutoRun.exe
MountPoints2: {fba3c9d5-dd04-11de-965c-002433e705ad} - G:\AutoRun.exe
MountPoints2: {fba3c9ea-dd04-11de-965c-002433e705ad} - G:\AutoRun.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter [ 2009-04-11] (Microsoft Corporation)
HKU\Default\...\Run: [NSUFloatingUI] - "C:\Program Files\Sony\Network Utility\LANUtil.exe" [x]
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DE&userid=4d659f3c-9f14-4836-8f07-6036b621dc21&searchtype=hp&installDate=25/06/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=EU01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=DE&userid=4d659f3c-9f14-4836-8f07-6036b621dc21&searchtype=ds&q={searchTerms}&installDate=25/06/2013
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=SNYT
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=EU01
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Lorenz\AppData\Roaming\Mozilla\Firefox\Profiles\oumiyy0n.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.1.0 - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.1.0 - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Lorenz\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: No Name - C:\Users\Lorenz\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Firefox\Extensions: [{1BC4187C-4BB6-4C5A-A11A-3FB535AE04AB}] C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome: 
=======
CHR Extension: (SiteAdvisor) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0
CHR Extension: (Plus-HD-2.4) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmbfiljpkaijkdifoaacbpallpfkkf\1.23.9_0
CHR Extension: (RealDownloader) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.1.0_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0

========================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224 2012-05-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-08] (Avira Operations GmbH & Co. KG)
R2 dsNcService; C:\Program Files\Juniper Networks\Common Files\dsNcService.exe [611696 2010-02-10] (Juniper Networks)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-10-10] (Google)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [31920 2012-03-23] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [109088 2009-01-06] (Realtek Semiconductor)
S3 SOHCImp; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe [120104 2009-02-05] (Sony Corporation)
S3 SOHDBSvr; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-02-05] (Sony Corporation)
S3 SOHDms; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe [390440 2009-02-05] (Sony Corporation)
S3 SOHDs; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe [75048 2009-02-05] (Sony Corporation)
S3 SOHPlMgr; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-02-05] (Sony Corporation)
R2 uCamMonitor; C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-01-21] (Sony Corporation)
R2 VCFw; C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [5184872 2009-01-14] (Sony Corporation)
S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [394536 2009-01-19] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [313264 2009-01-21] (Sony Corporation)
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [537592 2012-08-03] (Cisco Systems, Inc.)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2009-01-21] (Sony Corporation)
R2 yksvc; C:\Windows\System32\ykx32mpcoinst.dll [282624 2009-02-10] (Marvell)

==================== Drivers (Whitelisted) ====================

S3 acsint; C:\Windows\System32\DRIVERS\acsint.sys [38440 2012-08-03] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux.sys [57256 2012-08-03] (Cisco Systems, Inc.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [17920 2008-04-24] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [83392 2012-05-08] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137928 2012-05-08] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36000 2011-10-19] (Avira GmbH)
R3 dsNcAdpt; C:\Windows\System32\DRIVERS\dsNcAdpt.sys [23552 2010-02-10] (Juniper Networks)
S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [137600 2013-01-23] (Nokia)
S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2013-01-23] (Nokia)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [155808 2009-02-23] (Realtek Semiconductor Corp.)
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [83320 2007-02-08] (Protection Technology (StarForce))
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
S3 igfx; system32\DRIVERS\igdkmd32.sys [x]
S3 IntcHdmiAddService; system32\drivers\IntcHdmi.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S4 UIUSys; system32\DRIVERS\UIUSYS.SYS [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-10 21:56 - 2013-07-10 21:57 - 00007862 ____A C:\AdwCleaner[S1].txt
2013-07-10 21:55 - 2013-07-10 21:55 - 00650027 ____A C:\Users\Lorenz\Downloads\adwcleaner.exe
2013-07-10 21:54 - 2013-07-10 21:54 - 00008854 ____A C:\Users\Lorenz\Desktop\JRT.txt
2013-07-10 21:51 - 2013-07-10 21:51 - 00000000 ____D C:\Windows\ERUNT
2013-07-10 21:49 - 2013-07-10 21:50 - 00552874 ____A (Oleg N. Scherbakov) C:\Users\Lorenz\Downloads\JRT.exe
2013-07-10 19:40 - 2013-07-10 19:42 - 00025005 ____A C:\Users\Lorenz\Downloads\Addition.txt
2013-07-10 19:39 - 2013-07-10 19:39 - 00000000 ____D C:\FRST
2013-07-10 19:38 - 2013-07-10 19:38 - 01217140 ____A (Farbar) C:\Users\Lorenz\Downloads\FRST.exe
2013-07-10 19:31 - 2013-07-10 19:31 - 00000748 ____A C:\Users\Lorenz\Documents\Ereignisse.txt
2013-07-10 18:36 - 2013-07-10 18:36 - 00103680 ____A (GMER) C:\awdirpow.sys
2013-07-10 18:34 - 2013-07-10 18:35 - 00377856 ____A C:\Users\Lorenz\Downloads\gmer_2.1.19163.exe
2013-07-10 17:50 - 2013-07-10 17:50 - 00602112 ____A (OldTimer Tools) C:\Users\Lorenz\Downloads\OTL.exe
2013-07-10 17:49 - 2013-07-10 17:49 - 00000474 ____A C:\Users\Lorenz\Downloads\defogger_disable.log
2013-07-10 17:49 - 2013-07-10 17:49 - 00000000 ____A C:\Users\Lorenz\defogger_reenable
2013-07-10 17:48 - 2013-07-10 17:48 - 00050477 ____A C:\Users\Lorenz\Downloads\Defogger.exe
2013-07-05 11:30 - 2013-07-05 11:30 - 00000862 ____A C:\Users\Lorenz\Desktop\Skype - Verknüpfung.lnk
2013-07-04 23:21 - 2013-07-04 23:21 - 00000000 ____D C:\Program Files\Common Files\Java
2013-07-04 23:21 - 2013-07-04 23:20 - 00263592 ____A (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-04 23:21 - 2013-07-04 23:20 - 00175016 ____A (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-04 23:21 - 2013-07-04 23:20 - 00175016 ____A (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-04 23:21 - 2013-07-04 23:20 - 00094632 ____A (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-07-04 23:17 - 2013-07-04 23:17 - 00903080 ____A (Oracle Corporation) C:\Users\Lorenz\Downloads\jxpiinstall.exe
2013-06-27 18:49 - 2013-06-27 18:50 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-27 00:05 - 2013-05-02 02:06 - 00238872 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-06-25 20:32 - 2013-06-26 13:19 - 00000862 ____A C:\Windows\system32\InstallUtil.InstallLog
2013-06-25 20:06 - 2013-06-25 20:06 - 00000000 ____D C:\Users\Lorenz\AppData\Local\Freemium
2013-06-25 20:01 - 2013-07-10 21:59 - 00001184 ____A C:\Windows\Tasks\Plus-HD-2.4-updater.job
2013-06-25 20:01 - 2013-07-10 21:59 - 00001088 ____A C:\Windows\Tasks\Plus-HD-2.4-enabler.job
2013-06-25 20:00 - 2013-07-10 21:59 - 00001882 ____A C:\Windows\Tasks\Plus-HD-2.4-chromeinstaller.job
2013-06-25 20:00 - 2013-07-10 21:59 - 00001808 ____A C:\Windows\Tasks\Plus-HD-2.4-firefoxinstaller.job
2013-06-25 20:00 - 2013-07-10 21:59 - 00001188 ____A C:\Windows\Tasks\Plus-HD-2.4-codedownloader.job
2013-06-25 20:00 - 2013-06-25 20:01 - 00000000 ____D C:\Program Files\Plus-HD-2.4
2013-06-25 19:59 - 2013-06-25 19:59 - 00001918 ____A C:\Users\Public\Desktop\Free System Utilities.lnk
2013-06-25 19:59 - 2013-06-25 19:59 - 00000000 ____D C:\ProgramData\Package Cache
2013-06-25 19:59 - 2013-06-25 19:59 - 00000000 ____D C:\ProgramData\FreeSystemUtilities
2013-06-25 19:56 - 2013-06-25 19:56 - 00444408 ____A C:\Users\Lorenz\Downloads\free-system-utilities-DE.exe
2013-06-17 20:08 - 2013-06-17 20:10 - 165538699 ____A C:\Users\Lorenz\Downloads\Electrocado - The Hass Effect - 2011 - MP3.zip
2013-06-17 20:01 - 2013-06-17 20:03 - 80101873 ____A C:\Users\Lorenz\Downloads\Electrocado - The Shepard Tone - 2012 - MP3 (1).zip
2013-06-16 20:43 - 2013-06-16 20:44 - 00000000 ____D C:\Users\Lorenz\Documents\WebCam Albums
2013-06-12 16:01 - 2013-05-17 05:50 - 01212928 ____A (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-06-12 16:01 - 2013-05-17 05:50 - 00916480 ____A (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-06-12 16:01 - 2013-05-17 05:50 - 00105984 ____A (Microsoft Corporation) C:\Windows\system32\url.dll
2013-06-12 16:01 - 2013-05-17 05:48 - 00206848 ____A (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-06-12 16:01 - 2013-05-17 05:46 - 06014464 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-06-12 16:01 - 2013-05-17 05:46 - 00611840 ____A (Microsoft Corporation) C:\Windows\system32\mstime.dll
2013-06-12 16:01 - 2013-05-17 05:46 - 00067072 ____A (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-06-12 16:01 - 2013-05-17 05:45 - 00630272 ____A (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-06-12 16:01 - 2013-05-17 05:44 - 11111424 ____A (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-06-12 16:01 - 2013-05-17 05:44 - 02004992 ____A (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-06-12 16:01 - 2013-05-17 05:44 - 01469440 ____A (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-06-12 16:01 - 2013-05-17 05:44 - 00387584 ____A (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-06-12 16:01 - 2013-05-17 05:44 - 00184320 ____A (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-06-12 16:01 - 2013-05-17 05:44 - 00164352 ____A (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-06-12 16:01 - 2013-05-17 05:44 - 00109056 ____A (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-06-12 16:01 - 2013-05-17 04:06 - 00385024 ____A (Microsoft Corporation) C:\Windows\system32\html.iec
2013-06-12 16:01 - 2013-05-17 02:20 - 00133632 ____A (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-06-12 16:01 - 2013-05-08 06:37 - 00905576 ____A (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-06-12 16:00 - 2013-05-17 05:45 - 00055296 ____A (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-06-12 16:00 - 2013-05-17 05:45 - 00043520 ____A (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-06-12 16:00 - 2013-05-17 05:45 - 00025600 ____A (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-06-12 16:00 - 2013-05-17 05:44 - 00071680 ____A (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-06-12 16:00 - 2013-05-17 05:44 - 00055808 ____A (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-06-12 16:00 - 2013-05-17 02:19 - 00174080 ____A (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-06-12 16:00 - 2013-05-17 02:18 - 01638912 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-06-12 16:00 - 2013-05-17 02:18 - 00013312 ____A (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-06-12 16:00 - 2013-05-03 00:03 - 03603832 ____A (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-06-12 16:00 - 2013-05-03 00:03 - 03551096 ____A (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-06-12 16:00 - 2013-05-02 06:04 - 00443904 ____A (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-06-12 16:00 - 2013-05-02 06:03 - 00037376 ____A (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-06-12 16:00 - 2013-04-24 06:00 - 00985600 ____A (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-06-12 16:00 - 2013-04-24 06:00 - 00133120 ____A (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-06-12 16:00 - 2013-04-24 06:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-06-12 16:00 - 2013-04-24 06:00 - 00041984 ____A (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-06-12 16:00 - 2013-04-24 03:46 - 00812544 ____A (Microsoft Corporation) C:\Windows\system32\certutil.exe

==================== One Month Modified Files and Folders =======

2013-07-10 23:16 - 2009-09-14 23:58 - 00001098 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-10 22:50 - 2012-07-15 21:49 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-10 22:04 - 2009-09-09 19:59 - 01678475 ____A C:\Windows\WindowsUpdate.log
2013-07-10 21:59 - 2013-06-25 20:01 - 00001184 ____A C:\Windows\Tasks\Plus-HD-2.4-updater.job
2013-07-10 21:59 - 2013-06-25 20:01 - 00001088 ____A C:\Windows\Tasks\Plus-HD-2.4-enabler.job
2013-07-10 21:59 - 2013-06-25 20:00 - 00001882 ____A C:\Windows\Tasks\Plus-HD-2.4-chromeinstaller.job
2013-07-10 21:59 - 2013-06-25 20:00 - 00001808 ____A C:\Windows\Tasks\Plus-HD-2.4-firefoxinstaller.job
2013-07-10 21:59 - 2013-06-25 20:00 - 00001188 ____A C:\Windows\Tasks\Plus-HD-2.4-codedownloader.job
2013-07-10 21:59 - 2009-09-14 23:58 - 00001094 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-10 21:59 - 2006-11-02 15:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-10 21:59 - 2006-11-02 14:47 - 00003616 ___AH C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-10 21:59 - 2006-11-02 14:47 - 00003616 ___AH C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-10 21:58 - 2009-05-15 10:57 - 00001076 ____A C:\Windows\bthservsdp.dat
2013-07-10 21:58 - 2006-11-02 15:01 - 00032558 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-10 21:57 - 2013-07-10 21:56 - 00007862 ____A C:\AdwCleaner[S1].txt
2013-07-10 21:56 - 2012-05-09 23:54 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-07-10 21:55 - 2013-07-10 21:55 - 00650027 ____A C:\Users\Lorenz\Downloads\adwcleaner.exe
2013-07-10 21:54 - 2013-07-10 21:54 - 00008854 ____A C:\Users\Lorenz\Desktop\JRT.txt
2013-07-10 21:51 - 2013-07-10 21:51 - 00000000 ____D C:\Windows\ERUNT
2013-07-10 21:50 - 2013-07-10 21:49 - 00552874 ____A (Oleg N. Scherbakov) C:\Users\Lorenz\Downloads\JRT.exe
2013-07-10 21:41 - 2011-10-11 08:57 - 00000000 ____D C:\Users\Lorenz\AppData\Roaming\Skype
2013-07-10 20:55 - 2012-10-30 15:50 - 00000932 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2039305695-2997229018-844476368-1000UA.job
2013-07-10 19:42 - 2013-07-10 19:40 - 00025005 ____A C:\Users\Lorenz\Downloads\Addition.txt
2013-07-10 19:39 - 2013-07-10 19:39 - 00000000 ____D C:\FRST
2013-07-10 19:38 - 2013-07-10 19:38 - 01217140 ____A (Farbar) C:\Users\Lorenz\Downloads\FRST.exe
2013-07-10 19:31 - 2013-07-10 19:31 - 00000748 ____A C:\Users\Lorenz\Documents\Ereignisse.txt
2013-07-10 18:36 - 2013-07-10 18:36 - 00103680 ____A (GMER) C:\awdirpow.sys
2013-07-10 18:35 - 2013-07-10 18:34 - 00377856 ____A C:\Users\Lorenz\Downloads\gmer_2.1.19163.exe
2013-07-10 17:50 - 2013-07-10 17:50 - 00602112 ____A (OldTimer Tools) C:\Users\Lorenz\Downloads\OTL.exe
2013-07-10 17:49 - 2013-07-10 17:49 - 00000474 ____A C:\Users\Lorenz\Downloads\defogger_disable.log
2013-07-10 17:49 - 2013-07-10 17:49 - 00000000 ____A C:\Users\Lorenz\defogger_reenable
2013-07-10 17:49 - 2009-09-09 20:01 - 00000000 ____D C:\Users\Lorenz
2013-07-10 17:48 - 2013-07-10 17:48 - 00050477 ____A C:\Users\Lorenz\Downloads\Defogger.exe
2013-07-07 16:53 - 2010-03-07 17:39 - 00000680 ____A C:\Users\Lorenz\AppData\Local\d3d9caps.dat
2013-07-07 14:55 - 2012-10-30 15:50 - 00000910 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2039305695-2997229018-844476368-1000Core.job
2013-07-06 11:36 - 2008-01-21 09:16 - 01445310 ____A C:\Windows\system32\PerfStringBackup.INI
2013-07-05 11:30 - 2013-07-05 11:30 - 00000862 ____A C:\Users\Lorenz\Desktop\Skype - Verknüpfung.lnk
2013-07-04 23:33 - 2006-11-02 14:52 - 00176637 ____A C:\Windows\setupact.log
2013-07-04 23:21 - 2013-07-04 23:21 - 00000000 ____D C:\Program Files\Common Files\Java
2013-07-04 23:20 - 2013-07-04 23:21 - 00263592 ____A (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-04 23:20 - 2013-07-04 23:21 - 00175016 ____A (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-04 23:20 - 2013-07-04 23:21 - 00175016 ____A (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-04 23:20 - 2013-07-04 23:21 - 00094632 ____A (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-07-04 23:20 - 2012-07-15 21:51 - 00867240 ____A (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-04 23:20 - 2010-05-07 16:26 - 00789416 ____A (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-04 23:20 - 2009-10-19 14:34 - 00000000 ____D C:\Program Files\Java
2013-07-04 23:17 - 2013-07-04 23:17 - 00903080 ____A (Oracle Corporation) C:\Users\Lorenz\Downloads\jxpiinstall.exe
2013-07-04 23:04 - 2013-05-28 22:08 - 00000000 ____D C:\ProgramData\Skype
2013-07-04 23:04 - 2013-05-28 22:08 - 00000000 ____D C:\Program Files\Skype
2013-07-04 23:03 - 2013-06-05 13:53 - 00362029 ____A C:\Windows\system32\sqlite3.dll
2013-07-04 19:20 - 2012-01-18 17:46 - 00000000 ____D C:\Users\Lorenz\Documents\Lebenshilfe
2013-07-03 14:39 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-07-02 15:26 - 2012-01-17 22:12 - 00000000 ____D C:\Users\Lorenz\Documents\Mathe
2013-06-29 21:43 - 2012-11-23 02:58 - 00000000 ____D C:\Users\Lorenz\AppData\Roaming\Spotify
2013-06-29 19:23 - 2012-11-23 03:06 - 00000000 ____D C:\Users\Lorenz\AppData\Local\Spotify
2013-06-28 10:49 - 2012-04-26 18:35 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-06-27 18:50 - 2013-06-27 18:49 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-27 17:59 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-06-26 23:55 - 2009-06-17 09:57 - 00000000 ____D C:\ProgramData\McAfee
2013-06-26 23:54 - 2008-01-21 04:47 - 00507564 ____A C:\Windows\PFRO.log
2013-06-26 13:19 - 2013-06-25 20:32 - 00000862 ____A C:\Windows\system32\InstallUtil.InstallLog
2013-06-25 20:47 - 2009-06-17 10:10 - 00000000 ____D C:\ProgramData\Symantec
2013-06-25 20:42 - 2009-09-09 20:04 - 00000000 ____D C:\Users\Lorenz\AppData\Local\Google
2013-06-25 20:10 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-06-25 20:06 - 2013-06-25 20:06 - 00000000 ____D C:\Users\Lorenz\AppData\Local\Freemium
2013-06-25 20:03 - 2009-06-17 10:05 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-06-25 20:01 - 2013-06-25 20:00 - 00000000 ____D C:\Program Files\Plus-HD-2.4
2013-06-25 19:59 - 2013-06-25 19:59 - 00001918 ____A C:\Users\Public\Desktop\Free System Utilities.lnk
2013-06-25 19:59 - 2013-06-25 19:59 - 00000000 ____D C:\ProgramData\Package Cache
2013-06-25 19:59 - 2013-06-25 19:59 - 00000000 ____D C:\ProgramData\FreeSystemUtilities
2013-06-25 19:56 - 2013-06-25 19:56 - 00444408 ____A C:\Users\Lorenz\Downloads\free-system-utilities-DE.exe
2013-06-25 19:27 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Resources
2013-06-21 10:16 - 2009-09-14 23:59 - 00001971 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-06-17 20:10 - 2013-06-17 20:08 - 165538699 ____A C:\Users\Lorenz\Downloads\Electrocado - The Hass Effect - 2011 - MP3.zip
2013-06-17 20:03 - 2013-06-17 20:01 - 80101873 ____A C:\Users\Lorenz\Downloads\Electrocado - The Shepard Tone - 2012 - MP3 (1).zip
2013-06-16 20:44 - 2013-06-16 20:43 - 00000000 ____D C:\Users\Lorenz\Documents\WebCam Albums
2013-06-14 10:15 - 2012-12-28 16:27 - 00000000 ____D C:\Users\Lorenz\Documents\Erasmus
2013-06-12 23:33 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-06-12 19:00 - 2006-11-02 12:24 - 73381792 ____A (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-06-12 18:50 - 2012-07-15 21:49 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-06-12 18:50 - 2012-07-15 21:49 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-10 22:06

==================== End Of Log ============================

--- --- ---

cosinus · 10.07.2013, 22:47

Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Vollscan mit Malwarebytes Anti-Malware (MBAM) (falls du vor kurzem erst einen Vollscan gemacht hast, reicht auch ein Quickscan (spart Zeit), das dann mir bitte auch mitteilen)

Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

go7turs · 11.07.2013, 22:00

Bei beiden Programmen wurde nichts gefunden.
Danke für die Hilfe, das war ja mal unkompliziert!

cosinus · 11.07.2013, 22:01

Bitte die Logs trotzdem posten, außerdem sind wir noch nicht ganz fertig

10.07.2013, 21:11	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	SoftwareUpdater.ui.exe öffnet sich regelmäßig Ok, ein frisches Log mit FRST bitte __________________ Logfiles bitte immer in CODE-Tags posten

11.07.2013, 22:01	#12
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	SoftwareUpdater.ui.exe öffnet sich regelmäßig Bitte die Logs trotzdem posten, außerdem sind wir noch nicht ganz fertig __________________ Logfiles bitte immer in CODE-Tags posten

SoftwareUpdater.ui.exe öffnet sich regelmäßig

Plagegeister aller Art und deren Bekämpfung: SoftwareUpdater.ui.exe öffnet sich regelmäßig