| |
| |||||||
Log-Analyse und Auswertung: PC-Befall durch SoftwareUpdater.Ui.exeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
03.10.2013, 14:17
| #1 |
| |  PC-Befall durch SoftwareUpdater.Ui.exe Hallo Zusammen, mein Laptop ist von dem Trojaner SoftwareUpdater.Ui.exe befallen. Da ich keine Ahnung habe wie ich den wieder los werde, wende ich mich hier an das Forum. Ich habe schon das eine oder Andere gelesen und vorbereitet. Deshalb kann ich schon einige Posts vornehmen. Frst.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013
Ran by Timari3 (administrator) on TIMARI3-PC on 03-10-2013 13:08:10
Running from C:\Users\Timari3\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files\WinZipper\winzipersvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Systweak) C:\Program Files\Advanced System Protector\AdvancedSystemProtector.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
() C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files\Tor\tor.exe
(SaltarSmart) C:\Program Files\SaltarSmart\updateSaltarSmart.exe
(SaltarSmart) C:\Program Files\SaltarSmart\bin\utilSaltarSmart.exe
(Wajam) C:\Program Files\Wajam\Updater\WajamUpdater.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Just Develop It) C:\Program Files\MyPC Backup\BackupStack.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [200704 2008-09-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [QuickSet] - C:\Program Files\Dell\QuickSet\QuickSet.exe [1735760 2009-01-09] (Dell Inc.)
HKLM\...\Run: [Dell Webcam Central] - C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe [446635 2008-06-03] (Creative Technology Ltd.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [483420 2008-12-15] (IDT, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [681032 2013-10-01] (Avira Operations GmbH & Co. KG)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
AppInit_DLLs: c:\progra~2\bitguard\261673~1.238\{c16c1~1\bitguard.dll [ 2013-09-10] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=3.7&ts=1376673664185.000007&tguid=46364-3869-1376673664185-1EC8BFDB428991297D73FD8C35797A97&st=chrome&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.my-online-search.com/?babsrc=HP_ofln&mntrId=186F0022FB384868&cat=delta_cl&zulu=dp&ours=1&dlb=1&affID=122397&tl=409942401&tsp=5014
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.web.de/br/ie9_startpage
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.my-online-search.com/?babsrc=HP_ofln&mntrId=186F0022FB384868&cat=delta_cl&zulu=dp&ours=1&dlb=1&affID=122397&tl=409942401&tsp=5014
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=3.7&ts=1376673664185.000007&tguid=46364-3869-1376673664185-1EC8BFDB428991297D73FD8C35797A97&st=chrome&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=3.7&ts=1376673664185.000007&tguid=46364-3869-1376673664185-1EC8BFDB428991297D73FD8C35797A97&st=chrome&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=3.7&ts=1376673664185.000007&tguid=46364-3869-1376673664185-1EC8BFDB428991297D73FD8C35797A97&st=chrome&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=3.7&ts=1376673664185.000007&tguid=46364-3869-1376673664185-1EC8BFDB428991297D73FD8C35797A97&st=chrome&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=3.7&ts=1376673664185.000007&tguid=46364-3869-1376673664185-1EC8BFDB428991297D73FD8C35797A97&st=chrome&q=
URLSearchHook: (No Name) - {990af1c2-5a27-4460-8149-ecc6bc122af3} - No File
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=3.7&ts=1376673664185.000007&tguid=46364-3869-1376673664185-1EC8BFDB428991297D73FD8C35797A97&q={searchTerms}
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=3.7&ts=1376673664185.000007&tguid=46364-3869-1376673664185-1EC8BFDB428991297D73FD8C35797A97&q={searchTerms}
SearchScopes: HKLM - {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^XP^xdm447^YY^de&si=7030&ptb=FC5972D9-6004-45D3-969D-4CCBE58991AF&psa=&ind=2013011908&st=sb&n=77fc1fc4&searchfor={searchTerms}
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.my-online-search.com/?q={searchTerms}&babsrc=SP_ofln&mntrId=186F0022FB384868&cat=delta_cl&zulu=dp&ours=1&dlb=1&affID=122397&tl=409942401&tsp=5014
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {068CE22D-6C93-4B71-888B-E8BCBC70D001} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.my-online-search.com/?q={searchTerms}&babsrc=SP_ofln&mntrId=186F0022FB384868&cat=delta_cl&zulu=dp&ours=1&dlb=1&affID=122397&tl=409942401&tsp=5014
SearchScopes: HKCU - {129C0D3A-309D-42CD-909A-D88AFF20D034} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {6444FA32-B5BE-4279-B79A-CE849CCAD201} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {8B56063A-2E7B-4F67-BDB2-3F285CBF0E79} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=DLCDF7&pc=MDDC&src=IE-SearchBox
SearchScopes: HKCU - {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^XP^xdm447^YY^de&si=7030&ptb=FC5972D9-6004-45D3-969D-4CCBE58991AF&psa=&ind=2013011908&st=sb&n=77fc1fc4&searchfor={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80814&iwk=256&lng=de
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=3.7&ts=1376673664185.000007&tguid=46364-3869-1376673664185-1EC8BFDB428991297D73FD8C35797A97&q={searchTerms}
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredimail.com//?search={searchTerms}&loc=search_box&a=1jSqkKlmRKD
SearchScopes: HKCU - {F2EE8446-E70D-4972-882F-A6CD883D8C7D} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
BHO: Plus-HD-3.8 - {11111111-1111-1111-1111-110311901130} - C:\Program Files\Plus-HD-3.8\Plus-HD-3.8-bho.dll (Plus HD)
BHO: TubeBoxEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: IB Updater - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll ()
BHO: Search Assistant BHO - {5d79f641-c168-40df-a32f-bacea7509e75} - C:\Program Files\TelevisionFanatic\bar\1.bin\64SrcAs.dll (MindSpark)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
BHO: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll (Wajam)
BHO: HomeTab - {ba696155-d96e-4281-b467-0367a0456474} - C:\Users\Timari3\AppData\Roaming\HomeTab\HomeTab.dll (Simplytech Ltd.)
BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.24.6\bh\delta.dll (Delta-search.com)
BHO: Toolbar BHO - {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - C:\PROGRA~1\TELEVI~2\bar\1.bin\64bar.dll (MindSpark)
BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll (Inbox.com, Inc.)
BHO: SaltarSmart - {d99a4ec9-00bd-4fe4-85a5-4db018351265} - C:\Program Files\SaltarSmart\SaltarSmartbho.dll (SaltarSmart)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - TelevisionFanatic - {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files\TelevisionFanatic\bar\1.bin\64bar.dll (MindSpark)
Toolbar: HKLM - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.24.6\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll (Inbox.com, Inc.)
Toolbar: HKLM - HomeTab - {ba696155-d96e-4281-b467-0367a0456474} - C:\Users\Timari3\AppData\Roaming\HomeTab\HomeTab.dll (Simplytech Ltd.)
Toolbar: HKLM - TubeBox - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {990AF1C2-5A27-4460-8149-ECC6BC122AF3} - No File
Toolbar: HKCU -TelevisionFanatic - {C98D5B61-B0EA-4D48-9839-1079D352D880} - C:\Program Files\TelevisionFanatic\bar\1.bin\64bar.dll (MindSpark)
Toolbar: HKCU -&Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll (Inbox.com, Inc.)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll (Inbox.com, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF SearchEngineOrder.1: Web Search
FF Homepage: hxxp://www.web.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default\searchplugins\webde-suche-1.xml
FF SearchPlugin: C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: TelevisionFanatic - C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default\Extensions\64ffxtbr@TelevisionFanatic.com
FF Extension: No Name - C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com
FF Extension: pricealarm - C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
FF Extension: Delta Toolbar - C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default\Extensions\ffxtlbr@delta.com
FF Extension: HomeTab - C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default\Extensions\{24532715-4abc-47ee-bd4f-a6774d0723d2}
FF Extension: No Name - C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default\Extensions\{5142c2c0-6d0c-4d9a-a758-e8d955d5d8e2}
FF Extension: Wajam - C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default\Extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}
FF Extension: FoxyDeal - C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default\Extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D}
FF Extension: firefox-hotfix - C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default\Extensions\firefox-hotfix@mozilla.org.xpi
FF Extension: firefox - C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default\Extensions\firefox@saltarsmart.biz.xpi
FF Extension: toolbar - C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default\Extensions\toolbar@web.de.xpi
FF Extension: webbooster - C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default\Extensions\webbooster@iminent.com.xpi
FF Extension: No Name - C:\Users\Timari3\AppData\Roaming\Mozilla\Firefox\Profiles\qpjceano.default\Extensions\WTB_GLOBAL.sqlite
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
FF Extension: IB Updater - C:\Program Files\IB Updater\Firefox
FF HKLM\...\Firefox\Extensions: [64ffxtbr@TelevisionFanatic.com] - C:\Program Files\TelevisionFanatic\bar\1.bin
FF Extension: TelevisionFanatic - C:\Program Files\TelevisionFanatic\bar\1.bin
FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF HKCU\...\Firefox\Extensions: [{33638441-4598-4220-be18-e164f856fd2c}] - C:\Program Files\Lyrics_Monkey\130.xpi
FF Extension: No Name - C:\Program Files\Lyrics_Monkey\130.xpi
FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
FF Extension: No Name - C:\Program Files\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
Chrome:
=======
CHR Extension: (IncrediMail MediaBar Deutsch 2) - C:\Users\Timari3\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajeaeekpfakbiidigngcnelnclhnaibo\2.5.0.1_0
CHR Extension: (TubeBox ) - C:\Users\Timari3\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0
CHR Extension: ($1+ Notifications) - C:\Users\Timari3\AppData\Local\Google\Chrome\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi\1.1.0.618_0
CHR Extension: (SaltarSmart) - C:\Users\Timari3\AppData\Local\Google\Chrome\User Data\Default\Extensions\chdboodilddefglllfoimeceomkpmkbi\1.0.0_0
CHR Extension: (IB Updater) - C:\Users\Timari3\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.550_1
CHR Extension: (Delta Toolbar) - C:\Users\Timari3\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.5.1_0
CHR Extension: (HomeTab) - C:\Users\Timari3\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgibjgmnimooanbagcfpnkmngejcojaf\3.7_0
CHR Extension: (Iminent) - C:\Users\Timari3\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\7.36.1.1_1
CHR Extension: (WEB.DE MailCheck) - C:\Users\Timari3\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo\1.2_0
CHR Extension: (Freemake Video Converter) - C:\Users\Timari3\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_1
CHR Extension: (New Tab for Chrome) - C:\Users\Timari3\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_1
CHR Extension: (Wajam) - C:\Users\Timari3\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0
CHR Extension: (Helper extension) - C:\Users\Timari3\AppData\Local\Google\Chrome\User Data\Default\Extensions\nchpfiddbhbdnagofhkjlaiaejmkdcla\2.0_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Timari3\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Plus-HD-3.8) - C:\Users\Timari3\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0
CHR Extension: (Lyrics-Monkey) - C:\Users\Timari3\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofnnlhbgdcabppjmlijllkhekcglbjlg\1.130_0
CHR HKLM\...\Chrome\Extension: [ajeaeekpfakbiidigngcnelnclhnaibo] - C:\Users\Timari3\AppData\Local\CRE\ajeaeekpfakbiidigngcnelnclhnaibo.crx
CHR HKLM\...\Chrome\Extension: [chdboodilddefglllfoimeceomkpmkbi] - C:\Program Files\SaltarSmart\chdboodilddefglllfoimeceomkpmkbi.crx
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx
CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Timari3\AppData\Roaming\BabSolution\CR\Delta.crx
CHR HKLM\...\Chrome\Extension: [fgibjgmnimooanbagcfpnkmngejcojaf] - C:\Program Files\HomeTab\chrome\HomeTab.crx
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files\Perion\NewTab\NewTab.crx
CHR HKLM\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\Timari3\AppData\Local\Wajam\Chrome\wajam.crx
CHR HKLM\...\Chrome\Extension: [ofnnlhbgdcabppjmlijllkhekcglbjlg] - C:\Program Files\Lyrics_Monkey\130.crx
========================== Services (Whitelisted) =================
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe [81920 2008-12-15] (Andrea Electronics Corporation)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440392 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440392 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [38440 2013-09-18] (Just Develop It)
R2 BitGuard; C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2845152 2013-09-10] ()
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-03-27] (Freemake)
S4 IB Updater; C:\Program Files\IB Updater\ExtensionUpdaterService.exe [188760 2012-11-20] ()
S4 SProtection; C:\Program Files\Common Files\Umbrella\umbrella.exe [2868544 2013-08-07] (Iminent)
R2 sprtsvc_DellSupportCenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2009-01-30] (SupportSoft, Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe [241746 2008-12-15] (IDT, Inc.)
S2 SystemStoreService; C:\Program Files\SoftwareUpdater\SystemStore.exe [296448 2013-08-16] ()
S4 TelevisionFanaticService; C:\PROGRA~1\TELEVI~2\bar\1.bin\64barsvc.exe [42504 2013-01-19] (COMPANYVERS_NAME)
R2 tor; C:\Program Files\Tor\tor.exe [3233806 2013-09-03] ()
R2 Update SaltarSmart; C:\Program Files\SaltarSmart\updateSaltarSmart.exe [65312 2013-10-03] (SaltarSmart)
R2 Util SaltarSmart; C:\Program Files\SaltarSmart\bin\utilSaltarSmart.exe [65312 2013-10-03] (SaltarSmart)
R2 WajamUpdater; C:\Program Files\Wajam\Updater\WajamUpdater.exe [109064 2013-07-10] (Wajam)
R2 winzipersvc; C:\Program Files\WinZipper\winzipersvc.exe [424104 2013-09-24] (Taiwan Shui Mu Chih Ching Technology Limited.)
R2 yksvc; RUNDLL32.EXE ykx32coinst,serviceStartProc [x]
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [89376 2013-10-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-10-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-10] (Microsoft Corporation)
R3 OA009Ufd; C:\Windows\System32\DRIVERS\OA009Ufd.sys [133632 2009-03-06] (Creative Technology Ltd.)
R3 OA009Vid; C:\Windows\System32\DRIVERS\OA009Vid.sys [271552 2009-03-19] (Creative Technology Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 PCD5SRVC{3F6A8B78-EC003E00-05040104}; \??\C:\PROGRA~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-03 13:07 - 2013-10-03 13:07 - 00000000 ____D C:\FRST
2013-10-03 13:04 - 2013-10-03 13:03 - 01087213 _____ (Farbar) C:\Users\Timari3\Desktop\FRST.exe
2013-09-30 11:54 - 2013-09-30 11:54 - 00476024 _____ (1&1 Mail & Media GmbH) C:\Users\Timari3\Downloads\WEB.DE_MailCheck_chrome_setup.exe
2013-09-30 11:49 - 2013-09-30 12:07 - 00000000 ____D C:\Program Files\Wajam
2013-09-30 11:49 - 2013-09-30 11:49 - 00000000 ____D C:\Users\Timari3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
2013-09-30 11:49 - 2013-09-30 11:49 - 00000000 ____D C:\Users\Timari3\AppData\Local\Wajam
2013-09-30 11:49 - 2013-09-30 11:49 - 00000000 ____D C:\Program Files\VideoPlayer
2013-09-30 11:46 - 2013-09-30 11:46 - 00236176 _____ (Tuguu S.L.U) C:\Users\Timari3\Downloads\Setup (4).exe
2013-09-30 10:46 - 2013-09-30 10:46 - 04012336 _____ (1&1 Mail & Media GmbH) C:\Users\Timari3\Downloads\webde_onlinespeicher_setup_bundled(1).exe
2013-09-30 10:45 - 2013-09-30 10:45 - 04012336 _____ (1&1 Mail & Media GmbH) C:\Users\Timari3\Downloads\webde_onlinespeicher_setup_bundled.exe
2013-09-24 17:46 - 2013-09-24 17:46 - 00000624 _____ C:\Users\Timari3\AppData\Roaming\All CPU MeterV3_Settings.ini
2013-09-24 17:35 - 2013-10-03 12:16 - 00002535 _____ C:\Users\Public\Desktop\Free System Utilities.lnk
2013-09-24 17:35 - 2013-09-24 17:35 - 00000000 ____D C:\ProgramData\FreeSystemUtilities
2013-09-24 17:35 - 2013-09-24 17:35 - 00000000 ____D C:\Program Files\Covus Freemium
2013-09-24 17:34 - 2013-10-03 12:25 - 00001282 _____ C:\Windows\Tasks\Plus-HD-3.8-updater.job
2013-09-24 17:34 - 2013-10-03 12:25 - 00001188 _____ C:\Windows\Tasks\Plus-HD-3.8-codedownloader.job
2013-09-24 17:34 - 2013-10-03 12:25 - 00001086 _____ C:\Windows\Tasks\Plus-HD-3.8-enabler.job
2013-09-24 17:34 - 2013-09-26 19:36 - 00000000 ____D C:\Users\Timari3\AppData\Roaming\Windows Net Data
2013-09-24 17:33 - 2013-10-03 12:25 - 00001884 _____ C:\Windows\Tasks\Plus-HD-3.8-chromeinstaller.job
2013-09-24 17:33 - 2013-10-03 12:25 - 00001808 _____ C:\Windows\Tasks\Plus-HD-3.8-firefoxinstaller.job
2013-09-24 17:33 - 2013-09-24 17:34 - 00000000 ____D C:\Program Files\Plus-HD-3.8
2013-09-24 17:32 - 2013-09-24 17:33 - 00000000 ____D C:\Users\Timari3\AppData\Local\Smartbar
2013-09-24 17:29 - 2013-09-24 17:29 - 00000000 ____D C:\Users\Timari3\AppData\Roaming\337
2013-09-24 17:28 - 2013-10-03 09:48 - 00000000 ____D C:\Program Files\WinZipper
2013-09-24 17:28 - 2013-09-24 17:44 - 00000000 ____D C:\Users\Timari3\AppData\Roaming\WinZipper
2013-09-24 17:28 - 2013-09-24 17:37 - 00000000 ____D C:\Program Files\Omiga Plus
2013-09-24 17:28 - 2013-09-24 17:32 - 00000000 ____D C:\Users\Timari3\AppData\Roaming\Omiga Plus
2013-09-23 12:45 - 2013-09-23 12:45 - 06221216 _____ (Uniblue Systems Ltd ) C:\Users\Timari3\Downloads\speedupmypc_ams1CNKbmsffhN6tIxACGK_uxYmU2t7gdCIMNzguMzUuMTY3Ljk4KAE._(2).exe
2013-09-23 12:44 - 2013-09-23 12:44 - 06221216 _____ (Uniblue Systems Ltd ) C:\Users\Timari3\Downloads\speedupmypc_ams1CNKbmsffhN6tIxACGK_uxYmU2t7gdCIMNzguMzUuMTY3Ljk4KAE._.exe
2013-09-23 12:44 - 2013-09-23 12:44 - 06221216 _____ (Uniblue Systems Ltd ) C:\Users\Timari3\Downloads\speedupmypc_ams1CNKbmsffhN6tIxACGK_uxYmU2t7gdCIMNzguMzUuMTY3Ljk4KAE._(1).exe
2013-09-23 12:37 - 2013-09-23 12:37 - 05683272 _____ (Systweak Inc ) C:\Users\Timari3\Downloads\rcpsetupmapp1_mapp11637950(2).exe
2013-09-23 12:36 - 2013-09-23 12:36 - 05683272 _____ (Systweak Inc ) C:\Users\Timari3\Downloads\rcpsetupmapp1_mapp11637950.exe
2013-09-23 12:36 - 2013-09-23 12:36 - 05683272 _____ (Systweak Inc ) C:\Users\Timari3\Downloads\rcpsetupmapp1_mapp11637950(1).exe
2013-09-23 11:35 - 2013-09-23 11:35 - 00000000 ____D C:\Program Files\Babylon
2013-09-23 11:34 - 2013-09-23 11:34 - 00000000 ____D C:\Users\Timari3\AppData\Local\Babylon
2013-09-23 11:33 - 2013-09-23 11:33 - 00730192 _____ C:\Users\Timari3\Downloads\Babylon10_setup.exe
2013-09-22 11:48 - 2013-09-22 11:48 - 00000000 ____D C:\ProgramData\WindowsSearch
2013-09-20 11:54 - 2013-09-20 11:54 - 00001456 _____ C:\Users\Timari3\Desktop\Sync Folder.lnk
2013-09-20 11:43 - 2013-09-20 11:43 - 00001906 _____ C:\Users\Public\Desktop\VAFPlayer.lnk
2013-09-20 11:43 - 2013-09-20 11:43 - 00000000 ____D C:\Users\Timari3\AppData\Roaming\player
2013-09-20 11:43 - 2013-09-20 11:43 - 00000000 ____D C:\Program Files\Tuguu SL
2013-09-20 11:42 - 2013-09-20 11:42 - 00000000 ____D C:\Users\Timari3\AppData\Local\avgchrome
2013-09-20 11:41 - 2013-09-20 11:41 - 00000000 ____D C:\Users\Timari3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-09-20 11:41 - 2013-09-20 11:41 - 00000000 ____D C:\ProgramData\BitGuard
2013-09-20 11:41 - 2013-09-20 11:41 - 00000000 ____D C:\Program Files\Common Files\337
2013-09-20 11:40 - 2013-10-03 11:59 - 00001813 _____ C:\Users\Timari3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lollipop.lnk
2013-09-20 11:40 - 2013-10-03 11:28 - 00000000 ____D C:\Users\Timari3\AppData\Local\Lollipop
2013-09-20 11:40 - 2013-10-03 09:50 - 00000000 ____D C:\Program Files\SaltarSmart
2013-09-20 11:40 - 2013-10-03 09:46 - 00000000 ____D C:\Program Files\Optimizer Pro
2013-09-20 11:40 - 2013-09-24 17:29 - 00000000 ____D C:\Program Files\Desk 365
2013-09-20 11:40 - 2013-09-23 10:27 - 00000000 ____D C:\Users\Timari3\AppData\Roaming\Desk 365
2013-09-20 11:40 - 2013-09-20 11:40 - 00000000 ____D C:\Users\Timari3\Documents\Optimizer Pro
2013-09-20 11:38 - 2013-09-20 11:38 - 00656096 _____ C:\Users\Timari3\Downloads\Setup (3).exe
2013-09-20 11:38 - 2013-09-20 11:38 - 00656088 _____ C:\Users\Timari3\Downloads\Setup (2).exe
2013-09-20 11:37 - 2013-09-20 11:37 - 06221216 _____ (Uniblue Systems Ltd ) C:\Users\Timari3\Downloads\speedupmypc_ams1CJz0kM6O1LvCPhACGPT95JCRwvjTXiINNzguMzUuMTY1LjEzNigB_.exe
2013-09-20 11:37 - 2013-09-20 11:37 - 00656064 _____ C:\Users\Timari3\Downloads\Setup (1).exe
2013-09-20 11:32 - 2013-09-20 11:32 - 05615928 _____ (Systweak Inc ) C:\Users\Timari3\Downloads\rcpsetup_matomy_my2271 (3).exe
2013-09-20 11:26 - 2013-09-20 11:27 - 05615928 _____ (Systweak Inc ) C:\Users\Timari3\Downloads\rcpsetup_matomy_my2271 (2).exe
2013-09-20 11:25 - 2013-09-20 11:26 - 05615928 _____ (Systweak Inc ) C:\Users\Timari3\Downloads\rcpsetup_matomy_my2271 (1).exe
2013-09-20 11:24 - 2013-09-20 11:33 - 00000886 _____ C:\Users\Timari3\Desktop\MyPC Backup.lnk
2013-09-20 11:24 - 2013-09-20 11:24 - 00000000 ____D C:\Users\Timari3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-09-20 11:21 - 2013-09-20 11:21 - 05683272 _____ (Systweak Inc ) C:\Users\Timari3\Downloads\rcpsetupmarm1_marm10de.exe
2013-09-20 11:21 - 2013-09-20 11:21 - 05683272 _____ (Systweak Inc ) C:\Users\Timari3\Downloads\rcpsetupmarm1_marm10de (1).exe
2013-09-19 14:15 - 2013-07-31 12:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-19 14:15 - 2013-07-31 12:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-19 14:15 - 2013-07-31 12:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-19 14:15 - 2013-07-31 11:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-19 14:15 - 2013-07-31 11:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-19 14:15 - 2013-07-31 11:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-19 14:15 - 2013-07-31 11:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-19 14:15 - 2013-07-31 11:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-19 14:15 - 2013-07-31 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-19 14:15 - 2013-07-31 11:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-19 14:15 - 2013-07-31 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-19 14:15 - 2013-07-31 11:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-19 14:15 - 2013-07-31 11:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-19 14:15 - 2013-07-31 11:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-19 14:15 - 2013-07-31 11:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-19 14:15 - 2013-07-31 11:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-18 17:01 - 2013-09-18 17:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-18 16:36 - 2013-09-18 16:36 - 01260552 _____ (1&1 Mail & Media GmbH) C:\Users\Timari3\Downloads\WEB.DE_IE_Setup(2).exe
2013-09-18 16:36 - 2013-09-18 16:36 - 00991480 _____ (1&1 Mail & Media GmbH) C:\Users\Timari3\Downloads\WEB.DE_Softwareaktualisierung_Setup.exe
2013-09-18 16:35 - 2013-09-18 16:35 - 01260552 _____ (1&1 Mail & Media GmbH) C:\Users\Timari3\Downloads\WEB.DE_IE_Setup(1).exe
2013-09-18 16:17 - 2013-08-08 03:45 - 02049536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-18 16:17 - 2013-07-16 06:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2013-09-03 16:42 - 2013-09-03 16:43 - 06786112 _____ C:\Users\Timari3\Downloads\system_mechanic_checkup_nlfree.exe
==================== One Month Modified Files and Folders =======
2013-10-03 13:11 - 2012-11-08 17:54 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-03 13:07 - 2013-10-03 13:07 - 00000000 ____D C:\FRST
2013-10-03 13:03 - 2013-10-03 13:04 - 01087213 _____ (Farbar) C:\Users\Timari3\Desktop\FRST.exe
2013-10-03 13:02 - 2012-10-23 12:52 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-03 13:02 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-03 13:02 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-03 12:29 - 2013-05-25 14:04 - 01065777 _____ C:\Windows\WindowsUpdate.log
2013-10-03 12:25 - 2013-09-24 17:34 - 00001282 _____ C:\Windows\Tasks\Plus-HD-3.8-updater.job
2013-10-03 12:25 - 2013-09-24 17:34 - 00001188 _____ C:\Windows\Tasks\Plus-HD-3.8-codedownloader.job
2013-10-03 12:25 - 2013-09-24 17:34 - 00001086 _____ C:\Windows\Tasks\Plus-HD-3.8-enabler.job
2013-10-03 12:25 - 2013-09-24 17:33 - 00001884 _____ C:\Windows\Tasks\Plus-HD-3.8-chromeinstaller.job
2013-10-03 12:25 - 2013-09-24 17:33 - 00001808 _____ C:\Windows\Tasks\Plus-HD-3.8-firefoxinstaller.job
2013-10-03 12:25 - 2013-08-16 19:23 - 00000382 _____ C:\Windows\Tasks\Lyrics-Monkey Update.job
2013-10-03 12:25 - 2012-11-08 17:54 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-03 12:25 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-03 12:24 - 2006-11-02 15:01 - 00032628 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-03 12:16 - 2013-09-24 17:35 - 00002535 _____ C:\Users\Public\Desktop\Free System Utilities.lnk
2013-10-03 11:59 - 2013-09-20 11:40 - 00001813 _____ C:\Users\Timari3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lollipop.lnk
2013-10-03 11:35 - 2012-10-22 19:41 - 00000000 ____D C:\Users\Timari3
2013-10-03 11:28 - 2013-09-20 11:40 - 00000000 ____D C:\Users\Timari3\AppData\Local\Lollipop
2013-10-03 11:02 - 2012-10-23 12:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-10-03 11:02 - 2012-10-23 12:52 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-10-03 10:49 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-03 09:58 - 2012-10-23 13:12 - 00000000 ____D C:\Program Files\Google
2013-10-03 09:50 - 2013-09-20 11:40 - 00000000 ____D C:\Program Files\SaltarSmart
2013-10-03 09:48 - 2013-09-24 17:28 - 00000000 ____D C:\Program Files\WinZipper
2013-10-03 09:46 - 2013-09-20 11:40 - 00000000 ____D C:\Program Files\Optimizer Pro
2013-10-03 09:45 - 2012-10-23 13:12 - 00000000 ____D C:\Users\Timari3\AppData\Local\Google
2013-10-01 11:07 - 2012-10-23 13:01 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-01 11:07 - 2012-10-23 13:01 - 00089376 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-01 11:07 - 2012-10-23 13:01 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-30 12:07 - 2013-09-30 11:49 - 00000000 ____D C:\Program Files\Wajam
2013-09-30 12:07 - 2013-08-27 12:13 - 00000000 ____D C:\Program Files\Lyrics_Monkey
2013-09-30 11:54 - 2013-09-30 11:54 - 00476024 _____ (1&1 Mail & Media GmbH) C:\Users\Timari3\Downloads\WEB.DE_MailCheck_chrome_setup.exe
2013-09-30 11:49 - 2013-09-30 11:49 - 00000000 ____D C:\Users\Timari3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
2013-09-30 11:49 - 2013-09-30 11:49 - 00000000 ____D C:\Users\Timari3\AppData\Local\Wajam
2013-09-30 11:49 - 2013-09-30 11:49 - 00000000 ____D C:\Program Files\VideoPlayer
2013-09-30 11:46 - 2013-09-30 11:46 - 00236176 _____ (Tuguu S.L.U) C:\Users\Timari3\Downloads\Setup (4).exe
2013-09-30 10:46 - 2013-09-30 10:46 - 04012336 _____ (1&1 Mail & Media GmbH) C:\Users\Timari3\Downloads\webde_onlinespeicher_setup_bundled(1).exe
2013-09-30 10:45 - 2013-09-30 10:45 - 04012336 _____ (1&1 Mail & Media GmbH) C:\Users\Timari3\Downloads\webde_onlinespeicher_setup_bundled.exe
2013-09-26 19:36 - 2013-09-24 17:34 - 00000000 ____D C:\Users\Timari3\AppData\Roaming\Windows Net Data
2013-09-24 17:46 - 2013-09-24 17:46 - 00000624 _____ C:\Users\Timari3\AppData\Roaming\All CPU MeterV3_Settings.ini
2013-09-24 17:44 - 2013-09-24 17:28 - 00000000 ____D C:\Users\Timari3\AppData\Roaming\WinZipper
2013-09-24 17:37 - 2013-09-24 17:28 - 00000000 ____D C:\Program Files\Omiga Plus
2013-09-24 17:36 - 2013-08-16 19:20 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-24 17:35 - 2013-09-24 17:35 - 00000000 ____D C:\ProgramData\FreeSystemUtilities
2013-09-24 17:35 - 2013-09-24 17:35 - 00000000 ____D C:\Program Files\Covus Freemium
2013-09-24 17:34 - 2013-09-24 17:33 - 00000000 ____D C:\Program Files\Plus-HD-3.8
2013-09-24 17:33 - 2013-09-24 17:32 - 00000000 ____D C:\Users\Timari3\AppData\Local\Smartbar
2013-09-24 17:32 - 2013-09-24 17:28 - 00000000 ____D C:\Users\Timari3\AppData\Roaming\Omiga Plus
2013-09-24 17:32 - 2013-08-16 19:19 - 00000000 ____D C:\Users\Timari3\AppData\Local\DownloadGuide
2013-09-24 17:29 - 2013-09-24 17:29 - 00000000 ____D C:\Users\Timari3\AppData\Roaming\337
2013-09-24 17:29 - 2013-09-20 11:40 - 00000000 ____D C:\Program Files\Desk 365
2013-09-24 17:24 - 2013-02-01 17:41 - 00000000 ____D C:\Users\Timari3\AppData\Roaming\Systweak
2013-09-23 12:45 - 2013-09-23 12:45 - 06221216 _____ (Uniblue Systems Ltd ) C:\Users\Timari3\Downloads\speedupmypc_ams1CNKbmsffhN6tIxACGK_uxYmU2t7gdCIMNzguMzUuMTY3Ljk4KAE._(2).exe
2013-09-23 12:44 - 2013-09-23 12:44 - 06221216 _____ (Uniblue Systems Ltd ) C:\Users\Timari3\Downloads\speedupmypc_ams1CNKbmsffhN6tIxACGK_uxYmU2t7gdCIMNzguMzUuMTY3Ljk4KAE._.exe
2013-09-23 12:44 - 2013-09-23 12:44 - 06221216 _____ (Uniblue Systems Ltd ) C:\Users\Timari3\Downloads\speedupmypc_ams1CNKbmsffhN6tIxACGK_uxYmU2t7gdCIMNzguMzUuMTY3Ljk4KAE._(1).exe
2013-09-23 12:37 - 2013-09-23 12:37 - 05683272 _____ (Systweak Inc ) C:\Users\Timari3\Downloads\rcpsetupmapp1_mapp11637950(2).exe
2013-09-23 12:36 - 2013-09-23 12:36 - 05683272 _____ (Systweak Inc ) C:\Users\Timari3\Downloads\rcpsetupmapp1_mapp11637950.exe
2013-09-23 12:36 - 2013-09-23 12:36 - 05683272 _____ (Systweak Inc ) C:\Users\Timari3\Downloads\rcpsetupmapp1_mapp11637950(1).exe
2013-09-23 11:35 - 2013-09-23 11:35 - 00000000 ____D C:\Program Files\Babylon
2013-09-23 11:34 - 2013-09-23 11:34 - 00000000 ____D C:\Users\Timari3\AppData\Local\Babylon
2013-09-23 11:33 - 2013-09-23 11:33 - 00730192 _____ C:\Users\Timari3\Downloads\Babylon10_setup.exe
2013-09-23 10:43 - 2008-01-21 09:16 - 01540014 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-23 10:27 - 2013-09-20 11:40 - 00000000 ____D C:\Users\Timari3\AppData\Roaming\Desk 365
2013-09-22 11:48 - 2013-09-22 11:48 - 00000000 ____D C:\ProgramData\WindowsSearch
2013-09-20 11:55 - 2013-07-03 11:31 - 00000000 ____D C:\Program Files\MyPC Backup
2013-09-20 11:54 - 2013-09-20 11:54 - 00001456 _____ C:\Users\Timari3\Desktop\Sync Folder.lnk
2013-09-20 11:43 - 2013-09-20 11:43 - 00001906 _____ C:\Users\Public\Desktop\VAFPlayer.lnk
2013-09-20 11:43 - 2013-09-20 11:43 - 00000000 ____D C:\Users\Timari3\AppData\Roaming\player
2013-09-20 11:43 - 2013-09-20 11:43 - 00000000 ____D C:\Program Files\Tuguu SL
2013-09-20 11:42 - 2013-09-20 11:42 - 00000000 ____D C:\Users\Timari3\AppData\Local\avgchrome
2013-09-20 11:41 - 2013-09-20 11:41 - 00000000 ____D C:\Users\Timari3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-09-20 11:41 - 2013-09-20 11:41 - 00000000 ____D C:\ProgramData\BitGuard
2013-09-20 11:41 - 2013-09-20 11:41 - 00000000 ____D C:\Program Files\Common Files\337
2013-09-20 11:40 - 2013-09-20 11:40 - 00000000 ____D C:\Users\Timari3\Documents\Optimizer Pro
2013-09-20 11:38 - 2013-09-20 11:38 - 00656096 _____ C:\Users\Timari3\Downloads\Setup (3).exe
2013-09-20 11:38 - 2013-09-20 11:38 - 00656088 _____ C:\Users\Timari3\Downloads\Setup (2).exe
2013-09-20 11:37 - 2013-09-20 11:37 - 06221216 _____ (Uniblue Systems Ltd ) C:\Users\Timari3\Downloads\speedupmypc_ams1CJz0kM6O1LvCPhACGPT95JCRwvjTXiINNzguMzUuMTY1LjEzNigB_.exe
2013-09-20 11:37 - 2013-09-20 11:37 - 00656064 _____ C:\Users\Timari3\Downloads\Setup (1).exe
2013-09-20 11:33 - 2013-09-20 11:24 - 00000886 _____ C:\Users\Timari3\Desktop\MyPC Backup.lnk
2013-09-20 11:32 - 2013-09-20 11:32 - 05615928 _____ (Systweak Inc ) C:\Users\Timari3\Downloads\rcpsetup_matomy_my2271 (3).exe
2013-09-20 11:27 - 2013-09-20 11:26 - 05615928 _____ (Systweak Inc ) C:\Users\Timari3\Downloads\rcpsetup_matomy_my2271 (2).exe
2013-09-20 11:26 - 2013-09-20 11:25 - 05615928 _____ (Systweak Inc ) C:\Users\Timari3\Downloads\rcpsetup_matomy_my2271 (1).exe
2013-09-20 11:24 - 2013-09-20 11:24 - 00000000 ____D C:\Users\Timari3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-09-20 11:21 - 2013-09-20 11:21 - 05683272 _____ (Systweak Inc ) C:\Users\Timari3\Downloads\rcpsetupmarm1_marm10de.exe
2013-09-20 11:21 - 2013-09-20 11:21 - 05683272 _____ (Systweak Inc ) C:\Users\Timari3\Downloads\rcpsetupmarm1_marm10de (1).exe
2013-09-20 10:46 - 2012-10-23 12:38 - 00000000 ____D C:\Program Files\Microsoft Application Virtualization Client
2013-09-20 10:37 - 2006-11-02 14:47 - 00294232 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-20 10:36 - 2013-01-06 12:50 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-19 14:14 - 2013-08-15 19:59 - 00000000 ____D C:\Windows\system32\MRT
2013-09-19 14:10 - 2006-11-02 12:24 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-09-18 17:01 - 2013-09-18 17:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-18 16:36 - 2013-09-18 16:36 - 01260552 _____ (1&1 Mail & Media GmbH) C:\Users\Timari3\Downloads\WEB.DE_IE_Setup(2).exe
2013-09-18 16:36 - 2013-09-18 16:36 - 00991480 _____ (1&1 Mail & Media GmbH) C:\Users\Timari3\Downloads\WEB.DE_Softwareaktualisierung_Setup.exe
2013-09-18 16:35 - 2013-09-18 16:35 - 01260552 _____ (1&1 Mail & Media GmbH) C:\Users\Timari3\Downloads\WEB.DE_IE_Setup(1).exe
2013-09-03 16:43 - 2013-09-03 16:42 - 06786112 _____ C:\Users\Timari3\Downloads\system_mechanic_checkup_nlfree.exe
Some content of TEMP:
====================
C:\Users\Timari3\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-03 12:31
==================== End Of Log ============================
Additions.TXTFRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-10-2013
Ran by Timari3 at 2013-10-03 13:11:52
Running from C:\Users\Timari3\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
7-Zip 9.20
Adobe Flash Player 11 ActiveX (Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (Version: 11.8.800.168)
Adobe Reader X (10.1.8) - Deutsch (Version: 10.1.8)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
Advanced Audio FX Engine
Advanced System Protector (Version: 2.1.1000.10493)
Avira Free Antivirus (Version: 14.0.0.383)
BitGuard
CCleaner (Version: 4.00)
Choice Guard (Version: 1.2.87.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Support Software) (Version: 2.2.08335)
Dell Touchpad (Version: 7.2.115.201)
Dell Webcam Central
Delta Chrome Toolbar
Delta toolbar (Version: 1.8.24.6)
ElsterFormular (Version: 14.0.0.10960)
FoxyDeal (Version: 1.1.0)
Free System Utilities (Version: 1.1.3.0)
Free SystemUtilities (Version: 1.1.3.0)
Freemake Video Converter Version 4.0.0 (Version: 4.0.0)
Google Chrome (Version: 30.0.1599.66)
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.153)
HomeTab 3.7 (Version: 3.7)
IB Updater 2.0.0.550 (Version: 2.0.0.550)
Iminent (Version: 6.32.41.0)
Inbox Toolbar (Version: 2.0.0.62)
Integrated Webcam Driver (1.02.01.0320) (Version: 1.02.01.0320)
Intel(R) Rapid Storage Technology (Version: 10.5.0.1029)
Intel® Matrix Storage Manager
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
Lollipop
Lyrics-Monkey
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.6122.5000)
Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.6612.1000)
Microsoft Office Starter 2010 - Deutsch (Version: 14.0.6126.5003)
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works 6-9 Converter (Version: 14.0.6120.5002)
Mozilla Firefox 24.0 (x86 de) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
MyPC Backup (Version: )
Opera 12.12 (Version: 12.12.1707)
Plus-HD-3.8 (Version: 1.27.153.11)
PowerDVD (Version: 8.1)
QuickSet (Version: 9.2.17)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE (Version: 10.1)
Roxio Creator DE (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
SaltarSmart 3.0.0 (Version: 3.0.0)
Skype™ 5.10 (Version: 5.10.116)
swMSM (Version: 12.0.0.1)
TelevisionFanatic Toolbar
TubeBox Smartbar (Version: 1.6.1.864)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VAFPlayer (Version: 1.6.8)
VideoPlayer v2.0.6 (Version: v2.0.6)
Wajam (Version: 1.98)
WEB.DE Desktop Icons (Version: 3.0.3.0)
WEB.DE Softwareaktualisierung (Version: 3.0.0.54)
Windows Utils
WinZipper (Version: 1.4.8)
==================== Restore Points =========================
12-04-2013 08:31:04 Windows Update
27-04-2013 08:46:05 Windows Update
18-05-2013 13:01:10 Windows Update
15-06-2013 09:18:57 Windows Update
25-07-2013 08:22:29 Windows Update
15-08-2013 17:41:56 Windows Update
16-08-2013 17:19:48 Free System Utilities
16-08-2013 17:26:12 Free System Utilities 16.08.2013 19:26:11
18-08-2013 15:11:35 Windows Update
30-08-2013 17:25:11 Windows Update
31-08-2013 14:25:19 Windows Update
18-09-2013 14:13:33 Avira Free Antivirus - 18.09.2013 16:13
19-09-2013 12:08:58 Windows Update
20-09-2013 08:44:38 Windows Update
22-09-2013 09:42:21 Windows Update
23-09-2013 08:31:16 Windows Update
24-09-2013 15:34:27 Free System Utilities
24-09-2013 15:36:03 Free System Utilities
==================== Hosts content: ==========================
2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {240BDCF0-8FF5-44FE-A92A-D7DB1694614D} - System32\Tasks\Microsoft\Windows\RestartManager\{D3875ED2-2AA8-4650-A1A5-ED854529F946} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {29C10115-9352-470B-A149-C9CB04CE46F3} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {332CBC19-8DFA-423A-813A-3E42CDFB08F9} - System32\Tasks\Plus-HD-3.8-firefoxinstaller => C:\Program Files\Plus-HD-3.8\Plus-HD-3.8-firefoxinstaller.exe [2013-09-24] (Plus HD)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {4066753D-87A2-4182-9338-20EE1EE46B4A} - System32\Tasks\Advanced System Protector_startup => C:\Program Files\Advanced System Protector\AdvancedSystemProtector.exe [2013-01-04] (Systweak)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {484D9F40-D345-446F-80D0-2950E5DB758D} - System32\Tasks\Registration 1und1 Task => C:\Program Files\1und1Softwareaktualisierung\cdsupdclient.exe [2013-05-28] (1&1 Mail & Media GmbH)
Task: {4E5ED380-2494-47E5-8172-4C532DA5EA1C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-03] (Adobe Systems Incorporated)
Task: {590E44AA-6401-4D1B-A3BB-BB41F26B6F5D} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-08-16] ()
Task: {59B9D42D-51E8-4EC3-AF54-DA41F4CE7B49} - System32\Tasks\Plus-HD-3.8-codedownloader => C:\Program Files\Plus-HD-3.8\Plus-HD-3.8-codedownloader.exe [2013-09-24] (Plus HD)
Task: {59FD23F8-4882-4B7E-BCF6-112E73D830AE} - System32\Tasks\EPUpdater => C:\Users\Timari3\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-08-04] ()
Task: {6F36156A-B4D2-469F-B17B-329030AB0FFF} - System32\Tasks\Freemium1ClickMaint => C:\Program Files\Covus Freemium\Free System Utilities\1Click.exe [2013-09-23] (Covus Freemium GmbH)
Task: {70ED99A1-235D-4377-B40A-6619B8AC11A9} - System32\Tasks\Browser Updater\Browser Updater => C:\Program Files\HomeTab\TBUpdater.dll [2013-06-13] (Simplytech Ltd.)
Task: {77B96078-DE45-4E0B-B88D-1F5D05D44AC3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {7E5391F1-2E9B-4E5A-AB52-85BCAB45EFF0} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation)
Task: {7E5B72BC-E71E-4C0C-9358-9C12140C0F93} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\system32\FlashPlayerUpdateService.exe
Task: {808A43B7-588E-4373-AD16-B49EF5D879B5} - System32\Tasks\Plus-HD-3.8-updater => C:\Program Files\Plus-HD-3.8\Plus-HD-3.8-updater.exe [2013-09-24] (Plus HD)
Task: {86383B27-36E4-4C0F-884F-035598BF949B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-08] (Google Inc.)
Task: {8D96248B-4736-4CCF-BFDB-E9E08E0F4F24} - System32\Tasks\Plus-HD-3.8-chromeinstaller => C:\Program Files\Plus-HD-3.8\Plus-HD-3.8-chromeinstaller.exe [2013-09-24] (Plus HD)
Task: {9B1447BF-0928-4A9E-AAF3-6231A2CC14A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-08] (Google Inc.)
Task: {9BEC10D3-83E5-4D23-8F42-B7A1FA12E87E} - System32\Tasks\Software Updater Ui => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-09-19] ()
Task: {A7769E4B-5EC4-46DD-B600-AD52BED29CDF} - System32\Tasks\Plus-HD-3.8-enabler => C:\Program Files\Plus-HD-3.8\Plus-HD-3.8-enabler.exe [2013-09-24] (Plus HD)
Task: {C8E7299F-4536-4AFA-A71C-2A1E07628380} - System32\Tasks\Omiga Plus RunAsStdUser => C:\Program Files\Omiga Plus\omigaplus.exe
Task: {CEB331DC-403E-49A8-BD92-60011C335377} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\system32\FlashPlayerUpdateService.exe
Task: {D1919173-1055-45EF-A0DE-94E37CA23161} - System32\Tasks\Lyrics-Monkey Update => C:\Program Files\Lyrics_Monkey\LyrMonkeyUpd.exe
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {E5B3559C-46F3-40C0-BDD4-089A4FF47FB5} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files\Desk 365\desk365.exe
Task: {F574E343-04EC-4C46-9678-F8F749A163D1} - System32\Tasks\LaunchApp => C:\Program Files\MyPC Backup\MyPC Backup.exe [2013-09-18] (MyPCBackup.com)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Freemium1ClickMaint.job => C:\Program Files\Covus Freemium\Free System Utilities\1Click.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Lyrics-Monkey Update.job => C:\Program Files\Lyrics_Monkey\LyrMonkeyUpd.exe
Task: C:\Windows\Tasks\Plus-HD-3.8-chromeinstaller.job => C:\Program Files\Plus-HD-3.8\Plus-HD-3.8-chromeinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-3.8-codedownloader.job => C:\Program Files\Plus-HD-3.8\Plus-HD-3.8-codedownloader.exe
Task: C:\Windows\Tasks\Plus-HD-3.8-enabler.job => C:\Program Files\Plus-HD-3.8\Plus-HD-3.8-enabler.exe
Task: C:\Windows\Tasks\Plus-HD-3.8-firefoxinstaller.job => C:\Program Files\Plus-HD-3.8\Plus-HD-3.8-firefoxinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-3.8-updater.job => C:\Program Files\Plus-HD-3.8\Plus-HD-3.8-updater.exe
==================== Loaded Modules (whitelisted) =============
2013-09-20 11:41 - 2013-09-10 16:34 - 02700768 _____ () C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll
2013-09-18 11:24 - 2013-09-18 11:24 - 03889152 _____ () C:\Program Files\MyPC Backup\MPCBIconOverlays.dll
2013-09-24 17:33 - 2013-09-24 17:33 - 00911432 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
2013-02-01 17:42 - 2012-07-25 13:03 - 00886272 _____ () C:\Program Files\Advanced System Protector\System.Data.SQLite.dll
2013-02-01 17:42 - 2013-01-04 18:47 - 01731080 _____ () C:\Program Files\Advanced System Protector\aspsys.dll
2013-09-24 17:45 - 2013-09-24 17:45 - 00012520 _____ () C:\Users\Timari3\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.gadget\CoreTempReader.dll
2013-09-24 17:45 - 2013-09-24 17:45 - 00015080 _____ () C:\Users\Timari3\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.gadget\GetCoreTempInfoNET.dll
2013-09-24 17:45 - 2013-09-24 17:45 - 00014056 _____ () C:\Users\Timari3\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.gadget\SystemInfo.dll
2013-09-18 17:01 - 2013-09-18 17:01 - 03279768 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-10-03 10:02 - 2013-10-03 10:02 - 16177544 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/03/2013 00:26:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/03/2013 00:19:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/03/2013 00:04:13 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/03/2013 11:55:43 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/03/2013 10:14:08 AM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\TIMARI3\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\QPJCEANO.DEFAULT\SAFEBROWSING-BACKUP> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (10/03/2013 09:59:57 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/03/2013 09:41:12 AM) (Source: swg) (User: )
Description: There was an error in s. File s
Error: (10/03/2013 09:41:08 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/02/2013 11:29:02 AM) (Source: swg) (User: )
Description: There was an error in s. File s
Error: (10/02/2013 11:28:41 AM) (Source: swg) (User: )
Description: There was an error in s. File s
System errors:
=============
Error: (10/03/2013 00:26:21 PM) (Source: Service Control Manager) (User: )
Description: Intel(R) PRO/1000 NDIS 6 Adapter Driver%%1058
Error: (10/03/2013 00:26:21 PM) (Source: Service Control Manager) (User: )
Description: Intel(R) PRO/1000 PCI Express-Netzwerkverbindungstreiber%%1058
Error: (10/03/2013 00:19:59 PM) (Source: Service Control Manager) (User: )
Description: Intel(R) PRO/1000 NDIS 6 Adapter Driver%%1058
Error: (10/03/2013 00:19:59 PM) (Source: Service Control Manager) (User: )
Description: Intel(R) PRO/1000 PCI Express-Netzwerkverbindungstreiber%%1058
Error: (10/03/2013 00:04:14 PM) (Source: Service Control Manager) (User: )
Description: Intel(R) PRO/1000 NDIS 6 Adapter Driver%%1058
Error: (10/03/2013 00:04:14 PM) (Source: Service Control Manager) (User: )
Description: Intel(R) PRO/1000 PCI Express-Netzwerkverbindungstreiber%%1058
Error: (10/03/2013 11:55:51 AM) (Source: Service Control Manager) (User: )
Description: Intel(R) PRO/1000 NDIS 6 Adapter Driver%%1058
Error: (10/03/2013 11:55:51 AM) (Source: Service Control Manager) (User: )
Description: Intel(R) PRO/1000 PCI Express-Netzwerkverbindungstreiber%%1058
Error: (10/03/2013 09:59:58 AM) (Source: Service Control Manager) (User: )
Description: Intel(R) PRO/1000 NDIS 6 Adapter Driver%%1058
Error: (10/03/2013 09:59:58 AM) (Source: Service Control Manager) (User: )
Description: Intel(R) PRO/1000 PCI Express-Netzwerkverbindungstreiber%%1058
Microsoft Office Sessions:
=========================
Error: (10/03/2013 00:26:19 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/03/2013 00:19:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/03/2013 00:04:13 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/03/2013 11:55:43 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/03/2013 10:14:08 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\TIMARI3\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\QPJCEANO.DEFAULT\SAFEBROWSING-BACKUP
Error: (10/03/2013 09:59:57 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/03/2013 09:41:12 AM) (Source: swg)(User: )
Description: There was an error in s. File s
Error: (10/03/2013 09:41:08 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/02/2013 11:29:02 AM) (Source: swg)(User: )
Description: There was an error in s. File s
Error: (10/02/2013 11:28:41 AM) (Source: swg)(User: )
Description: There was an error in s. File s
CodeIntegrity Errors:
===================================
Date: 2013-08-25 19:15:39.679
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\igdumdx32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-25 19:15:39.392
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Iminent\Iminent.WinCore.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-25 19:15:39.077
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\igdumdx32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-25 19:15:38.784
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Iminent\Iminent.WinCore.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-07 12:34:19.852
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\igdumdx32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-07 12:34:19.676
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\igdumdx32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-01-04 13:55:14.451
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\igdumdx32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-01-04 13:55:14.281
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\igdumdx32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-10-22 20:31:13.404
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-10-22 20:31:13.310
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 68%
Total physical RAM: 3033.63 MB
Available physical RAM: 968.11 MB
Total Pagefile: 6273.55 MB
Available Pagefile: 3631.67 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.16 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:217.85 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:3.68 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 4ED1AC6F)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=283 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Gmer.txt Die ist leer. Ich hoffe ihr könnt damit was anfangen. Vielen Dank im voraus. |
Baum-Darstellung