Trojaner-Board - Ick glaub en virus

Mal eben ne Frage schrauber, bevor ich es runterlade,
funktioniert auch das hier??
http://www.trojaner-board.de/51187-a...i-malware.html

FRST.txt :
FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-07-2013 04

Ran by Walid Efetürk (administrator) on 28-07-2013 13:07:38

Running from C:\Users\Walid Efetürk\Desktop\chara (3)

Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: German Standard

Internet Explorer Version 10

Boot Mode: Normal
 

==================== Processes (Whitelisted) ===================
 

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\system32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(Windows Net) C:\Users\Walid Efetürk\AppData\Roaming\Windows Net Data\net.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Google Inc.) C:\Users\Walid Efetürk\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Walid Efetürk\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Walid Efetürk\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Walid Efetürk\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Walid Efetürk\AppData\Local\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\system32\wuauclt.exe

(Google Inc.) C:\Users\Walid Efetürk\AppData\Local\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files\Windows Live\Companion\companionuser.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [InstallerLauncher] - C:\Users\WALIDE~1\AppData\Local\Temp\GZ_INSTALL_0\setuplauncher.exe [815600 2013-03-25] (BitDefender S.R.L.) <===== ATTENTION

HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1174016 2010-11-20] (Microsoft Corporation)

HKCU\...\Run: [Google Update] - C:\Users\Walid Efetürk\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-07-06] (Google Inc.)

HKCU\...\Run: [NTRedirect] - C:\Windows\system32\rundll32.exe [44544 2009-07-14] (Microsoft Corporation) <===== ATTENTION

HKU\Default\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [ 2010-11-20] (Microsoft Corporation)

HKU\Default User\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [ 2010-11-20] (Microsoft Corporation)

Startup: C:\Users\Walid Efetürk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk

ShortcutTarget: net.lnk -> C:\Users\Walid Efetürk\AppData\Roaming\Windows Net Data\net.exe (Windows Net)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Delta Search

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = WEB.DE Suche - die Suchmaschine

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=445C001D60192B79&affID=119357&tsp=4956

SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=445C001D60192B79&affID=119357&tsp=4956

BHO: WEB.DE Konfiguration - {17166733-40EA-4432-A85C-AE672FF0E236} - C:\ProgramData\1und1InternetExplorerAddon\BHOXML.dll (1&1 Mail & Media GmbH)

BHO: LyricXeeker - {17E58097-6CA5-448B-830F-2A19678248FB} - C:\Program Files\LyriXeeker\125.dll (LyriXeeker Tech)

BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

BHO: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

BHO: Lyrics-Pal - {AB9778AB-BAEF-49B9-96EE-D6E4BD0BCE68} - C:\Program Files\LyricsPal\125.dll No File

BHO: HomeTab - {ba696155-d96e-4281-b467-0367a0456474} - C:\Users\Walid Efetürk\AppData\Roaming\HomeTab\HomeTab.dll No File

BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.22.0\bh\delta.dll (Delta-search.com)

BHO: No Name - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} -  No File

BHO: No Name - {f999a48b-1950-4d81-9971-79018f807b4b} -  No File

Toolbar: HKLM - HomeTab - {ba696155-d96e-4281-b467-0367a0456474} - C:\Users\Walid Efetürk\AppData\Roaming\HomeTab\HomeTab.dll No File

Toolbar: HKLM - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File

Toolbar: HKLM - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.22.0\deltaTlbr.dll (Delta-search.com)

Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

Toolbar: HKCU -No Name - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} -  No File

Toolbar: HKCU -No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  No File

Toolbar: HKCU -No Name - {F999A48B-1950-4D81-9971-79018F807B4B} -  No File

Toolbar: HKCU -Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

Handler: msdaipp - No CLSID Value - 

Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Walid Efetürk\AppData\Roaming\Mozilla\Firefox\Profiles\soxvhzsa.default

FF user.js: detected! => C:\Users\Walid Efetürk\AppData\Roaming\Mozilla\Firefox\Profiles\soxvhzsa.default\user.js

FF NewTab: hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=445C001D60192B79&affID=119357&tsp=4956

FF Homepage: hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=445C001D60192B79&affID=119357&tsp=4956

FF SelectedSearchEngine: Delta Search

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()

FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @real.com/nppl3260;version=15.0.6.14 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprjplug;version=15.0.6.14 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.2.72 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprpplugin;version=15.0.6.14 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Walid Efetürk\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Walid Efetürk\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Walid Efetürk\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Walid Efetürk\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF SearchPlugin: C:\Users\Walid Efetürk\AppData\Roaming\Mozilla\Firefox\Profiles\soxvhzsa.default\searchplugins\babylon.xml

FF Extension: No Name - C:\Users\Walid Efetürk\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

FF Extension: No Name - C:\Users\Walid Efetürk\AppData\Roaming\Mozilla\Firefox\Profiles\soxvhzsa.default\Extensions\ffxtlbr@babylon.com

FF Extension: Delta Toolbar - C:\Users\Walid Efetürk\AppData\Roaming\Mozilla\Firefox\Profiles\soxvhzsa.default\Extensions\ffxtlbr@delta.com

FF Extension: No Name - C:\Users\Walid Efetürk\AppData\Roaming\Mozilla\Firefox\Profiles\soxvhzsa.default\Extensions\linkuryfirefoxremoteplugin@linkury.com

FF Extension: HomeTab - C:\Users\Walid Efetürk\AppData\Roaming\Mozilla\Firefox\Profiles\soxvhzsa.default\Extensions\{24532715-4abc-47ee-bd4f-a6774d0723d2}

FF Extension: No Name - C:\Users\Walid Efetürk\AppData\Roaming\Mozilla\Firefox\Profiles\soxvhzsa.default\Extensions\{454a5ece-209d-4710-92ce-12079d9f613b}

FF Extension: Yahoo! Toolbar - C:\Users\Walid Efetürk\AppData\Roaming\Mozilla\Firefox\Profiles\soxvhzsa.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

FF Extension: No Name - C:\Users\Walid Efetürk\AppData\Roaming\Mozilla\Firefox\Profiles\soxvhzsa.default\Extensions\{6cbdb759-ed53-46b9-9226-ea9c2315a1cf}

FF Extension: FoxyDeal - C:\Users\Walid Efetürk\AppData\Roaming\Mozilla\Firefox\Profiles\soxvhzsa.default\Extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D}

FF Extension: abb - C:\Users\Walid Efetürk\AppData\Roaming\Mozilla\Firefox\Profiles\soxvhzsa.default\Extensions\abb@amazon.com.xpi

FF Extension: toolbar_AVIRA-V7 - C:\Users\Walid Efetürk\AppData\Roaming\Mozilla\Firefox\Profiles\soxvhzsa.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi

FF Extension: No Name - C:\Users\Walid Efetürk\AppData\Roaming\Mozilla\Firefox\Profiles\soxvhzsa.default\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

FF Extension: Default - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

FF HKCU\...\Firefox\Extensions: [{9309FA47-1B48-4768-AFA4-9E0556F5DC81}] C:\Program Files\LyricsPal\125.xpi

FF HKCU\...\Firefox\Extensions: [lyrix@lyrixeeker.co] C:\Program Files\LyriXeeker\125.xpi

FF Extension: No Name - C:\Program Files\LyriXeeker\125.xpi
 

Chrome: 

=======

CHR HomePage: hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=445C001D60192B79&affID=119357&tsp=4956

CHR RestoreOnStartup: "https://www.google.de/"

CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}

CHR Plugin: (Shockwave Flash) - C:\Users\Walid Efet\u00FCrk\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll No File

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\Walid Efet\u00FCrk\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll No File

CHR Plugin: (Chrome PDF Viewer) - C:\Users\Walid Efet\u00FCrk\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll No File

CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)

CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)

CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)

CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File

CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

CHR Plugin: (Unity Player) - C:\Users\Walid Efet\u00FCrk\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File

CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Walid Efet\u00FCrk\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File

CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File

CHR Extension: (Top Eleven) - C:\Users\WALIDE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljphpjlafmmdmegmfbkacafhbegjfkkn\2.0.0.4_0

CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx

CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Walid Efetürk\AppData\Roaming\BabSolution\CR\Delta.crx

CHR HKLM\...\Chrome\Extension: [fgibjgmnimooanbagcfpnkmngejcojaf] - C:\Program Files\HomeTab\chrome\HomeTab.crx

CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx

CHR HKLM\...\Chrome\Extension: [kpionmjnkbpcdpcflammlgllecmejgjj] - C:\Program Files\vShare.tv plugin\vshareplg.crx

CHR HKLM\...\Chrome\Extension: [mmiopbgcekanlhpjkonogoljpfmhpkhf] - C:\Program Files\LyricsPal\125.crx

CHR HKLM\...\Chrome\Extension: [odnofacmifkjndflfmmplhckcbfjckhj] - C:\Program Files\LyriXeeker\125.crx

CHR StartMenuInternet: Google Chrome - "C:\Users\Walid Efetürk\AppData\Local\Google\Chrome\Application\chrome.exe"
 

========================== Services (Whitelisted) =================
 

S4 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [107912 2008-10-09] ()

R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [227232 2010-01-15] (McAfee, Inc.)

S4 ogmservice; C:\Program Files\Online Games Manager\ogmservice.exe [559168 2013-03-12] (RealNetworks, Inc.)

S4 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1699168 2012-09-19] (TuneUp Software)
 

==================== Drivers (Whitelisted) ====================
 

R3 Atc002; C:\Windows\System32\DRIVERS\l260x86.sys [29184 2009-07-14] (Atheros Communications, Inc.)

S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)

S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [34432 2012-10-11] (ManyCam LLC)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)

S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2013-07-27] (Malwarebytes Corporation)

S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv.sys [22656 2013-01-31] (ManyCam LLC)

S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [95304 2011-11-10] (MotioninJoy)

S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [137472 2011-08-17] (Nokia)

S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2011-08-17] (Nokia)

R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-14] (NXP Semiconductors)

S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)

S3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-09-19] (TuneUp Software)

S3 taphss6; system32\DRIVERS\taphss6.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-07-28 13:07 - 2013-07-28 13:07 - 00000000 ____D C:\FRST

2013-07-27 23:17 - 2013-07-27 23:18 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys

2013-07-27 23:17 - 2013-07-27 23:17 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\Malwarebytes

2013-07-27 23:16 - 2013-07-27 23:16 - 00001075 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-07-27 23:16 - 2013-07-27 23:16 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-07-27 23:16 - 2013-07-27 23:16 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware

2013-07-27 23:16 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2013-07-27 22:20 - 2013-07-27 22:20 - 00000057 _____ C:\Users\Walid Efetürk\AppData\Roaming\WB.CFG

2013-07-27 22:20 - 2013-07-27 22:20 - 00000005 _____ C:\Users\Walid Efetürk\AppData\Roaming\WBPU-TTL.DAT

2013-07-27 21:24 - 2013-07-27 21:24 - 00000000 ____D C:\Users\Walid Efetürk\Qtrax

2013-07-27 21:20 - 2013-07-28 12:28 - 00000380 _____ C:\Windows\Tasks\LyricXeeker Update.job

2013-07-27 21:20 - 2013-07-27 23:20 - 00000308 _____ C:\Windows\Tasks\DSite.job

2013-07-27 21:20 - 2013-07-27 21:20 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\Zip Opener Packages

2013-07-27 21:20 - 2013-07-27 21:20 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly

2013-07-27 21:20 - 2013-07-27 21:20 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\DSite

2013-07-27 21:20 - 2013-07-27 21:20 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\Delta

2013-07-27 21:20 - 2013-07-27 21:20 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\DealPly

2013-07-27 21:20 - 2013-07-27 21:20 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\Babylon

2013-07-27 21:20 - 2013-07-27 21:20 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\BabSolution

2013-07-27 21:20 - 2013-07-27 21:20 - 00000000 ____D C:\ProgramData\Babylon

2013-07-27 21:20 - 2013-07-27 21:20 - 00000000 ____D C:\Program Files\LyriXeeker

2013-07-27 21:20 - 2013-07-27 21:20 - 00000000 ____D C:\Program Files\Delta

2013-07-27 20:41 - 2013-07-27 20:42 - 00001939 _____ C:\AdwCleaner[R6].txt

2013-07-27 20:14 - 2013-07-27 20:14 - 00001819 _____ C:\AdwCleaner[R5].txt

2013-07-27 20:14 - 2013-07-27 20:14 - 00001788 _____ C:\AdwCleaner[S4].txt

2013-07-27 20:13 - 2013-07-27 20:13 - 00001759 _____ C:\AdwCleaner[R4].txt

2013-07-27 20:01 - 2013-07-28 12:28 - 00006750 _____ C:\Windows\PFRO.log

2013-07-27 19:59 - 2013-07-27 19:59 - 00030444 _____ C:\ProgramData\1374947945.bdinstall.bin

2013-07-27 19:53 - 2013-07-28 12:28 - 00000280 _____ C:\Windows\setupact.log

2013-07-27 19:53 - 2013-07-27 19:53 - 00000000 _____ C:\Windows\setuperr.log

2013-07-27 19:51 - 2013-07-27 19:51 - 00001658 _____ C:\AdwCleaner[S3].txt

2013-07-27 19:50 - 2013-07-27 19:50 - 00001689 _____ C:\AdwCleaner[R3].txt

2013-07-27 19:49 - 2013-07-27 23:33 - 00094177 _____ C:\Windows\WindowsUpdate.log

2013-07-27 15:49 - 2013-07-27 15:49 - 00000218 _____ C:\Users\WALIDE~1\AppData\Local\recently-used.xbel

2013-07-27 15:42 - 2013-07-27 15:42 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\inkscape

2013-07-27 12:47 - 2013-07-27 20:14 - 00000934 _____ C:\Windows\DeleteOnReboot.bat

2013-07-27 12:47 - 2013-07-27 12:49 - 00082109 _____ C:\AdwCleaner[S2].txt

2013-07-27 12:46 - 2013-07-27 12:47 - 00082638 _____ C:\AdwCleaner[R2].txt

2013-07-27 12:28 - 2013-07-27 12:28 - 00002174 _____ C:\Users\Public\Desktop\Google Earth.lnk

2013-07-26 19:35 - 2013-07-26 19:36 - 00000000 ____D C:\Users\Walid Efetürk\Desktop\Neuer Ordner

2013-07-26 17:24 - 2013-07-27 20:00 - 00000000 ____D C:\ProgramData\Avira

2013-07-26 17:19 - 2013-07-26 17:19 - 00000407 _____ C:\AdwCleaner[S1].txt

2013-07-26 17:18 - 2013-07-26 17:19 - 00082231 _____ C:\AdwCleaner[R1].txt

2013-07-26 17:15 - 2013-07-26 17:15 - 00666633 _____ C:\Users\Walid Efetürk\Desktop\adwcleaner06.exe

2013-07-26 12:26 - 2013-07-26 12:26 - 00000000 __SHD C:\found.005

2013-07-22 17:20 - 2013-07-23 20:58 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\Windows Net Data

2013-07-22 17:19 - 2013-05-13 05:52 - 00023624 _____ C:\Windows\Launcher.exe

2013-07-22 17:18 - 2013-07-22 17:18 - 00002551 _____ C:\Users\Public\Desktop\Free System Utilities.lnk

2013-07-22 17:18 - 2013-07-22 17:18 - 00000000 ____D C:\ProgramData\FreeSystemUtilities

2013-07-22 17:17 - 2013-07-22 17:17 - 00000000 ____D C:\ProgramData\Package Cache

2013-07-14 14:46 - 2013-07-27 16:24 - 00000000 ____D C:\Users\Walid Efetürk\Desktop\Der Edle Quran

2013-07-13 23:20 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-07-13 23:20 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-07-13 23:20 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-07-13 23:20 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-07-13 23:20 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-07-13 23:20 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-07-13 23:20 - 2013-06-12 01:43 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-07-13 23:20 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-07-13 23:20 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-07-13 23:20 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-07-13 23:20 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-07-13 23:20 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-07-13 23:20 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-07-13 23:20 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-07-13 23:20 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-07-13 23:20 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-07-13 23:03 - 2013-07-13 23:03 - 00000000 ____D C:\Windows\pss

2013-07-13 17:57 - 2013-06-05 05:05 - 02347520 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-07-13 17:57 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2013-07-13 17:57 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

2013-07-13 17:57 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2013-07-13 17:45 - 2013-07-13 17:45 - 00000000 ____D C:\Program Files\Blender Foundation

2013-07-07 10:41 - 2013-07-07 10:41 - 00000000 _____ C:\temp.txt

2013-06-30 17:54 - 2013-07-07 10:42 - 00000000 ____D C:\Windows\system32\appmgmt

2013-06-30 17:41 - 2013-06-30 17:41 - 00000904 _____ C:\Users\Walid Efetürk\Desktop\HD Tune.lnk

2013-06-30 17:41 - 2013-06-30 17:41 - 00000000 ____D C:\Program Files\HD Tune

2013-06-30 16:41 - 2013-06-30 16:41 - 00000000 ____D C:\Program Files\CCleaner

2013-06-29 12:06 - 2013-06-29 12:07 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{0A143F33-B193-4F34-ACE1-063F6DB3339E}

2013-06-29 12:04 - 2013-06-29 12:04 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\simplitec

2013-06-28 22:51 - 2013-06-28 22:51 - 00000000 ____D C:\Users\Walid Efetürk\Documents\Music Maker 2013

2013-06-28 22:51 - 2013-06-28 22:51 - 00000000 ____D C:\Users\Walid Efetürk\Documents\MAGIX

2013-06-28 22:50 - 2013-06-28 22:50 - 00000000 ____D C:\Users\Public\Documents\MAGIX

2013-06-28 22:48 - 2013-07-07 10:59 - 00000000 ____D C:\Program Files\Common Files\MAGIX Services

2013-06-28 22:48 - 2013-06-28 22:51 - 00000000 ____D C:\ProgramData\MAGIX

2013-06-28 22:48 - 2013-06-28 22:48 - 00000000 ____D C:\ProgramData\simplitec

2013-06-28 22:48 - 2013-06-28 22:48 - 00000000 ____D C:\Program Files\MAGIX

2013-06-28 22:39 - 2013-06-28 22:51 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\MAGIX

2013-06-28 21:34 - 2013-06-28 21:35 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{C1D44A52-4AFD-4ED9-BF02-F81E16E3A16E}

2013-06-28 21:00 - 2013-07-28 12:28 - 00000366 _____ C:\Windows\Tasks\Lyrics-Pal Update.job

12012-02-02 20:20 - 2013-07-27 21:24 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1000Core2d9829e7e9a89661.job

12012-02-02 19:41 - 12012-02-02 19:41 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{C5BA8C0A-DDBE-4C08-AB8B-4BAFF6C25BD0}

12012-02-02 19:41 - 12012-02-02 19:41 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{3F10A175-25D5-465C-9604-2D4AD978721B}

12012-02-01 18:34 - 12012-02-01 18:34 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{FA13249B-BF3D-42CE-817D-3C81F66BDDAF}

12012-02-01 18:33 - 12012-02-01 18:34 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{E08864C5-530F-463E-902D-55052BDDC613}

12012-02-01 14:45 - 12012-02-01 14:45 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{FD0ACC11-B06A-4D7D-8EEE-4E4891B15602}

12012-02-01 14:45 - 12012-02-01 14:45 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{A9B6870C-C1A2-43ED-B2E8-1401DF4B9750}

12012-01-31 16:12 - 12012-01-31 16:12 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{9EF58DBF-E483-44E5-8C4C-600AFE016AC4}

12012-01-31 16:11 - 12012-01-31 16:12 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{70D78DE0-95C9-4AC4-9114-163162684102}

12012-01-30 15:29 - 12012-01-30 15:29 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{C7820ECF-C451-4B9C-8FCF-AB98C918F170}

12012-01-30 15:29 - 12012-01-30 15:29 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{3A6D5AD0-ACA0-43F4-81DC-E169ADCB93E2}

12012-01-29 13:37 - 2013-07-28 12:28 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore2d98268b474f51c.job

12012-01-29 13:07 - 12012-01-29 13:07 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{CDD53968-98C3-4BB1-9304-BFA657B239F6}

12012-01-29 13:07 - 12012-01-29 13:07 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{C8AEBDE3-0904-4D92-AD47-B0CB2DDEF98F}

12012-01-28 10:47 - 12012-01-28 10:48 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{1C7157F7-C4C8-42DC-94CA-1464C73F98A8}

12012-01-28 10:47 - 12012-01-28 10:47 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{64F9D545-CE4C-473F-9852-20A06DADB7B2}

12012-01-27 15:40 - 12012-01-27 15:41 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{FF64576A-4099-4392-979B-CBB73023C99A}

12012-01-27 15:40 - 12012-01-27 15:40 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{B283F3E8-8093-4883-80BF-55EE8A3975EE}

12012-01-26 22:34 - 12012-01-26 22:34 - 00000000 ___HD C:\ProgramData\CanonIJSolutionMenu

12012-01-26 22:34 - 12012-01-26 22:34 - 00000000 ___HD C:\ProgramData\CanonIJMyPrinter

12012-01-26 22:26 - 12012-01-26 22:26 - 00000000 ___HD C:\ProgramData\CanonIJEGV

12012-01-26 22:18 - 1980-07-02 09:11 - 00000000 ____D C:\ProgramData\CanonIJPLM

12012-01-26 22:06 - 12012-01-26 22:06 - 00000000 ____D C:\Program Files\Common Files\CANON

12012-01-26 22:02 - 2007-06-18 04:15 - 00363520 _____ (CANON INC.) C:\Windows\system32\CNMNPPM.DLL

12012-01-26 22:02 - 2007-06-18 04:15 - 00143360 _____ (CANON INC.) C:\Windows\system32\CNMNPUI.DLL

12012-01-26 22:02 - 12012-01-26 22:33 - 00000000 ____D C:\Program Files\Canon

12012-01-26 16:40 - 12012-01-26 16:40 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{7DFF6244-B311-472A-94EA-7AD96CF5053E}

12012-01-26 16:40 - 12012-01-26 16:40 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{3E1DA19D-D100-4E96-8E12-61D843258376}

12012-01-25 16:04 - 12012-01-25 16:04 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{DA168AC7-8E27-4C6B-8BDA-812B51CD72F5}

12012-01-25 16:03 - 12012-01-25 16:03 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{7DA63DCC-6E9B-40F7-9477-A16E15333D40}

12012-01-23 20:25 - 12012-01-23 20:26 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{F884DCB4-B58C-49CA-8CA9-B9E74DBC2F95}

12012-01-23 20:25 - 12012-01-23 20:25 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{5D1707A9-1398-4D49-A927-B1551E1B3152}

12012-01-22 11:42 - 12012-01-22 11:42 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{F03AB034-2B04-4FCA-B607-E2C09F1637B5}

12012-01-22 11:41 - 12012-01-22 11:42 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{4B14110C-8422-4C81-958A-99B681D9A63B}

12012-01-21 22:33 - 12012-01-21 22:33 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{F1B59349-CD28-478C-A4D2-636F4B5CBF14}

12012-01-21 22:33 - 12012-01-21 22:33 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{14A1FEED-B6FF-4D5A-8FD9-6D79024A06C7}

12012-01-20 16:19 - 12012-01-20 16:19 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{BAFAD5F9-65DD-49F3-A525-430A2C6FEB2F}

12012-01-20 16:19 - 12012-01-20 16:19 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{AC74F643-89F5-4409-80DE-81D64158E248}

12012-01-19 16:09 - 12012-01-19 16:09 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{3E357B28-31D7-446A-BFDD-5C3865758626}

12012-01-19 16:09 - 12012-01-19 16:09 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{3DB64643-5C61-4408-A4DC-1F4046953342}

12012-01-18 16:32 - 12012-01-18 16:32 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{89E036D7-61D5-4E2D-BB4C-5B7D3524EE5B}

12012-01-18 16:31 - 12012-01-18 16:32 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{194C2201-2D4F-481A-ACBA-DB92E8A20666}

12012-01-17 17:25 - 12012-01-17 17:25 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{D43433F2-7067-4033-90E0-3C9908DDA9E1}

12012-01-17 17:25 - 12012-01-17 17:25 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{5E2E644D-F1AF-4DEA-AD66-6AB93CF8730C}

12012-01-15 13:15 - 12012-01-15 13:16 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{92BC1845-49E6-4708-9FEE-54F0A1F8B81A}

12012-01-15 13:15 - 12012-01-15 13:15 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{0E793B4C-9813-46AD-9B02-594B5485EC67}

12012-01-14 15:39 - 12012-01-14 15:40 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{7583D814-BD93-4F56-9A5A-B5DAF6443435}

12012-01-14 15:39 - 12012-01-14 15:39 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{37FED5F7-C315-49F9-B3CD-C61BAB79095F}

12012-01-13 15:42 - 12012-01-13 15:42 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{9C5F2BF4-CA5F-4CF6-AB12-EA453572FA6A}

12012-01-13 15:42 - 12012-01-13 15:42 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{0DD8B8CE-5CF5-4235-B13A-27426AC85051}

12012-01-13 00:17 - 2013-03-17 15:37 - 00000000 ___HD C:\Windows\msdownld.tmp

12012-01-13 00:14 - 12012-01-13 00:14 - 00000000 ____D C:\ProgramData\DesktopIcons

12012-01-13 00:14 - 12012-01-13 00:14 - 00000000 ____D C:\ProgramData\1und1InternetExplorerAddon

12012-01-13 00:01 - 12012-01-13 00:01 - 00000000 __SHD C:\found.000

12012-01-12 18:48 - 2007-08-21 14:32 - 00098304 _____ C:\Windows\system32\redmonnt.dll

12012-01-12 18:48 - 12012-01-12 18:48 - 00000000 ____D C:\Program Files\FoxTabPDFConverter

12012-01-12 18:01 - 12012-01-12 18:02 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{565C793B-B9F7-4099-9B78-81E856B6E51A}

12012-01-12 18:01 - 12012-01-12 18:01 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{BD1E8BDF-CA6C-44AC-877D-0A9824791600}

12012-01-11 16:45 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll

12012-01-11 16:45 - 2011-11-17 07:34 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

12012-01-11 16:45 - 2011-11-17 07:34 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

12012-01-11 16:45 - 2011-11-17 07:34 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

12012-01-11 16:45 - 2011-11-17 07:32 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

12012-01-11 16:45 - 2011-11-17 07:29 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

12012-01-11 16:40 - 12012-01-11 16:41 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{619B73A8-0D85-4460-80C2-FEA1104C3EBA}

12012-01-11 16:40 - 12012-01-11 16:40 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{2B533755-E620-4764-BB4F-2F8B78EE3159}
 

==================== One Month Modified Files and Folders =======
 

2013-07-28 13:07 - 2013-07-28 13:07 - 00000000 ____D C:\FRST

2013-07-28 13:06 - 2013-03-02 19:55 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-07-28 13:06 - 2011-06-26 16:32 - 00000000 ___RD C:\Users\Walid Efetürk\Desktop\chara (3)

2013-07-28 12:39 - 2013-07-27 19:49 - 00094177 _____ C:\Windows\WindowsUpdate.log

2013-07-28 12:36 - 2009-07-14 06:34 - 00014752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-07-28 12:36 - 2009-07-14 06:34 - 00014752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-07-28 12:34 - 1980-05-15 16:22 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1003UA.job

2013-07-28 12:28 - 2013-07-27 21:20 - 00000380 _____ C:\Windows\Tasks\LyricXeeker Update.job

2013-07-28 12:28 - 2013-07-27 20:01 - 00006750 _____ C:\Windows\PFRO.log

2013-07-28 12:28 - 2013-07-27 19:53 - 00000280 _____ C:\Windows\setupact.log

2013-07-28 12:28 - 2013-06-28 21:00 - 00000366 _____ C:\Windows\Tasks\Lyrics-Pal Update.job

2013-07-28 12:28 - 2013-06-24 17:56 - 00000408 _____ C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Walid Efetürk.job

2013-07-28 12:28 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-07-28 12:28 - 12012-01-29 13:37 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore2d98268b474f51c.job

2013-07-27 23:27 - 2011-07-06 15:12 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-07-27 23:24 - 2011-07-07 14:50 - 00001152 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1000UA.job

2013-07-27 23:20 - 2013-07-27 21:20 - 00000308 _____ C:\Windows\Tasks\DSite.job

2013-07-27 23:18 - 2013-07-27 23:17 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys

2013-07-27 23:17 - 2013-07-27 23:17 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\Malwarebytes

2013-07-27 23:16 - 2013-07-27 23:16 - 00001075 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-07-27 23:16 - 2013-07-27 23:16 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-07-27 23:16 - 2013-07-27 23:16 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware

2013-07-27 23:08 - 2011-09-06 19:30 - 00001170 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1000UA.job

2013-07-27 22:26 - 2011-09-11 19:16 - 00000000 ____D C:\Program Files\Ardamax Keylogger Lite

2013-07-27 22:25 - 2013-07-13 17:45 - 00000000 ____D C:\Program Files\Blender Foundation

2013-07-27 22:20 - 2013-07-27 22:20 - 00000057 _____ C:\Users\Walid Efetürk\AppData\Roaming\WB.CFG

2013-07-27 22:20 - 2013-07-27 22:20 - 00000005 _____ C:\Users\Walid Efetürk\AppData\Roaming\WBPU-TTL.DAT

2013-07-27 22:20 - 2012-10-07 19:15 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1003UA.job

2013-07-27 21:42 - 2013-06-24 17:56 - 00000398 _____ C:\Windows\Tasks\ReclaimerUpdateXML_Walid Efetürk.job

2013-07-27 21:24 - 2013-07-27 21:24 - 00000000 ____D C:\Users\Walid Efetürk\Qtrax

2013-07-27 21:24 - 2011-06-26 16:32 - 00000000 ____D C:\Users\Walid Efetürk

2013-07-27 21:24 - 12012-02-02 20:20 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1000Core2d9829e7e9a89661.job

2013-07-27 21:20 - 2013-07-27 21:20 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\Zip Opener Packages

2013-07-27 21:20 - 2013-07-27 21:20 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly

2013-07-27 21:20 - 2013-07-27 21:20 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\DSite

2013-07-27 21:20 - 2013-07-27 21:20 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\Delta

2013-07-27 21:20 - 2013-07-27 21:20 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\DealPly

2013-07-27 21:20 - 2013-07-27 21:20 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\Babylon

2013-07-27 21:20 - 2013-07-27 21:20 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\BabSolution

2013-07-27 21:20 - 2013-07-27 21:20 - 00000000 ____D C:\ProgramData\Babylon

2013-07-27 21:20 - 2013-07-27 21:20 - 00000000 ____D C:\Program Files\LyriXeeker

2013-07-27 21:20 - 2013-07-27 21:20 - 00000000 ____D C:\Program Files\Delta

2013-07-27 20:42 - 2013-07-27 20:41 - 00001939 _____ C:\AdwCleaner[R6].txt

2013-07-27 20:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF

2013-07-27 20:14 - 2013-07-27 20:14 - 00001819 _____ C:\AdwCleaner[R5].txt

2013-07-27 20:14 - 2013-07-27 20:14 - 00001788 _____ C:\AdwCleaner[S4].txt

2013-07-27 20:14 - 2013-07-27 12:47 - 00000934 _____ C:\Windows\DeleteOnReboot.bat

2013-07-27 20:13 - 2013-07-27 20:13 - 00001759 _____ C:\AdwCleaner[R4].txt

2013-07-27 20:00 - 2013-07-26 17:24 - 00000000 ____D C:\ProgramData\Avira

2013-07-27 19:59 - 2013-07-27 19:59 - 00030444 _____ C:\ProgramData\1374947945.bdinstall.bin

2013-07-27 19:53 - 2013-07-27 19:53 - 00000000 _____ C:\Windows\setuperr.log

2013-07-27 19:51 - 2013-07-27 19:51 - 00001658 _____ C:\AdwCleaner[S3].txt

2013-07-27 19:50 - 2013-07-27 19:50 - 00001689 _____ C:\AdwCleaner[R3].txt

2013-07-27 19:38 - 2011-10-21 14:16 - 00000452 ____H C:\Windows\Tasks\Norton Security Scan for Walid Efetürk.job

2013-07-27 19:19 - 2012-10-07 19:14 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1003Core.job

2013-07-27 19:18 - 2011-11-16 17:56 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared

2013-07-27 16:34 - 1980-05-15 16:22 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1003Core.job

2013-07-27 16:24 - 2013-07-14 14:46 - 00000000 ____D C:\Users\Walid Efetürk\Desktop\Der Edle Quran

2013-07-27 15:49 - 2013-07-27 15:49 - 00000218 _____ C:\Users\WALIDE~1\AppData\Local\recently-used.xbel

2013-07-27 15:42 - 2013-07-27 15:42 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\inkscape

2013-07-27 14:59 - 2013-06-24 17:56 - 00000402 _____ C:\Windows\Tasks\ReclaimerUpdateFiles_Walid Efetürk.job

2013-07-27 12:49 - 2013-07-27 12:47 - 00082109 _____ C:\AdwCleaner[S2].txt

2013-07-27 12:47 - 2013-07-27 12:46 - 00082638 _____ C:\AdwCleaner[R2].txt

2013-07-27 12:28 - 2013-07-27 12:28 - 00002174 _____ C:\Users\Public\Desktop\Google Earth.lnk

2013-07-27 12:28 - 2011-07-06 15:12 - 00000000 ____D C:\Program Files\Google

2013-07-26 19:36 - 2013-07-26 19:35 - 00000000 ____D C:\Users\Walid Efetürk\Desktop\Neuer Ordner

2013-07-26 18:43 - 2011-06-26 16:34 - 00336998 _____ C:\Windows\system32\PerfStringBackup.INI

2013-07-26 17:19 - 2013-07-26 17:19 - 00000407 _____ C:\AdwCleaner[S1].txt

2013-07-26 17:19 - 2013-07-26 17:18 - 00082231 _____ C:\AdwCleaner[R1].txt

2013-07-26 17:15 - 2013-07-26 17:15 - 00666633 _____ C:\Users\Walid Efetürk\Desktop\adwcleaner06.exe

2013-07-26 12:44 - 2012-08-24 16:32 - 00000000 ___RD C:\Users\Walid Efetürk\Desktop\Programme

2013-07-26 12:26 - 2013-07-26 12:26 - 00000000 __SHD C:\found.005

2013-07-23 20:58 - 2013-07-22 17:20 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\Windows Net Data

2013-07-22 17:20 - 2013-06-12 16:41 - 00002647 _____ C:\Users\Walid Efetürk\Desktop\Google Chrome.lnk

2013-07-22 17:18 - 2013-07-22 17:18 - 00002551 _____ C:\Users\Public\Desktop\Free System Utilities.lnk

2013-07-22 17:18 - 2013-07-22 17:18 - 00000000 ____D C:\ProgramData\FreeSystemUtilities

2013-07-22 17:17 - 2013-07-22 17:17 - 00000000 ____D C:\ProgramData\Package Cache

2013-07-14 18:05 - 2011-07-07 19:57 - 00000000 ___RD C:\Users\Walid Efetürk\Desktop\DonOmairat

2013-07-14 18:04 - 2012-12-30 21:09 - 00005120 ____H C:\Users\Walid Efetürk\Desktop\photothumb.db

2013-07-14 16:24 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET

2013-07-14 14:04 - 2011-06-26 17:05 - 00000000 ____D C:\Windows\Panther

2013-07-14 14:02 - 2009-07-14 06:33 - 00483792 _____ C:\Windows\system32\FNTCACHE.DAT

2013-07-14 14:01 - 2011-07-30 13:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2013-07-14 14:01 - 2009-07-14 10:57 - 00000000 ____D C:\Program Files\Windows Journal

2013-07-14 14:01 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\Windows Defender

2013-07-13 23:03 - 2013-07-13 23:03 - 00000000 ____D C:\Windows\pss

2013-07-13 17:48 - 2012-09-10 18:01 - 00000000 ____D C:\Users\Walid Efetürk\.thumbnails

2013-07-07 11:08 - 2011-09-06 19:30 - 00001148 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1000Core.job

2013-07-07 10:59 - 2013-06-28 22:48 - 00000000 ____D C:\Program Files\Common Files\MAGIX Services

2013-07-07 10:59 - 2011-07-06 15:12 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\Google

2013-07-07 10:59 - 2011-07-06 15:12 - 00000000 ____D C:\ProgramData\Google

2013-07-07 10:43 - 2011-11-18 23:30 - 00000000 ____D C:\Program Files\Ubisoft

2013-07-07 10:42 - 2013-06-30 17:54 - 00000000 ____D C:\Windows\system32\appmgmt

2013-07-07 10:41 - 2013-07-07 10:41 - 00000000 _____ C:\temp.txt

2013-07-07 10:27 - 2011-07-07 14:51 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

2013-06-30 17:41 - 2013-06-30 17:41 - 00000904 _____ C:\Users\Walid Efetürk\Desktop\HD Tune.lnk

2013-06-30 17:41 - 2013-06-30 17:41 - 00000000 ____D C:\Program Files\HD Tune

2013-06-30 17:10 - 2011-08-27 23:05 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\uTorrent

2013-06-30 17:08 - 2013-04-01 14:17 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2013-06-30 16:47 - 2011-07-30 13:27 - 00000000 ____D C:\Users\Walid Efetürk\Tracing

2013-06-30 16:41 - 2013-06-30 16:41 - 00000000 ____D C:\Program Files\CCleaner

2013-06-29 12:07 - 2013-06-29 12:06 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{0A143F33-B193-4F34-ACE1-063F6DB3339E}

2013-06-29 12:05 - 2011-07-07 14:49 - 00153744 _____ C:\Users\WALIDE~1\AppData\Local\GDIPFONTCACHEV1.DAT

2013-06-29 12:04 - 2013-06-29 12:04 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\simplitec

2013-06-28 22:51 - 2013-06-28 22:51 - 00000000 ____D C:\Users\Walid Efetürk\Documents\Music Maker 2013

2013-06-28 22:51 - 2013-06-28 22:51 - 00000000 ____D C:\Users\Walid Efetürk\Documents\MAGIX

2013-06-28 22:51 - 2013-06-28 22:48 - 00000000 ____D C:\ProgramData\MAGIX

2013-06-28 22:51 - 2013-06-28 22:39 - 00000000 ____D C:\Users\Walid Efetürk\AppData\Roaming\MAGIX

2013-06-28 22:50 - 2013-06-28 22:50 - 00000000 ____D C:\Users\Public\Documents\MAGIX

2013-06-28 22:50 - 2007-04-27 10:43 - 00120200 _____ () C:\Windows\system32\DLLDEV32i.dll

2013-06-28 22:48 - 2013-06-28 22:48 - 00000000 ____D C:\ProgramData\simplitec

2013-06-28 22:48 - 2013-06-28 22:48 - 00000000 ____D C:\Program Files\MAGIX

2013-06-28 22:48 - 2012-09-21 16:44 - 00000000 ____D C:\Program Files\MSXML 4.0

2013-06-28 22:48 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Help

2013-06-28 22:48 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

2013-06-28 21:35 - 2013-06-28 21:34 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{C1D44A52-4AFD-4ED9-BF02-F81E16E3A16E}

12012-02-02 19:41 - 12012-02-02 19:41 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{C5BA8C0A-DDBE-4C08-AB8B-4BAFF6C25BD0}

12012-02-02 19:41 - 12012-02-02 19:41 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{3F10A175-25D5-465C-9604-2D4AD978721B}

12012-02-01 18:34 - 12012-02-01 18:34 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{FA13249B-BF3D-42CE-817D-3C81F66BDDAF}

12012-02-01 18:34 - 12012-02-01 18:33 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{E08864C5-530F-463E-902D-55052BDDC613}

12012-02-01 14:45 - 12012-02-01 14:45 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{FD0ACC11-B06A-4D7D-8EEE-4E4891B15602}

12012-02-01 14:45 - 12012-02-01 14:45 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{A9B6870C-C1A2-43ED-B2E8-1401DF4B9750}

12012-01-31 17:14 - 2011-10-09 11:11 - 00000000 ____D C:\Program Files\DVDVideoSoft

12012-01-31 17:14 - 2011-10-09 11:11 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft

12012-01-31 16:12 - 12012-01-31 16:12 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{9EF58DBF-E483-44E5-8C4C-600AFE016AC4}

12012-01-31 16:12 - 12012-01-31 16:11 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{70D78DE0-95C9-4AC4-9114-163162684102}

12012-01-30 15:29 - 12012-01-30 15:29 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{C7820ECF-C451-4B9C-8FCF-AB98C918F170}

12012-01-30 15:29 - 12012-01-30 15:29 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{3A6D5AD0-ACA0-43F4-81DC-E169ADCB93E2}

12012-01-29 13:07 - 12012-01-29 13:07 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{CDD53968-98C3-4BB1-9304-BFA657B239F6}

12012-01-29 13:07 - 12012-01-29 13:07 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{C8AEBDE3-0904-4D92-AD47-B0CB2DDEF98F}

12012-01-28 10:48 - 12012-01-28 10:47 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{1C7157F7-C4C8-42DC-94CA-1464C73F98A8}

12012-01-28 10:47 - 12012-01-28 10:47 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{64F9D545-CE4C-473F-9852-20A06DADB7B2}

12012-01-27 15:41 - 12012-01-27 15:40 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{FF64576A-4099-4392-979B-CBB73023C99A}

12012-01-27 15:40 - 12012-01-27 15:40 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{B283F3E8-8093-4883-80BF-55EE8A3975EE}

12012-01-26 22:34 - 12012-01-26 22:34 - 00000000 ___HD C:\ProgramData\CanonIJSolutionMenu

12012-01-26 22:34 - 12012-01-26 22:34 - 00000000 ___HD C:\ProgramData\CanonIJMyPrinter

12012-01-26 22:33 - 12012-01-26 22:02 - 00000000 ____D C:\Program Files\Canon

12012-01-26 22:26 - 12012-01-26 22:26 - 00000000 ___HD C:\ProgramData\CanonIJEGV

12012-01-26 22:06 - 12012-01-26 22:06 - 00000000 ____D C:\Program Files\Common Files\CANON

12012-01-26 16:40 - 12012-01-26 16:40 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{7DFF6244-B311-472A-94EA-7AD96CF5053E}

12012-01-26 16:40 - 12012-01-26 16:40 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{3E1DA19D-D100-4E96-8E12-61D843258376}

12012-01-25 16:04 - 12012-01-25 16:04 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{DA168AC7-8E27-4C6B-8BDA-812B51CD72F5}

12012-01-25 16:03 - 12012-01-25 16:03 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{7DA63DCC-6E9B-40F7-9477-A16E15333D40}

12012-01-23 20:26 - 12012-01-23 20:25 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{F884DCB4-B58C-49CA-8CA9-B9E74DBC2F95}

12012-01-23 20:25 - 12012-01-23 20:25 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{5D1707A9-1398-4D49-A927-B1551E1B3152}

12012-01-22 11:42 - 12012-01-22 11:42 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{F03AB034-2B04-4FCA-B607-E2C09F1637B5}

12012-01-22 11:42 - 12012-01-22 11:41 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{4B14110C-8422-4C81-958A-99B681D9A63B}

12012-01-21 22:33 - 12012-01-21 22:33 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{F1B59349-CD28-478C-A4D2-636F4B5CBF14}

12012-01-21 22:33 - 12012-01-21 22:33 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{14A1FEED-B6FF-4D5A-8FD9-6D79024A06C7}

12012-01-20 16:19 - 12012-01-20 16:19 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{BAFAD5F9-65DD-49F3-A525-430A2C6FEB2F}

12012-01-20 16:19 - 12012-01-20 16:19 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{AC74F643-89F5-4409-80DE-81D64158E248}

12012-01-19 16:09 - 12012-01-19 16:09 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{3E357B28-31D7-446A-BFDD-5C3865758626}

12012-01-19 16:09 - 12012-01-19 16:09 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{3DB64643-5C61-4408-A4DC-1F4046953342}

12012-01-18 16:32 - 12012-01-18 16:32 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{89E036D7-61D5-4E2D-BB4C-5B7D3524EE5B}

12012-01-18 16:32 - 12012-01-18 16:31 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{194C2201-2D4F-481A-ACBA-DB92E8A20666}

12012-01-17 17:25 - 12012-01-17 17:25 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{D43433F2-7067-4033-90E0-3C9908DDA9E1}

12012-01-17 17:25 - 12012-01-17 17:25 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{5E2E644D-F1AF-4DEA-AD66-6AB93CF8730C}

12012-01-15 13:16 - 12012-01-15 13:15 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{92BC1845-49E6-4708-9FEE-54F0A1F8B81A}

12012-01-15 13:15 - 12012-01-15 13:15 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{0E793B4C-9813-46AD-9B02-594B5485EC67}

12012-01-14 15:40 - 12012-01-14 15:39 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{7583D814-BD93-4F56-9A5A-B5DAF6443435}

12012-01-14 15:39 - 12012-01-14 15:39 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{37FED5F7-C315-49F9-B3CD-C61BAB79095F}

12012-01-13 15:42 - 12012-01-13 15:42 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{9C5F2BF4-CA5F-4CF6-AB12-EA453572FA6A}

12012-01-13 15:42 - 12012-01-13 15:42 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{0DD8B8CE-5CF5-4235-B13A-27426AC85051}

12012-01-13 00:14 - 12012-01-13 00:14 - 00000000 ____D C:\ProgramData\DesktopIcons

12012-01-13 00:14 - 12012-01-13 00:14 - 00000000 ____D C:\ProgramData\1und1InternetExplorerAddon

12012-01-13 00:01 - 12012-01-13 00:01 - 00000000 __SHD C:\found.000

12012-01-12 18:48 - 12012-01-12 18:48 - 00000000 ____D C:\Program Files\FoxTabPDFConverter

12012-01-12 18:02 - 12012-01-12 18:01 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{565C793B-B9F7-4099-9B78-81E856B6E51A}

12012-01-12 18:01 - 12012-01-12 18:01 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{BD1E8BDF-CA6C-44AC-877D-0A9824791600}

12012-01-11 16:41 - 12012-01-11 16:40 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{619B73A8-0D85-4460-80C2-FEA1104C3EBA}

12012-01-11 16:40 - 12012-01-11 16:40 - 00000000 ____D C:\Users\WALIDE~1\AppData\Local\{2B533755-E620-4764-BB4F-2F8B78EE3159}
 

Files to move or delete:

====================

C:\Users\WALIDE~1\AppData\Local\Temp\GZ_INSTALL_0\setuplauncher.exe

C:\Windows\system32\rundll32.exe
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-07-23 00:20
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Addition.txt :FRST Additions Logfile:

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-07-2013 04

Ran by Walid Efetürk at 2013-07-28 13:09:07

Running from C:\Users\Walid Efetürk\Desktop\chara (3)

Boot Mode: Normal

==========================================================
 
 

==================== Installed Programs =======================
 

µTorrent (Version: 3.0.0)

Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)

Adobe Flash Player 11 Plugin (Version: 11.7.700.224)

Adobe Shockwave Player 11.6 (Version: 11.6.1.629)

Apple Application Support (Version: 2.3.3)

Apple Mobile Device Support (Version: 6.1.0.13)

Apple Software Update (Version: 2.1.3.127)

Ardamax Keylogger 1.2

Avira SearchFree Toolbar plus Web Protection (Version: 12.2.2.663)

Bonjour (Version: 3.0.0.10)

Canon IJ Network Scan Utility

Canon IJ Network Tool

Canon Inkjet Printer/Scanner/Fax Extended Survey Program

Canon MP Navigator EX 2.1

Canon MX860 series Benutzerregistrierung

Canon MX860 series MP Drivers

Canon Utilities Easy-PhotoPrint EX

Canon Utilities My Printer

Canon Utilities Solution Menu

CCleaner (Version: 4.03)

Cheat Engine 6.0

Cheat Engine 6.2

D3DX10 (Version: 15.4.2368.0902)

DealPly

Delta Chrome Toolbar

Delta toolbar   (Version: 1.8.22.0)

DVDVideoSoftTB Toolbar (Version: 6.3.3.3)

Facebook Video Calling 1.2.0.287 (Version: 1.2.287)

FMSLogo

FoxTab PDF Creator

Free Spider Solitaire 2010 v2.1

Free Studio version 5.2.1

Free System Utilities (Version: 1.1.0.95)

Free SystemUtilities (Version: 1.1.0.95)

Free YouTube to MP3 Converter version 3.10.15.1228

FreeOnlineRadioPlayerRecorder Toolbar (Version: 6.8.5.1)

Galileo Family Quiz - Spezial I

GameMaker 8.1

GIMP 2.6.11 (Version: 2.6.11)

Google Chrome (HKCU Version: 28.0.1500.72)

Google Earth (Version: 7.1.1.1888)

Google Update Helper (Version: 1.3.21.153)

HD Tune 2.55

HomeTab 3.2 (Version: 3.2)

Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.1930)

iTunes (Version: 11.0.2.26)

Junk Mail filter update (Version: 15.4.3502.0922)

LEGO Star Wars III The Clone Wars (Version: 1.0)

LyricXeeker

MAGIX Content und Soundpools (Version: 1.0.0.0)

MAGIX Goya burnR (MSI) (Version: 4.3.2.0)

MAGIX Music Maker 2013 (Version: 19.0.3.47)

MAGIX Music Maker 2013 Trial Soundpools (Version: 1.0.0.0)

Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)

McAfee Security Scan Plus (Version: 2.0.181.2)

Mesh Runtime (Version: 15.4.5722.2)

Messenger Companion (Version: 15.4.3502.0922)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft Application Error Reporting (Version: 12.0.6012.5000)

Microsoft AutoRoute 2002 (Version: 9.00.17.0200)

Microsoft Encarta Enzyklopädie 2003 (Version: 2003)

Microsoft Picture It! Foto 7.0 (Version: 7.0.0.0000)

Microsoft Silverlight (Version: 5.1.20513.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Word 2002 (Version: 10.0.2701.01)

Microsoft Works 2003-Setup-Start

Microsoft Works 7.0  (Version: 07.02.0702)

Microsoft Works Suite-Add-Ins für Microsoft Word (Version: 2.0.0.0000)

MotioninJoy ds3 driver version 0.6.0005 (Version: 0.6.00005)

Mozilla Firefox 19.0.2 (x86 de) (Version: 19.0.2)

Mozilla Maintenance Service (Version: 19.0.2)

MSVCRT (Version: 15.4.2862.0708)

MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)

MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)

MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)

Music Editor Free

Nokia Connectivity Cable Driver (Version: 7.1.32.64)

Norton Security Scan (Version: 3.5.1.8)

Online Games Manager v1.20 (Version: 1.20.13)

OpenOffice.org 3.4.1 (Version: 3.41.9593)

PCSX2 - Playstation 2 Emulator

PhotoScape

Pinnacle VideoSpin (Version: 2.0.0.669)

RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)

RealPlayer (Version: 15.0.6)

RealUpgrade 1.1 (Version: 1.1.0)

Snap.Do (Version: 1.8.1.10725)

Snap.Do Engine (HKCU Version: 1.8.1.10725)

swMSM (Version: 12.0.0.1)

Text Express Deluxe (HKCU Version: 1.2.0)

Text-To-Speech-Runtime (Version: 1.0.0.0)

TuneUp Utilities 2013 (Version: 13.0.2020.4)

TuneUp Utilities Language Pack (de-DE) (Version: 13.0.2020.4)

Ubisoft Game Launcher (Version: 1.0.0.0)

Unity Web Player (HKCU Version: )

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)

Update for Zip Opener

uTorrentBar_DE Toolbar (Version: 6.3.5.3)

WEB.DE Internet Explorer Addon (Version: 1.0.1.0)

Windows Live Communications Platform (Version: 15.4.3502.0922)

Windows Live Essentials (Version: 15.4.3502.0922)

Windows Live Essentials (Version: 15.4.3555.0308)

Windows Live Family Safety (Version: 15.4.3555.0308)

Windows Live Fotogalerie (Version: 15.4.3502.0922)

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)

Windows Live Installer (Version: 15.4.3502.0922)

Windows Live Mail (Version: 15.4.3502.0922)

Windows Live Mesh (Version: 15.4.3502.0922)

Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)

Windows Live Messenger (Version: 15.4.3538.0513)

Windows Live Messenger Companion Core (Version: 15.4.3502.0922)

Windows Live MIME IFilter (Version: 15.4.3502.0922)

Windows Live Movie Maker (Version: 15.4.3502.0922)

Windows Live Photo Common (Version: 15.4.3502.0922)

Windows Live Photo Gallery (Version: 15.4.3502.0922)

Windows Live PIMT Platform (Version: 15.4.3508.1109)

Windows Live Remote Client (Version: 15.4.5722.2)

Windows Live Remote Client Resources (Version: 15.4.5722.2)

Windows Live Remote Service (Version: 15.4.5722.2)

Windows Live Remote Service Resources (Version: 15.4.5722.2)

Windows Live SOXE (Version: 15.4.3502.0922)

Windows Live SOXE Definitions (Version: 15.4.3502.0922)

Windows Live UX Platform (Version: 15.4.3502.0922)

Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)

Windows Live Writer (Version: 15.4.3502.0922)

Windows Live Writer Resources (Version: 15.4.3502.0922)

Windows Utils

WinRAR 4.01 (32-Bit) (Version: 4.01.0)

Works Suite-Betriebssystem-Pack (Version: 3.0.0.0000)

yEd Graph Editor 3.6.1.1

Zip Opener Packages

 
 

==================== Restore Points  =========================
 

04-04-2013 09:27:41 Windows Update

05-04-2013 14:38:14 Windows Update

05-04-2013 19:39:47 Windows Update

07-04-2013 08:00:27 Windows Update

12-04-2013 18:24:58 Windows Update

12-04-2013 20:41:21 Windows Update

19-04-2013 17:48:20 Windows Update

19-04-2013 17:48:58 Installed iTunes

23-04-2013 16:39:43 Windows Update

10-05-2013 19:03:03 Windows Update

16-05-2013 14:06:36 Windows Update

20-05-2013 17:14:34 Windows Update

21-05-2013 11:54:10 Windows Update

23-05-2013 12:54:24 Windows Update

29-05-2013 14:02:23 Windows Update

03-06-2013 13:52:08 Windows Update

09-06-2013 08:43:05 Windows Update

12-06-2013 14:48:41 Windows Update

22-06-2013 08:48:03 Windows Update

24-06-2013 17:04:29 Gerätetreiber-Paketinstallation: Anchorfree Inc Netzwerkdienst

24-06-2013 17:05:41 Gerätetreiber-Paketinstallation: Anchorfree HSS VPN Adapter Netzwerkadapter

25-06-2013 14:17:39 Gerätetreiber-Paketinstallation: Anchorfree HSS VPN Adapter Netzwerkadapter

25-06-2013 14:25:35 Windows Update

28-06-2013 19:07:51 Windows Update

29-06-2013 21:10:10 Windows Update

30-06-2013 15:53:15 Removed Apple Application Support

06-07-2013 19:43:37 Windows Update

07-07-2013 08:41:52 Removed Apple Application Support

07-07-2013 08:58:54 Removed simplitec simplicheck

07-07-2013 08:59:24 Removed Firebird SQL Server - MAGIX Edition

13-07-2013 15:53:56 Windows Update

13-07-2013 21:15:03 Windows Update

22-07-2013 13:38:45 Windows Update

22-07-2013 15:17:15 Free System Utilities

26-07-2013 10:37:18 Windows Update

26-07-2013 10:43:26 Free System Utilities 26.07.2013 12:43:21
 

==================== Hosts content: ==========================
 

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {02503641-6546-4486-AFF8-3751C30FD405} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-24] (Adobe Systems Incorporated)

Task: {08B6ACE2-605D-483A-B9D0-6D48C3D91107} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2361670767-3260828624-3907866334-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)

Task: {11B96052-0D4F-41A4-89F6-1ADD27A2A4A0} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-11] (Microsoft Corporation)

Task: {18D7230B-B5BC-4738-B480-C8A3F9FBF7D1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)

Task: {25268314-FB51-420B-BD08-3F99BBD855BD} - System32\Tasks\ReclaimerUpdateXML_Walid Efetürk => C:\Users\Walid Efetürk\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe [2013-06-24] (RealNetworks, Inc.)

Task: {2C4864B9-CEB7-4871-AC0F-E5E0B3823211} - System32\Tasks\DealPly => C:\Users\WALIDE~1\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE [2013-02-27] ()

Task: {2CF202C7-09A3-4AD6-A35F-3C6A95CC798F} - System32\Tasks\DSite => C:\Users\WALIDE~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE [2013-07-27] ()

Task: {2FB84088-5AC8-47FF-9F28-55B478141AE1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1000Core2d9829e7e9a89661 => C:\Users\Walid Efetürk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-06] (Google Inc.)

Task: {3513D883-A2A8-4E2A-AC78-9A2A8302C665} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-06] (Google Inc.)

Task: {37386F3C-4FA2-46E9-9D82-00818F669C54} - System32\Tasks\Funmoods => C:\Users\WALIDE~1\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE No File

Task: {3AC9713B-BC6C-4DAA-9872-CDB7B6ED9489} - System32\Tasks\GoogleUpdateTaskMachineCore2d98268b474f51c => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-06] (Google Inc.)

Task: {3E69D3DE-8468-4F2C-BA76-5135CCC7B764} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)

Task: {40EBD274-8CC2-4ECD-AECD-2A832E57D7E3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1003Core => C:\Users\yasmin\AppData\Local\Google\Update\GoogleUpdate.exe No File

Task: {4CCA4F64-D4A0-47BD-BA90-31B28AD23D1C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1003Core => C:\Users\yasmin\AppData\Local\Facebook\Update\FacebookUpdate.exe No File

Task: {50D7AAD2-7906-4416-B7A3-1B094FCDC63A} - System32\Tasks\{901EA2AC-A07A-4515-B3D9-B5A84EE5AC49} => C:\Program Files\Mozilla Firefox\firefox.exe [2013-03-07] (Mozilla Corporation)

Task: {5171DE9A-2071-4EC0-A07B-40064A02FBF4} - System32\Tasks\LyricXeeker Update => C:\Program Files\LyriXeeker\LyriXupdate.exe [2013-07-26] (LyriXeeker Tech)

Task: {55DCD610-239F-4E87-904A-9E07A873427F} - System32\Tasks\EPUpdater => C:\Users\WALIDE~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] ()

Task: {5AE6E89C-2B60-4E7C-B463-86F19F9FDA90} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1003UA => C:\Users\yasmin\AppData\Local\Facebook\Update\FacebookUpdate.exe No File

Task: {5D60F1E9-CCAA-4F7D-8821-62D537E2B1F4} - System32\Tasks\RegClean Pro => C:\Program Files\RegClean Pro\RegCleanPro.exe No File

Task: {62628167-9F16-4A5A-8050-DBA867315508} - System32\Tasks\OpenCandyHelperRun => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)

Task: {626C586F-75C3-40E4-937D-462E24EE9F47} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1003UA => C:\Users\yasmin\AppData\Local\Google\Update\GoogleUpdate.exe No File

Task: {67EDE0E4-70E6-4914-A758-6A6DBCB2B055} - System32\Tasks\Freemium1ClickMaint => C:\Program Files\Covus Freemium\Free System Utilities\1Click.exe No File

Task: {7CBB9273-F23A-417F-B3D6-E02B2B406A17} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2361670767-3260828624-3907866334-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)

Task: {7D0BD029-53C0-4032-8641-ACB7DCEAC25D} - System32\Tasks\Lyrics-Pal Update => C:\Program Files\LyricsPal\Lyrics.exe No File

Task: {96B53163-27D2-433C-9EAC-3A4D5603B337} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2013\OneClick.exe [2012-09-19] (TuneUp Software)

Task: {99D3E139-871D-4A4E-A365-4B1AEE2E5357} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task

Task: {9C53E5B6-AC71-4D5E-8A54-536D03AB8AD2} - System32\Tasks\RNUpgradeHelperResumePrompt_Walid Efetürk => C:\Users\Walid Efetürk\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe [2013-06-24] (RealNetworks, Inc.)

Task: {9EE8DDD2-4FFE-4184-977A-9F07F111CCF1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1000Core => C:\Users\Walid Efetürk\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-27] (Facebook Inc.)

Task: {ACE66B7F-03D7-408A-83CF-490F479A6AA2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1000UA => C:\Users\Walid Efetürk\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-27] (Facebook Inc.)

Task: {ADE00BC4-6C25-481E-8F1D-B1DB86B5AAED} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1000UA => C:\Users\Walid Efetürk\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-06] (Google Inc.)

Task: {B4E1CF5B-6EFF-4617-83E2-22E60DF851B1} - System32\Tasks\RNUpgradeHelperLogonPrompt_Walid Efetürk => C:\Users\Walid Efetürk\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe [2013-06-24] (RealNetworks, Inc.)

Task: {B95473BB-F6D7-49A3-A718-58C7DADE89CD} - System32\Tasks\Norton Security Scan for Walid Efetürk => C:\PROGRA~1\NORTON~2\Engine\351~1.8\Nss.exe [2012-04-03] (Symantec Corporation)

Task: {BD498787-A132-4321-B72E-32A935183671} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe No File

Task: {C54EAD11-82A0-4990-B4AF-E844BF50CCC2} - System32\Tasks\QtraxPlayer => C:\Program Files\Microsoft Silverlight\sllauncher.exe [2013-05-13] (Microsoft Corporation)

Task: {D5C4E876-A0C7-45E1-8B2D-73443A7ECE83} - System32\Tasks\DealPlyUpdate => C:\Program No File

Task: {D80247CC-2433-41FC-9617-9582097C9506} - System32\Tasks\Software Updater Ui => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe No File

Task: {E904DAE3-C1C7-43C7-9E91-86A9E11B8F7A} - System32\Tasks\ReclaimerUpdateFiles_Walid Efetürk => C:\Users\Walid Efetürk\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe [2013-06-24] (RealNetworks, Inc.)

Task: {E9C1ED70-F396-4CF5-A531-3432FE3A8222} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)

Task: {F1B00C50-4A24-49B8-A767-DADEF5E608A0} - System32\Tasks\User_Feed_Synchronization-{882B39A7-5BCF-48C7-8167-DE4F78D3CDA2} => C:\Windows\system32\msfeedssync.exe [2013-05-23] (Microsoft Corporation)

Task: {FA6BEC50-AC85-4A5E-9759-7F161F9725A9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {FE1D8F6E-5002-4497-93CF-E4736E43DED6} - System32\Tasks\{3F8FFF01-3F9D-4A0D-90BA-59638BE1235E} => C:\Program Files\Mozilla Firefox\firefox.exe [2013-03-07] (Mozilla Corporation)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\DSite.job => ?

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1000Core.job => C:\Users\Walid Efetürk\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1000UA.job => C:\Users\Walid Efetürk\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1003Core.job => C:\Users\yasmin\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1003UA.job => C:\Users\yasmin\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore2d98268b474f51c.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1000Core2d9829e7e9a89661.job => C:\Users\Walid Efetürk\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1000UA.job => C:\Users\Walid Efetürk\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1003Core.job => C:\Users\yasmin\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2361670767-3260828624-3907866334-1003UA.job => C:\Users\yasmin\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\Lyrics-Pal Update.job => C:\Program Files\LyricsPal\Lyrics.exe

Task: C:\Windows\Tasks\LyricXeeker Update.job => C:\Program Files\LyriXeeker\LyriXupdate.exe

Task: C:\Windows\Tasks\Norton Security Scan for Walid Efetürk.job => C:\PROGRA~1\NORTON~2\Engine\351~1.8\Nss.exe

Task: C:\Windows\Tasks\ReclaimerUpdateFiles_Walid Efetürk.job => C:\Users\Walid Efetürk\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe

Task: C:\Windows\Tasks\ReclaimerUpdateXML_Walid Efetürk.job => C:\Users\Walid Efetürk\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe

Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Walid Efetürk.job => C:\Users\Walid Efetürk\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe
 

==================== Faulty Device Manager Devices =============
 

Name: Canon MX860 ser Network

Description: Canon MX860 ser Network

Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Manufacturer: Canon

Service: StillCam

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (07/27/2013 08:09:50 PM) (Source: MsiInstaller) (User: ALIOMAIRATPC)

Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 
 

Internet Explorer
 

Error: (07/27/2013 08:09:12 PM) (Source: MsiInstaller) (User: ALIOMAIRATPC)

Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 
 

Internet Explorer
 

Error: (07/27/2013 08:09:12 PM) (Source: MsiInstaller) (User: ALIOMAIRATPC)

Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 
 

Internet Explorer
 

Error: (07/27/2013 08:09:11 PM) (Source: MsiInstaller) (User: ALIOMAIRATPC)

Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 
 

Internet Explorer
 

Error: (07/27/2013 08:09:11 PM) (Source: MsiInstaller) (User: ALIOMAIRATPC)

Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 
 

Internet Explorer
 

Error: (07/27/2013 08:09:11 PM) (Source: MsiInstaller) (User: ALIOMAIRATPC)

Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 
 

Internet Explorer
 

Error: (07/27/2013 08:09:11 PM) (Source: MsiInstaller) (User: ALIOMAIRATPC)

Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 
 

Internet Explorer
 

Error: (07/27/2013 08:09:11 PM) (Source: MsiInstaller) (User: ALIOMAIRATPC)

Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 
 

Internet Explorer
 

Error: (07/27/2013 08:09:10 PM) (Source: MsiInstaller) (User: ALIOMAIRATPC)

Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 
 

Internet Explorer
 

Error: (07/27/2013 08:09:10 PM) (Source: MsiInstaller) (User: ALIOMAIRATPC)

Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 
 

Internet Explorer
 
 

System errors:

=============

Error: (07/28/2013 00:29:17 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%-2140993535
 

Error: (07/28/2013 00:29:17 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 

%%-2140993535
 

Error: (07/28/2013 00:29:17 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%-2140993535
 

Error: (07/28/2013 00:29:17 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 

%%-2140993535
 

Error: (07/28/2013 00:29:17 PM) (Source: PNRPSvc) (User: )

Description: 0x80630801
 

Error: (07/28/2013 00:29:17 PM) (Source: PNRPSvc) (User: )

Description: 0x80630801
 

Error: (07/28/2013 00:29:08 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%-2140993535
 

Error: (07/28/2013 00:29:08 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 

%%-2140993535
 

Error: (07/28/2013 00:29:08 PM) (Source: PNRPSvc) (User: )

Description: 0x80630801
 

Error: (07/28/2013 00:27:53 PM) (Source: Ntfs) (User: )

Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.

Führen Sie auf dem Volume "C:" den Befehl "chkdsk" aus.
 
 

Microsoft Office Sessions:

=========================

Error: (07/27/2013 08:09:50 PM) (Source: MsiInstaller)(User: ALIOMAIRATPC)

Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 
 

Internet Explorer(NULL)(NULL)(NULL)(NULL)(NULL)
 

Error: (07/27/2013 08:09:12 PM) (Source: MsiInstaller)(User: ALIOMAIRATPC)

Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 
 

Internet Explorer(NULL)(NULL)(NULL)(NULL)(NULL)
 

Error: (07/27/2013 08:09:12 PM) (Source: MsiInstaller)(User: ALIOMAIRATPC)

Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 
 

Internet Explorer(NULL)(NULL)(NULL)(NULL)(NULL)
 

Error: (07/27/2013 08:09:11 PM) (Source: MsiInstaller)(User: ALIOMAIRATPC)

Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 
 

Internet Explorer(NULL)(NULL)(NULL)(NULL)(NULL)
 

Error: (07/27/2013 08:09:11 PM) (Source: MsiInstaller)(User: ALIOMAIRATPC)

Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 
 

Internet Explorer(NULL)(NULL)(NULL)(NULL)(NULL)
 

Error: (07/27/2013 08:09:11 PM) (Source: MsiInstaller)(User: ALIOMAIRATPC)

Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 
 

Internet Explorer(NULL)(NULL)(NULL)(NULL)(NULL)
 

Error: (07/27/2013 08:09:11 PM) (Source: MsiInstaller)(User: ALIOMAIRATPC)

Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 
 

Internet Explorer(NULL)(NULL)(NULL)(NULL)(NULL)
 

Error: (07/27/2013 08:09:11 PM) (Source: MsiInstaller)(User: ALIOMAIRATPC)

Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 
 

Internet Explorer(NULL)(NULL)(NULL)(NULL)(NULL)
 

Error: (07/27/2013 08:09:10 PM) (Source: MsiInstaller)(User: ALIOMAIRATPC)

Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 
 

Internet Explorer(NULL)(NULL)(NULL)(NULL)(NULL)
 

Error: (07/27/2013 08:09:10 PM) (Source: MsiInstaller)(User: ALIOMAIRATPC)

Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 
 

Internet Explorer(NULL)(NULL)(NULL)(NULL)(NULL)
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 86%

Total physical RAM: 1015.24 MB

Available physical RAM: 134.56 MB

Total Pagefile: 2071.24 MB

Available Pagefile: 627.18 MB

Total Virtual: 2047.88 MB

Available Virtual: 1905.71 MB
 

==================== Drives ================================
 

Drive c: (BOOT) (Fixed) (Total:315.34 GB) (Free:102.16 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (RECOVER) (Fixed) (Total:20 GB) (Free:11.04 GB) FAT32
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 335 GB) (Disk ID: B2AC8930)

Partition 1: (Active) - (Size=315 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)
 

==================== End Of Log ============================

--- --- ---