Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   getwindowinfo/ (https://www.trojaner-board.de/138993-getwindowinfo.html)

1100gs 29.07.2013 17:04
getwindowinfo/
 
Moin Gemeinde,
ich stelle mich kurz vor und komme dann direkt mit einem Problem.
Ich wohne in Bonn und lediglich ein User, was den PC angeht.
Seit, ich glaube vorgestern, öffnet sich nach dem booten direkt der IE und meldet,
dass er die Adresse ...getwindowinfo/ nicht öffnen kann.
Wie ich mir den Dreck eingefangen habe, kann ich nicht genau sagen.
Ich vermute aber, dass es beim Herunterladen von verschiedenen Konvertierungsprogrammen (Video) passiert ist.
Malwarebytes war und ist installiert und läuft permanent mit, hat aber nicht reagiert.
Ich habe eben einen Scan gemacht und direkt abgebrochen, als er was gefunden hat.
Logdatei ist erstellt.
Nach dem Neustart war das Prob damit aber nicht behoben.
Betriebssystem: WIN 7 Homeedition

Was kann ich machen?

schrauber 29.07.2013 17:57
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


1100gs 29.07.2013 18:30
Liste der Anhänge anzeigen (Anzahl: 1)
Bin aufs Laptop umgestiegen. Der PC ist inzwischen grottenlangsam.
Noch zur Info. Standartbrowser ist Firefox.
Inzwischen habe ich festgestellt, dass das wohl nicht das einige Prob ist.
Das hier bekomme ich nicht deinstalliert bzw. deaktiviert (s. Anhang)

FRST


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-07-2013
Ran by window 7 (administrator) on 29-07-2013 19:16:45
Running from C:\Users\window 7\Downloads
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Wsys Co., Ltd.) C:\ProgramData\eSafe\eGdpSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Samsung Electronics Co., Ltd.) E:\Samsung\Kies Air\Kies\KiesTrayAgent.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Nullsoft, Inc.) E:\Winamp\winampa.exe
(Samsung) E:\Samsung\Kies Air\Kies\Kies.exe
() E:\Samsung\Kies Air\Kies\External\FirmwareUpdate\KiesPDLR.exe
() E:\Greenshot\Greenshot\Greenshot.exe
(GoPro) C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\StCenter.exe
(Windows Net) C:\Users\window 7\AppData\Roaming\Windows Net Data\net.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Pandora.TV) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe
(Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
(Microsoft Corporation) C:\Windows\system32\schtasks.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Plus HD) C:\program files\plus-hd-2.4\plus-hd-2.4-bg.exe
() C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
() C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [947152 2013-01-27] (Microsoft Corporation)
HKLM\...\Run: [KiesTrayAgent] - E:\Samsung\Kies Air\Kies\KiesTrayAgent.exe [3524536 2012-08-31] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [WinampAgent] - E:\Winamp\winampa.exe [74752 2012-06-20] (Nullsoft, Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [TrayServer] - C:\Program Files\MAGIX\Video_deluxe_2007_2008\TrayServer.exe [90112 2007-03-29] (MAGIX AG)
HKLM\...\Runonce: [Del4276720] - cmd.exe /Q /D /c del "C:\Users\WINDOW~1\AppData\Local\Temp\0.del" [x]
HKLM\...\Runonce: [Del6242520] - cmd.exe /Q /D /c del "C:\Users\WINDOW~1\AppData\Local\Temp\0.del" [x]
HKCU\...\Run: [KiesPreload] - E:\Samsung\Kies Air\Kies\Kies.exe [964024 2012-08-31] (Samsung)
HKCU\...\Run: [KiesAirMessage] - E:\Samsung\Kies Air\Kies\KiesAirMessage.exe -startup [x]
HKCU\...\Run: [KiesPDLR] - E:\Samsung\Kies Air\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432 2012-08-31] ()
HKCU\...\Run: [Greenshot] - E:\Greenshot\Greenshot\Greenshot.exe [548864 2010-07-12] ()
HKCU\...\Runonce: [Del4276720] - cmd.exe /Q /D /c del "C:\Users\WINDOW~1\AppData\Local\Temp\0.del" [x]
HKCU\...\RunOnce: [Qtrax] - C:\Program Files\Microsoft Silverlight\sllauncher.exe 774405247.portal.qtrax.com [387224 2013-05-13] (Microsoft Corporation)
HKCU\...\Runonce: [Del6242520] - cmd.exe /Q /D /c del "C:\Users\WINDOW~1\AppData\Local\Temp\0.del" [x]
MountPoints2: G - G:\fscommand\LS_Start_Launch.cmd
MountPoints2: {0feb2b9f-03e0-11e2-98e3-0019990b8aa0} - G:\fscommand\LS_Start_Launch.cmd
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk
ShortcutTarget: CineForm Status.lnk -> C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk
ShortcutTarget: FRITZ!DSL Startcenter.lnk -> C:\Windows\Installer\{74A929E2-FBD8-4736-A84E-2ABBB2ABADF2}\Icon2457326B4.exe ()
Startup: C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\window 7\AppData\Roaming\Windows Net Data\net.exe (Windows Net)
Startup: C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=CA620019990B8AA0&affID=119357&tsp=4958
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST500DM002-1BD142_Z2AX3FW6XXXXZ2AX3FW6&ts=1374937809
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=CA620019990B8AA0&affID=119357&tsp=4958
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST500DM002-1BD142_Z2AX3FW6XXXXZ2AX3FW6&ts=1374937809
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST500DM002-1BD142_Z2AX3FW6XXXXZ2AX3FW6&ts=1374937809
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST500DM002-1BD142_Z2AX3FW6XXXXZ2AX3FW6&ts=1374937809
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=ST500DM002-1BD142_Z2AX3FW6XXXXZ2AX3FW6&ts=1374937810
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=ST500DM002-1BD142_Z2AX3FW6XXXXZ2AX3FW6&ts=1374937810
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CA620019990B8AA0&affID=119357&tsp=4958
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=ST500DM002-1BD142_Z2AX3FW6XXXXZ2AX3FW6&ts=1374937810
SearchScopes: HKCU - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Plus-HD-2.4 - {11111111-1111-1111-1111-110311341134} - C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-bho.dll (Plus HD)
BHO: LyricXeeker - {17E58097-6CA5-448B-830F-2A19678248FB} - C:\Program Files\LyriXeeker\125.dll (LyriXeeker Tech)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.22.0\bh\delta.dll (Delta-search.com)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.22.0\deltaTlbr.dll (Delta-search.com)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default
FF user.js: detected! => C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\user.js
FF NewTab: hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=CA620019990B8AA0&affID=119357&tsp=4958
FF SelectedSearchEngine: Delta Search
FF Homepage: hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=CA620019990B8AA0&affID=119357&tsp=4958
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - E:\PDF\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - E:\PDF\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - E:\PDF\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\qvo6.xml
FF Extension: Visualisateur 3D de 20-20 - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\2020Player_IKEA@2020Technologies.com
FF Extension: No Name - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\ad80235d-5e5a-4a1d-a891-51b66a3e70f8@8f877d80-6977-415f-ac14-b52043838c19.com
FF Extension: pricealarm - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
FF Extension: Delta Toolbar - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\ffxtlbr@delta.com
FF Extension: No Name - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\staged
FF Extension: No Name - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF Extension: Garmin Communicator - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
FF Extension: DownloadHelper - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: DealPly - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
FF Extension: jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi
FF Extension: No Name - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi
FF Extension: No Name - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}.xpi
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKCU\...\Firefox\Extensions: [lyrix@lyrixeeker.co] C:\Program Files\LyriXeeker\125.xpi
FF Extension: No Name - C:\Program Files\LyriXeeker\125.xpi
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST500DM002-1BD142_Z2AX3FW6XXXXZ2AX3FW6&ts=1374937809

Chrome:
=======
CHR Extension: (DealPly) - C:\Users\WINDOW~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0
CHR Extension: (Plus-HD-2.4) - C:\Users\WINDOW~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmbfiljpkaijkdifoaacbpallpfkkf\1.23.29_0
CHR Extension: (LyricsWoofer) - C:\Users\WINDOW~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnikkfemnfogahcandhlchoengjbeaij\1.125_0
CHR Extension: (AVG Security Toolbar) - C:\Users\WINDOW~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\15.3.0.11_0
CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\window 7\AppData\Roaming\BabSolution\CR\Delta.crx
CHR HKLM\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files\DealPly\DealPly.crx
CHR HKLM\...\Chrome\Extension: [odnofacmifkjndflfmmplhckcbfjckhj] - C:\Program Files\LyriXeeker\125.crx
CHR StartMenuInternet: Google Chrome - "C:\Program Files\Google\Chrome\Application\chrome.exe" hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST500DM002-1BD142_Z2AX3FW6XXXXZ2AX3FW6&ts=1374937809

========================== Services (Whitelisted) =================

R2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2827728 2013-05-23] ()
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [73528 2009-07-28] (AVM Berlin)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [295232 2013-01-27] (Microsoft Corporation)
R2 PanService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [625816 2012-06-22] (Pandora.TV)
S2 SystemStoreService; C:\Program Files\SoftwareUpdater\SystemStore.exe [296448 2013-07-26] ()
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG)
R2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [376896 2013-07-27] (Wsys Co., Ltd.)

==================== Drivers (Whitelisted) ====================

R2 ACEDRV09; C:\Windows\system32\drivers\ACEDRV09.sys [110304 2013-02-18] (Protect Software GmbH)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-29 18:52 - 2013-07-29 18:52 - 00000000 ____D C:\FRST
2013-07-29 18:45 - 2013-07-29 18:45 - 01221130 _____ (Farbar) C:\Users\window 7\Downloads\FRST.exe
2013-07-29 18:41 - 2013-07-29 18:41 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-07-29 18:41 - 2013-07-29 18:41 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Delta
2013-07-29 18:41 - 2013-07-29 18:41 - 00000000 ____D C:\Program Files\LyriXeeker
2013-07-29 18:41 - 2013-07-29 18:41 - 00000000 ____D C:\Program Files\Delta
2013-07-29 18:40 - 2013-07-29 18:40 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup(2).exe
2013-07-29 18:40 - 2013-07-29 18:40 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup(1).exe
2013-07-29 18:13 - 2013-07-29 18:13 - 00000000 ____D C:\Users\window 7\Qtrax
2013-07-29 18:08 - 2013-07-29 18:40 - 00001109 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-07-29 18:08 - 2013-07-29 18:40 - 00000304 _____ C:\Windows\Tasks\DigitalSite.job
2013-07-29 18:08 - 2013-07-29 18:08 - 00000370 _____ C:\Windows\Tasks\LyricXeeker Update.job
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Zip Opener Packages
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Users\window 7\AppData\Roaming\DigitalSite
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Program Files\OpenIt
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-29 18:06 - 2013-07-29 18:07 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup.exe
2013-07-28 18:38 - 2013-07-28 18:38 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\FreemakeVideoConverter
2013-07-28 18:37 - 2013-07-29 18:10 - 00000000 ____D C:\ProgramData\Freemake
2013-07-28 18:37 - 2013-07-28 18:38 - 00000000 ____D C:\Users\window 7\Documents\Freemake
2013-07-28 18:37 - 2013-07-28 18:37 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-28 18:36 - 2013-07-29 18:10 - 00000000 ____D C:\Program Files\Freemake
2013-07-28 18:34 - 2013-07-28 18:34 - 01271944 _____ (Ellora Assets Corporation                                  ) C:\Users\window 7\Downloads\FreemakeVideoConverterSetup.exe
2013-07-28 09:47 - 2013-07-28 09:48 - 00000000 ____D C:\Users\window 7\AppData\Roaming\FRITZ!
2013-07-28 09:47 - 2013-07-28 09:47 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\FRITZ!
2013-07-27 17:18 - 2013-07-27 17:18 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(2).zip
2013-07-27 17:18 - 2013-07-27 17:18 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(2)(1).zip
2013-07-27 17:14 - 2013-07-27 17:14 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(1).zip
2013-07-27 17:14 - 2013-07-27 17:14 - 00000000 ____D C:\Users\window 7\Downloads\MPEG_Streamclip_1.2
2013-07-27 17:10 - 2013-07-29 17:03 - 00000000 ____D C:\ProgramData\eSafe
2013-07-27 17:10 - 2013-07-27 17:10 - 00000000 ____D C:\Users\window 7\AppData\Roaming\eIntaller
2013-07-27 17:10 - 2013-07-27 17:09 - 00554844 _____ C:\Users\window 7\Downloads\mpeg-streamclip.zip
2013-07-27 16:47 - 2013-07-27 16:47 - 01336574 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.9.2(1).dmg
2013-07-27 16:46 - 2013-07-27 16:46 - 01336574 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.9.2.dmg
2013-07-26 18:41 - 2013-07-26 18:41 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2)(1)(1).zip
2013-07-26 18:39 - 2013-07-26 18:39 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2)(1).zip
2013-07-26 18:36 - 2013-07-26 18:37 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2).zip
2013-07-26 17:11 - 2013-07-29 17:11 - 00001282 _____ C:\Windows\Tasks\Plus-HD-2.4-updater.job
2013-07-26 17:11 - 2013-07-26 17:12 - 00000000 ____D C:\ProgramData\FreeDriverScout
2013-07-26 17:11 - 2013-07-26 17:11 - 00000000 ____D C:\Users\window 7\Documents\Freemium Driver Utilities
2013-07-26 17:10 - 2013-07-29 17:11 - 00001092 _____ C:\Windows\Tasks\Plus-HD-2.4-enabler.job
2013-07-26 17:10 - 2013-07-29 17:10 - 00001890 _____ C:\Windows\Tasks\Plus-HD-2.4-chromeinstaller.job
2013-07-26 17:10 - 2013-07-29 17:10 - 00001814 _____ C:\Windows\Tasks\Plus-HD-2.4-firefoxinstaller.job
2013-07-26 17:10 - 2013-07-29 17:10 - 00001194 _____ C:\Windows\Tasks\Plus-HD-2.4-codedownloader.job
2013-07-26 17:10 - 2013-07-27 09:49 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Windows Net Data
2013-07-26 17:10 - 2013-07-26 17:11 - 00000000 ____D C:\Program Files\Plus-HD-2.4
2013-07-26 17:09 - 2013-07-26 17:10 - 00000000 ____D C:\Program Files\SoftwareUpdater
2013-07-26 17:09 - 2013-07-26 17:09 - 00000211 _____ C:\Users\window 7\Desktop\Amazon.url
2013-07-26 17:08 - 2013-07-26 17:09 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\DownloadGuide
2013-07-26 17:08 - 2013-07-26 17:08 - 00444400 _____ C:\Users\window 7\Downloads\DLG_free-driver-scout_chip_de-DE.exe
2013-07-26 16:59 - 2013-07-26 16:59 - 01995672 _____ (Driver Whiz) C:\Users\window 7\Downloads\Driverwhiz.exe
2013-07-26 16:59 - 2013-07-26 16:59 - 00456240 _____ (Company) C:\Users\window 7\Downloads\setup.exe
2013-07-26 16:31 - 2013-07-26 16:32 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(1).zip
2013-07-26 16:31 - 2013-07-26 16:31 - 00001152 _____ C:\Users\window 7\Desktop\GoPro CineForm Studio.lnk
2013-07-26 15:12 - 2013-07-26 15:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2013-07-26 15:02 - 2013-07-26 15:03 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169.zip
2013-07-25 21:54 - 2013-07-25 21:54 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\GoPro
2013-07-25 16:01 - 2013-07-25 16:01 - 00000000 ____D C:\Users\window 7\AppData\Roaming\GoPro
2013-07-25 15:57 - 2013-07-25 16:00 - 00000000 ____D C:\Users\Public\CineForm
2013-07-25 15:57 - 2013-07-25 15:57 - 00000000 ____D C:\Program Files\CineForm
2013-07-25 15:56 - 2013-07-25 15:56 - 00000000 ____D C:\Program Files\GoPro
2013-07-25 15:53 - 2013-07-25 15:53 - 00000000 ____D C:\Users\window 7\AppData\Roaming\WinRAR
2013-07-25 15:53 - 2013-07-25 15:53 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-25 15:52 - 2013-07-29 18:41 - 00000000 ____D C:\Users\window 7\AppData\Roaming\BabSolution
2013-07-25 15:52 - 2013-07-25 15:52 - 00000000 ____D C:\Users\window 7\AppData\Roaming\2V2Z1C1P1H1P1Q1F2W1G1I1F1T1QtAtB
2013-07-25 15:52 - 2013-07-25 15:52 - 00000000 ____D C:\Program Files\WinRAR
2013-07-25 15:51 - 2013-07-25 15:51 - 01619916 _____ C:\Users\window 7\Downloads\wrar420d.exe
2013-07-25 15:51 - 2013-07-25 15:51 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Babylon
2013-07-25 15:51 - 2013-07-25 15:51 - 00000000 ____D C:\ProgramData\Babylon
2013-07-25 15:50 - 2013-07-25 15:51 - 01188056 _____ C:\Users\window 7\Downloads\winrar setup.exe
2013-07-25 15:49 - 2013-07-25 15:50 - 37873040 _____ C:\Users\window 7\Downloads\GoProCineForm.rar
2013-07-10 20:07 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 20:07 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-10 20:07 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-10 20:07 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-10 19:15 - 2013-07-10 19:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-10 18:51 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 18:51 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 18:51 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 18:50 - 2013-06-05 05:05 - 02347520 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
114

==================== One Month Modified Files and Folders =======

2013-07-29 19:11 - 2012-09-01 09:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-29 18:54 - 2013-07-29 18:54 - 00023671 _____ C:\Users\window 7\Downloads\Addition.txt
2013-07-29 18:52 - 2013-07-29 18:52 - 00000000 ____D C:\FRST
2013-07-29 18:45 - 2013-07-29 18:45 - 01221130 _____ (Farbar) C:\Users\window 7\Downloads\FRST.exe
2013-07-29 18:41 - 2013-07-29 18:41 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-07-29 18:41 - 2013-07-29 18:41 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Delta
2013-07-29 18:41 - 2013-07-29 18:41 - 00000000 ____D C:\Program Files\LyriXeeker
2013-07-29 18:41 - 2013-07-29 18:41 - 00000000 ____D C:\Program Files\Delta
2013-07-29 18:41 - 2013-07-25 15:52 - 00000000 ____D C:\Users\window 7\AppData\Roaming\BabSolution
2013-07-29 18:40 - 2013-07-29 18:40 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup(2).exe
2013-07-29 18:40 - 2013-07-29 18:40 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup(1).exe
2013-07-29 18:40 - 2013-07-29 18:08 - 00001109 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-07-29 18:40 - 2013-07-29 18:08 - 00000304 _____ C:\Windows\Tasks\DigitalSite.job
2013-07-29 18:21 - 2012-09-01 15:59 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-29 18:19 - 2006-06-01 00:30 - 01853343 _____ C:\Windows\WindowsUpdate.log
2013-07-29 18:13 - 2013-07-29 18:13 - 00000000 ____D C:\Users\window 7\Qtrax
2013-07-29 18:13 - 2012-08-29 14:52 - 00000000 ____D C:\Users\window 7
2013-07-29 18:10 - 2013-07-28 18:37 - 00000000 ____D C:\ProgramData\Freemake
2013-07-29 18:10 - 2013-07-28 18:36 - 00000000 ____D C:\Program Files\Freemake
2013-07-29 18:08 - 2013-07-29 18:08 - 00000370 _____ C:\Windows\Tasks\LyricXeeker Update.job
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Zip Opener Packages
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Users\window 7\AppData\Roaming\DigitalSite
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Program Files\OpenIt
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-29 18:07 - 2013-07-29 18:06 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup.exe
2013-07-29 17:11 - 2013-07-26 17:11 - 00001282 _____ C:\Windows\Tasks\Plus-HD-2.4-updater.job
2013-07-29 17:11 - 2013-07-26 17:10 - 00001092 _____ C:\Windows\Tasks\Plus-HD-2.4-enabler.job
2013-07-29 17:10 - 2013-07-26 17:10 - 00001890 _____ C:\Windows\Tasks\Plus-HD-2.4-chromeinstaller.job
2013-07-29 17:10 - 2013-07-26 17:10 - 00001814 _____ C:\Windows\Tasks\Plus-HD-2.4-firefoxinstaller.job
2013-07-29 17:10 - 2013-07-26 17:10 - 00001194 _____ C:\Windows\Tasks\Plus-HD-2.4-codedownloader.job
2013-07-29 17:06 - 2013-02-18 18:39 - 00000000 ____D C:\Users\Public\Documents\MAGIX_Video_deluxe_2007_2008
2013-07-29 17:06 - 2009-07-14 06:34 - 00026512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-29 17:06 - 2009-07-14 06:34 - 00026512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-29 17:03 - 2013-07-27 17:10 - 00000000 ____D C:\ProgramData\eSafe
2013-07-29 16:59 - 2012-09-02 19:26 - 00000438 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-07-29 16:57 - 2013-05-30 16:42 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2013-07-29 16:57 - 2012-09-06 17:13 - 00033042 _____ C:\Users\window 7\DesktopStCenter.txt
2013-07-29 16:57 - 2012-09-01 15:59 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-29 16:57 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-29 16:57 - 2009-07-14 06:39 - 00011629 _____ C:\Windows\setupact.log
2013-07-29 16:56 - 2010-11-21 02:38 - 00000000 ____D C:\Windows\DigitalLocker
2013-07-29 16:56 - 2010-11-20 23:48 - 00016594 _____ C:\Windows\PFRO.log
2013-07-29 16:48 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-07-29 16:47 - 2012-08-29 15:29 - 00000000 ____D C:\Users\window 7\AppData\Roaming\DesktopIconForAmazon
2013-07-29 16:40 - 2012-09-01 15:12 - 00000000 ____D C:\Program Files\AVG Secure Search
2013-07-29 16:31 - 2012-09-08 16:30 - 00000000 ____D C:\Program Files\DealPly
2013-07-28 18:50 - 2012-08-29 14:52 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\VirtualStore
2013-07-28 18:38 - 2013-07-28 18:38 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\FreemakeVideoConverter
2013-07-28 18:38 - 2013-07-28 18:37 - 00000000 ____D C:\Users\window 7\Documents\Freemake
2013-07-28 18:37 - 2013-07-28 18:37 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-28 18:37 - 2012-09-21 13:43 - 00000000 ____D C:\Users\window 7\AppData\Roaming\TuneUp Software
2013-07-28 18:37 - 2012-09-21 13:43 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-07-28 18:36 - 2012-09-21 13:42 - 00000000 ____D C:\Users\window 7\AppData\Roaming\OpenCandy
2013-07-28 18:34 - 2013-07-28 18:34 - 01271944 _____ (Ellora Assets Corporation                                  ) C:\Users\window 7\Downloads\FreemakeVideoConverterSetup.exe
2013-07-28 09:48 - 2013-07-28 09:47 - 00000000 ____D C:\Users\window 7\AppData\Roaming\FRITZ!
2013-07-28 09:47 - 2013-07-28 09:47 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\FRITZ!
2013-07-27 17:18 - 2013-07-27 17:18 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(2).zip
2013-07-27 17:18 - 2013-07-27 17:18 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(2)(1).zip
2013-07-27 17:14 - 2013-07-27 17:14 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(1).zip
2013-07-27 17:14 - 2013-07-27 17:14 - 00000000 ____D C:\Users\window 7\Downloads\MPEG_Streamclip_1.2
2013-07-27 17:10 - 2013-07-27 17:10 - 00000000 ____D C:\Users\window 7\AppData\Roaming\eIntaller
2013-07-27 17:10 - 2012-09-01 16:02 - 00002396 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-27 17:10 - 2012-08-29 16:21 - 00001322 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-27 17:10 - 2012-08-29 14:55 - 00001643 _____ C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-27 17:09 - 2013-07-27 17:10 - 00554844 _____ C:\Users\window 7\Downloads\mpeg-streamclip.zip
2013-07-27 16:47 - 2013-07-27 16:47 - 01336574 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.9.2(1).dmg
2013-07-27 16:46 - 2013-07-27 16:46 - 01336574 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.9.2.dmg
2013-07-27 14:23 - 2010-11-20 23:01 - 01659506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-27 09:49 - 2013-07-26 17:10 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Windows Net Data
2013-07-26 18:41 - 2013-07-26 18:41 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2)(1)(1).zip
2013-07-26 18:39 - 2013-07-26 18:39 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2)(1).zip
2013-07-26 18:37 - 2013-07-26 18:36 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2).zip
2013-07-26 17:12 - 2013-07-26 17:11 - 00000000 ____D C:\ProgramData\FreeDriverScout
2013-07-26 17:11 - 2013-07-26 17:11 - 00000000 ____D C:\Users\window 7\Documents\Freemium Driver Utilities
2013-07-26 17:11 - 2013-07-26 17:10 - 00000000 ____D C:\Program Files\Plus-HD-2.4
2013-07-26 17:10 - 2013-07-26 17:09 - 00000000 ____D C:\Program Files\SoftwareUpdater
2013-07-26 17:09 - 2013-07-26 17:09 - 00000211 _____ C:\Users\window 7\Desktop\Amazon.url
2013-07-26 17:09 - 2013-07-26 17:08 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\DownloadGuide
2013-07-26 17:08 - 2013-07-26 17:08 - 00444400 _____ C:\Users\window 7\Downloads\DLG_free-driver-scout_chip_de-DE.exe
2013-07-26 16:59 - 2013-07-26 16:59 - 01995672 _____ (Driver Whiz) C:\Users\window 7\Downloads\Driverwhiz.exe
2013-07-26 16:59 - 2013-07-26 16:59 - 00456240 _____ (Company) C:\Users\window 7\Downloads\setup.exe
2013-07-26 16:32 - 2013-07-26 16:31 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(1).zip
2013-07-26 16:31 - 2013-07-26 16:31 - 00001152 _____ C:\Users\window 7\Desktop\GoPro CineForm Studio.lnk
2013-07-26 16:30 - 2012-12-27 17:45 - 00014834 _____ C:\Windows\DPINST.LOG
2013-07-26 15:12 - 2013-07-26 15:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2013-07-26 15:03 - 2013-07-26 15:02 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169.zip
2013-07-25 21:54 - 2013-07-25 21:54 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\GoPro
2013-07-25 16:01 - 2013-07-25 16:01 - 00000000 ____D C:\Users\window 7\AppData\Roaming\GoPro
2013-07-25 16:00 - 2013-07-25 15:57 - 00000000 ____D C:\Users\Public\CineForm
2013-07-25 15:57 - 2013-07-25 15:57 - 00000000 ____D C:\Program Files\CineForm
2013-07-25 15:57 - 2012-09-01 16:53 - 00000000 ____D C:\Program Files\DIFX
2013-07-25 15:57 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2013-07-25 15:56 - 2013-07-25 15:56 - 00000000 ____D C:\Program Files\GoPro
2013-07-25 15:53 - 2013-07-25 15:53 - 00000000 ____D C:\Users\window 7\AppData\Roaming\WinRAR
2013-07-25 15:53 - 2013-07-25 15:53 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-25 15:52 - 2013-07-25 15:52 - 00000000 ____D C:\Users\window 7\AppData\Roaming\2V2Z1C1P1H1P1Q1F2W1G1I1F1T1QtAtB
2013-07-25 15:52 - 2013-07-25 15:52 - 00000000 ____D C:\Program Files\WinRAR
2013-07-25 15:51 - 2013-07-25 15:51 - 01619916 _____ C:\Users\window 7\Downloads\wrar420d.exe
2013-07-25 15:51 - 2013-07-25 15:51 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Babylon
2013-07-25 15:51 - 2013-07-25 15:51 - 00000000 ____D C:\ProgramData\Babylon
2013-07-25 15:51 - 2013-07-25 15:50 - 01188056 _____ C:\Users\window 7\Downloads\winrar setup.exe
2013-07-25 15:50 - 2013-07-25 15:49 - 37873040 _____ C:\Users\window 7\Downloads\GoProCineForm.rar
2013-07-25 15:42 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-24 17:56 - 2012-08-29 16:21 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-24 17:47 - 2009-07-14 06:33 - 00436992 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-24 17:46 - 2010-11-21 02:47 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-24 17:46 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-10 20:09 - 2012-09-03 11:35 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-10 20:05 - 2012-09-01 12:01 - 75699896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-10 19:16 - 2013-07-10 19:15 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-25 20:27

==================== End Of Log ============================
--- --- ---

--- --- ---


Addition

Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-07-2013
Ran by window 7 at 2013-07-29 19:17:39
Running from C:\Users\window 7\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

7-Zip 9.20
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Alpen-Overlay EUROPE
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
AVM FRITZ!DSL (Version: 2.04.03)
BrowserDefender
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Delta Chrome Toolbar
Delta toolbar  (Version: 1.8.22.0)
Firebird SQL Server - MAGIX Edition 2.0.0.1 (D) (Version: 2.0.0.1)
Fotogalerie (Version: 16.4.3503.0728)
Garmin City Navigator Europe NT 2008 (Version: 10.0.0.1)
Garmin City Navigator Europe NT 2013.20 Update (Version: 16.20.0.0)
Garmin City Navigator Europe NT 2013.30 Update (Version: 16.30.0.0)
Garmin City Navigator Europe NT 2013.41 Update (Version: 16.41.0.0)
Garmin Communicator Plugin (Version: 4.0.3)
Garmin MapSource (Version: 6.16.3)
Garmin USB Drivers (Version: 2.3.0.0)
GIMP 2.8.2 (Version: 2.8.2)
Google Chrome (Version: 28.0.1500.72)
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.153)
GoPro CineForm Studio 1.3.1 (Version: 1.3.1)
Greenshot
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.1930)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Junk Mail filter update (Version: 16.4.3503.0728)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0)
LyricXeeker
MAGIX Foto Manager 2007 4.1.1.75 (D) (Version: 4.1.1.75)
MAGIX Goya burnR 2.3.1.3 (D) (Version: 2.3.1.3)
MAGIX Music Manager 2007 8.1.1.108 (D) (Version: 8.1.1.108)
MAGIX Online Druck Service 2.3.2.0 (D) (Version: 2.3.2.0)
MAGIX Video deluxe 2007 2008 7.0.0.26 (D) (Version: 7.0.0.26)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SkyDrive (HKCU Version: 17.0.2011.0627)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft XML Parser (Version: 8.0.7820.0)
Movie Maker (Version: 16.4.3503.0728)
Mozilla Firefox 22.0 (x86 de) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyFreeCodec
Open It! (Version: 1.1.1)
Pandora Service
PDFCreator (Version: 1.5.0)
PDF-Viewer (Version: 2.5.205.0)
Photo Gallery (Version: 16.4.3503.0728)
Plus-HD-2.4 (Version: 1.27.153.10)
QuickTime (Version: 7.73.80.64)
Remote Control USB Driver (Version: 2.3.2.317)
Samsung Kies (Version: 2.3.2.12074_13)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.9.0)
The KMPlayer (remove only)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Zip Opener
Winamp (Version: 5.63 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (Version: 03/07/2012 )
Windows Live Communications Platform (Version: 16.4.3503.0728)
Windows Live Essentials (Version: 16.4.3503.0728)
Windows Live Family Safety (Version: 16.4.3503.0728)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3503.0728)
Windows Live Mail (Version: 16.4.3503.0728)
Windows Live Messenger (Version: 16.4.3503.0728)
Windows Live MIME IFilter (Version: 16.4.3503.0728)
Windows Live Photo Common (Version: 16.4.3503.0728)
Windows Live PIMT Platform (Version: 16.4.3503.0728)
Windows Live SOXE (Version: 16.4.3503.0728)
Windows Live SOXE Definitions (Version: 16.4.3503.0728)
Windows Live UX Platform (Version: 16.4.3503.0728)
Windows Live UX Platform Language Pack (Version: 16.4.3503.0728)
Windows Live Writer (Version: 16.4.3503.0728)
Windows Live Writer Resources (Version: 16.4.3503.0728)
Windows Utils
WinRAR 4.20 (32-Bit) (Version: 4.20.0)
WinRAR Packages
Wsys Control 1.0.0.2557 (Version: 1.0.0.2557)
Zip Opener Packages
Zip Opener Packages 36
 

==================== Restore Points  =========================

17-06-2013 07:58:30 Garmin Express
17-06-2013 18:04:40 Windows Update
30-06-2013 15:56:31 Windows Update
30-06-2013 16:04:12 Windows-Sicherung
30-06-2013 17:00:08 Windows-Sicherung
10-07-2013 16:23:38 Windows Update
10-07-2013 16:32:23 Windows-Sicherung
10-07-2013 18:02:00 Windows Update
24-07-2013 15:51:30 Windows Update
24-07-2013 16:07:56 Windows-Sicherung
25-07-2013 13:55:39 Microsoft Visual C++ 2005 Redistributable wird installiert
25-07-2013 13:57:02 Gerätetreiber-Paketinstallation: GoPro
26-07-2013 15:00:26 Installed Driver Whiz.
26-07-2013 15:09:23 Free Driver Scout
26-07-2013 18:08:44 Windows Update
28-07-2013 17:01:02 Windows-Sicherung
28-07-2013 17:59:50 TuneUp Utilities 2013 wird entfernt
28-07-2013 18:00:39 TuneUp Utilities Language Pack (de-DE) wird entfernt
29-07-2013 14:42:13 Preispilot wird entfernt
29-07-2013 16:09:03 Free Driver Scout

==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0120CC8B-5A9E-4628-9544-994D55FC9D5D} - System32\Tasks\Plus-HD-2.4-enabler => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-enabler.exe [2013-07-26] (Plus HD)
Task: {091BDFC1-ECA6-4189-BFF3-743639D5DE4B} - System32\Tasks\DigitalSite => C:\Users\WINDOW~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE [2013-04-12] ()
Task: {10F51391-CD11-4D97-A087-5956B1323578} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {12CC3495-E4ED-4991-9050-121A7DDDFCF9} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {147386C2-F349-4EB8-A2D6-4C24B2191E2C} - System32\Tasks\QtraxPlayer => C:\Program Files\Microsoft Silverlight\sllauncher.exe [2013-05-13] (Microsoft Corporation)
Task: {1C211332-0B4A-4256-888E-04A5A7CCF77E} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2009-07-14] (Microsoft Corporation)
Task: {2F9ADF7A-AC91-4F6B-91B2-098111767009} - System32\Tasks\Software Updater Ui => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-07-26] ()
Task: {34FCDD53-6492-487E-AE6B-748DC58A58D2} - System32\Tasks\DealPlyUpdate => C:\Program Files\DealPly\DealPlyUpdate.exe [2012-07-23] (DealPly)
Task: {35A68587-C38F-412C-806F-7FFE09F14757} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {3B9C0DC2-8833-4E09-A1D1-E2A3DA3CD9E1} - System32\Tasks\LyricXeeker Update => C:\Program Files\LyriXeeker\LyriXupdate.exe [2013-07-27] (LyriXeeker Tech)
Task: {42AF82C4-1CF7-4B02-9834-4657E71DA5AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-01] (Google Inc.)
Task: {4B2248E4-306C-4D53-B182-B15F4D0DB8F7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-17] (Adobe Systems Incorporated)
Task: {50068265-2FC8-4734-93DC-DAFD621A0365} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5BA83F89-B357-444E-A9F4-CAD79D2904C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-01] (Google Inc.)
Task: {6CA566BF-CFCE-40CF-AE4A-9C6E234E4731} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {70BB4770-FBFC-42E2-AAE2-C6A37C1C14D4} - System32\Tasks\EPUpdater => C:\Users\WINDOW~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] ()
Task: {785FAF3D-1197-4944-AB0C-364287973C69} - System32\Tasks\Plus-HD-2.4-codedownloader => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-codedownloader.exe [2013-07-26] (Plus HD)
Task: {810CA79C-4DE9-4C6A-8AE0-1F6613D418BE} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-07-26] ()
Task: {88FEE2A9-D98C-441F-BAFA-50F84B4C5167} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe No File
Task: {94929BA7-F939-4968-BE22-B0675066D20C} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{393424E0-C987-4E1E-B9A7-49DF3165F093}.exe No File
Task: {9D90E51B-992B-4FDF-8800-404ECFBB0B6A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-01-27] (Microsoft Corporation)
Task: {A103C951-F7DA-4579-AD31-79B32A09D230} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {BC3695F1-DC5F-48B1-BA01-A0013F2E04C0} - System32\Tasks\Plus-HD-2.4-updater => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-updater.exe [2013-07-26] (Plus HD)
Task: {E4C7ADED-445A-4D7D-9C33-95C8DEAA867D} - System32\Tasks\User_Feed_Synchronization-{846F7D41-A1CA-4284-9A04-9A8B08F0D732} => C:\Windows\system32\msfeedssync.exe [2013-05-28] (Microsoft Corporation)
Task: {EA443B7A-ADF3-46B7-8D5F-3AD0F69F9E4B} - System32\Tasks\Plus-HD-2.4-firefoxinstaller => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-firefoxinstaller.exe [2013-07-26] (Plus HD)
Task: {FD82EDD5-8FC0-4809-AE01-B9F91155C293} - System32\Tasks\Plus-HD-2.4-chromeinstaller => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-chromeinstaller.exe [2013-07-26] (Plus HD)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{393424E0-C987-4E1E-B9A7-49DF3165F093}.exe
Task: C:\Windows\Tasks\DigitalSite.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LyricXeeker Update.job => C:\Program Files\LyriXeeker\LyriXupdate.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-chromeinstaller.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-chromeinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-codedownloader.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-codedownloader.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-enabler.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-enabler.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-firefoxinstaller.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-firefoxinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-updater.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-updater.exe

==================== Faulty Device Manager Devices =============

Name: Paralleler PCI-Anschluss
Description: Paralleler PCI-Anschluss
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/29/2013 04:58:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/29/2013 04:43:10 PM) (Source: Microsoft-Windows-RestartManager) (User: WINDOW7PC)
Description: Die Anwendung oder der Dienst "Internet Explorer" konnte nicht heruntergefahren werden.

Error: (07/29/2013 04:04:24 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PandoraService.exe, Version: 1.0.2.5, Zeitstempel: 0x4fe3ca70
Name des fehlerhaften Moduls: libupnp.dll, Version: 0.0.0.0, Zeitstempel: 0x4f69a2b4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000081dc
ID des fehlerhaften Prozesses: 0xca0
Startzeit der fehlerhaften Anwendung: 0xPandoraService.exe0
Pfad der fehlerhaften Anwendung: PandoraService.exe1
Pfad des fehlerhaften Moduls: PandoraService.exe2
Berichtskennung: PandoraService.exe3

Error: (07/29/2013 03:03:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/29/2013 05:57:37 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/28/2013 06:41:57 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 22.0.0.4917, Zeitstempel: 0x51c06b1b
Name des fehlerhaften Moduls: xul.dll, Version: 22.0.0.4917, Zeitstempel: 0x51c06a5b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00173668
ID des fehlerhaften Prozesses: 0x55c
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (07/28/2013 05:01:05 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: UPDATE~1.EXE, Version: 0.0.0.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0xfbc
Startzeit der fehlerhaften Anwendung: 0xUPDATE~1.EXE0
Pfad der fehlerhaften Anwendung: UPDATE~1.EXE1
Pfad des fehlerhaften Moduls: UPDATE~1.EXE2
Berichtskennung: UPDATE~1.EXE3

Error: (07/28/2013 11:09:20 AM) (Source: Application Hang) (User: )
Description: Programm MPEG_Streamclip.exe, Version 1.2.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 14b0

Startzeit: 01ce8b66f70032aa

Endzeit: 51

Anwendungspfad: E:\Video\MPEG Streamclip\MPEG_Streamclip.exe

Berichts-ID: 5ba9fb2e-f765-11e2-92e6-0019990b8aa0

Error: (07/28/2013 09:45:43 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/27/2013 05:01:12 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: UPDATE~1.EXE, Version: 0.0.0.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1578
Startzeit der fehlerhaften Anwendung: 0xUPDATE~1.EXE0
Pfad der fehlerhaften Anwendung: UPDATE~1.EXE1
Pfad des fehlerhaften Moduls: UPDATE~1.EXE2
Berichtskennung: UPDATE~1.EXE3


System errors:
=============
Error: (07/29/2013 07:17:00 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (07/29/2013 07:17:00 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (07/29/2013 07:16:59 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (07/29/2013 07:16:59 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (07/29/2013 04:59:25 PM) (Source: ipnathlp) (User: )
Description: 192.168.178.27192.168.137.0255.255.255.0

Error: (07/29/2013 04:59:25 PM) (Source: ipnathlp) (User: )
Description:

Error: (07/29/2013 04:58:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Wsys Service" wurde nicht richtig gestartet.

Error: (07/29/2013 04:04:40 PM) (Source: Service Control Manager) (User: )
Description: Dienst "PandoraService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/29/2013 03:53:38 PM) (Source: ipnathlp) (User: )
Description: 192.168.178.27192.168.137.0255.255.255.0

Error: (07/29/2013 03:09:57 PM) (Source: ipnathlp) (User: )
Description: 0


Microsoft Office Sessions:
=========================
Error: (07/29/2013 04:58:46 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/29/2013 04:43:10 PM) (Source: Microsoft-Windows-RestartManager)(User: WINDOW7PC)
Description: 1C:\Program Files\Internet Explorer\iexplore.exeInternet Explorer0111711400

Error: (07/29/2013 04:04:24 PM) (Source: Application Error)(User: )
Description: PandoraService.exe1.0.2.54fe3ca70libupnp.dll0.0.0.04f69a2b4c0000005000081dcca001ce8c5c0bc2e930C:\Program Files\PANDORA.TV\PanService\PandoraService.exeC:\Program Files\PANDORA.TV\PanService\libupnp.dllc53e74ae-f857-11e2-92ce-0019990b8aa0

Error: (07/29/2013 03:03:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/29/2013 05:57:37 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/28/2013 06:41:57 PM) (Source: Application Error)(User: )
Description: firefox.exe22.0.0.491751c06b1bxul.dll22.0.0.491751c06a5bc00000050017366855c01ce8bb11cd1ef2dC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\xul.dll9d6deadd-f7a4-11e2-92e6-0019990b8aa0

Error: (07/28/2013 05:01:05 PM) (Source: Application Error)(User: )
Description: UPDATE~1.EXE0.0.0.02a425e19unknown0.0.0.000000000c000000500000000fbc01ce8ba3458790a9C:\Users\WINDOW~1\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXEunknown861fbd54-f796-11e2-92e6-0019990b8aa0

Error: (07/28/2013 11:09:20 AM) (Source: Application Hang)(User: )
Description: MPEG_Streamclip.exe1.2.0.014b001ce8b66f70032aa51E:\Video\MPEG Streamclip\MPEG_Streamclip.exe5ba9fb2e-f765-11e2-92e6-0019990b8aa0

Error: (07/28/2013 09:45:43 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/27/2013 05:01:12 PM) (Source: Application Error)(User: )
Description: UPDATE~1.EXE0.0.0.02a425e19unknown0.0.0.000000000c000000500000000157801ce8ada1cbc7c26C:\Users\WINDOW~1\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXEunknown6027a988-f6cd-11e2-98f8-0019990b8aa0


==================== Memory info ===========================

Percentage of memory in use: 66%
Total physical RAM: 2037.98 MB
Available physical RAM: 679.36 MB
Total Pagefile: 4075.97 MB
Available Pagefile: 2368.87 MB
Total Virtual: 2047.88 MB
Available Virtual: 1897.1 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:233.88 GB) (Free:182.42 GB) NTFS
Drive e: (Volume) (Fixed) (Total:231.78 GB) (Free:98.22 GB) NTFS
Drive f: (CRUZER) (Removable) (Total:7.5 GB) (Free:3.82 GB) FAT32
Drive g: (DATA) (Fixed) (Total:465.65 GB) (Free:100.55 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 07D76439)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=234 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: C56B40C4)
Partition 1: (Not Active) - (Size=466 GB) - (Type=0C)

========================================================
Disk: 2 (Size: 8 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=8 GB) - (Type=0B)

==================== End Of Log ============================

schrauber 29.07.2013 20:03
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

1100gs 29.07.2013 20:56
Code:
ComboFix 13-07-27.01 - window 7 29.07.2013  21:32:04.1.2 - x86
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.2038.862 [GMT 2:00]
ausgeführt von:: C:\Users\window 7\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files\DealPly
C:\Program Files\DealPly\DealPly.crx
C:\Program Files\DealPly\DealPly.xpi
C:\Program Files\DealPly\DealPlyTune.dll
C:\Program Files\DealPly\DealPlyUpdate.exe
C:\Program Files\DealPly\DealPlyUpdate.log
C:\Program Files\DealPly\DealPlyUpdateRun.exe
C:\Program Files\DealPly\icon.ico
C:\Program Files\DealPly\uninst.exe
C:\Program Files\LyriXeeker\125.dll
C:\Users\window 7\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Recent\mxfilerelatedcache.mxc2
C:\Users\window 7\Favorites\mxfilerelatedcache.mxc2
C:\Users\WINDOW~1\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
C:\Windows\Installer\{74A929E2-FBD8-4736-A84E-2ABBB2ABADF2}\Icon2457326B4.exe
C:\Windows\system32\drivers\etc\hosts.ics
C:\Windows\system32\muzapp.exe


(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_BrowserDefendert
-------\Service_WsysSvc


(((((((((((((((((((((((  Dateien erstellt von 2013-06-28 bis 2013-07-29  ))))))))))))))))))))))))))))))


2013-07-29 19:47:28 . 2013-07-29 19:50:27        --------        d-----w-        C:\Users\window 7\AppData\Local\temp
2013-07-29 16:52:54 . 2013-07-29 16:52:54        --------        d-----w-        C:\FRST
2013-07-29 16:41:17 . 2013-07-29 16:41:17        --------        d-----w-        C:\Program Files\Delta
2013-07-29 16:41:11 . 2013-07-29 16:41:11        --------        d-----w-        C:\Users\window 7\AppData\Roaming\Delta
2013-07-29 16:41:01 . 2013-07-29 19:46:44        --------        d-----w-        C:\Program Files\LyriXeeker
2013-07-29 16:13:19 . 2013-07-29 16:13:19        --------        d-----w-        C:\Users\window 7\Qtrax
2013-07-29 16:08:48 . 2013-07-29 16:08:48        --------        d-----w-        C:\Users\window 7\AppData\Roaming\Zip Opener Packages
2013-07-29 16:08:37 . 2013-07-29 16:08:38        --------        d-----w-        C:\Program Files\Microsoft Silverlight
2013-07-29 16:08:28 . 2013-07-29 16:08:28        --------        d-----w-        C:\ProgramData\BrowserDefender
2013-07-29 16:08:08 . 2013-07-29 16:08:08        --------        d-----w-        C:\Program Files\OpenIt
2013-07-29 16:08:02 . 2013-07-29 16:08:02        --------        d-----w-        C:\Users\window 7\AppData\Roaming\DigitalSite
2013-07-28 16:38:19 . 2013-07-28 16:38:19        --------        d-----w-        C:\Users\window 7\AppData\Local\FreemakeVideoConverter
2013-07-28 16:37:33 . 2013-07-28 16:37:33        --------        d-sh--w-        C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-28 16:37:00 . 2013-07-29 16:10:46        --------        d-----w-        C:\ProgramData\Freemake
2013-07-28 16:36:37 . 2013-07-29 16:10:38        --------        d-----w-        C:\Program Files\Freemake
2013-07-28 07:47:24 . 2013-07-28 07:48:34        --------        d-----w-        C:\Users\window 7\AppData\Roaming\FRITZ!
2013-07-28 07:47:24 . 2013-07-28 07:47:24        --------        d-----w-        C:\Users\window 7\AppData\Local\FRITZ!
2013-07-27 15:10:18 . 2013-07-29 15:03:13        --------        d-----w-        C:\ProgramData\eSafe
2013-07-27 15:10:05 . 2013-07-27 15:10:05        --------        d-----w-        C:\Users\window 7\AppData\Roaming\eIntaller
2013-07-26 15:11:12 . 2013-07-26 15:12:11        --------        d-----w-        C:\ProgramData\FreeDriverScout
2013-07-26 15:10:25 . 2013-07-26 15:11:05        --------        d-----w-        C:\Program Files\Plus-HD-2.4
2013-07-26 15:10:14 . 2013-07-27 07:49:05        --------        d-----w-        C:\Users\window 7\AppData\Roaming\Windows Net Data
2013-07-26 15:09:55 . 2013-07-26 15:10:23        --------        d-----w-        C:\Program Files\SoftwareUpdater
2013-07-26 15:08:44 . 2013-07-26 15:09:01        --------        d-----w-        C:\Users\window 7\AppData\Local\DownloadGuide
2013-07-25 19:54:41 . 2013-07-25 19:54:41        --------        d-----w-        C:\Users\window 7\AppData\Local\GoPro
2013-07-25 14:01:34 . 2013-07-25 14:01:34        --------        d-----w-        C:\Users\window 7\AppData\Roaming\GoPro
2013-07-25 13:57:25 . 2013-07-25 13:57:25        --------        d-----w-        C:\Program Files\CineForm
2013-07-25 13:57:22 . 2013-07-25 14:00:47        --------        d-----w-        C:\Users\Public\CineForm
2013-07-25 13:56:34 . 2013-07-25 13:56:34        --------        d-----w-        C:\Program Files\GoPro
2013-07-25 13:52:42 . 2013-07-25 13:52:42        --------        d-----w-        C:\Users\window 7\AppData\Roaming\2V2Z1C1P1H1P1Q1F2W1G1I1F1T1QtAtB
2013-07-25 13:52:21 . 2013-07-29 16:41:13        --------        d-----w-        C:\Users\window 7\AppData\Roaming\BabSolution
2013-07-25 13:51:55 . 2013-07-25 13:51:55        --------        d-----w-        C:\ProgramData\Babylon
2013-07-25 13:51:54 . 2013-07-25 13:51:54        --------        d-----w-        C:\Users\window 7\AppData\Roaming\Babylon
2013-07-10 16:51:04 . 2013-04-09 23:34:01        1247744        ----a-w-        C:\Windows\system32\DWrite.dll
2013-07-10 16:51:02 . 2013-05-06 04:56:35        1620480        ----a-w-        C:\Windows\system32\WMVDECOD.DLL
2013-07-10 16:51:01 . 2013-06-04 04:53:07        509440        ----a-w-        C:\Windows\system32\qedit.dll
2013-07-10 16:50:58 . 2013-06-05 03:05:09        2347520        ----a-w-        C:\Windows\system32\win32k.sys
2013-07-10 16:50:53 . 2013-04-10 05:03:14        936448        ----a-w-        C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 16:50:53 . 2013-04-10 05:03:13        988672        ----a-w-        C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-10 16:50:52 . 2013-04-10 05:04:58        1221632        ----a-w-        C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-10 16:50:52 . 2013-04-10 05:03:13        969216        ----a-w-        C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-10 16:48:19 . 2013-05-27 04:57:27        680960        ----a-w-        C:\Program Files\Windows Defender\MpSvc.dll
2013-07-10 16:48:18 . 2013-05-27 04:57:25        392704        ----a-w-        C:\Program Files\Windows Defender\MpClient.dll
2013-07-10 16:48:17 . 2013-05-27 04:57:25        224768        ----a-w-        C:\Program Files\Windows Defender\MpCommu.dll
.


((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))

2013-06-17 08:11:25 . 2012-09-01 07:41:48        71048        ----a-w-        C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-06-17 08:11:25 . 2012-09-01 07:41:48        692104        ----a-w-        C:\Windows\system32\FlashPlayerApp.exe
2013-05-28 19:20:59 . 2013-05-28 19:20:59        745472        ----a-w-        C:\Windows\system32\MsSpellCheckingFacility.exe
2013-05-28 19:20:59 . 2013-05-28 19:20:59        185344        ----a-w-        C:\Windows\system32\elshyph.dll
2013-05-28 19:20:58 . 2013-05-28 19:20:58        523264        ----a-w-        C:\Windows\system32\vbscript.dll
2013-05-28 19:20:58 . 2013-05-28 19:20:58        158720        ----a-w-        C:\Windows\system32\msls31.dll
2013-05-28 19:20:58 . 2013-05-28 19:20:58        150528        ----a-w-        C:\Windows\system32\iexpress.exe
2013-05-28 19:20:58 . 2013-05-28 19:20:58        138752        ----a-w-        C:\Windows\system32\wextract.exe
2013-05-28 19:20:57 . 2013-05-28 19:20:57        73728        ----a-w-        C:\Windows\system32\SetIEInstalledDate.exe
2013-05-28 19:20:57 . 2013-05-28 19:20:57        48640        ----a-w-        C:\Windows\system32\mshtmler.dll
2013-05-28 19:20:57 . 2013-05-28 19:20:57        38400        ----a-w-        C:\Windows\system32\imgutil.dll
2013-05-28 19:20:57 . 2013-05-28 19:20:57        137216        ----a-w-        C:\Windows\system32\ieUnatt.exe
2013-05-28 19:20:57 . 2013-05-28 19:20:57        12800        ----a-w-        C:\Windows\system32\mshta.exe
2013-05-28 19:20:57 . 2013-05-28 19:20:57        110592        ----a-w-        C:\Windows\system32\IEAdvpack.dll
2013-05-28 19:20:56 . 2013-05-28 19:20:56        719360        ----a-w-        C:\Windows\system32\mshtmlmedia.dll
2013-05-28 19:20:56 . 2013-05-28 19:20:56        61952        ----a-w-        C:\Windows\system32\tdc.ocx
2013-05-28 19:20:56 . 2013-05-28 19:20:56        361984        ----a-w-        C:\Windows\system32\html.iec
2013-05-28 19:20:56 . 2013-05-28 19:20:56        23040        ----a-w-        C:\Windows\system32\licmgr10.dll
2013-05-28 19:20:56 . 2013-05-28 19:20:56        1441280        ----a-w-        C:\Windows\system32\inetcpl.cpl
2013-05-28 19:19:35 . 2013-05-28 19:19:35        9728        ---ha-w-        C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-28 19:19:35 . 2013-05-28 19:19:35        5632        ---ha-w-        C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-28 19:19:35 . 2013-05-28 19:19:35        5632        ---ha-w-        C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-28 19:19:35 . 2013-05-28 19:19:35        4096        ---ha-w-        C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-28 19:19:35 . 2013-05-28 19:19:35        3072        ---ha-w-        C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-28 19:19:35 . 2013-05-28 19:19:35        3072        ---ha-w-        C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-28 19:19:35 . 2013-05-28 19:19:34        2560        ---ha-w-        C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-28 19:19:34 . 2013-05-28 19:19:34        906240        ----a-w-        C:\Windows\system32\FntCache.dll
2013-05-28 19:19:34 . 2013-05-28 19:19:34        604160        ----a-w-        C:\Windows\system32\d3d10level9.dll
2013-05-28 19:19:34 . 2013-05-28 19:19:34        417792        ----a-w-        C:\Windows\system32\WMPhoto.dll
2013-05-28 19:19:34 . 2013-05-28 19:19:34        364544        ----a-w-        C:\Windows\system32\XpsGdiConverter.dll
2013-05-28 19:19:34 . 2013-05-28 19:19:34        3584        ---ha-w-        C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-28 19:19:34 . 2013-05-28 19:19:34        3419136        ----a-w-        C:\Windows\system32\d2d1.dll
2013-05-28 19:19:34 . 2013-05-28 19:19:34        293376        ----a-w-        C:\Windows\system32\dxgi.dll
2013-05-28 19:19:34 . 2013-05-28 19:19:34        249856        ----a-w-        C:\Windows\system32\d3d10_1core.dll
2013-05-28 19:19:34 . 2013-05-28 19:19:34        2284544        ----a-w-        C:\Windows\system32\msmpeg2vdec.dll
2013-05-28 19:19:34 . 2013-05-28 19:19:34        220160        ----a-w-        C:\Windows\system32\d3d10core.dll
2013-05-28 19:19:34 . 2013-05-28 19:19:34        207872        ----a-w-        C:\Windows\system32\WindowsCodecsExt.dll
2013-05-28 19:19:34 . 2013-05-28 19:19:34        1988096        ----a-w-        C:\Windows\system32\d3d10warp.dll
2013-05-28 19:19:34 . 2013-05-28 19:19:34        187392        ----a-w-        C:\Windows\system32\UIAnimation.dll
2013-05-28 19:19:34 . 2013-05-28 19:19:34        161792        ----a-w-        C:\Windows\system32\d3d10_1.dll
2013-05-28 19:19:34 . 2013-05-28 19:19:34        1158144        ----a-w-        C:\Windows\system32\XpsPrint.dll
2013-05-28 19:19:34 . 2013-05-28 19:19:34        1080832        ----a-w-        C:\Windows\system32\d3d10.dll
2013-05-28 19:19:34 . 2013-05-28 19:19:34        10752        ---ha-w-        C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-15 14:10:10 . 2012-07-17 12:37:10        22240        ----a-w-        C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-13 04:45:55 . 2013-06-17 06:37:28        140288        ----a-w-        C:\Windows\system32\cryptsvc.dll
2013-05-13 04:45:55 . 2013-06-17 06:37:28        1160192        ----a-w-        C:\Windows\system32\crypt32.dll
2013-05-13 04:45:55 . 2013-06-17 06:37:28        103936        ----a-w-        C:\Windows\system32\cryptnet.dll
2013-05-13 03:08:10 . 2013-06-17 06:37:29        903168        ----a-w-        C:\Windows\system32\certutil.exe
2013-05-13 03:08:06 . 2013-06-17 06:37:27        43008        ----a-w-        C:\Windows\system32\certenc.dll
2013-05-10 03:20:54 . 2013-06-17 06:37:44        24576        ----a-w-        C:\Windows\system32\cryptdlg.dll
2013-05-08 05:38:00 . 2013-06-17 06:37:15        1293672        ----a-w-        C:\Windows\system32\drivers\tcpip.sys
2013-05-06 05:06:47 . 2013-06-17 06:37:17        3968872        ----a-w-        C:\Windows\system32\ntkrnlpa.exe
2013-05-06 05:06:47 . 2013-06-17 06:37:17        3913576        ----a-w-        C:\Windows\system32\ntoskrnl.exe
2013-05-02 15:28:50 . 2012-08-29 13:48:52        238872        ------w-        C:\Windows\system32\MpSigStub.exe


((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))


*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{11111111-1111-1111-1111-110311341134}]
2013-07-26 15:10:57        752488        ----a-w-        C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-bho.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-07-26 16:38:32        222832        ----a-w-        C:\Users\window 7\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-07-26 16:38:32        222832        ----a-w-        C:\Users\window 7\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-07-26 16:38:32        222832        ----a-w-        C:\Users\window 7\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"="E:\Samsung\Kies Air\Kies\Kies.exe" [2012-08-31 00:52:12 964024]
"KiesPDLR"="E:\Samsung\Kies Air\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-08-31 00:52:22 21432]
"Greenshot"="E:\Greenshot\Greenshot\Greenshot.exe" [2010-07-12 05:52:50 548864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2009-09-23 17:30:48 141848]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2009-09-23 17:30:48 173592]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2009-09-23 17:30:48 150552]
"KiesTrayAgent"="E:\Samsung\Kies Air\Kies\KiesTrayAgent.exe" [2012-08-31 00:52:14 3524536]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 07:04:54 252848]
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 20:56:08 59280]
"WinampAgent"="E:\Winamp\winampa.exe" [2012-06-20 16:13:12 74752]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2012-10-25 02:12:14 421888]
"TrayServer"="C:\Program Files\MAGIX\Video_deluxe_2007_2008\TrayServer.exe" [2007-03-29 11:05:40 90112]

C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
net.lnk - C:\Users\window 7\AppData\Roaming\Windows Net Data\net.exe [2013-7-26 709120]
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-1-8 228448]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
CineForm Status.lnk - C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe [2012-10-13 152064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

R2 SystemStoreService;System Store;C:\Program Files\SoftwareUpdater\SystemStore.exe  -displayname System Store -servicename SystemStoreService [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 14:18:52 1527900]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys [2011-06-02 05:47:22 121064]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 05:47:22 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 05:47:22 136808]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 21:29:24 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 21:29:03 27264]
R3 UPnPService;UPnPService;C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 16:00:00 544768]
S2 ACEDRV09;ACEDRV09;C:\Windows\system32\drivers\ACEDRV09.sys [2013-02-18 16:56:07 110304]
S2 IGDCTRL;AVM IGD CTRL Service;C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [2009-07-28 14:07:42 73528]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 12:50:32 418376]
S2 MBAMService;MBAMService;C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 12:50:32 701512]
S2 PanService;PandoraService;C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 08:32:12 625816]
S3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys [2013-04-04 12:50:32 22856]


--- Andere Dienste/Treiber im Speicher ---

*NewlyCreated* - WS2IFSL

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-25 14:22:35        1173456        ----a-w-        C:\Program Files\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe

Inhalt des "geplante Tasks" Ordners

2013-07-29 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-01 07:41:49 . 2013-06-17 08:11:26]

2013-07-29 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-01 13:59:30 . 2012-09-01 13:59:27]

2013-07-29 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-01 13:59:30 . 2012-09-01 13:59:27]

2013-07-29 C:\Windows\Tasks\LyricXeeker Update.job
- C:\Program Files\LyriXeeker\LyriXupdate.exe [2013-07-27 21:28:56 . 2013-07-27 21:28:56]

2013-07-29 C:\Windows\Tasks\Plus-HD-2.4-chromeinstaller.job
- C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-chromeinstaller.exe [2013-07-26 15:10:27 . 2013-07-26 15:10:27]

2013-07-29 C:\Windows\Tasks\Plus-HD-2.4-codedownloader.job
- C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-codedownloader.exe [2013-07-26 15:10:38 . 2013-07-26 15:10:37]

2013-07-29 C:\Windows\Tasks\Plus-HD-2.4-enabler.job
- C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-enabler.exe [2013-07-26 15:10:59 . 2013-07-26 15:10:59]

2013-07-29 C:\Windows\Tasks\Plus-HD-2.4-firefoxinstaller.job
- C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-firefoxinstaller.exe [2013-07-26 15:10:32 . 2013-07-26 15:10:32]

2013-07-29 C:\Windows\Tasks\Plus-HD-2.4-updater.job
- C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-updater.exe [2013-07-26 15:11:04 . 2013-07-26 15:11:04]


------- Zusätzlicher Suchlauf -------

uStart Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=CA620019990B8AA0&affID=119357&tsp=4958
mStart Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST500DM002-1BD142_Z2AX3FW6XXXXZ2AX3FW6&ts=1374937809
IE: An OneNote s&enden - C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{EBC36BCD-7B72-40F7-BC5E-6DC8DB95DA95}: DhcpNameServer = 192.168.178.1
FF - ProfilePath - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\
FF - prefs.js: browser.search.selectedEngine - Delta Search
FF - prefs.js: browser.startup.homepage - hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=CA620019990B8AA0&affID=119357&tsp=4958
FF - ExtSQL: 2013-07-29 18:08; lyrix@lyrixeeker.co; C:\Program Files\LyriXeeker\125.xpi
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - ca625b1d0000000000000019990b8aa0
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15915
FF - user.js: extensions.delta.vrsn - 1.8.22.0
FF - user.js: extensions.delta.vrsni - 1.8.22.0
FF - user.js: extensions.delta.vrsnTs - 1.8.22.018:41:19
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - de
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119357&tsp=4958
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false

- - - - Entfernte verwaiste Registrierungseinträge - - - -

HKCU-Run-KiesAirMessage - E:\Samsung\Kies Air\Kies\KiesAirMessage.exe
HKU-Default-Run-FRITZ!protect - FwebProt.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk - C:\Windows\Installer\{74A929E2-FBD8-4736-A84E-2ABBB2ABADF2}\Icon2457326B4.exe
AddRemove-{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} - C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe
AddRemove-01_Simmental - E:\Samsung\Kies Air\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - E:\Samsung\Kies Air\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - E:\Samsung\Kies Air\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - E:\Samsung\Kies Air\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - E:\Samsung\Kies Air\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - E:\Samsung\Kies Air\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - E:\Samsung\Kies Air\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - E:\Samsung\Kies Air\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - E:\Samsung\Kies Air\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - E:\Samsung\Kies Air\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - E:\Samsung\Kies Air\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - E:\Samsung\Kies Air\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - E:\Samsung\Kies Air\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - E:\Samsung\Kies Air\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - E:\Samsung\Kies Air\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - E:\Samsung\Kies Air\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - E:\Samsung\Kies Air\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - E:\Samsung\Kies Air\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - E:\Samsung\Kies Air\USB Drivers\25_escape\Uninstall.exe

schrauber 30.07.2013 07:12
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

1100gs 30.07.2013 16:29
Sodele, hier die Scans (den Verantwortlichen für diesen Mist sollen die Finger abfallen)

Malwarebytes
Code:
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.07.29.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16635
window 7 :: WINDOW7PC [Administrator]

Schutz: Aktiviert

30.07.2013 15:57:47
MBAM-log-2013-07-30 (17-00-36).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 368022
Laufzeit: 54 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\lyrix@lyrixeeker.co (PUP.Optional.AddLyrics) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WsysControl (PUP.Optional.Elex) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 7
C:\Users\window 7\AppData\Roaming\eIntaller\C28054D04AF744548A564DF98A9AB09A\eGdpSvc.exe (PUP.Optional.Elex) -> Keine Aktion durchgeführt.
C:\Users\window 7\Downloads\Portable_Movie_Maker_by_devrexster.zip (Malware.Packer.Gen) -> Keine Aktion durchgeführt.
C:\Users\window 7\Downloads\setup.exe (Adware.Linkular) -> Keine Aktion durchgeführt.
C:\Program Files\LyriXeeker\Uninstall.exe (PUP.Optional.AddLyrics) -> Keine Aktion durchgeführt.
C:\ProgramData\eSafe\eGdpSvc.exe (PUP.Optional.Elex) -> Keine Aktion durchgeführt.
E:\MovieMaker\Movie Maker\WMM2EXT.dll (Malware.Packer.Gen) -> Keine Aktion durchgeführt.
E:\MovieMaker\Movie Maker\WMM2FILT.dll (Malware.Packer.Gen) -> Keine Aktion durchgeführt.

(Ende)
Sieben Dateien gefunden. Nach dem Löschen:

Code:
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.07.29.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16635
window 7 :: WINDOW7PC [Administrator]

Schutz: Aktiviert

30.07.2013 15:57:47
mbam-log-2013-07-30 (15-57-47).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 368022
Laufzeit: 54 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\lyrix@lyrixeeker.co (PUP.Optional.AddLyrics) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WsysControl (PUP.Optional.Elex) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 7
C:\Users\window 7\AppData\Roaming\eIntaller\C28054D04AF744548A564DF98A9AB09A\eGdpSvc.exe (PUP.Optional.Elex) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\window 7\Downloads\Portable_Movie_Maker_by_devrexster.zip (Malware.Packer.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\window 7\Downloads\setup.exe (Adware.Linkular) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\LyriXeeker\Uninstall.exe (PUP.Optional.AddLyrics) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\eSafe\eGdpSvc.exe (PUP.Optional.Elex) -> Erfolgreich gelöscht und in Quarantäne gestellt.
E:\MovieMaker\Movie Maker\WMM2EXT.dll (Malware.Packer.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
E:\MovieMaker\Movie Maker\WMM2FILT.dll (Malware.Packer.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
ADW Cleaner
Code:
# AdwCleaner v2.306 - Datei am 30/07/2013 um 17:06:51 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : window 7 - WINDOW7PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\window 7\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : SystemStoreService

***** [Dateien / Ordner] *****

Datei Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Datei Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Datei Desinfiziert : C:\Users\Public\Desktop\Google Chrome.lnk
Datei Desinfiziert : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Datei Desinfiziert : C:\Users\window 7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Datei Desinfiziert : C:\Users\window 7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Datei Desinfiziert : C:\Users\window 7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Datei Desinfiziert : C:\Users\window 7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Datei Desinfiziert : C:\Users\window 7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Datei Desinfiziert : C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Datei Desinfiziert : C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Datei Gelöscht : C:\Program Files\Mozilla FireFox\searchplugins\qvo6.xml
Datei Gelöscht : C:\Users\window 7\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\window 7\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi
Datei Gelöscht : C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\searchplugins\Babylon.xml
Ordner Gelöscht : C:\Program Files\AVG Secure Search
Ordner Gelöscht : C:\Program Files\delta
Ordner Gelöscht : C:\Program Files\SoftwareUpdater
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BrowserDefender
Ordner Gelöscht : C:\ProgramData\eSafe
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Ordner Gelöscht : C:\Users\window 7\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\window 7\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Ordner Gelöscht : C:\Users\window 7\AppData\LocalLow\delta
Ordner Gelöscht : C:\Users\window 7\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\window 7\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\window 7\AppData\Roaming\DealPly
Ordner Gelöscht : C:\Users\window 7\AppData\Roaming\delta
Ordner Gelöscht : C:\Users\window 7\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\window 7\AppData\Roaming\eIntaller
Ordner Gelöscht : C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Ordner Gelöscht : C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\extensions\staged
Ordner Gelöscht : C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\jetpack
Ordner Gelöscht : C:\Users\window 7\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\window 7\AppData\Roaming\pdfforge

***** [Registrierungsdatenbank] *****

Daten Gelöscht : HKLM\...\StartMenuInternet\FIREFOX.EXE [(Default)] = C:\Program Files\Mozilla Firefox\firefox.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST500DM002-1BD142_Z2AX3FW6XXXXZ2AX3FW6&ts=1374937809
Daten Gelöscht : HKLM\...\StartMenuInternet\Google Chrome [(Default)] = "C:\Program Files\Google\Chrome\Application\chrome.exe" hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST500DM002-1BD142_Z2AX3FW6XXXXZ2AX3FW6&ts=1374937809
Schlüssel Gelöscht : HKCU\Software\857d8dbb16eed15
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\LyricsWoofer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Plus-HD-2.4
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\DealPly
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\delta LTD
Schlüssel Gelöscht : HKCU\Software\FoxyDeal
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311341134}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311341134}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\PIP
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\857d8dbb16eed15
Schlüssel Gelöscht : HKLM\Software\BabylonToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311341134}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322342234}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033434.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033434.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033434.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033434.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355345534}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366346634}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344344434}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\Software\DealPly
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\eSafeSecControl
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftwareUpdater_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftwareUpdater_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341134}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311341134}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-2.4
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\Software\Plus-HD-2.4
Schlüssel Gelöscht : HKLM\Software\qvo6Software
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16635

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=CA620019990B8AA0&affID=119357&tsp=4958 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST500DM002-1BD142_Z2AX3FW6XXXXZ2AX3FW6&ts=1374937809 --> hxxp://www.google.com

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\prefs.js

C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\user.js ... Gelöscht !

Gelöscht : user_pref("browser.search.selectedEngine", "Delta Search");
Gelöscht : user_pref("browser.startup.homepage", "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=CA620019990[...]
Gelöscht : user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.3343[...]
Gelöscht : user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.3343[...]
Gelöscht : user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.3343[...]
Gelöscht : user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.3343[...]
Gelöscht : user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.3343[...]
Gelöscht : user_pref("extensions.delta.admin", false);
Gelöscht : user_pref("extensions.delta.aflt", "babsst");
Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Gelöscht : user_pref("extensions.delta.bbDpng", "29");
Gelöscht : user_pref("extensions.delta.cntry", "DE");
Gelöscht : user_pref("extensions.delta.dfltLng", "de");
Gelöscht : user_pref("extensions.delta.excTlbr", false);
Gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Gelöscht : user_pref("extensions.delta.hdrMd5", "");
Gelöscht : user_pref("extensions.delta.id", "ca625b1d0000000000000019990b8aa0");
Gelöscht : user_pref("extensions.delta.instlDay", "15915");
Gelöscht : user_pref("extensions.delta.instlRef", "sst");
Gelöscht : user_pref("extensions.delta.lastVrsnTs", "");
Gelöscht : user_pref("extensions.delta.newTab", false);
Gelöscht : user_pref("extensions.delta.prdct", "delta");
Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Gelöscht : user_pref("extensions.delta.rvrt", "false");
Gelöscht : user_pref("extensions.delta.sg", "er");
Gelöscht : user_pref("extensions.delta.smplGrp", "none");
Gelöscht : user_pref("extensions.delta.tlbrId", "base");
Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.delta.vrsn", "1.8.22.0");
Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.22.018:41:19");
Gelöscht : user_pref("extensions.delta.vrsni", "1.8.22.0");
Gelöscht : user_pref("extensions.delta_i.babExt", "");
Gelöscht : user_pref("extensions.delta_i.babTrack", "affID=119357&tsp=4958");
Gelöscht : user_pref("extensions.delta_i.srcExt", "ss");

-\\ Google Chrome v28.0.1500.72

Datei : C:\Users\window 7\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [15716 octets] - [30/07/2013 17:06:51]

########## EOF - C:\AdwCleaner[S1].txt - [15777 octets] ##########
Junkware
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.8 (07.29.2013:2)
OS: Windows 7 Home Premium x86
Ran by window 7 on 30.07.2013 at 17:11:07,24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\lyrixeeker"



~~~ FireFox

Successfully deleted: [File] C:\Users\window 7\AppData\Roaming\mozilla\firefox\profiles\h9oe5yax.default\invalidprefs.js
Successfully deleted: [File] "C:\Users\window 7\AppData\Roaming\mozilla\firefox\profiles\h9oe5yax.default\extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi"
Successfully deleted the following from C:\Users\window 7\AppData\Roaming\mozilla\firefox\profiles\h9oe5yax.default\prefs.js

user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.backgroundjs", "\n\n/****************************************************
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.js", "\n\n  /************************************************************
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_120.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_123.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_138.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_14.name", "CrossriderUtils");
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],regi
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){va
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.res
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_78.name", "CrossriderInfo");
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jqu
user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"unde
user_pref("extensions.crossrider.bic", "1401b88d5a3240aba546689402772ba3");
user_pref("extensions.jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.install-event-fired", true);
Emptied folder: C:\Users\window 7\AppData\Roaming\mozilla\firefox\profiles\h9oe5yax.default\minidumps [40 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\window 7\appdata\local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.07.2013 at 17:13:55,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Txt

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-07-2013
Ran by window 7 (administrator) on 30-07-2013 17:18:07
Running from C:\Users\window 7\Downloads
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Pandora.TV) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Samsung Electronics Co., Ltd.) E:\Samsung\Kies Air\Kies\KiesTrayAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Nullsoft, Inc.) E:\Winamp\winampa.exe
(Samsung) E:\Samsung\Kies Air\Kies\Kies.exe
() E:\Samsung\Kies Air\Kies\External\FirmwareUpdate\KiesPDLR.exe
() E:\Greenshot\Greenshot\Greenshot.exe
(GoPro) C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe
(Windows Net) C:\Users\window 7\AppData\Roaming\Windows Net Data\net.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [KiesTrayAgent] - E:\Samsung\Kies Air\Kies\KiesTrayAgent.exe [3524536 2012-08-31] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [WinampAgent] - E:\Winamp\winampa.exe [74752 2012-06-20] (Nullsoft, Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [TrayServer] - C:\Program Files\MAGIX\Video_deluxe_2007_2008\TrayServer.exe [90112 2007-03-29] (MAGIX AG)
HKCU\...\Run: [KiesPreload] - E:\Samsung\Kies Air\Kies\Kies.exe [964024 2012-08-31] (Samsung)
HKCU\...\Run: [KiesPDLR] - E:\Samsung\Kies Air\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432 2012-08-31] ()
HKCU\...\Run: [Greenshot] - E:\Greenshot\Greenshot\Greenshot.exe [548864 2010-07-12] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk
ShortcutTarget: CineForm Status.lnk -> C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro)
Startup: C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\window 7\AppData\Roaming\Windows Net Data\net.exe (Windows Net)
Startup: C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - E:\PDF\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - E:\PDF\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - E:\PDF\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Extension: Visualisateur 3D de 20-20 - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\2020Player_IKEA@2020Technologies.com
FF Extension: No Name - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\ad80235d-5e5a-4a1d-a891-51b66a3e70f8@8f877d80-6977-415f-ac14-b52043838c19.com
FF Extension: No Name - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF Extension: Garmin Communicator - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
FF Extension: DownloadHelper - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: No Name - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}.xpi
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKCU\...\Firefox\Extensions: [lyrix@lyrixeeker.co] C:\Program Files\LyriXeeker\125.xpi
FF StartMenuInternet: FIREFOX.EXE - "C:\Program Files\Mozilla Firefox\firefox.exe"

Chrome:
=======
CHR Extension: (Plus-HD-2.4) - C:\Users\WINDOW~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmbfiljpkaijkdifoaacbpallpfkkf\1.23.29_0
CHR Extension: (LyricXeeker) - C:\Users\WINDOW~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\odnofacmifkjndflfmmplhckcbfjckhj\1.125_0
CHR HKLM\...\Chrome\Extension: [odnofacmifkjndflfmmplhckcbfjckhj] - C:\Program Files\LyriXeeker\125.crx

========================== Services (Whitelisted) =================

S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [73528 2009-07-28] (AVM Berlin)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PanService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [625816 2012-06-22] (Pandora.TV)
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG)

==================== Drivers (Whitelisted) ====================

R2 ACEDRV09; C:\Windows\system32\drivers\ACEDRV09.sys [110304 2013-02-18] (Protect Software GmbH)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 catchme; \??\C:\Users\WINDOW~1\AppData\Local\Temp\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-30 17:11 - 2013-07-30 17:11 - 00000000 ____D C:\Windows\ERUNT
2013-07-30 17:10 - 2013-07-30 17:10 - 00562042 _____ (Oleg N. Scherbakov) C:\Users\window 7\Downloads\JRT.exe
2013-07-30 17:09 - 2013-07-30 17:09 - 00000436 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-07-30 17:06 - 2013-07-30 17:07 - 00015847 _____ C:\AdwCleaner[S1].txt
2013-07-30 17:05 - 2013-07-30 17:06 - 00666633 _____ C:\Users\window 7\Downloads\adwcleaner.exe
2013-07-30 03:03 - 2013-07-30 03:03 - 00000000 ____D C:\Windows\system32\MRT
2013-07-29 21:55 - 2013-07-29 21:55 - 00025092 _____ C:\ComboFix.txt
2013-07-29 21:30 - 2013-07-29 21:55 - 00000000 ____D C:\ComboFix
2013-07-29 21:30 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-29 21:30 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-29 21:30 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-29 21:30 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-29 21:30 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-29 21:30 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-29 21:30 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-29 21:30 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-29 21:09 - 2013-07-29 21:55 - 00000000 ____D C:\Qoobox
2013-07-29 21:09 - 2013-07-29 21:53 - 00000000 ____D C:\Windows\erdnt
2013-07-29 19:44 - 2013-07-29 19:44 - 05095176 ____R (Swearware) C:\Users\window 7\Desktop\ComboFix.exe
2013-07-29 19:42 - 2013-07-29 19:42 - 00000873 _____ C:\Users\window 7\Desktop\software - Verknüpfung.lnk
2013-07-29 19:40 - 2013-07-29 19:40 - 00000053 _____ C:\Users\window 7\AppData\Roaming\WB.CFG
2013-07-29 19:40 - 2013-07-29 19:40 - 00000005 _____ C:\Users\window 7\AppData\Roaming\WBPU-TTL.DAT
2013-07-29 18:54 - 2013-07-29 19:17 - 00023949 _____ C:\Users\window 7\Downloads\Addition.txt
2013-07-29 18:52 - 2013-07-29 18:52 - 00000000 ____D C:\FRST
2013-07-29 18:45 - 2013-07-29 18:45 - 01221130 _____ (Farbar) C:\Users\window 7\Downloads\FRST.exe
2013-07-29 18:40 - 2013-07-29 18:40 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup(2).exe
2013-07-29 18:40 - 2013-07-29 18:40 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup(1).exe
2013-07-29 18:13 - 2013-07-29 18:13 - 00000000 ____D C:\Users\window 7\Qtrax
2013-07-29 18:08 - 2013-07-30 17:08 - 00000370 _____ C:\Windows\Tasks\LyricXeeker Update.job
2013-07-29 18:08 - 2013-07-29 18:40 - 00001109 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Zip Opener Packages
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Users\window 7\AppData\Roaming\DigitalSite
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Program Files\OpenIt
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-29 18:06 - 2013-07-29 18:07 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup.exe
2013-07-28 18:38 - 2013-07-28 18:38 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\FreemakeVideoConverter
2013-07-28 18:37 - 2013-07-29 18:10 - 00000000 ____D C:\ProgramData\Freemake
2013-07-28 18:37 - 2013-07-28 18:38 - 00000000 ____D C:\Users\window 7\Documents\Freemake
2013-07-28 18:37 - 2013-07-28 18:37 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-28 18:36 - 2013-07-29 18:10 - 00000000 ____D C:\Program Files\Freemake
2013-07-28 18:34 - 2013-07-28 18:34 - 01271944 _____ (Ellora Assets Corporation                                  ) C:\Users\window 7\Downloads\FreemakeVideoConverterSetup.exe
2013-07-28 09:47 - 2013-07-28 09:48 - 00000000 ____D C:\Users\window 7\AppData\Roaming\FRITZ!
2013-07-28 09:47 - 2013-07-28 09:47 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\FRITZ!
2013-07-27 17:18 - 2013-07-27 17:18 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(2).zip
2013-07-27 17:18 - 2013-07-27 17:18 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(2)(1).zip
2013-07-27 17:14 - 2013-07-27 17:14 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(1).zip
2013-07-27 17:14 - 2013-07-27 17:14 - 00000000 ____D C:\Users\window 7\Downloads\MPEG_Streamclip_1.2
2013-07-27 17:10 - 2013-07-27 17:09 - 00554844 _____ C:\Users\window 7\Downloads\mpeg-streamclip.zip
2013-07-27 16:47 - 2013-07-27 16:47 - 01336574 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.9.2(1).dmg
2013-07-27 16:46 - 2013-07-27 16:46 - 01336574 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.9.2.dmg
2013-07-26 18:41 - 2013-07-26 18:41 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2)(1)(1).zip
2013-07-26 18:39 - 2013-07-26 18:39 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2)(1).zip
2013-07-26 18:36 - 2013-07-26 18:37 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2).zip
2013-07-26 17:11 - 2013-07-30 17:11 - 00001282 _____ C:\Windows\Tasks\Plus-HD-2.4-updater.job
2013-07-26 17:11 - 2013-07-26 17:12 - 00000000 ____D C:\ProgramData\FreeDriverScout
2013-07-26 17:11 - 2013-07-26 17:11 - 00000000 ____D C:\Users\window 7\Documents\Freemium Driver Utilities
2013-07-26 17:10 - 2013-07-30 17:11 - 00001814 _____ C:\Windows\Tasks\Plus-HD-2.4-firefoxinstaller.job
2013-07-26 17:10 - 2013-07-30 17:11 - 00001092 _____ C:\Windows\Tasks\Plus-HD-2.4-enabler.job
2013-07-26 17:10 - 2013-07-30 17:10 - 00001890 _____ C:\Windows\Tasks\Plus-HD-2.4-chromeinstaller.job
2013-07-26 17:10 - 2013-07-30 17:10 - 00001194 _____ C:\Windows\Tasks\Plus-HD-2.4-codedownloader.job
2013-07-26 17:10 - 2013-07-27 09:49 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Windows Net Data
2013-07-26 17:10 - 2013-07-26 17:11 - 00000000 ____D C:\Program Files\Plus-HD-2.4
2013-07-26 17:09 - 2013-07-26 17:09 - 00000211 _____ C:\Users\window 7\Desktop\Amazon.url
2013-07-26 17:08 - 2013-07-26 17:08 - 00444400 _____ C:\Users\window 7\Downloads\DLG_free-driver-scout_chip_de-DE.exe
2013-07-26 16:59 - 2013-07-26 16:59 - 01995672 _____ (Driver Whiz) C:\Users\window 7\Downloads\Driverwhiz.exe
2013-07-26 16:31 - 2013-07-26 16:32 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(1).zip
2013-07-26 16:31 - 2013-07-26 16:31 - 00001152 _____ C:\Users\window 7\Desktop\GoPro CineForm Studio.lnk
2013-07-26 15:12 - 2013-07-26 15:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2013-07-26 15:02 - 2013-07-26 15:03 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169.zip
2013-07-25 21:54 - 2013-07-25 21:54 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\GoPro
2013-07-25 16:01 - 2013-07-25 16:01 - 00000000 ____D C:\Users\window 7\AppData\Roaming\GoPro
2013-07-25 15:57 - 2013-07-25 16:00 - 00000000 ____D C:\Users\Public\CineForm
2013-07-25 15:57 - 2013-07-25 15:57 - 00000000 ____D C:\Program Files\CineForm
2013-07-25 15:56 - 2013-07-25 15:56 - 00000000 ____D C:\Program Files\GoPro
2013-07-25 15:53 - 2013-07-25 15:53 - 00000000 ____D C:\Users\window 7\AppData\Roaming\WinRAR
2013-07-25 15:53 - 2013-07-25 15:53 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-25 15:52 - 2013-07-25 15:52 - 00000000 ____D C:\Users\window 7\AppData\Roaming\2V2Z1C1P1H1P1Q1F2W1G1I1F1T1QtAtB
2013-07-25 15:52 - 2013-07-25 15:52 - 00000000 ____D C:\Program Files\WinRAR
2013-07-25 15:51 - 2013-07-25 15:51 - 01619916 _____ C:\Users\window 7\Downloads\wrar420d.exe
2013-07-25 15:50 - 2013-07-25 15:51 - 01188056 _____ C:\Users\window 7\Downloads\winrar setup.exe
2013-07-25 15:49 - 2013-07-25 15:50 - 37873040 _____ C:\Users\window 7\Downloads\GoProCineForm.rar
2013-07-10 20:07 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 20:07 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-10 20:07 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-10 20:07 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-10 19:15 - 2013-07-10 19:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-10 18:51 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 18:51 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 18:51 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 18:50 - 2013-06-05 05:05 - 02347520 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
145

==================== One Month Modified Files and Folders =======

2013-07-30 17:16 - 2009-07-14 06:34 - 00026512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-30 17:16 - 2009-07-14 06:34 - 00026512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-30 17:13 - 2013-07-30 17:13 - 00004645 _____ C:\Users\window 7\Desktop\JRT.txt
2013-07-30 17:11 - 2013-07-30 17:11 - 00000000 ____D C:\Windows\ERUNT
2013-07-30 17:11 - 2013-07-26 17:11 - 00001282 _____ C:\Windows\Tasks\Plus-HD-2.4-updater.job
2013-07-30 17:11 - 2013-07-26 17:10 - 00001814 _____ C:\Windows\Tasks\Plus-HD-2.4-firefoxinstaller.job
2013-07-30 17:11 - 2013-07-26 17:10 - 00001092 _____ C:\Windows\Tasks\Plus-HD-2.4-enabler.job
2013-07-30 17:11 - 2012-09-01 09:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-30 17:10 - 2013-07-30 17:10 - 00562042 _____ (Oleg N. Scherbakov) C:\Users\window 7\Downloads\JRT.exe
2013-07-30 17:10 - 2013-07-26 17:10 - 00001890 _____ C:\Windows\Tasks\Plus-HD-2.4-chromeinstaller.job
2013-07-30 17:10 - 2013-07-26 17:10 - 00001194 _____ C:\Windows\Tasks\Plus-HD-2.4-codedownloader.job
2013-07-30 17:09 - 2013-07-30 17:09 - 00000436 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-07-30 17:08 - 2013-07-29 18:08 - 00000370 _____ C:\Windows\Tasks\LyricXeeker Update.job
2013-07-30 17:08 - 2012-09-01 15:59 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-30 17:08 - 2010-11-20 23:48 - 00028946 _____ C:\Windows\PFRO.log
2013-07-30 17:08 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-30 17:08 - 2009-07-14 06:39 - 00011741 _____ C:\Windows\setupact.log
2013-07-30 17:07 - 2013-07-30 17:06 - 00015847 _____ C:\AdwCleaner[S1].txt
2013-07-30 17:07 - 2012-09-01 16:02 - 00001285 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-30 17:07 - 2012-08-29 16:21 - 00001048 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-30 17:07 - 2012-08-29 14:55 - 00001195 _____ C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-30 17:07 - 2006-06-01 00:30 - 01192926 _____ C:\Windows\WindowsUpdate.log
2013-07-30 17:06 - 2013-07-30 17:05 - 00666633 _____ C:\Users\window 7\Downloads\adwcleaner.exe
2013-07-30 17:01 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Vss
2013-07-30 16:21 - 2012-09-01 15:59 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-30 03:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-30 03:05 - 2013-07-30 03:03 - 00000000 ____D C:\Windows\system32\MRT
2013-07-30 03:03 - 2010-11-20 23:01 - 01636464 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-29 21:55 - 2013-07-29 21:55 - 00025092 _____ C:\ComboFix.txt
2013-07-29 21:55 - 2013-07-29 21:30 - 00000000 ____D C:\ComboFix
2013-07-29 21:55 - 2013-07-29 21:09 - 00000000 ____D C:\Qoobox
2013-07-29 21:55 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default
2013-07-29 21:55 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2013-07-29 21:53 - 2013-07-29 21:09 - 00000000 ____D C:\Windows\erdnt
2013-07-29 21:50 - 2012-09-06 17:13 - 00033437 _____ C:\Users\window 7\DesktopStCenter.txt
2013-07-29 21:49 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini
2013-07-29 21:48 - 2009-07-14 04:03 - 47710208 _____ C:\Windows\system32\config\software.bak
2013-07-29 21:48 - 2009-07-14 04:03 - 12845056 _____ C:\Windows\system32\config\system.bak
2013-07-29 21:48 - 2009-07-14 04:03 - 00524288 _____ C:\Windows\system32\config\default.bak
2013-07-29 21:48 - 2009-07-14 04:03 - 00262144 _____ C:\Windows\system32\config\security.bak
2013-07-29 21:48 - 2009-07-14 04:03 - 00262144 _____ C:\Windows\system32\config\sam.bak
2013-07-29 21:30 - 2012-08-29 15:47 - 00001912 _____ C:\Windows\epplauncher.mif
2013-07-29 19:44 - 2013-07-29 19:44 - 05095176 ____R (Swearware) C:\Users\window 7\Desktop\ComboFix.exe
2013-07-29 19:42 - 2013-07-29 19:42 - 00000873 _____ C:\Users\window 7\Desktop\software - Verknüpfung.lnk
2013-07-29 19:40 - 2013-07-29 19:40 - 00000053 _____ C:\Users\window 7\AppData\Roaming\WB.CFG
2013-07-29 19:40 - 2013-07-29 19:40 - 00000005 _____ C:\Users\window 7\AppData\Roaming\WBPU-TTL.DAT
2013-07-29 19:17 - 2013-07-29 18:54 - 00023949 _____ C:\Users\window 7\Downloads\Addition.txt
2013-07-29 18:52 - 2013-07-29 18:52 - 00000000 ____D C:\FRST
2013-07-29 18:45 - 2013-07-29 18:45 - 01221130 _____ (Farbar) C:\Users\window 7\Downloads\FRST.exe
2013-07-29 18:40 - 2013-07-29 18:40 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup(2).exe
2013-07-29 18:40 - 2013-07-29 18:40 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup(1).exe
2013-07-29 18:40 - 2013-07-29 18:08 - 00001109 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-07-29 18:13 - 2013-07-29 18:13 - 00000000 ____D C:\Users\window 7\Qtrax
2013-07-29 18:13 - 2012-08-29 14:52 - 00000000 ____D C:\Users\window 7
2013-07-29 18:10 - 2013-07-28 18:37 - 00000000 ____D C:\ProgramData\Freemake
2013-07-29 18:10 - 2013-07-28 18:36 - 00000000 ____D C:\Program Files\Freemake
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Zip Opener Packages
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Users\window 7\AppData\Roaming\DigitalSite
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Program Files\OpenIt
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-29 18:07 - 2013-07-29 18:06 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup.exe
2013-07-29 17:06 - 2013-02-18 18:39 - 00000000 ____D C:\Users\Public\Documents\MAGIX_Video_deluxe_2007_2008
2013-07-29 16:56 - 2010-11-21 02:38 - 00000000 ____D C:\Windows\DigitalLocker
2013-07-29 16:48 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-07-28 18:50 - 2012-08-29 14:52 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\VirtualStore
2013-07-28 18:38 - 2013-07-28 18:38 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\FreemakeVideoConverter
2013-07-28 18:38 - 2013-07-28 18:37 - 00000000 ____D C:\Users\window 7\Documents\Freemake
2013-07-28 18:37 - 2013-07-28 18:37 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-28 18:37 - 2012-09-21 13:43 - 00000000 ____D C:\Users\window 7\AppData\Roaming\TuneUp Software
2013-07-28 18:37 - 2012-09-21 13:43 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-07-28 18:34 - 2013-07-28 18:34 - 01271944 _____ (Ellora Assets Corporation                                  ) C:\Users\window 7\Downloads\FreemakeVideoConverterSetup.exe
2013-07-28 09:48 - 2013-07-28 09:47 - 00000000 ____D C:\Users\window 7\AppData\Roaming\FRITZ!
2013-07-28 09:47 - 2013-07-28 09:47 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\FRITZ!
2013-07-27 17:18 - 2013-07-27 17:18 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(2).zip
2013-07-27 17:18 - 2013-07-27 17:18 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(2)(1).zip
2013-07-27 17:14 - 2013-07-27 17:14 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(1).zip
2013-07-27 17:14 - 2013-07-27 17:14 - 00000000 ____D C:\Users\window 7\Downloads\MPEG_Streamclip_1.2
2013-07-27 17:09 - 2013-07-27 17:10 - 00554844 _____ C:\Users\window 7\Downloads\mpeg-streamclip.zip
2013-07-27 16:47 - 2013-07-27 16:47 - 01336574 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.9.2(1).dmg
2013-07-27 16:46 - 2013-07-27 16:46 - 01336574 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.9.2.dmg
2013-07-27 09:49 - 2013-07-26 17:10 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Windows Net Data
2013-07-26 18:41 - 2013-07-26 18:41 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2)(1)(1).zip
2013-07-26 18:39 - 2013-07-26 18:39 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2)(1).zip
2013-07-26 18:37 - 2013-07-26 18:36 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2).zip
2013-07-26 17:12 - 2013-07-26 17:11 - 00000000 ____D C:\ProgramData\FreeDriverScout
2013-07-26 17:11 - 2013-07-26 17:11 - 00000000 ____D C:\Users\window 7\Documents\Freemium Driver Utilities
2013-07-26 17:11 - 2013-07-26 17:10 - 00000000 ____D C:\Program Files\Plus-HD-2.4
2013-07-26 17:09 - 2013-07-26 17:09 - 00000211 _____ C:\Users\window 7\Desktop\Amazon.url
2013-07-26 17:08 - 2013-07-26 17:08 - 00444400 _____ C:\Users\window 7\Downloads\DLG_free-driver-scout_chip_de-DE.exe
2013-07-26 16:59 - 2013-07-26 16:59 - 01995672 _____ (Driver Whiz) C:\Users\window 7\Downloads\Driverwhiz.exe
2013-07-26 16:32 - 2013-07-26 16:31 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(1).zip
2013-07-26 16:31 - 2013-07-26 16:31 - 00001152 _____ C:\Users\window 7\Desktop\GoPro CineForm Studio.lnk
2013-07-26 16:30 - 2012-12-27 17:45 - 00014834 _____ C:\Windows\DPINST.LOG
2013-07-26 15:12 - 2013-07-26 15:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2013-07-26 15:03 - 2013-07-26 15:02 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169.zip
2013-07-25 21:54 - 2013-07-25 21:54 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\GoPro
2013-07-25 16:01 - 2013-07-25 16:01 - 00000000 ____D C:\Users\window 7\AppData\Roaming\GoPro
2013-07-25 16:00 - 2013-07-25 15:57 - 00000000 ____D C:\Users\Public\CineForm
2013-07-25 15:57 - 2013-07-25 15:57 - 00000000 ____D C:\Program Files\CineForm
2013-07-25 15:57 - 2012-09-01 16:53 - 00000000 ____D C:\Program Files\DIFX
2013-07-25 15:56 - 2013-07-25 15:56 - 00000000 ____D C:\Program Files\GoPro
2013-07-25 15:53 - 2013-07-25 15:53 - 00000000 ____D C:\Users\window 7\AppData\Roaming\WinRAR
2013-07-25 15:53 - 2013-07-25 15:53 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-25 15:52 - 2013-07-25 15:52 - 00000000 ____D C:\Users\window 7\AppData\Roaming\2V2Z1C1P1H1P1Q1F2W1G1I1F1T1QtAtB
2013-07-25 15:52 - 2013-07-25 15:52 - 00000000 ____D C:\Program Files\WinRAR
2013-07-25 15:51 - 2013-07-25 15:51 - 01619916 _____ C:\Users\window 7\Downloads\wrar420d.exe
2013-07-25 15:51 - 2013-07-25 15:50 - 01188056 _____ C:\Users\window 7\Downloads\winrar setup.exe
2013-07-25 15:50 - 2013-07-25 15:49 - 37873040 _____ C:\Users\window 7\Downloads\GoProCineForm.rar
2013-07-24 17:56 - 2012-08-29 16:21 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-24 17:47 - 2009-07-14 06:33 - 00436992 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-24 17:46 - 2010-11-21 02:47 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-24 17:46 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-10 20:09 - 2012-09-03 11:35 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-10 19:16 - 2013-07-10 19:15 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-25 20:27

==================== End Of Log ============================
--- --- ---


FRST Addition

Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-07-2013
Ran by window 7 at 2013-07-30 17:20:01
Running from C:\Users\window 7\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

7-Zip 9.20
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Alpen-Overlay EUROPE
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
AVM FRITZ!DSL (Version: 2.04.03)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Firebird SQL Server - MAGIX Edition 2.0.0.1 (D) (Version: 2.0.0.1)
Fotogalerie (Version: 16.4.3503.0728)
Garmin City Navigator Europe NT 2008 (Version: 10.0.0.1)
Garmin City Navigator Europe NT 2013.20 Update (Version: 16.20.0.0)
Garmin City Navigator Europe NT 2013.30 Update (Version: 16.30.0.0)
Garmin City Navigator Europe NT 2013.41 Update (Version: 16.41.0.0)
Garmin Communicator Plugin (Version: 4.0.3)
Garmin MapSource (Version: 6.16.3)
Garmin USB Drivers (Version: 2.3.0.0)
GIMP 2.8.2 (Version: 2.8.2)
Google Chrome (Version: 28.0.1500.72)
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.153)
GoPro CineForm Studio 1.3.1 (Version: 1.3.1)
Greenshot
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.1930)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Junk Mail filter update (Version: 16.4.3503.0728)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0)
MAGIX Foto Manager 2007 4.1.1.75 (D) (Version: 4.1.1.75)
MAGIX Goya burnR 2.3.1.3 (D) (Version: 2.3.1.3)
MAGIX Music Manager 2007 8.1.1.108 (D) (Version: 8.1.1.108)
MAGIX Online Druck Service 2.3.2.0 (D) (Version: 2.3.2.0)
MAGIX Video deluxe 2007 2008 7.0.0.26 (D) (Version: 7.0.0.26)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SkyDrive (HKCU Version: 17.0.2011.0627)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft XML Parser (Version: 8.0.7820.0)
Movie Maker (Version: 16.4.3503.0728)
Mozilla Firefox 22.0 (x86 de) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyFreeCodec
Open It! (Version: 1.1.1)
Pandora Service
PDFCreator (Version: 1.5.0)
PDF-Viewer (Version: 2.5.205.0)
Photo Gallery (Version: 16.4.3503.0728)
QuickTime (Version: 7.73.80.64)
Remote Control USB Driver (Version: 2.3.2.317)
Samsung Kies (Version: 2.3.2.12074_13)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.9.0)
The KMPlayer (remove only)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Zip Opener
Winamp (Version: 5.63 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (Version: 03/07/2012 )
Windows Live Communications Platform (Version: 16.4.3503.0728)
Windows Live Essentials (Version: 16.4.3503.0728)
Windows Live Family Safety (Version: 16.4.3503.0728)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3503.0728)
Windows Live Mail (Version: 16.4.3503.0728)
Windows Live Messenger (Version: 16.4.3503.0728)
Windows Live MIME IFilter (Version: 16.4.3503.0728)
Windows Live Photo Common (Version: 16.4.3503.0728)
Windows Live PIMT Platform (Version: 16.4.3503.0728)
Windows Live SOXE (Version: 16.4.3503.0728)
Windows Live SOXE Definitions (Version: 16.4.3503.0728)
Windows Live UX Platform (Version: 16.4.3503.0728)
Windows Live UX Platform Language Pack (Version: 16.4.3503.0728)
Windows Live Writer (Version: 16.4.3503.0728)
Windows Live Writer Resources (Version: 16.4.3503.0728)
Windows Utils
WinRAR 4.20 (32-Bit) (Version: 4.20.0)
WinRAR Packages
Zip Opener Packages
Zip Opener Packages 36
 

==================== Restore Points  =========================

17-06-2013 18:04:40 Windows Update
30-06-2013 15:56:31 Windows Update
30-06-2013 16:04:12 Windows-Sicherung
30-06-2013 17:00:08 Windows-Sicherung
10-07-2013 16:23:38 Windows Update
10-07-2013 16:32:23 Windows-Sicherung
10-07-2013 18:02:00 Windows Update
24-07-2013 15:51:30 Windows Update
24-07-2013 16:07:56 Windows-Sicherung
25-07-2013 13:55:39 Microsoft Visual C++ 2005 Redistributable wird installiert
25-07-2013 13:57:02 Gerätetreiber-Paketinstallation: GoPro
26-07-2013 15:00:26 Installed Driver Whiz.
26-07-2013 15:09:23 Free Driver Scout
26-07-2013 18:08:44 Windows Update
28-07-2013 17:01:02 Windows-Sicherung
28-07-2013 17:59:50 TuneUp Utilities 2013 wird entfernt
28-07-2013 18:00:39 TuneUp Utilities Language Pack (de-DE) wird entfernt
29-07-2013 14:42:13 Preispilot wird entfernt
29-07-2013 16:09:03 Free Driver Scout
29-07-2013 20:05:20 Windows Update
30-07-2013 01:00:11 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:04 - 2013-07-29 21:49 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0120CC8B-5A9E-4628-9544-994D55FC9D5D} - System32\Tasks\Plus-HD-2.4-enabler => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-enabler.exe [2013-07-26] (Plus HD)
Task: {10F51391-CD11-4D97-A087-5956B1323578} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {12CC3495-E4ED-4991-9050-121A7DDDFCF9} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {147386C2-F349-4EB8-A2D6-4C24B2191E2C} - System32\Tasks\QtraxPlayer => C:\Program Files\Microsoft Silverlight\sllauncher.exe [2013-05-13] (Microsoft Corporation)
Task: {2F9ADF7A-AC91-4F6B-91B2-098111767009} - System32\Tasks\Software Updater Ui => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe No File
Task: {34FCDD53-6492-487E-AE6B-748DC58A58D2} - System32\Tasks\DealPlyUpdate => C:\Program Files\DealPly\DealPlyUpdate.exe No File
Task: {35A68587-C38F-412C-806F-7FFE09F14757} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {3B9C0DC2-8833-4E09-A1D1-E2A3DA3CD9E1} - System32\Tasks\LyricXeeker Update => C:\Program Files\LyriXeeker\LyriXupdate.exe No File
Task: {42AF82C4-1CF7-4B02-9834-4657E71DA5AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-01] (Google Inc.)
Task: {4B2248E4-306C-4D53-B182-B15F4D0DB8F7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-17] (Adobe Systems Incorporated)
Task: {50068265-2FC8-4734-93DC-DAFD621A0365} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5BA83F89-B357-444E-A9F4-CAD79D2904C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-01] (Google Inc.)
Task: {6CA566BF-CFCE-40CF-AE4A-9C6E234E4731} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {70BB4770-FBFC-42E2-AAE2-C6A37C1C14D4} - System32\Tasks\EPUpdater => C:\Users\WINDOW~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe No File
Task: {785FAF3D-1197-4944-AB0C-364287973C69} - System32\Tasks\Plus-HD-2.4-codedownloader => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-codedownloader.exe [2013-07-26] (Plus HD)
Task: {810CA79C-4DE9-4C6A-8AE0-1F6613D418BE} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe No File
Task: {88FEE2A9-D98C-441F-BAFA-50F84B4C5167} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe No File
Task: {8DEC6DA3-01A5-4ED9-8C55-4A9979C3DE02} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {A103C951-F7DA-4579-AD31-79B32A09D230} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {BC3695F1-DC5F-48B1-BA01-A0013F2E04C0} - System32\Tasks\Plus-HD-2.4-updater => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-updater.exe [2013-07-26] (Plus HD)
Task: {DCE04B96-025E-43E5-B994-0579182DA072} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2009-07-14] (Microsoft Corporation)
Task: {E4C7ADED-445A-4D7D-9C33-95C8DEAA867D} - System32\Tasks\User_Feed_Synchronization-{846F7D41-A1CA-4284-9A04-9A8B08F0D732} => C:\Windows\system32\msfeedssync.exe [2013-05-28] (Microsoft Corporation)
Task: {EA443B7A-ADF3-46B7-8D5F-3AD0F69F9E4B} - System32\Tasks\Plus-HD-2.4-firefoxinstaller => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-firefoxinstaller.exe [2013-07-26] (Plus HD)
Task: {FD82EDD5-8FC0-4809-AE01-B9F91155C293} - System32\Tasks\Plus-HD-2.4-chromeinstaller => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-chromeinstaller.exe [2013-07-26] (Plus HD)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LyricXeeker Update.job => C:\Program Files\LyriXeeker\LyriXupdate.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-chromeinstaller.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-chromeinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-codedownloader.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-codedownloader.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-enabler.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-enabler.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-firefoxinstaller.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-firefoxinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-updater.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-updater.exe

==================== Faulty Device Manager Devices =============

Name: Paralleler PCI-Anschluss
Description: Paralleler PCI-Anschluss
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 47%
Total physical RAM: 2037.98 MB
Available physical RAM: 1063.2 MB
Total Pagefile: 4075.97 MB
Available Pagefile: 2865.85 MB
Total Virtual: 2047.88 MB
Available Virtual: 1893.09 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:233.88 GB) (Free:187.25 GB) NTFS
Drive e: (Volume) (Fixed) (Total:231.78 GB) (Free:98.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 07D76439)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=234 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 31.07.2013 07:53

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log. Noch Probleme? :)

1100gs 31.07.2013 19:09
Liste der Anhänge anzeigen (Anzahl: 1)
Und hier das Ergebnis :heulen:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=4320075f4d37744d9fb9514b9475967c
# engine=14602
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-31 05:27:51
# local_time=2013-07-31 07:27:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 84876 126922862 0 0
# scanned=209535
# found=1
# cleaned=0
# scan_time=10418
sh=25A8C89797881EFD031E5F1D4A57F6333E4AA2BD ft=0 fh=0000000000000000 vn="Win32/Adware.Linkular.AD application" ac=I fn="E:\WINDOW7PC\Backup Set 2013-07-28 190008\Backup Files 2013-07-28 190008\Backup files 3.zip"
Code:
Results of screen317's Security Check version 0.99.71 
 Windows 7 Service Pack 1 x86 (UAC is enabled) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 Java 7 Update 9 
 Java version out of Date!
 Adobe Flash Player        11.7.700.224 
 Mozilla Firefox (22.0)
 Google Chrome 28.0.1500.72 
 Google Chrome 28.0.1500.95 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-07-2013
Ran by window 7 (administrator) on 31-07-2013 19:57:13
Running from C:\Users\window 7\Downloads
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Pandora.TV) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Samsung Electronics Co., Ltd.) E:\Samsung\Kies Air\Kies\KiesTrayAgent.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Nullsoft, Inc.) E:\Winamp\winampa.exe
(Samsung) E:\Samsung\Kies Air\Kies\Kies.exe
() E:\Samsung\Kies Air\Kies\External\FirmwareUpdate\KiesPDLR.exe
() E:\Greenshot\Greenshot\Greenshot.exe
(GoPro) C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe
(Windows Net) C:\Users\window 7\AppData\Roaming\Windows Net Data\net.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [KiesTrayAgent] - E:\Samsung\Kies Air\Kies\KiesTrayAgent.exe [3524536 2012-08-31] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [WinampAgent] - E:\Winamp\winampa.exe [74752 2012-06-20] (Nullsoft, Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [TrayServer] - C:\Program Files\MAGIX\Video_deluxe_2007_2008\TrayServer.exe [90112 2007-03-29] (MAGIX AG)
HKCU\...\Run: [KiesPreload] - E:\Samsung\Kies Air\Kies\Kies.exe [964024 2012-08-31] (Samsung)
HKCU\...\Run: [KiesPDLR] - E:\Samsung\Kies Air\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432 2012-08-31] ()
HKCU\...\Run: [Greenshot] - E:\Greenshot\Greenshot\Greenshot.exe [548864 2010-07-12] ()
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe -update plugin [814472 2013-06-17] (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk
ShortcutTarget: CineForm Status.lnk -> C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro)
Startup: C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\window 7\AppData\Roaming\Windows Net Data\net.exe (Windows Net)
Startup: C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - E:\PDF\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - E:\PDF\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - E:\PDF\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Extension: Visualisateur 3D de 20-20 - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\2020Player_IKEA@2020Technologies.com
FF Extension: No Name - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\ad80235d-5e5a-4a1d-a891-51b66a3e70f8@8f877d80-6977-415f-ac14-b52043838c19.com
FF Extension: No Name - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF Extension: Garmin Communicator - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
FF Extension: DownloadHelper - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: No Name - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}.xpi
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKCU\...\Firefox\Extensions: [lyrix@lyrixeeker.co] C:\Program Files\LyriXeeker\125.xpi
FF StartMenuInternet: FIREFOX.EXE - "C:\Program Files\Mozilla Firefox\firefox.exe"

Chrome:
=======
CHR Extension: (Plus-HD-2.4) - C:\Users\WINDOW~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmbfiljpkaijkdifoaacbpallpfkkf\1.23.29_0
CHR Extension: (LyricXeeker) - C:\Users\WINDOW~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\odnofacmifkjndflfmmplhckcbfjckhj\1.125_0
CHR HKLM\...\Chrome\Extension: [odnofacmifkjndflfmmplhckcbfjckhj] - C:\Program Files\LyriXeeker\125.crx

========================== Services (Whitelisted) =================

S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [73528 2009-07-28] (AVM Berlin)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PanService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [625816 2012-06-22] (Pandora.TV)
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG)

==================== Drivers (Whitelisted) ====================

R2 ACEDRV09; C:\Windows\system32\drivers\ACEDRV09.sys [110304 2013-02-18] (Protect Software GmbH)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 catchme; \??\C:\Users\WINDOW~1\AppData\Local\Temp\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-31 16:30 - 2013-07-31 16:30 - 02347384 _____ (ESET) C:\Users\window 7\Downloads\esetsmartinstaller_enu.exe
2013-07-30 17:13 - 2013-07-30 17:13 - 00004645 _____ C:\Users\window 7\Desktop\JRT.txt
2013-07-30 17:11 - 2013-07-30 17:11 - 00000000 ____D C:\Windows\ERUNT
2013-07-30 17:10 - 2013-07-30 17:10 - 00562042 _____ (Oleg N. Scherbakov) C:\Users\window 7\Downloads\JRT.exe
2013-07-30 17:09 - 2013-07-31 15:19 - 00000438 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-07-30 17:06 - 2013-07-30 17:07 - 00015847 _____ C:\AdwCleaner[S1].txt
2013-07-30 17:05 - 2013-07-30 17:06 - 00666633 _____ C:\Users\window 7\Downloads\adwcleaner.exe
2013-07-30 03:03 - 2013-07-30 03:05 - 00000000 ____D C:\Windows\system32\MRT
2013-07-29 21:55 - 2013-07-29 21:55 - 00025092 _____ C:\ComboFix.txt
2013-07-29 21:30 - 2013-07-29 21:55 - 00000000 ____D C:\ComboFix
2013-07-29 21:30 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-29 21:30 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-29 21:30 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-29 21:30 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-29 21:30 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-29 21:30 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-29 21:30 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-29 21:30 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-29 21:09 - 2013-07-29 21:55 - 00000000 ____D C:\Qoobox
2013-07-29 21:09 - 2013-07-29 21:53 - 00000000 ____D C:\Windows\erdnt
2013-07-29 19:44 - 2013-07-29 19:44 - 05095176 ____R (Swearware) C:\Users\window 7\Desktop\ComboFix.exe
2013-07-29 19:42 - 2013-07-29 19:42 - 00000873 _____ C:\Users\window 7\Desktop\software - Verknüpfung.lnk
2013-07-29 19:40 - 2013-07-29 19:40 - 00000053 _____ C:\Users\window 7\AppData\Roaming\WB.CFG
2013-07-29 19:40 - 2013-07-29 19:40 - 00000005 _____ C:\Users\window 7\AppData\Roaming\WBPU-TTL.DAT
2013-07-29 18:54 - 2013-07-30 17:20 - 00015219 _____ C:\Users\window 7\Downloads\Addition.txt
2013-07-29 18:52 - 2013-07-29 18:52 - 00000000 ____D C:\FRST
2013-07-29 18:45 - 2013-07-29 18:45 - 01221130 _____ (Farbar) C:\Users\window 7\Downloads\FRST.exe
2013-07-29 18:40 - 2013-07-29 18:40 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup(2).exe
2013-07-29 18:40 - 2013-07-29 18:40 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup(1).exe
2013-07-29 18:13 - 2013-07-29 18:13 - 00000000 ____D C:\Users\window 7\Qtrax
2013-07-29 18:08 - 2013-07-31 17:58 - 00000370 _____ C:\Windows\Tasks\LyricXeeker Update.job
2013-07-29 18:08 - 2013-07-29 18:40 - 00001109 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Zip Opener Packages
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Users\window 7\AppData\Roaming\DigitalSite
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Program Files\OpenIt
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-29 18:06 - 2013-07-29 18:07 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup.exe
2013-07-28 18:38 - 2013-07-28 18:38 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\FreemakeVideoConverter
2013-07-28 18:37 - 2013-07-29 18:10 - 00000000 ____D C:\ProgramData\Freemake
2013-07-28 18:37 - 2013-07-28 18:38 - 00000000 ____D C:\Users\window 7\Documents\Freemake
2013-07-28 18:37 - 2013-07-28 18:37 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-28 18:36 - 2013-07-29 18:10 - 00000000 ____D C:\Program Files\Freemake
2013-07-28 18:34 - 2013-07-28 18:34 - 01271944 _____ (Ellora Assets Corporation                                  ) C:\Users\window 7\Downloads\FreemakeVideoConverterSetup.exe
2013-07-28 09:47 - 2013-07-28 09:48 - 00000000 ____D C:\Users\window 7\AppData\Roaming\FRITZ!
2013-07-28 09:47 - 2013-07-28 09:47 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\FRITZ!
2013-07-27 17:18 - 2013-07-27 17:18 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(2).zip
2013-07-27 17:18 - 2013-07-27 17:18 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(2)(1).zip
2013-07-27 17:14 - 2013-07-27 17:14 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(1).zip
2013-07-27 17:14 - 2013-07-27 17:14 - 00000000 ____D C:\Users\window 7\Downloads\MPEG_Streamclip_1.2
2013-07-27 17:10 - 2013-07-27 17:09 - 00554844 _____ C:\Users\window 7\Downloads\mpeg-streamclip.zip
2013-07-27 16:47 - 2013-07-27 16:47 - 01336574 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.9.2(1).dmg
2013-07-27 16:46 - 2013-07-27 16:46 - 01336574 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.9.2.dmg
2013-07-26 18:41 - 2013-07-26 18:41 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2)(1)(1).zip
2013-07-26 18:39 - 2013-07-26 18:39 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2)(1).zip
2013-07-26 18:36 - 2013-07-26 18:37 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2).zip
2013-07-26 17:11 - 2013-07-31 17:11 - 00001282 _____ C:\Windows\Tasks\Plus-HD-2.4-updater.job
2013-07-26 17:11 - 2013-07-26 17:12 - 00000000 ____D C:\ProgramData\FreeDriverScout
2013-07-26 17:11 - 2013-07-26 17:11 - 00000000 ____D C:\Users\window 7\Documents\Freemium Driver Utilities
2013-07-26 17:10 - 2013-07-31 17:15 - 00001814 _____ C:\Windows\Tasks\Plus-HD-2.4-firefoxinstaller.job
2013-07-26 17:10 - 2013-07-31 17:11 - 00001092 _____ C:\Windows\Tasks\Plus-HD-2.4-enabler.job
2013-07-26 17:10 - 2013-07-31 17:10 - 00001890 _____ C:\Windows\Tasks\Plus-HD-2.4-chromeinstaller.job
2013-07-26 17:10 - 2013-07-31 17:10 - 00001194 _____ C:\Windows\Tasks\Plus-HD-2.4-codedownloader.job
2013-07-26 17:10 - 2013-07-27 09:49 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Windows Net Data
2013-07-26 17:10 - 2013-07-26 17:11 - 00000000 ____D C:\Program Files\Plus-HD-2.4
2013-07-26 17:09 - 2013-07-26 17:09 - 00000211 _____ C:\Users\window 7\Desktop\Amazon.url
2013-07-26 17:08 - 2013-07-26 17:08 - 00444400 _____ C:\Users\window 7\Downloads\DLG_free-driver-scout_chip_de-DE.exe
2013-07-26 16:59 - 2013-07-26 16:59 - 01995672 _____ (Driver Whiz) C:\Users\window 7\Downloads\Driverwhiz.exe
2013-07-26 16:31 - 2013-07-26 16:32 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(1).zip
2013-07-26 16:31 - 2013-07-26 16:31 - 00001152 _____ C:\Users\window 7\Desktop\GoPro CineForm Studio.lnk
2013-07-26 15:12 - 2013-07-26 15:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2013-07-26 15:02 - 2013-07-26 15:03 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169.zip
2013-07-25 21:54 - 2013-07-25 21:54 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\GoPro
2013-07-25 16:01 - 2013-07-25 16:01 - 00000000 ____D C:\Users\window 7\AppData\Roaming\GoPro
2013-07-25 15:57 - 2013-07-25 16:00 - 00000000 ____D C:\Users\Public\CineForm
2013-07-25 15:57 - 2013-07-25 15:57 - 00000000 ____D C:\Program Files\CineForm
2013-07-25 15:56 - 2013-07-25 15:56 - 00000000 ____D C:\Program Files\GoPro
2013-07-25 15:53 - 2013-07-25 15:53 - 00000000 ____D C:\Users\window 7\AppData\Roaming\WinRAR
2013-07-25 15:53 - 2013-07-25 15:53 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-25 15:52 - 2013-07-25 15:52 - 00000000 ____D C:\Users\window 7\AppData\Roaming\2V2Z1C1P1H1P1Q1F2W1G1I1F1T1QtAtB
2013-07-25 15:52 - 2013-07-25 15:52 - 00000000 ____D C:\Program Files\WinRAR
2013-07-25 15:51 - 2013-07-25 15:51 - 01619916 _____ C:\Users\window 7\Downloads\wrar420d.exe
2013-07-25 15:50 - 2013-07-25 15:51 - 01188056 _____ C:\Users\window 7\Downloads\winrar setup.exe
2013-07-25 15:49 - 2013-07-25 15:50 - 37873040 _____ C:\Users\window 7\Downloads\GoProCineForm.rar
2013-07-10 20:07 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 20:07 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-10 20:07 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-10 20:07 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-10 19:15 - 2013-07-10 19:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-10 18:51 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 18:51 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 18:51 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 18:50 - 2013-06-05 05:05 - 02347520 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
143

==================== One Month Modified Files and Folders =======

2013-07-31 19:52 - 2013-07-31 19:52 - 00891098 _____ C:\Users\window 7\Downloads\SecurityCheck.exe
2013-07-31 19:21 - 2012-09-01 15:59 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-31 19:11 - 2012-09-01 09:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-31 18:35 - 2009-07-14 06:34 - 00026512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-31 18:35 - 2009-07-14 06:34 - 00026512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-31 18:30 - 2006-06-01 00:30 - 01304254 _____ C:\Windows\WindowsUpdate.log
2013-07-31 17:58 - 2013-07-29 18:08 - 00000370 _____ C:\Windows\Tasks\LyricXeeker Update.job
2013-07-31 17:15 - 2013-07-26 17:10 - 00001814 _____ C:\Windows\Tasks\Plus-HD-2.4-firefoxinstaller.job
2013-07-31 17:11 - 2013-07-26 17:11 - 00001282 _____ C:\Windows\Tasks\Plus-HD-2.4-updater.job
2013-07-31 17:11 - 2013-07-26 17:10 - 00001092 _____ C:\Windows\Tasks\Plus-HD-2.4-enabler.job
2013-07-31 17:10 - 2013-07-26 17:10 - 00001890 _____ C:\Windows\Tasks\Plus-HD-2.4-chromeinstaller.job
2013-07-31 17:10 - 2013-07-26 17:10 - 00001194 _____ C:\Windows\Tasks\Plus-HD-2.4-codedownloader.job
2013-07-31 16:30 - 2013-07-31 16:30 - 02347384 _____ (ESET) C:\Users\window 7\Downloads\esetsmartinstaller_enu.exe
2013-07-31 15:19 - 2013-07-30 17:09 - 00000438 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-07-31 15:18 - 2012-09-01 15:59 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-31 15:18 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-31 15:18 - 2009-07-14 06:39 - 00011853 _____ C:\Windows\setupact.log
2013-07-30 21:24 - 2012-09-01 16:02 - 00002166 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-30 17:20 - 2013-07-29 18:54 - 00015219 _____ C:\Users\window 7\Downloads\Addition.txt
2013-07-30 17:13 - 2013-07-30 17:13 - 00004645 _____ C:\Users\window 7\Desktop\JRT.txt
2013-07-30 17:11 - 2013-07-30 17:11 - 00000000 ____D C:\Windows\ERUNT
2013-07-30 17:10 - 2013-07-30 17:10 - 00562042 _____ (Oleg N. Scherbakov) C:\Users\window 7\Downloads\JRT.exe
2013-07-30 17:08 - 2010-11-20 23:48 - 00028946 _____ C:\Windows\PFRO.log
2013-07-30 17:08 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Vss
2013-07-30 17:07 - 2013-07-30 17:06 - 00015847 _____ C:\AdwCleaner[S1].txt
2013-07-30 17:07 - 2012-08-29 16:21 - 00001048 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-30 17:07 - 2012-08-29 14:55 - 00001195 _____ C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-30 17:06 - 2013-07-30 17:05 - 00666633 _____ C:\Users\window 7\Downloads\adwcleaner.exe
2013-07-30 03:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-30 03:05 - 2013-07-30 03:03 - 00000000 ____D C:\Windows\system32\MRT
2013-07-30 03:03 - 2010-11-20 23:01 - 01636464 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-29 21:55 - 2013-07-29 21:55 - 00025092 _____ C:\ComboFix.txt
2013-07-29 21:55 - 2013-07-29 21:30 - 00000000 ____D C:\ComboFix
2013-07-29 21:55 - 2013-07-29 21:09 - 00000000 ____D C:\Qoobox
2013-07-29 21:55 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default
2013-07-29 21:55 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2013-07-29 21:53 - 2013-07-29 21:09 - 00000000 ____D C:\Windows\erdnt
2013-07-29 21:50 - 2012-09-06 17:13 - 00033437 _____ C:\Users\window 7\DesktopStCenter.txt
2013-07-29 21:49 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini
2013-07-29 21:48 - 2009-07-14 04:03 - 47710208 _____ C:\Windows\system32\config\software.bak
2013-07-29 21:48 - 2009-07-14 04:03 - 12845056 _____ C:\Windows\system32\config\system.bak
2013-07-29 21:48 - 2009-07-14 04:03 - 00524288 _____ C:\Windows\system32\config\default.bak
2013-07-29 21:48 - 2009-07-14 04:03 - 00262144 _____ C:\Windows\system32\config\security.bak
2013-07-29 21:48 - 2009-07-14 04:03 - 00262144 _____ C:\Windows\system32\config\sam.bak
2013-07-29 21:30 - 2012-08-29 15:47 - 00001912 _____ C:\Windows\epplauncher.mif
2013-07-29 19:44 - 2013-07-29 19:44 - 05095176 ____R (Swearware) C:\Users\window 7\Desktop\ComboFix.exe
2013-07-29 19:42 - 2013-07-29 19:42 - 00000873 _____ C:\Users\window 7\Desktop\software - Verknüpfung.lnk
2013-07-29 19:40 - 2013-07-29 19:40 - 00000053 _____ C:\Users\window 7\AppData\Roaming\WB.CFG
2013-07-29 19:40 - 2013-07-29 19:40 - 00000005 _____ C:\Users\window 7\AppData\Roaming\WBPU-TTL.DAT
2013-07-29 18:52 - 2013-07-29 18:52 - 00000000 ____D C:\FRST
2013-07-29 18:45 - 2013-07-29 18:45 - 01221130 _____ (Farbar) C:\Users\window 7\Downloads\FRST.exe
2013-07-29 18:40 - 2013-07-29 18:40 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup(2).exe
2013-07-29 18:40 - 2013-07-29 18:40 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup(1).exe
2013-07-29 18:40 - 2013-07-29 18:08 - 00001109 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-07-29 18:13 - 2013-07-29 18:13 - 00000000 ____D C:\Users\window 7\Qtrax
2013-07-29 18:13 - 2012-08-29 14:52 - 00000000 ____D C:\Users\window 7
2013-07-29 18:10 - 2013-07-28 18:37 - 00000000 ____D C:\ProgramData\Freemake
2013-07-29 18:10 - 2013-07-28 18:36 - 00000000 ____D C:\Program Files\Freemake
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Zip Opener Packages
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Users\window 7\AppData\Roaming\DigitalSite
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Program Files\OpenIt
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-29 18:07 - 2013-07-29 18:06 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup.exe
2013-07-29 17:06 - 2013-02-18 18:39 - 00000000 ____D C:\Users\Public\Documents\MAGIX_Video_deluxe_2007_2008
2013-07-29 16:56 - 2010-11-21 02:38 - 00000000 ____D C:\Windows\DigitalLocker
2013-07-29 16:48 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-07-28 18:50 - 2012-08-29 14:52 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\VirtualStore
2013-07-28 18:38 - 2013-07-28 18:38 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\FreemakeVideoConverter
2013-07-28 18:38 - 2013-07-28 18:37 - 00000000 ____D C:\Users\window 7\Documents\Freemake
2013-07-28 18:37 - 2013-07-28 18:37 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-28 18:37 - 2012-09-21 13:43 - 00000000 ____D C:\Users\window 7\AppData\Roaming\TuneUp Software
2013-07-28 18:37 - 2012-09-21 13:43 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-07-28 18:34 - 2013-07-28 18:34 - 01271944 _____ (Ellora Assets Corporation                                  ) C:\Users\window 7\Downloads\FreemakeVideoConverterSetup.exe
2013-07-28 09:48 - 2013-07-28 09:47 - 00000000 ____D C:\Users\window 7\AppData\Roaming\FRITZ!
2013-07-28 09:47 - 2013-07-28 09:47 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\FRITZ!
2013-07-27 17:18 - 2013-07-27 17:18 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(2).zip
2013-07-27 17:18 - 2013-07-27 17:18 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(2)(1).zip
2013-07-27 17:14 - 2013-07-27 17:14 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(1).zip
2013-07-27 17:14 - 2013-07-27 17:14 - 00000000 ____D C:\Users\window 7\Downloads\MPEG_Streamclip_1.2
2013-07-27 17:09 - 2013-07-27 17:10 - 00554844 _____ C:\Users\window 7\Downloads\mpeg-streamclip.zip
2013-07-27 16:47 - 2013-07-27 16:47 - 01336574 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.9.2(1).dmg
2013-07-27 16:46 - 2013-07-27 16:46 - 01336574 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.9.2.dmg
2013-07-27 09:49 - 2013-07-26 17:10 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Windows Net Data
2013-07-26 18:41 - 2013-07-26 18:41 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2)(1)(1).zip
2013-07-26 18:39 - 2013-07-26 18:39 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2)(1).zip
2013-07-26 18:37 - 2013-07-26 18:36 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2).zip
2013-07-26 17:12 - 2013-07-26 17:11 - 00000000 ____D C:\ProgramData\FreeDriverScout
2013-07-26 17:11 - 2013-07-26 17:11 - 00000000 ____D C:\Users\window 7\Documents\Freemium Driver Utilities
2013-07-26 17:11 - 2013-07-26 17:10 - 00000000 ____D C:\Program Files\Plus-HD-2.4
2013-07-26 17:09 - 2013-07-26 17:09 - 00000211 _____ C:\Users\window 7\Desktop\Amazon.url
2013-07-26 17:08 - 2013-07-26 17:08 - 00444400 _____ C:\Users\window 7\Downloads\DLG_free-driver-scout_chip_de-DE.exe
2013-07-26 16:59 - 2013-07-26 16:59 - 01995672 _____ (Driver Whiz) C:\Users\window 7\Downloads\Driverwhiz.exe
2013-07-26 16:32 - 2013-07-26 16:31 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(1).zip
2013-07-26 16:31 - 2013-07-26 16:31 - 00001152 _____ C:\Users\window 7\Desktop\GoPro CineForm Studio.lnk
2013-07-26 16:30 - 2012-12-27 17:45 - 00014834 _____ C:\Windows\DPINST.LOG
2013-07-26 15:12 - 2013-07-26 15:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2013-07-26 15:03 - 2013-07-26 15:02 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169.zip
2013-07-25 21:54 - 2013-07-25 21:54 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\GoPro
2013-07-25 16:01 - 2013-07-25 16:01 - 00000000 ____D C:\Users\window 7\AppData\Roaming\GoPro
2013-07-25 16:00 - 2013-07-25 15:57 - 00000000 ____D C:\Users\Public\CineForm
2013-07-25 15:57 - 2013-07-25 15:57 - 00000000 ____D C:\Program Files\CineForm
2013-07-25 15:57 - 2012-09-01 16:53 - 00000000 ____D C:\Program Files\DIFX
2013-07-25 15:56 - 2013-07-25 15:56 - 00000000 ____D C:\Program Files\GoPro
2013-07-25 15:53 - 2013-07-25 15:53 - 00000000 ____D C:\Users\window 7\AppData\Roaming\WinRAR
2013-07-25 15:53 - 2013-07-25 15:53 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-25 15:52 - 2013-07-25 15:52 - 00000000 ____D C:\Users\window 7\AppData\Roaming\2V2Z1C1P1H1P1Q1F2W1G1I1F1T1QtAtB
2013-07-25 15:52 - 2013-07-25 15:52 - 00000000 ____D C:\Program Files\WinRAR
2013-07-25 15:51 - 2013-07-25 15:51 - 01619916 _____ C:\Users\window 7\Downloads\wrar420d.exe
2013-07-25 15:51 - 2013-07-25 15:50 - 01188056 _____ C:\Users\window 7\Downloads\winrar setup.exe
2013-07-25 15:50 - 2013-07-25 15:49 - 37873040 _____ C:\Users\window 7\Downloads\GoProCineForm.rar
2013-07-24 17:56 - 2012-08-29 16:21 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-24 17:47 - 2009-07-14 06:33 - 00436992 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-24 17:46 - 2010-11-21 02:47 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-24 17:46 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-10 20:09 - 2012-09-03 11:35 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-10 19:16 - 2013-07-10 19:15 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-25 20:27

==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-07-2013
Ran by window 7 at 2013-07-31 19:57:44
Running from C:\Users\window 7\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

7-Zip 9.20
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Alpen-Overlay EUROPE
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
AVM FRITZ!DSL (Version: 2.04.03)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Firebird SQL Server - MAGIX Edition 2.0.0.1 (D) (Version: 2.0.0.1)
Fotogalerie (Version: 16.4.3503.0728)
Garmin City Navigator Europe NT 2008 (Version: 10.0.0.1)
Garmin City Navigator Europe NT 2013.20 Update (Version: 16.20.0.0)
Garmin City Navigator Europe NT 2013.30 Update (Version: 16.30.0.0)
Garmin City Navigator Europe NT 2013.41 Update (Version: 16.41.0.0)
Garmin Communicator Plugin (Version: 4.0.3)
Garmin MapSource (Version: 6.16.3)
Garmin USB Drivers (Version: 2.3.0.0)
GIMP 2.8.2 (Version: 2.8.2)
Google Chrome (Version: 28.0.1500.95)
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.153)
GoPro CineForm Studio 1.3.1 (Version: 1.3.1)
Greenshot
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.1930)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Junk Mail filter update (Version: 16.4.3503.0728)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0)
MAGIX Foto Manager 2007 4.1.1.75 (D) (Version: 4.1.1.75)
MAGIX Goya burnR 2.3.1.3 (D) (Version: 2.3.1.3)
MAGIX Music Manager 2007 8.1.1.108 (D) (Version: 8.1.1.108)
MAGIX Online Druck Service 2.3.2.0 (D) (Version: 2.3.2.0)
MAGIX Video deluxe 2007 2008 7.0.0.26 (D) (Version: 7.0.0.26)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SkyDrive (HKCU Version: 17.0.2011.0627)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft XML Parser (Version: 8.0.7820.0)
Movie Maker (Version: 16.4.3503.0728)
Mozilla Firefox 22.0 (x86 de) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyFreeCodec
Open It! (Version: 1.1.1)
Pandora Service
PDFCreator (Version: 1.5.0)
PDF-Viewer (Version: 2.5.205.0)
Photo Gallery (Version: 16.4.3503.0728)
QuickTime (Version: 7.73.80.64)
Remote Control USB Driver (Version: 2.3.2.317)
Samsung Kies (Version: 2.3.2.12074_13)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.9.0)
The KMPlayer (remove only)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Zip Opener
Winamp (Version: 5.63 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (Version: 03/07/2012 )
Windows Live Communications Platform (Version: 16.4.3503.0728)
Windows Live Essentials (Version: 16.4.3503.0728)
Windows Live Family Safety (Version: 16.4.3503.0728)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3503.0728)
Windows Live Mail (Version: 16.4.3503.0728)
Windows Live Messenger (Version: 16.4.3503.0728)
Windows Live MIME IFilter (Version: 16.4.3503.0728)
Windows Live Photo Common (Version: 16.4.3503.0728)
Windows Live PIMT Platform (Version: 16.4.3503.0728)
Windows Live SOXE (Version: 16.4.3503.0728)
Windows Live SOXE Definitions (Version: 16.4.3503.0728)
Windows Live UX Platform (Version: 16.4.3503.0728)
Windows Live UX Platform Language Pack (Version: 16.4.3503.0728)
Windows Live Writer (Version: 16.4.3503.0728)
Windows Live Writer Resources (Version: 16.4.3503.0728)
Windows Utils
WinRAR 4.20 (32-Bit) (Version: 4.20.0)
WinRAR Packages
Zip Opener Packages
Zip Opener Packages 36
 

==================== Restore Points  =========================

17-06-2013 18:04:40 Windows Update
30-06-2013 15:56:31 Windows Update
30-06-2013 16:04:12 Windows-Sicherung
30-06-2013 17:00:08 Windows-Sicherung
10-07-2013 16:23:38 Windows Update
10-07-2013 16:32:23 Windows-Sicherung
10-07-2013 18:02:00 Windows Update
24-07-2013 15:51:30 Windows Update
24-07-2013 16:07:56 Windows-Sicherung
25-07-2013 13:55:39 Microsoft Visual C++ 2005 Redistributable wird installiert
25-07-2013 13:57:02 Gerätetreiber-Paketinstallation: GoPro
26-07-2013 15:00:26 Installed Driver Whiz.
26-07-2013 15:09:23 Free Driver Scout
26-07-2013 18:08:44 Windows Update
28-07-2013 17:01:02 Windows-Sicherung
28-07-2013 17:59:50 TuneUp Utilities 2013 wird entfernt
28-07-2013 18:00:39 TuneUp Utilities Language Pack (de-DE) wird entfernt
29-07-2013 14:42:13 Preispilot wird entfernt
29-07-2013 16:09:03 Free Driver Scout
29-07-2013 20:05:20 Windows Update
30-07-2013 01:00:11 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:04 - 2013-07-29 21:49 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0120CC8B-5A9E-4628-9544-994D55FC9D5D} - System32\Tasks\Plus-HD-2.4-enabler => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-enabler.exe [2013-07-26] (Plus HD)
Task: {10F51391-CD11-4D97-A087-5956B1323578} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {12CC3495-E4ED-4991-9050-121A7DDDFCF9} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {147386C2-F349-4EB8-A2D6-4C24B2191E2C} - System32\Tasks\QtraxPlayer => C:\Program Files\Microsoft Silverlight\sllauncher.exe [2013-05-13] (Microsoft Corporation)
Task: {2F9ADF7A-AC91-4F6B-91B2-098111767009} - System32\Tasks\Software Updater Ui => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe No File
Task: {34FCDD53-6492-487E-AE6B-748DC58A58D2} - System32\Tasks\DealPlyUpdate => C:\Program Files\DealPly\DealPlyUpdate.exe No File
Task: {35A68587-C38F-412C-806F-7FFE09F14757} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {3B9C0DC2-8833-4E09-A1D1-E2A3DA3CD9E1} - System32\Tasks\LyricXeeker Update => C:\Program Files\LyriXeeker\LyriXupdate.exe No File
Task: {42AF82C4-1CF7-4B02-9834-4657E71DA5AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-01] (Google Inc.)
Task: {4B2248E4-306C-4D53-B182-B15F4D0DB8F7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-17] (Adobe Systems Incorporated)
Task: {50068265-2FC8-4734-93DC-DAFD621A0365} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5BA83F89-B357-444E-A9F4-CAD79D2904C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-01] (Google Inc.)
Task: {6CA566BF-CFCE-40CF-AE4A-9C6E234E4731} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {70BB4770-FBFC-42E2-AAE2-C6A37C1C14D4} - System32\Tasks\EPUpdater => C:\Users\WINDOW~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe No File
Task: {77709E47-6FFE-4D80-A163-B030E6BFA591} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {785FAF3D-1197-4944-AB0C-364287973C69} - System32\Tasks\Plus-HD-2.4-codedownloader => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-codedownloader.exe [2013-07-26] (Plus HD)
Task: {810CA79C-4DE9-4C6A-8AE0-1F6613D418BE} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe No File
Task: {88FEE2A9-D98C-441F-BAFA-50F84B4C5167} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe No File
Task: {A103C951-F7DA-4579-AD31-79B32A09D230} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {BC3695F1-DC5F-48B1-BA01-A0013F2E04C0} - System32\Tasks\Plus-HD-2.4-updater => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-updater.exe [2013-07-26] (Plus HD)
Task: {DCE04B96-025E-43E5-B994-0579182DA072} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2009-07-14] (Microsoft Corporation)
Task: {E4C7ADED-445A-4D7D-9C33-95C8DEAA867D} - System32\Tasks\User_Feed_Synchronization-{846F7D41-A1CA-4284-9A04-9A8B08F0D732} => C:\Windows\system32\msfeedssync.exe [2013-05-28] (Microsoft Corporation)
Task: {EA443B7A-ADF3-46B7-8D5F-3AD0F69F9E4B} - System32\Tasks\Plus-HD-2.4-firefoxinstaller => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-firefoxinstaller.exe [2013-07-26] (Plus HD)
Task: {FD82EDD5-8FC0-4809-AE01-B9F91155C293} - System32\Tasks\Plus-HD-2.4-chromeinstaller => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-chromeinstaller.exe [2013-07-26] (Plus HD)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LyricXeeker Update.job => C:\Program Files\LyriXeeker\LyriXupdate.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-chromeinstaller.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-chromeinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-codedownloader.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-codedownloader.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-enabler.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-enabler.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-firefoxinstaller.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-firefoxinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-updater.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-updater.exe

==================== Faulty Device Manager Devices =============

Name: Paralleler PCI-Anschluss
Description: Paralleler PCI-Anschluss
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/31/2013 03:20:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2013 10:04:23 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/31/2013 03:19:24 PM) (Source: ipnathlp) (User: )
Description: 192.168.178.27192.168.137.0255.255.255.0

Error: (07/31/2013 03:19:24 PM) (Source: ipnathlp) (User: )
Description:

Error: (07/31/2013 10:03:35 AM) (Source: ipnathlp) (User: )
Description: 192.168.178.27192.168.137.0255.255.255.0

Error: (07/31/2013 10:03:35 AM) (Source: ipnathlp) (User: )
Description:


Microsoft Office Sessions:
=========================
Error: (07/31/2013 03:20:07 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2013 10:04:23 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 52%
Total physical RAM: 2037.98 MB
Available physical RAM: 975.75 MB
Total Pagefile: 4075.97 MB
Available Pagefile: 2880.6 MB
Total Virtual: 2047.88 MB
Available Virtual: 1881.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:233.88 GB) (Free:181.9 GB) NTFS
Drive e: (Volume) (Fixed) (Total:231.78 GB) (Free:98.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 07D76439)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=234 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232 GB) - (Type=07 NTFS)

==================== End Of Log ============================



Und er ist immer noch da

Anhang 58477

schrauber 31.07.2013 20:05
Java udpdaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
SearchScopes: HKLM - DefaultScope value is missing.
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
2013-07-29 18:40 - 2013-07-29 18:40 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup(2).exe
2013-07-29 18:40 - 2013-07-29 18:40 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup(1).exe
2013-07-29 18:13 - 2013-07-29 18:13 - 00000000 ____D C:\Users\window 7\Qtrax
2013-07-29 18:08 - 2013-07-31 17:58 - 00000370 _____ C:\Windows\Tasks\LyricXeeker Update.job
2013-07-29 18:08 - 2013-07-29 18:40 - 00001109 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Zip Opener Packages
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Users\window 7\AppData\Roaming\DigitalSite
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Program Files\OpenIt

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Setze folgendermassen den Internet Explorer zurück:
  • Öffne den Internet Explorer und gehe zu Extras -> Internetoptionen.
  • Klicke in der Registerkarte Erweitert unter "Internet Explorer-Einstellungen zurücksetzen" auf Zurücksetzen...
  • Klicke im Dialogfeld "Internet Explorer-Einstellungen zurücksetzen" zum Bestätigen auf Zurücksetzen.
(Hier findest du die bebilderte Anleitung.)

1100gs 31.07.2013 20:21
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 28-07-2013
Ran by window 7 at 2013-07-31 21:19:53 Run:1
Running from C:\Users\window 7\Desktop
Boot Mode: Normal

==============================================

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value deleted successfully.
C:\Users\window 7\Downloads\ZipOpenerSetup(2).exe => Moved successfully.
C:\Users\window 7\Downloads\ZipOpenerSetup(1).exe => Moved successfully.
C:\Users\window 7\Qtrax => Moved successfully.
C:\Windows\Tasks\LyricXeeker Update.job => Moved successfully.
C:\Users\Public\Desktop\Open It!.lnk => Moved successfully.
C:\Users\window 7\AppData\Roaming\Zip Opener Packages => Moved successfully.
C:\Users\window 7\AppData\Roaming\DigitalSite => Moved successfully.
C:\Program Files\OpenIt => Moved successfully.

==== End of Fixlog ====
Zitat:
Setze folgendermassen den Internet Explorer zurück:

Öffne den Internet Explorer und gehe zu Extras -> Internetoptionen.
Klicke in der Registerkarte Erweitert unter "Internet Explorer-Einstellungen zurücksetzen" auf Zurücksetzen...
Klicke im Dialogfeld "Internet Explorer-Einstellungen zurücksetzen" zum Bestätigen auf Zurücksetzen.
OK... habe ich gemacht

1100gs 31.07.2013 20:32
Liste der Anhänge anzeigen (Anzahl: 1)
Nun gehen zwei Popups auf. Eines kennen wir ja schon :wtf:

schrauber 01.08.2013 08:53
IE10 deinstallieren.

Neu booten und frisches FRST log bitte.

1100gs 01.08.2013 10:22
Fetisch


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-07-2013
Ran by window 7 (administrator) on 01-08-2013 11:20:09
Running from C:\Users\window 7\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Pandora.TV) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Samsung Electronics Co., Ltd.) E:\Samsung\Kies Air\Kies\KiesTrayAgent.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Nullsoft, Inc.) E:\Winamp\winampa.exe
(Samsung) E:\Samsung\Kies Air\Kies\Kies.exe
() E:\Samsung\Kies Air\Kies\External\FirmwareUpdate\KiesPDLR.exe
() E:\Greenshot\Greenshot\Greenshot.exe
(GoPro) C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\StCenter.exe
(Windows Net) C:\Users\window 7\AppData\Roaming\Windows Net Data\net.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Microsoft Corporation) C:\Windows\system32\prevhost.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [KiesTrayAgent] - E:\Samsung\Kies Air\Kies\KiesTrayAgent.exe [3524536 2012-08-31] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [WinampAgent] - E:\Winamp\winampa.exe [74752 2012-06-20] (Nullsoft, Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [TrayServer] - C:\Program Files\MAGIX\Video_deluxe_2007_2008\TrayServer.exe [90112 2007-03-29] (MAGIX AG)
HKCU\...\Run: [KiesPreload] - E:\Samsung\Kies Air\Kies\Kies.exe [964024 2012-08-31] (Samsung)
HKCU\...\Run: [KiesPDLR] - E:\Samsung\Kies Air\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432 2012-08-31] ()
HKCU\...\Run: [Greenshot] - E:\Greenshot\Greenshot\Greenshot.exe [548864 2010-07-12] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk
ShortcutTarget: CineForm Status.lnk -> C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro)
Startup: C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk
ShortcutTarget: FRITZ!DSL Startcenter.lnk -> C:\Program Files\FRITZ!DSL\StCenter.exe (AVM Berlin)
Startup: C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\window 7\AppData\Roaming\Windows Net Data\net.exe (Windows Net)
Startup: C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

SearchScopes: HKCU - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - E:\PDF\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - E:\PDF\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - E:\PDF\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Extension: Visualisateur 3D de 20-20 - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\2020Player_IKEA@2020Technologies.com
FF Extension: No Name - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\ad80235d-5e5a-4a1d-a891-51b66a3e70f8@8f877d80-6977-415f-ac14-b52043838c19.com
FF Extension: No Name - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF Extension: Garmin Communicator - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
FF Extension: DownloadHelper - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: No Name - C:\Users\window 7\AppData\Roaming\Mozilla\Firefox\Profiles\h9oe5yax.default\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}.xpi
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKCU\...\Firefox\Extensions: [lyrix@lyrixeeker.co] C:\Program Files\LyriXeeker\125.xpi
FF StartMenuInternet: FIREFOX.EXE - "C:\Program Files\Mozilla Firefox\firefox.exe"

Chrome:
=======
CHR Extension: (Plus-HD-2.4) - C:\Users\WINDOW~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmbfiljpkaijkdifoaacbpallpfkkf\1.23.29_0
CHR Extension: (LyricXeeker) - C:\Users\WINDOW~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\odnofacmifkjndflfmmplhckcbfjckhj\1.125_0
CHR HKLM\...\Chrome\Extension: [odnofacmifkjndflfmmplhckcbfjckhj] - C:\Program Files\LyriXeeker\125.crx

========================== Services (Whitelisted) =================

S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [73528 2009-07-28] (AVM Berlin)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PanService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [625816 2012-06-22] (Pandora.TV)
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG)

==================== Drivers (Whitelisted) ====================

R2 ACEDRV09; C:\Windows\system32\drivers\ACEDRV09.sys [110304 2013-02-18] (Protect Software GmbH)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 catchme; \??\C:\Users\WINDOW~1\AppData\Local\Temp\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-31 21:17 - 2013-07-31 21:17 - 00013302 _____ C:\Users\window 7\Desktop\FRST - Verknüpfung.lnk
2013-07-31 20:41 - 2013-07-31 20:42 - 00000000 ____D C:\Users\window 7\Documents\Any Video Converter
2013-07-31 20:41 - 2013-07-31 20:41 - 00000940 _____ C:\Users\window 7\Desktop\Any Video Converter.lnk
2013-07-31 20:41 - 2013-07-31 20:41 - 00000000 ____D C:\Users\window 7\AppData\Roaming\OpenCandy
2013-07-31 20:41 - 2013-07-31 20:41 - 00000000 ____D C:\Users\window 7\AppData\Roaming\AnvSoft
2013-07-31 20:39 - 2013-07-31 20:40 - 32238280 _____ (Any-Video-Converter.com                                    ) C:\Users\window 7\Downloads\avc-free.exe
2013-07-31 19:59 - 2013-07-31 19:59 - 00032508 _____ C:\Users\window 7\Downloads\FRST.txt
2013-07-31 19:52 - 2013-07-31 19:52 - 00891098 _____ C:\Users\window 7\Downloads\SecurityCheck.exe
2013-07-31 16:30 - 2013-07-31 16:30 - 02347384 _____ (ESET) C:\Users\window 7\Downloads\esetsmartinstaller_enu.exe
2013-07-30 17:13 - 2013-07-30 17:13 - 00004645 _____ C:\Users\window 7\Desktop\JRT.txt
2013-07-30 17:11 - 2013-07-30 17:11 - 00000000 ____D C:\Windows\ERUNT
2013-07-30 17:10 - 2013-07-30 17:10 - 00562042 _____ (Oleg N. Scherbakov) C:\Users\window 7\Downloads\JRT.exe
2013-07-30 17:09 - 2013-08-01 11:13 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-07-30 17:06 - 2013-07-30 17:07 - 00015847 _____ C:\AdwCleaner[S1].txt
2013-07-30 17:05 - 2013-07-30 17:06 - 00666633 _____ C:\Users\window 7\Downloads\adwcleaner.exe
2013-07-30 03:03 - 2013-07-30 03:05 - 00000000 ____D C:\Windows\system32\MRT
2013-07-29 21:55 - 2013-07-29 21:55 - 00025092 _____ C:\ComboFix.txt
2013-07-29 21:30 - 2013-07-29 21:55 - 00000000 ____D C:\ComboFix
2013-07-29 21:30 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-29 21:30 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-29 21:30 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-29 21:30 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-29 21:30 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-29 21:30 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-29 21:30 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-29 21:30 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-29 21:09 - 2013-07-29 21:55 - 00000000 ____D C:\Qoobox
2013-07-29 21:09 - 2013-07-29 21:53 - 00000000 ____D C:\Windows\erdnt
2013-07-29 19:44 - 2013-07-29 19:44 - 05095176 ____R (Swearware) C:\Users\window 7\Desktop\ComboFix.exe
2013-07-29 19:42 - 2013-07-29 19:42 - 00000873 _____ C:\Users\window 7\Desktop\software - Verknüpfung.lnk
2013-07-29 19:40 - 2013-07-29 19:40 - 00000053 _____ C:\Users\window 7\AppData\Roaming\WB.CFG
2013-07-29 19:40 - 2013-07-29 19:40 - 00000005 _____ C:\Users\window 7\AppData\Roaming\WBPU-TTL.DAT
2013-07-29 18:54 - 2013-07-31 19:57 - 00016543 _____ C:\Users\window 7\Downloads\Addition.txt
2013-07-29 18:52 - 2013-07-29 18:52 - 00000000 ____D C:\FRST
2013-07-29 18:45 - 2013-07-29 18:45 - 01221130 _____ (Farbar) C:\Users\window 7\Desktop\FRST.exe
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-29 18:06 - 2013-07-29 18:07 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup.exe
2013-07-28 18:38 - 2013-07-28 18:38 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\FreemakeVideoConverter
2013-07-28 18:37 - 2013-07-29 18:10 - 00000000 ____D C:\ProgramData\Freemake
2013-07-28 18:37 - 2013-07-28 18:38 - 00000000 ____D C:\Users\window 7\Documents\Freemake
2013-07-28 18:37 - 2013-07-28 18:37 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-28 18:36 - 2013-07-29 18:10 - 00000000 ____D C:\Program Files\Freemake
2013-07-28 18:34 - 2013-07-28 18:34 - 01271944 _____ (Ellora Assets Corporation                                  ) C:\Users\window 7\Downloads\FreemakeVideoConverterSetup.exe
2013-07-28 09:47 - 2013-07-28 09:48 - 00000000 ____D C:\Users\window 7\AppData\Roaming\FRITZ!
2013-07-28 09:47 - 2013-07-28 09:47 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\FRITZ!
2013-07-27 17:18 - 2013-07-27 17:18 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(2).zip
2013-07-27 17:18 - 2013-07-27 17:18 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(2)(1).zip
2013-07-27 17:14 - 2013-07-27 17:14 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(1).zip
2013-07-27 17:14 - 2013-07-27 17:14 - 00000000 ____D C:\Users\window 7\Downloads\MPEG_Streamclip_1.2
2013-07-27 17:10 - 2013-07-27 17:09 - 00554844 _____ C:\Users\window 7\Downloads\mpeg-streamclip.zip
2013-07-27 16:47 - 2013-07-27 16:47 - 01336574 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.9.2(1).dmg
2013-07-27 16:46 - 2013-07-27 16:46 - 01336574 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.9.2.dmg
2013-07-26 18:41 - 2013-07-26 18:41 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2)(1)(1).zip
2013-07-26 18:39 - 2013-07-26 18:39 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2)(1).zip
2013-07-26 18:36 - 2013-07-26 18:37 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2).zip
2013-07-26 17:11 - 2013-08-01 11:13 - 00001282 _____ C:\Windows\Tasks\Plus-HD-2.4-updater.job
2013-07-26 17:11 - 2013-07-26 17:12 - 00000000 ____D C:\ProgramData\FreeDriverScout
2013-07-26 17:11 - 2013-07-26 17:11 - 00000000 ____D C:\Users\window 7\Documents\Freemium Driver Utilities
2013-07-26 17:10 - 2013-08-01 11:13 - 00001890 _____ C:\Windows\Tasks\Plus-HD-2.4-chromeinstaller.job
2013-07-26 17:10 - 2013-08-01 11:13 - 00001814 _____ C:\Windows\Tasks\Plus-HD-2.4-firefoxinstaller.job
2013-07-26 17:10 - 2013-08-01 11:13 - 00001194 _____ C:\Windows\Tasks\Plus-HD-2.4-codedownloader.job
2013-07-26 17:10 - 2013-08-01 11:13 - 00001092 _____ C:\Windows\Tasks\Plus-HD-2.4-enabler.job
2013-07-26 17:10 - 2013-07-27 09:49 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Windows Net Data
2013-07-26 17:10 - 2013-07-26 17:11 - 00000000 ____D C:\Program Files\Plus-HD-2.4
2013-07-26 17:09 - 2013-07-26 17:09 - 00000211 _____ C:\Users\window 7\Desktop\Amazon.url
2013-07-26 17:08 - 2013-07-26 17:08 - 00444400 _____ C:\Users\window 7\Downloads\DLG_free-driver-scout_chip_de-DE.exe
2013-07-26 16:59 - 2013-07-26 16:59 - 01995672 _____ (Driver Whiz) C:\Users\window 7\Downloads\Driverwhiz.exe
2013-07-26 16:31 - 2013-07-26 16:32 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(1).zip
2013-07-26 16:31 - 2013-07-26 16:31 - 00001152 _____ C:\Users\window 7\Desktop\GoPro CineForm Studio.lnk
2013-07-26 15:12 - 2013-07-26 15:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2013-07-26 15:02 - 2013-07-26 15:03 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169.zip
2013-07-25 21:54 - 2013-07-25 21:54 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\GoPro
2013-07-25 16:01 - 2013-07-25 16:01 - 00000000 ____D C:\Users\window 7\AppData\Roaming\GoPro
2013-07-25 15:57 - 2013-07-25 16:00 - 00000000 ____D C:\Users\Public\CineForm
2013-07-25 15:57 - 2013-07-25 15:57 - 00000000 ____D C:\Program Files\CineForm
2013-07-25 15:56 - 2013-07-25 15:56 - 00000000 ____D C:\Program Files\GoPro
2013-07-25 15:53 - 2013-07-25 15:53 - 00000000 ____D C:\Users\window 7\AppData\Roaming\WinRAR
2013-07-25 15:53 - 2013-07-25 15:53 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-25 15:52 - 2013-07-25 15:52 - 00000000 ____D C:\Users\window 7\AppData\Roaming\2V2Z1C1P1H1P1Q1F2W1G1I1F1T1QtAtB
2013-07-25 15:52 - 2013-07-25 15:52 - 00000000 ____D C:\Program Files\WinRAR
2013-07-25 15:51 - 2013-07-25 15:51 - 01619916 _____ C:\Users\window 7\Downloads\wrar420d.exe
2013-07-25 15:50 - 2013-07-25 15:51 - 01188056 _____ C:\Users\window 7\Downloads\winrar setup.exe
2013-07-25 15:49 - 2013-07-25 15:50 - 37873040 _____ C:\Users\window 7\Downloads\GoProCineForm.rar
2013-07-10 20:07 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 20:07 - 2013-06-12 01:43 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 20:07 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-10 20:07 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-10 20:07 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-10 19:15 - 2013-07-10 19:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-10 18:51 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 18:51 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 18:51 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 18:50 - 2013-06-05 05:05 - 02347520 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
147

==================== One Month Modified Files and Folders =======

2013-08-01 11:19 - 2013-08-01 11:15 - 00019166 _____ C:\Users\window 7\Desktop\Addition.txt
2013-08-01 11:17 - 2006-06-01 00:30 - 01358809 _____ C:\Windows\WindowsUpdate.log
2013-08-01 11:15 - 2009-07-14 06:34 - 00026512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-01 11:15 - 2009-07-14 06:34 - 00026512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-01 11:13 - 2013-07-30 17:09 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-08-01 11:13 - 2013-07-26 17:11 - 00001282 _____ C:\Windows\Tasks\Plus-HD-2.4-updater.job
2013-08-01 11:13 - 2013-07-26 17:10 - 00001890 _____ C:\Windows\Tasks\Plus-HD-2.4-chromeinstaller.job
2013-08-01 11:13 - 2013-07-26 17:10 - 00001814 _____ C:\Windows\Tasks\Plus-HD-2.4-firefoxinstaller.job
2013-08-01 11:13 - 2013-07-26 17:10 - 00001194 _____ C:\Windows\Tasks\Plus-HD-2.4-codedownloader.job
2013-08-01 11:13 - 2013-07-26 17:10 - 00001092 _____ C:\Windows\Tasks\Plus-HD-2.4-enabler.job
2013-08-01 11:13 - 2012-09-06 17:13 - 00034622 _____ C:\Users\window 7\DesktopStCenter.txt
2013-08-01 11:13 - 2012-09-01 15:59 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-01 11:13 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-01 11:13 - 2009-07-14 06:39 - 00012021 _____ C:\Windows\setupact.log
2013-08-01 11:11 - 2012-09-01 09:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-01 11:11 - 2010-11-20 23:01 - 01659506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-31 21:21 - 2012-09-01 15:59 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-31 21:19 - 2012-08-29 14:52 - 00000000 ____D C:\Users\window 7
2013-07-31 21:17 - 2013-07-31 21:17 - 00013302 _____ C:\Users\window 7\Desktop\FRST - Verknüpfung.lnk
2013-07-31 20:42 - 2013-07-31 20:41 - 00000000 ____D C:\Users\window 7\Documents\Any Video Converter
2013-07-31 20:41 - 2013-07-31 20:41 - 00000940 _____ C:\Users\window 7\Desktop\Any Video Converter.lnk
2013-07-31 20:41 - 2013-07-31 20:41 - 00000000 ____D C:\Users\window 7\AppData\Roaming\OpenCandy
2013-07-31 20:41 - 2013-07-31 20:41 - 00000000 ____D C:\Users\window 7\AppData\Roaming\AnvSoft
2013-07-31 20:40 - 2013-07-31 20:39 - 32238280 _____ (Any-Video-Converter.com                                    ) C:\Users\window 7\Downloads\avc-free.exe
2013-07-31 20:01 - 2010-11-20 23:48 - 00029736 _____ C:\Windows\PFRO.log
2013-07-31 19:59 - 2013-07-31 19:59 - 00032508 _____ C:\Users\window 7\Downloads\FRST.txt
2013-07-31 19:57 - 2013-07-29 18:54 - 00016543 _____ C:\Users\window 7\Downloads\Addition.txt
2013-07-31 19:52 - 2013-07-31 19:52 - 00891098 _____ C:\Users\window 7\Downloads\SecurityCheck.exe
2013-07-31 16:30 - 2013-07-31 16:30 - 02347384 _____ (ESET) C:\Users\window 7\Downloads\esetsmartinstaller_enu.exe
2013-07-30 21:24 - 2012-09-01 16:02 - 00002166 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-30 17:13 - 2013-07-30 17:13 - 00004645 _____ C:\Users\window 7\Desktop\JRT.txt
2013-07-30 17:11 - 2013-07-30 17:11 - 00000000 ____D C:\Windows\ERUNT
2013-07-30 17:10 - 2013-07-30 17:10 - 00562042 _____ (Oleg N. Scherbakov) C:\Users\window 7\Downloads\JRT.exe
2013-07-30 17:08 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Vss
2013-07-30 17:07 - 2013-07-30 17:06 - 00015847 _____ C:\AdwCleaner[S1].txt
2013-07-30 17:07 - 2012-08-29 16:21 - 00001048 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-30 17:06 - 2013-07-30 17:05 - 00666633 _____ C:\Users\window 7\Downloads\adwcleaner.exe
2013-07-30 03:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-30 03:05 - 2013-07-30 03:03 - 00000000 ____D C:\Windows\system32\MRT
2013-07-29 21:55 - 2013-07-29 21:55 - 00025092 _____ C:\ComboFix.txt
2013-07-29 21:55 - 2013-07-29 21:30 - 00000000 ____D C:\ComboFix
2013-07-29 21:55 - 2013-07-29 21:09 - 00000000 ____D C:\Qoobox
2013-07-29 21:55 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default
2013-07-29 21:55 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2013-07-29 21:53 - 2013-07-29 21:09 - 00000000 ____D C:\Windows\erdnt
2013-07-29 21:49 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini
2013-07-29 21:48 - 2009-07-14 04:03 - 47710208 _____ C:\Windows\system32\config\software.bak
2013-07-29 21:48 - 2009-07-14 04:03 - 12845056 _____ C:\Windows\system32\config\system.bak
2013-07-29 21:48 - 2009-07-14 04:03 - 00524288 _____ C:\Windows\system32\config\default.bak
2013-07-29 21:48 - 2009-07-14 04:03 - 00262144 _____ C:\Windows\system32\config\security.bak
2013-07-29 21:48 - 2009-07-14 04:03 - 00262144 _____ C:\Windows\system32\config\sam.bak
2013-07-29 21:30 - 2012-08-29 15:47 - 00001912 _____ C:\Windows\epplauncher.mif
2013-07-29 19:44 - 2013-07-29 19:44 - 05095176 ____R (Swearware) C:\Users\window 7\Desktop\ComboFix.exe
2013-07-29 19:42 - 2013-07-29 19:42 - 00000873 _____ C:\Users\window 7\Desktop\software - Verknüpfung.lnk
2013-07-29 19:40 - 2013-07-29 19:40 - 00000053 _____ C:\Users\window 7\AppData\Roaming\WB.CFG
2013-07-29 19:40 - 2013-07-29 19:40 - 00000005 _____ C:\Users\window 7\AppData\Roaming\WBPU-TTL.DAT
2013-07-29 18:52 - 2013-07-29 18:52 - 00000000 ____D C:\FRST
2013-07-29 18:45 - 2013-07-29 18:45 - 01221130 _____ (Farbar) C:\Users\window 7\Desktop\FRST.exe
2013-07-29 18:10 - 2013-07-28 18:37 - 00000000 ____D C:\ProgramData\Freemake
2013-07-29 18:10 - 2013-07-28 18:36 - 00000000 ____D C:\Program Files\Freemake
2013-07-29 18:08 - 2013-07-29 18:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-29 18:07 - 2013-07-29 18:06 - 00717160 _____ C:\Users\window 7\Downloads\ZipOpenerSetup.exe
2013-07-29 17:06 - 2013-02-18 18:39 - 00000000 ____D C:\Users\Public\Documents\MAGIX_Video_deluxe_2007_2008
2013-07-29 16:56 - 2010-11-21 02:38 - 00000000 ____D C:\Windows\DigitalLocker
2013-07-29 16:48 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-07-28 18:50 - 2012-08-29 14:52 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\VirtualStore
2013-07-28 18:38 - 2013-07-28 18:38 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\FreemakeVideoConverter
2013-07-28 18:38 - 2013-07-28 18:37 - 00000000 ____D C:\Users\window 7\Documents\Freemake
2013-07-28 18:37 - 2013-07-28 18:37 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-28 18:37 - 2012-09-21 13:43 - 00000000 ____D C:\Users\window 7\AppData\Roaming\TuneUp Software
2013-07-28 18:37 - 2012-09-21 13:43 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-07-28 18:34 - 2013-07-28 18:34 - 01271944 _____ (Ellora Assets Corporation                                  ) C:\Users\window 7\Downloads\FreemakeVideoConverterSetup.exe
2013-07-28 09:48 - 2013-07-28 09:47 - 00000000 ____D C:\Users\window 7\AppData\Roaming\FRITZ!
2013-07-28 09:47 - 2013-07-28 09:47 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\FRITZ!
2013-07-27 17:18 - 2013-07-27 17:18 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(2).zip
2013-07-27 17:18 - 2013-07-27 17:18 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(2)(1).zip
2013-07-27 17:14 - 2013-07-27 17:14 - 00554844 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.2(1).zip
2013-07-27 17:14 - 2013-07-27 17:14 - 00000000 ____D C:\Users\window 7\Downloads\MPEG_Streamclip_1.2
2013-07-27 17:09 - 2013-07-27 17:10 - 00554844 _____ C:\Users\window 7\Downloads\mpeg-streamclip.zip
2013-07-27 16:47 - 2013-07-27 16:47 - 01336574 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.9.2(1).dmg
2013-07-27 16:46 - 2013-07-27 16:46 - 01336574 _____ C:\Users\window 7\Downloads\MPEG_Streamclip_1.9.2.dmg
2013-07-27 09:49 - 2013-07-26 17:10 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Windows Net Data
2013-07-26 18:41 - 2013-07-26 18:41 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2)(1)(1).zip
2013-07-26 18:39 - 2013-07-26 18:39 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2)(1).zip
2013-07-26 18:37 - 2013-07-26 18:36 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(2).zip
2013-07-26 17:12 - 2013-07-26 17:11 - 00000000 ____D C:\ProgramData\FreeDriverScout
2013-07-26 17:11 - 2013-07-26 17:11 - 00000000 ____D C:\Users\window 7\Documents\Freemium Driver Utilities
2013-07-26 17:11 - 2013-07-26 17:10 - 00000000 ____D C:\Program Files\Plus-HD-2.4
2013-07-26 17:09 - 2013-07-26 17:09 - 00000211 _____ C:\Users\window 7\Desktop\Amazon.url
2013-07-26 17:08 - 2013-07-26 17:08 - 00444400 _____ C:\Users\window 7\Downloads\DLG_free-driver-scout_chip_de-DE.exe
2013-07-26 16:59 - 2013-07-26 16:59 - 01995672 _____ (Driver Whiz) C:\Users\window 7\Downloads\Driverwhiz.exe
2013-07-26 16:32 - 2013-07-26 16:31 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169(1).zip
2013-07-26 16:31 - 2013-07-26 16:31 - 00001152 _____ C:\Users\window 7\Desktop\GoPro CineForm Studio.lnk
2013-07-26 16:30 - 2012-12-27 17:45 - 00014834 _____ C:\Windows\DPINST.LOG
2013-07-26 15:12 - 2013-07-26 15:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2013-07-26 15:03 - 2013-07-26 15:02 - 37890942 _____ C:\Users\window 7\Downloads\GoProCineFormStudioPC-1.3.2.169.zip
2013-07-25 21:54 - 2013-07-25 21:54 - 00000000 ____D C:\Users\WINDOW~1\AppData\Local\GoPro
2013-07-25 16:01 - 2013-07-25 16:01 - 00000000 ____D C:\Users\window 7\AppData\Roaming\GoPro
2013-07-25 16:00 - 2013-07-25 15:57 - 00000000 ____D C:\Users\Public\CineForm
2013-07-25 15:57 - 2013-07-25 15:57 - 00000000 ____D C:\Program Files\CineForm
2013-07-25 15:57 - 2012-09-01 16:53 - 00000000 ____D C:\Program Files\DIFX
2013-07-25 15:56 - 2013-07-25 15:56 - 00000000 ____D C:\Program Files\GoPro
2013-07-25 15:53 - 2013-07-25 15:53 - 00000000 ____D C:\Users\window 7\AppData\Roaming\WinRAR
2013-07-25 15:53 - 2013-07-25 15:53 - 00000000 ____D C:\Users\window 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-25 15:52 - 2013-07-25 15:52 - 00000000 ____D C:\Users\window 7\AppData\Roaming\2V2Z1C1P1H1P1Q1F2W1G1I1F1T1QtAtB
2013-07-25 15:52 - 2013-07-25 15:52 - 00000000 ____D C:\Program Files\WinRAR
2013-07-25 15:51 - 2013-07-25 15:51 - 01619916 _____ C:\Users\window 7\Downloads\wrar420d.exe
2013-07-25 15:51 - 2013-07-25 15:50 - 01188056 _____ C:\Users\window 7\Downloads\winrar setup.exe
2013-07-25 15:50 - 2013-07-25 15:49 - 37873040 _____ C:\Users\window 7\Downloads\GoProCineForm.rar
2013-07-24 17:56 - 2012-08-29 16:21 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-24 17:47 - 2009-07-14 06:33 - 00436992 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-24 17:46 - 2010-11-21 02:47 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-24 17:46 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-10 20:09 - 2012-09-03 11:35 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-10 19:16 - 2013-07-10 19:15 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-25 20:27

==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-07-2013
Ran by window 7 at 2013-08-01 11:20:36
Running from C:\Users\window 7\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

7-Zip 9.20
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Alpen-Overlay EUROPE
Any Video Converter 5.0.7
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
AVM FRITZ!DSL (Version: 2.04.03)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Firebird SQL Server - MAGIX Edition 2.0.0.1 (D) (Version: 2.0.0.1)
Fotogalerie (Version: 16.4.3503.0728)
Garmin City Navigator Europe NT 2008 (Version: 10.0.0.1)
Garmin City Navigator Europe NT 2013.20 Update (Version: 16.20.0.0)
Garmin City Navigator Europe NT 2013.30 Update (Version: 16.30.0.0)
Garmin City Navigator Europe NT 2013.41 Update (Version: 16.41.0.0)
Garmin Communicator Plugin (Version: 4.0.3)
Garmin MapSource (Version: 6.16.3)
Garmin USB Drivers (Version: 2.3.0.0)
GIMP 2.8.2 (Version: 2.8.2)
Google Chrome (Version: 28.0.1500.95)
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.153)
GoPro CineForm Studio 1.3.1 (Version: 1.3.1)
Greenshot
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.1930)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Junk Mail filter update (Version: 16.4.3503.0728)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0)
MAGIX Foto Manager 2007 4.1.1.75 (D) (Version: 4.1.1.75)
MAGIX Goya burnR 2.3.1.3 (D) (Version: 2.3.1.3)
MAGIX Music Manager 2007 8.1.1.108 (D) (Version: 8.1.1.108)
MAGIX Online Druck Service 2.3.2.0 (D) (Version: 2.3.2.0)
MAGIX Video deluxe 2007 2008 7.0.0.26 (D) (Version: 7.0.0.26)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SkyDrive (HKCU Version: 17.0.2011.0627)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft XML Parser (Version: 8.0.7820.0)
Movie Maker (Version: 16.4.3503.0728)
Mozilla Firefox 22.0 (x86 de) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyFreeCodec
Open It! (Version: 1.1.1)
Pandora Service
PDFCreator (Version: 1.5.0)
PDF-Viewer (Version: 2.5.205.0)
Photo Gallery (Version: 16.4.3503.0728)
QuickTime (Version: 7.73.80.64)
Remote Control USB Driver (Version: 2.3.2.317)
Samsung Kies (Version: 2.3.2.12074_13)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.9.0)
The KMPlayer (remove only)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Zip Opener
Winamp (Version: 5.63 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (Version: 03/07/2012 )
Windows Live Communications Platform (Version: 16.4.3503.0728)
Windows Live Essentials (Version: 16.4.3503.0728)
Windows Live Family Safety (Version: 16.4.3503.0728)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3503.0728)
Windows Live Mail (Version: 16.4.3503.0728)
Windows Live Messenger (Version: 16.4.3503.0728)
Windows Live MIME IFilter (Version: 16.4.3503.0728)
Windows Live Photo Common (Version: 16.4.3503.0728)
Windows Live PIMT Platform (Version: 16.4.3503.0728)
Windows Live SOXE (Version: 16.4.3503.0728)
Windows Live SOXE Definitions (Version: 16.4.3503.0728)
Windows Live UX Platform (Version: 16.4.3503.0728)
Windows Live UX Platform Language Pack (Version: 16.4.3503.0728)
Windows Live Writer (Version: 16.4.3503.0728)
Windows Live Writer Resources (Version: 16.4.3503.0728)
Windows Utils
WinRAR 4.20 (32-Bit) (Version: 4.20.0)
WinRAR Packages
Zip Opener Packages
Zip Opener Packages 36
 

==================== Restore Points  =========================

26-07-2013 15:00:26 Installed Driver Whiz.
26-07-2013 15:09:23 Free Driver Scout
26-07-2013 18:08:44 Windows Update
28-07-2013 17:01:02 Windows-Sicherung
28-07-2013 17:59:50 TuneUp Utilities 2013 wird entfernt
28-07-2013 18:00:39 TuneUp Utilities Language Pack (de-DE) wird entfernt
29-07-2013 14:42:13 Preispilot wird entfernt
29-07-2013 16:09:03 Free Driver Scout
29-07-2013 20:05:20 Windows Update
30-07-2013 01:00:11 Windows Update
31-07-2013 18:43:06 TuneUp Utilities 2013 wird entfernt
31-07-2013 18:43:51 TuneUp Utilities Language Pack (de-DE) wird entfernt
01-08-2013 09:11:47 Windows Modules Installer

==================== Hosts content: ==========================

2009-07-14 04:04 - 2013-07-29 21:49 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0120CC8B-5A9E-4628-9544-994D55FC9D5D} - System32\Tasks\Plus-HD-2.4-enabler => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-enabler.exe [2013-07-26] (Plus HD)
Task: {10F51391-CD11-4D97-A087-5956B1323578} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {12CC3495-E4ED-4991-9050-121A7DDDFCF9} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {147386C2-F349-4EB8-A2D6-4C24B2191E2C} - System32\Tasks\QtraxPlayer => C:\Program Files\Microsoft Silverlight\sllauncher.exe [2013-05-13] (Microsoft Corporation)
Task: {2F9ADF7A-AC91-4F6B-91B2-098111767009} - System32\Tasks\Software Updater Ui => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe No File
Task: {34FCDD53-6492-487E-AE6B-748DC58A58D2} - System32\Tasks\DealPlyUpdate => C:\Program Files\DealPly\DealPlyUpdate.exe No File
Task: {35A68587-C38F-412C-806F-7FFE09F14757} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {3B9C0DC2-8833-4E09-A1D1-E2A3DA3CD9E1} - System32\Tasks\LyricXeeker Update => C:\Program Files\LyriXeeker\LyriXupdate.exe No File
Task: {42AF82C4-1CF7-4B02-9834-4657E71DA5AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-01] (Google Inc.)
Task: {4B2248E4-306C-4D53-B182-B15F4D0DB8F7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-17] (Adobe Systems Incorporated)
Task: {50068265-2FC8-4734-93DC-DAFD621A0365} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5BA83F89-B357-444E-A9F4-CAD79D2904C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-01] (Google Inc.)
Task: {6CA566BF-CFCE-40CF-AE4A-9C6E234E4731} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {70BB4770-FBFC-42E2-AAE2-C6A37C1C14D4} - System32\Tasks\EPUpdater => C:\Users\WINDOW~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe No File
Task: {785FAF3D-1197-4944-AB0C-364287973C69} - System32\Tasks\Plus-HD-2.4-codedownloader => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-codedownloader.exe [2013-07-26] (Plus HD)
Task: {810CA79C-4DE9-4C6A-8AE0-1F6613D418BE} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe No File
Task: {88FEE2A9-D98C-441F-BAFA-50F84B4C5167} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe No File
Task: {A103C951-F7DA-4579-AD31-79B32A09D230} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {AD4355BC-EAF8-46CF-A569-65EA582B2704} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {BC3695F1-DC5F-48B1-BA01-A0013F2E04C0} - System32\Tasks\Plus-HD-2.4-updater => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-updater.exe [2013-07-26] (Plus HD)
Task: {DCE04B96-025E-43E5-B994-0579182DA072} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2009-07-14] (Microsoft Corporation)
Task: {E4C7ADED-445A-4D7D-9C33-95C8DEAA867D} - System32\Tasks\User_Feed_Synchronization-{846F7D41-A1CA-4284-9A04-9A8B08F0D732} => C:\Windows\system32\msfeedssync.exe [2013-05-28] (Microsoft Corporation)
Task: {EA443B7A-ADF3-46B7-8D5F-3AD0F69F9E4B} - System32\Tasks\Plus-HD-2.4-firefoxinstaller => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-firefoxinstaller.exe [2013-07-26] (Plus HD)
Task: {FD82EDD5-8FC0-4809-AE01-B9F91155C293} - System32\Tasks\Plus-HD-2.4-chromeinstaller => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-chromeinstaller.exe [2013-07-26] (Plus HD)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-chromeinstaller.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-chromeinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-codedownloader.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-codedownloader.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-enabler.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-enabler.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-firefoxinstaller.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-firefoxinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-updater.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-updater.exe

==================== Faulty Device Manager Devices =============

Name: Paralleler PCI-Anschluss
Description: Paralleler PCI-Anschluss
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/01/2013 11:14:51 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2013 11:04:04 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2013 09:06:33 PM) (Source: Application Hang) (User: )
Description: Programm Videodeluxe.exe, Version 7.0.0.26 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: bd4

Startzeit: 01ce8e1ad9c21f8b

Endzeit: 667

Anwendungspfad: C:\Program Files\MAGIX\Video_deluxe_2007_2008\Videodeluxe.exe

Berichts-ID: 184c9ae1-fa14-11e2-852c-0019990b8aa0

Error: (07/31/2013 08:03:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2013 03:20:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2013 10:04:23 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/01/2013 11:13:39 AM) (Source: ipnathlp) (User: )
Description: 192.168.178.27192.168.137.0255.255.255.0

Error: (08/01/2013 11:13:39 AM) (Source: ipnathlp) (User: )
Description:

Error: (08/01/2013 11:03:25 AM) (Source: ipnathlp) (User: )
Description: 192.168.178.27192.168.137.0255.255.255.0

Error: (08/01/2013 11:03:25 AM) (Source: ipnathlp) (User: )
Description:

Error: (07/31/2013 08:02:04 PM) (Source: ipnathlp) (User: )
Description: 192.168.178.27192.168.137.0255.255.255.0

Error: (07/31/2013 08:02:04 PM) (Source: ipnathlp) (User: )
Description:

Error: (07/31/2013 03:19:24 PM) (Source: ipnathlp) (User: )
Description: 192.168.178.27192.168.137.0255.255.255.0

Error: (07/31/2013 03:19:24 PM) (Source: ipnathlp) (User: )
Description:

Error: (07/31/2013 10:03:35 AM) (Source: ipnathlp) (User: )
Description: 192.168.178.27192.168.137.0255.255.255.0

Error: (07/31/2013 10:03:35 AM) (Source: ipnathlp) (User: )
Description:


Microsoft Office Sessions:
=========================
Error: (08/01/2013 11:14:51 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2013 11:04:04 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2013 09:06:33 PM) (Source: Application Hang)(User: )
Description: Videodeluxe.exe7.0.0.26bd401ce8e1ad9c21f8b667C:\Program Files\MAGIX\Video_deluxe_2007_2008\Videodeluxe.exe184c9ae1-fa14-11e2-852c-0019990b8aa0

Error: (07/31/2013 08:03:04 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2013 03:20:07 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2013 10:04:23 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 49%
Total physical RAM: 2037.98 MB
Available physical RAM: 1032.52 MB
Total Pagefile: 4075.97 MB
Available Pagefile: 2905.94 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.2 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:233.88 GB) (Free:186.83 GB) NTFS
Drive e: (Volume) (Fixed) (Total:231.78 GB) (Free:98.14 GB) NTFS
Drive g: (DATA) (Fixed) (Total:465.65 GB) (Free:104.56 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 07D76439)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=234 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: C56B40C4)
Partition 1: (Not Active) - (Size=466 GB) - (Type=0C)

==================== End Of Log ============================

schrauber 01.08.2013 11:49
Ich hab keinen Fetisch :D

Noch Probleme?


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:09 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19