Trojaner-Board - Internetexplorer öffnet getwindowinfo

FRST

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-08-2013

Ran by Schlagi (administrator) on 28-08-2013 12:16:58

Running from C:\Users\Schlagi\Downloads

Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 8

Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

(AMD) C:\Windows\system32\atiesrxx.exe

(AMD) C:\Windows\system32\atieclxx.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(Windows Net) C:\Users\Schlagi\AppData\Roaming\Windows Net Data\net.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Google Inc.) C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\chrome.exe

(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

(Google Inc.) C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\chrome.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)

HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-26] (CANON INC.)

HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)

HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1635752 2013-05-04] (Valve Corporation)

HKCU\...\Run: [Google Update] - C:\Users\Schlagi\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-05] (Google Inc.)

HKCU\...\Run: [Hoolapp Android] - "C:\Users\Schlagi\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized [x]

MountPoints2: {36d4629d-296d-11e1-8038-f80d8690f17b} - "D:\WD SmartWare.exe" autoplay=true

MountPoints2: {7985e65d-28b4-11e1-bea0-806e6f6e6963} - E:\Setup.exe

HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-11-02] (Apple Inc.)

HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2012-01-16] (Apple Inc.)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-28] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31072 2008-10-25] (Microsoft Corporation)

AppInit_DLLs-x32: c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll [97280 2009-07-14] ()

Startup: C:\Users\Schlagi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk

ShortcutTarget: net.lnk -> C:\Users\Schlagi\AppData\Roaming\Windows Net Data\net.exe (Windows Net)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: msdaipp - No CLSID Value - 

Handler-x32: msdaipp - No CLSID Value - 

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Schlagi\AppData\Roaming\Mozilla\Firefox\Profiles\s85cq4r5.default

FF NewTab: hxxp://www.delta-search.com/?affID=119370&babsrc=NT_ss&mntrId=14cad92a000000000000d85d4c8be0d2

FF SelectedSearchEngine: Delta Search

FF Homepage: hxxp://www.delta-search.com/?affID=119370&babsrc=HP_ss&mntrId=14cad92a000000000000d85d4c8be0d2

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File

FF Plugin-x32: @esn/esnlaunch,version=2.1.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)

FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Schlagi\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Schlagi\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF SearchPlugin: C:\Users\Schlagi\AppData\Roaming\Mozilla\Firefox\Profiles\s85cq4r5.default\searchplugins\babylon.xml

FF SearchPlugin: C:\Users\Schlagi\AppData\Roaming\Mozilla\Firefox\Profiles\s85cq4r5.default\searchplugins\BrowserProtect.xml

FF SearchPlugin: C:\Users\Schlagi\AppData\Roaming\Mozilla\Firefox\Profiles\s85cq4r5.default\searchplugins\delta.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

FF Extension: Delta Toolbar - C:\Users\Schlagi\AppData\Roaming\Mozilla\Firefox\Profiles\s85cq4r5.default\Extensions\ffxtlbr@delta.com

FF Extension: No Name - C:\Users\Schlagi\AppData\Roaming\Mozilla\Firefox\Profiles\s85cq4r5.default\Extensions\staged

FF Extension: webbooster - C:\Users\Schlagi\AppData\Roaming\Mozilla\Firefox\Profiles\s85cq4r5.default\Extensions\webbooster@iminent.com.xpi

FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 

Chrome: 

=======

CHR HomePage: hxxp://www.delta-search.com/?affID=119370&babsrc=HP_ss&mntrId=14cad92a000000000000d85d4c8be0d2

CHR RestoreOnStartup: "hxxp://www.google.de/"

CHR DefaultSearchURL: (Delta Search) - hxxp://www.delta-search.com/?q={searchTerms}&affID=119370&babsrc=SP_ss&mntrId=14cad92a000000000000d85d4c8be0d2

CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}

CHR Plugin: (Shockwave Flash) - C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\29.0.1547.57\gcswf32.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_95.dll No File

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\29.0.1547.57\pdf.dll ()

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)

CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File

CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Google Update) - C:\Users\Schlagi\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File

CHR Plugin: (Default Plug-in) - default_plugin No File

CHR Extension: (FoxyDeal) - C:\Users\Schlagi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiennapmieppnpfhhogglccgepbdajan\6.2.0_0

CHR Extension: (YouTube) - C:\Users\Schlagi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0

CHR Extension: (Google Search) - C:\Users\Schlagi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0

CHR Extension: (Iminent) - C:\Users\Schlagi\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\7.33.3.1_0

CHR Extension: (Chrome In-App Payments service) - C:\Users\Schlagi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0

CHR Extension: (Gmail) - C:\Users\Schlagi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

CHR StartMenuInternet: Google Chrome - C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\chrome.exe
 

==================== Services (Whitelisted) =================
 

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-09-28] (Advanced Micro Devices, Inc.)

R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-02-14] ()

S2 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [296448 2013-04-30] ()
 

==================== Drivers (Whitelisted) ====================
 

R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)

S2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)

R3 NvnUsbAudio; C:\Windows\System32\DRIVERS\nvnusbaudio.sys [53080 2011-07-07] (Novation DMS Ltd.)

R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

S3 VGPU; System32\drivers\rdvgkmd.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-08-28 12:11 - 2013-08-28 12:11 - 00001132 _____ C:\Users\Schlagi\Desktop\Continue Zip Opener Installation.lnk

2013-08-28 12:11 - 2013-08-28 12:11 - 00000000 ____D C:\FRST

2013-08-28 12:10 - 2013-08-28 12:10 - 00714816 _____ C:\Users\Schlagi\Downloads\ZipOpenerSetup.exe

2013-08-28 11:35 - 2012-09-13 12:32 - 00000000 ____D C:\Users\Schlagi\Desktop\Natur & Techno

2013-08-28 11:14 - 2013-08-28 11:17 - 171933977 _____ C:\Users\Schlagi\Downloads\Natur & Techno.zip

2013-08-28 11:08 - 2013-08-28 11:08 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-08-28 11:08 - 2013-08-28 11:08 - 00000000 ____D C:\Users\Schlagi\AppData\Roaming\Malwarebytes

2013-08-28 11:08 - 2013-08-28 11:08 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-08-28 11:08 - 2013-08-28 11:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-08-28 11:08 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2013-08-28 11:07 - 2013-08-28 11:07 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Schlagi\Downloads\mbam-setup-1.75.0.1300.exe

2013-08-27 21:40 - 2013-08-27 21:51 - 00000000 ____D C:\Users\Schlagi\AppData\Local\Garmin

2013-08-27 21:39 - 2013-08-27 21:39 - 00000000 ____D C:\Users\Schlagi\AppData\Local\GARMIN_Corp

2013-08-27 21:37 - 2013-08-27 21:38 - 55449536 _____ C:\Users\Schlagi\Downloads\BaseCamp_422.exe

2013-08-27 21:34 - 2013-08-27 21:41 - 263641200 _____ C:\Users\Schlagi\Downloads\mtbbayern.exe

2013-08-27 21:00 - 2013-08-27 21:10 - 505059061 _____ C:\Users\Schlagi\Downloads\OSM Radkarte 19.09.2010 MapSource Installer.exe

2013-08-27 20:59 - 2013-08-27 20:59 - 00000000 ____D C:\ProgramData\GARMIN

2013-08-27 20:57 - 2013-08-27 20:57 - 00000000 ____D C:\Users\Schlagi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Garmin

2013-08-27 20:51 - 2013-08-27 20:57 - 310259515 _____ C:\Users\Schlagi\Downloads\Nicht bestätigt 146666.crdownload

2013-08-27 20:30 - 2013-08-27 20:30 - 00000000 ____D C:\Users\Schlagi\Documents\Mein Garmin

2013-08-27 20:29 - 2013-08-27 21:39 - 00000000 ____D C:\WebUpdater

2013-08-27 17:58 - 2013-08-27 17:59 - 00894600 _____ (CNET Download.com) C:\Users\Schlagi\Downloads\cbsidlm-cbsi134-Garmin_MapSource-ORG-75123302.exe

2013-08-27 17:53 - 2013-08-27 21:42 - 00000000 ____D C:\Garmin

2013-08-27 17:53 - 2013-08-27 17:53 - 02133229 _____ C:\Users\Schlagi\Downloads\GPSMAP60Cx_400.exe

2013-08-27 17:28 - 2013-08-27 21:40 - 00000000 ____D C:\Users\Schlagi\AppData\Roaming\Garmin

2013-08-27 17:28 - 2013-08-27 21:38 - 00000000 ____D C:\Program Files (x86)\Garmin

2013-08-27 17:28 - 2013-08-27 17:28 - 05096296 _____ (Igor Pavlov) C:\Users\Schlagi\Downloads\USBDrivers_231.exe

2013-08-27 17:28 - 2013-08-27 17:28 - 00000000 ____D C:\Program Files\DIFX

2013-08-27 17:26 - 2013-08-27 17:43 - 867543458 _____ C:\Users\Schlagi\Downloads\mtbnavi_alpen_garmin.zip

2013-08-27 10:29 - 2013-08-27 10:29 - 00000000 ____D C:\Users\Schlagi\AppData\Local\Lula

2013-08-27 10:28 - 2013-08-27 10:38 - 00000000 ____D C:\Users\Schlagi\Documents\Lula

2013-08-27 10:27 - 2013-08-28 12:07 - 00000000 ____D C:\Users\Schlagi\AppData\Roaming\Iminent

2013-08-27 10:27 - 2013-08-28 12:07 - 00000000 ____D C:\ProgramData\Iminent

2013-08-27 10:27 - 2013-08-27 10:27 - 00000620 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog

2013-08-27 10:26 - 2013-08-27 13:21 - 00000000 ____D C:\Users\Schlagi\AppData\Roaming\Windows Net Data

2013-08-27 10:26 - 2013-08-27 10:26 - 00000000 ____D C:\Program Files (x86)\FoxyDeal

2013-08-27 10:25 - 2013-08-27 10:25 - 00000000 ____D C:\Users\Schlagi\AppData\Local\Software Updater

2013-08-27 10:25 - 2013-08-27 10:25 - 00000000 ____D C:\Users\Schlagi\AppData\Local\DownloadGuide

2013-08-22 13:03 - 2013-08-22 13:03 - 17737608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
 

==================== One Month Modified Files and Folders =======
 

2013-08-28 12:16 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-08-28 12:16 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-08-28 12:13 - 2013-02-18 18:19 - 00004208 _____ C:\Windows\System32\Tasks\Software Updater

2013-08-28 12:13 - 2013-02-18 18:19 - 00004184 _____ C:\Windows\System32\Tasks\Software Updater Ui

2013-08-28 12:13 - 2011-04-12 09:43 - 00653928 _____ C:\Windows\system32\perfh007.dat

2013-08-28 12:13 - 2011-04-12 09:43 - 00129800 _____ C:\Windows\system32\perfc007.dat

2013-08-28 12:13 - 2009-07-14 07:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI

2013-08-28 12:12 - 2011-12-17 15:46 - 01100370 _____ C:\Windows\WindowsUpdate.log

2013-08-28 12:11 - 2013-08-28 12:11 - 01579080 _____ (Farbar) C:\Users\Schlagi\Downloads\FRST64.exe

2013-08-28 12:11 - 2013-08-28 12:11 - 00001132 _____ C:\Users\Schlagi\Desktop\Continue Zip Opener Installation.lnk

2013-08-28 12:11 - 2013-08-28 12:11 - 00000000 ____D C:\FRST

2013-08-28 12:10 - 2013-08-28 12:10 - 00714816 _____ C:\Users\Schlagi\Downloads\ZipOpenerSetup.exe

2013-08-28 12:10 - 2011-12-21 14:19 - 00000000 ____D C:\Program Files (x86)\Steam

2013-08-28 12:08 - 2010-11-21 05:47 - 00053888 _____ C:\Windows\PFRO.log

2013-08-28 12:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-08-28 12:08 - 2009-07-14 06:51 - 00058294 _____ C:\Windows\setupact.log

2013-08-28 12:07 - 2013-08-27 10:27 - 00000000 ____D C:\Users\Schlagi\AppData\Roaming\Iminent

2013-08-28 12:07 - 2013-08-27 10:27 - 00000000 ____D C:\ProgramData\Iminent

2013-08-28 12:04 - 2012-01-05 15:05 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2435000987-2487341678-1916103114-1000UA.job

2013-08-28 12:04 - 2012-01-05 15:05 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2435000987-2487341678-1916103114-1000Core.job

2013-08-28 12:03 - 2011-12-17 15:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-08-28 11:52 - 2012-02-03 17:58 - 00000000 ____D C:\Users\Schlagi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TubeBox!

2013-08-28 11:52 - 2012-01-30 20:57 - 00000000 ____D C:\Windows\system32\appmgmt

2013-08-28 11:37 - 2013-02-18 18:19 - 00000000 ____D C:\Program Files (x86)\Freetec

2013-08-28 11:37 - 2013-02-18 18:18 - 00000000 ____D C:\ProgramData\Package Cache

2013-08-28 11:17 - 2013-08-28 11:14 - 171933977 _____ C:\Users\Schlagi\Downloads\Natur & Techno.zip

2013-08-28 11:08 - 2013-08-28 11:08 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-08-28 11:08 - 2013-08-28 11:08 - 00000000 ____D C:\Users\Schlagi\AppData\Roaming\Malwarebytes

2013-08-28 11:08 - 2013-08-28 11:08 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-08-28 11:08 - 2013-08-28 11:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-08-28 11:07 - 2013-08-28 11:07 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Schlagi\Downloads\mbam-setup-1.75.0.1300.exe

2013-08-27 21:51 - 2013-08-27 21:40 - 00000000 ____D C:\Users\Schlagi\AppData\Local\Garmin

2013-08-27 21:42 - 2013-08-27 17:53 - 00000000 ____D C:\Garmin

2013-08-27 21:41 - 2013-08-27 21:34 - 263641200 _____ C:\Users\Schlagi\Downloads\mtbbayern.exe

2013-08-27 21:40 - 2013-08-27 17:28 - 00000000 ____D C:\Users\Schlagi\AppData\Roaming\Garmin

2013-08-27 21:39 - 2013-08-27 21:39 - 00000000 ____D C:\Users\Schlagi\AppData\Local\GARMIN_Corp

2013-08-27 21:39 - 2013-08-27 20:29 - 00000000 ____D C:\WebUpdater

2013-08-27 21:38 - 2013-08-27 21:37 - 55449536 _____ C:\Users\Schlagi\Downloads\BaseCamp_422.exe

2013-08-27 21:38 - 2013-08-27 17:28 - 00000000 ____D C:\Program Files (x86)\Garmin

2013-08-27 21:10 - 2013-08-27 21:00 - 505059061 _____ C:\Users\Schlagi\Downloads\OSM Radkarte 19.09.2010 MapSource Installer.exe

2013-08-27 20:59 - 2013-08-27 20:59 - 00000000 ____D C:\ProgramData\GARMIN

2013-08-27 20:57 - 2013-08-27 20:57 - 00000000 ____D C:\Users\Schlagi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Garmin

2013-08-27 20:57 - 2013-08-27 20:51 - 310259515 _____ C:\Users\Schlagi\Downloads\Nicht bestätigt 146666.crdownload

2013-08-27 20:30 - 2013-08-27 20:30 - 00000000 ____D C:\Users\Schlagi\Documents\Mein Garmin

2013-08-27 17:59 - 2013-08-27 17:58 - 00894600 _____ (CNET Download.com) C:\Users\Schlagi\Downloads\cbsidlm-cbsi134-Garmin_MapSource-ORG-75123302.exe

2013-08-27 17:53 - 2013-08-27 17:53 - 02133229 _____ C:\Users\Schlagi\Downloads\GPSMAP60Cx_400.exe

2013-08-27 17:43 - 2013-08-27 17:26 - 867543458 _____ C:\Users\Schlagi\Downloads\mtbnavi_alpen_garmin.zip

2013-08-27 17:28 - 2013-08-27 17:28 - 05096296 _____ (Igor Pavlov) C:\Users\Schlagi\Downloads\USBDrivers_231.exe

2013-08-27 17:28 - 2013-08-27 17:28 - 00000000 ____D C:\Program Files\DIFX

2013-08-27 13:21 - 2013-08-27 10:26 - 00000000 ____D C:\Users\Schlagi\AppData\Roaming\Windows Net Data

2013-08-27 13:21 - 2012-09-24 18:44 - 00000000 ____D C:\Users\Schlagi\Desktop\Küche

2013-08-27 10:38 - 2013-08-27 10:28 - 00000000 ____D C:\Users\Schlagi\Documents\Lula

2013-08-27 10:29 - 2013-08-27 10:29 - 00000000 ____D C:\Users\Schlagi\AppData\Local\Lula

2013-08-27 10:28 - 2013-02-18 18:20 - 00000000 ____D C:\Users\Schlagi\AppData\Local\Freetec

2013-08-27 10:27 - 2013-08-27 10:27 - 00000620 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog

2013-08-27 10:26 - 2013-08-27 10:26 - 00000000 ____D C:\Program Files (x86)\FoxyDeal

2013-08-27 10:26 - 2011-12-17 15:44 - 00000000 ___RD C:\Users\Schlagi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-08-27 10:25 - 2013-08-27 10:25 - 00000000 ____D C:\Users\Schlagi\AppData\Local\Software Updater

2013-08-27 10:25 - 2013-08-27 10:25 - 00000000 ____D C:\Users\Schlagi\AppData\Local\DownloadGuide

2013-08-23 10:10 - 2012-01-05 15:06 - 00002380 _____ C:\Users\Schlagi\Desktop\Google Chrome.lnk

2013-08-22 13:03 - 2013-08-22 13:03 - 17737608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

2013-08-22 13:03 - 2011-12-17 15:45 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-08-22 13:03 - 2011-12-17 15:45 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-08-22 13:03 - 2011-12-17 15:45 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2013-07-30 19:55 - 2013-05-06 20:06 - 00000000 ____D C:\Users\Schlagi\Documents\ArmA 2
 

Files to move or delete:

====================

C:\Users\Schlagi\AppData\Local\Temp\devcon.exe

C:\Users\Schlagi\AppData\Local\Temp\ICReinstall_ZipOpenerSetup.exe

C:\Users\Schlagi\AppData\Local\Temp\installerdll103615.dll

C:\Users\Schlagi\AppData\Local\Temp\installerdll177419.dll

C:\Users\Schlagi\AppData\Local\Temp\installerdll178433.dll

C:\Users\Schlagi\AppData\Local\Temp\installerdll185032.dll

C:\Users\Schlagi\AppData\Local\Temp\installerdll327867.dll

C:\Users\Schlagi\AppData\Local\Temp\installerdll372436.dll

C:\Users\Schlagi\AppData\Local\Temp\installerdll6143412.dll

C:\Users\Schlagi\AppData\Local\Temp\installerdll6462559.dll

C:\Users\Schlagi\AppData\Local\Temp\OriginLauncher177419.exe

C:\Users\Schlagi\AppData\Local\Temp\ose00000.exe

C:\Users\Schlagi\AppData\Local\Temp\rootsupd.exe

C:\Users\Schlagi\AppData\Local\Temp\Setup.exe

C:\Users\Schlagi\AppData\Local\Temp\sonarinst.exe

C:\Users\Schlagi\AppData\Local\Temp\tmp23E4.exe

C:\Users\Schlagi\AppData\Local\Temp\tmp89F6.exe

C:\Users\Schlagi\AppData\Local\Temp\tmpC13C.tmp.exe

C:\Users\Schlagi\AppData\Local\Temp\tmpF008.exe

C:\Users\Schlagi\AppData\Local\Temp\tmpF131.exe

C:\Users\Schlagi\AppData\Local\Temp\tmpFC8.exe

C:\Users\Schlagi\AppData\Local\Temp\TubeBox_Setup.exe

C:\Users\Schlagi\AppData\Local\Temp\uninst1.exe

C:\Users\Schlagi\AppData\Local\Temp\vcredist_x64.exe

C:\Users\Schlagi\AppData\Local\Temp\vcredist_x86.exe

C:\Users\Schlagi\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe

C:\Users\Schlagi\AppData\Local\Temp\VSDC45D.tmp\DotNetFX\dotnetchk.exe

C:\Users\Schlagi\AppData\Local\Temp\SOERedist\dxwebsetup.exe

C:\Users\Schlagi\AppData\Local\Temp\SOERedist\vcredist_2008_x64.exe

C:\Users\Schlagi\AppData\Local\Temp\SOERedist\vcredist_x86.exe

C:\Users\Schlagi\AppData\Local\Temp\Origin\installerdll165860.dll

C:\Users\Schlagi\AppData\Local\Temp\Origin\OriginLauncher165283.exe

C:\Users\Schlagi\AppData\Local\Temp\mtka_tmp\dsspacker_launcher.exe

C:\Users\Schlagi\AppData\Local\Temp\is513561925\TubeBoxSetup_tubebox_org.exe

C:\Users\Schlagi\AppData\Local\Temp\is513561925\wajam_download.exe

C:\Users\Schlagi\AppData\Local\Temp\is513561925\yontoo-c2.exe

C:\Users\Schlagi\AppData\Local\Temp\is357113909\DeltaTB.exe

C:\Users\Schlagi\AppData\Local\Temp\is357113909\OpenItSetup.exe

C:\Users\Schlagi\AppData\Local\Temp\is357113909\wajam_validate.exe

C:\Users\Schlagi\AppData\Local\Temp\busD632\BabScheduler2.exe

C:\Users\Schlagi\AppData\Local\Temp\bus7464\BabScheduler3.exe

C:\Users\Schlagi\AppData\Local\Temp\bus7223\ChromeExtUpdater.exe

C:\Users\Schlagi\AppData\Local\Temp\bus6CF5\ff21v.exe

C:\Users\Schlagi\AppData\Local\Temp\BEFC.dir\InstallFlashPlayer.exe

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\Setup.exe

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupCHS.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupCHT.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupCSY.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupDAN.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupDEU.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupELL.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupENU.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupESN.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupFIN.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupFRA.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupHRV.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupHUN.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupITA.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupJPN.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupKOR.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupLOC.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupNLD.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupNOR.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupPLK.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupPTB.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupPTG.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupRUS.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupSKY.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupSLV.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupSVE.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupTRK.dll

C:\Users\Schlagi\AppData\Local\Temp\5F4CDC13-BAB0-7891-B712-85B90C18E471\Setup.exe

C:\Users\Schlagi\AppData\Local\Temp\5F4CDC13-BAB0-7891-B712-85B90C18E471\sqlite3.dll

C:\Users\Schlagi\AppData\Local\Temp\5F4CDC13-BAB0-7891-B712-85B90C18E471\Latest\ccp.exe

C:\Users\Schlagi\AppData\Local\Temp\5F4CDC13-BAB0-7891-B712-85B90C18E471\Latest\GUninstaller.exe

C:\Users\Schlagi\AppData\Local\Temp\5F4CDC13-BAB0-7891-B712-85B90C18E471\Latest\IEHelper.dll

C:\Users\Schlagi\AppData\Local\Temp\5F4CDC13-BAB0-7891-B712-85B90C18E471\Latest\Setup.exe

C:\Users\Schlagi\AppData\Local\Temp\5F4CDC13-BAB0-7891-B712-85B90C18E471\Latest\sqlite3.dll
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-08-20 17:20
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Additional

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-08-2013

Ran by Schlagi at 2013-08-28 12:17:30

Running from C:\Users\Schlagi\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Installed Programs =======================
 

   

2007 Microsoft Office Suite Service Pack 2 (SP2) (x32)

Adobe AIR (x32 Version: 3.1.0.4880)

Adobe Community Help (x32 Version: 3.4.980)

Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)

Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)

Adobe Photoshop CS5.1 (x32 Version: 12.1)

Adobe Reader X (10.1.4) - Deutsch (x32 Version: 10.1.4)

AMD Accelerated Video Transcoding (Version: 12.5.100.20928)

AMD APP SDK Runtime (Version: 10.0.1016.4)

AMD Catalyst Install Manager (Version: 8.0.891.0)

AMD Drag and Drop Transcoding (Version: 2.00.0000)

AMD Fuel (Version: 2012.0928.1532.26058)

AMD Media Foundation Decoders (Version: 1.0.70928.1539)

AMD VISION Engine Control Center (x32 Version: 2012.0928.1532.26058)

Apple Application Support (x32 Version: 2.1.6)

Apple Mobile Device Support (Version: 4.0.0.97)

Apple Software Update (x32 Version: 2.1.3.127)

ARMA 2 Operation Arrowhead Uninstall (x32)

Battlefield 3™ (x32 Version: 1.0.0.0)

Battlelog Web Plugins (x32 Version: 2.1.2)

BattlEye Uninstall (x32)

Bonjour (Version: 3.0.0.10)

Call of Duty: Modern Warfare 3 - Dedicated Server (x32)

Call of Duty: Modern Warfare 3 - Multiplayer (x32)

Call of Duty: Modern Warfare 3 (x32)

Canon Inkjet Printer Driver Add-On Module V2.00

Canon MP Navigator EX 3.0 (x32)

Canon MP550 series MP Drivers

Canon My Printer (x32)

Canon Utilities Easy-PhotoPrint EX (x32)

Canon Utilities Solution Menu (x32)

Catalyst Control Center - Branding (x32 Version: 1.00.0000)

Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0928.1532.26058)

Catalyst Control Center InstallProxy (x32 Version: 2012.0928.1532.26058)

Catalyst Control Center Localization All (x32 Version: 2012.0928.1532.26058)

CCC Help Chinese Standard (x32 Version: 2012.0928.1531.26058)

CCC Help Chinese Traditional (x32 Version: 2012.0928.1531.26058)

CCC Help Czech (x32 Version: 2012.0928.1531.26058)

CCC Help Danish (x32 Version: 2012.0928.1531.26058)

CCC Help Dutch (x32 Version: 2012.0928.1531.26058)

CCC Help English (x32 Version: 2012.0928.1531.26058)

CCC Help Finnish (x32 Version: 2012.0928.1531.26058)

CCC Help French (x32 Version: 2012.0928.1531.26058)

CCC Help German (x32 Version: 2012.0928.1531.26058)

CCC Help Greek (x32 Version: 2012.0928.1531.26058)

CCC Help Hungarian (x32 Version: 2012.0928.1531.26058)

CCC Help Italian (x32 Version: 2012.0928.1531.26058)

CCC Help Japanese (x32 Version: 2012.0928.1531.26058)

CCC Help Korean (x32 Version: 2012.0928.1531.26058)

CCC Help Norwegian (x32 Version: 2012.0928.1531.26058)

CCC Help Polish (x32 Version: 2012.0928.1531.26058)

CCC Help Portuguese (x32 Version: 2012.0928.1531.26058)

CCC Help Russian (x32 Version: 2012.0928.1531.26058)

CCC Help Spanish (x32 Version: 2012.0928.1531.26058)

CCC Help Swedish (x32 Version: 2012.0928.1531.26058)

CCC Help Thai (x32 Version: 2012.0928.1531.26058)

CCC Help Turkish (x32 Version: 2012.0928.1531.26058)

ccc-utility64 (Version: 2012.0928.1532.26058)

DC Universe Online Live (HKCU)

DC Universe Online PSG (HKCU Version: 1.0.3.183)

dows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)

ESN Sonar (x32 Version: 0.70.4)

FoxyDeal (x32 Version: 1.1.0)

Garmin BaseCamp (x32 Version: 4.2.2)

Garmin MapSource (x32 Version: 6.16.3)

Garmin Trip and Waypoint Manager v5 (x32 Version: 5.0.0.0)

Garmin USB Drivers (x32 Version: 2.3.1.0)

Google Chrome (HKCU Version: 29.0.1547.57)

Hearts of Iron III Collection Version 3.05 (x32 Version: 3.05)

iCloud (Version: 1.0.2.17)

Iminent (x32 Version: 6.34.21.0)

iTunes (Version: 10.5.3.3)

Landwirtschafts-Simulator 2009 Gold (x32)

Live 8.2.1 (x32)

lula TV Downloader (x32 Version: 1.0.0.29)

Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)

Mein CEWE FOTOBUCH (x32 Version: 4.8.5)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6425.1000)

Microsoft Office Enterprise 2007 (x32 Version: 12.0.6425.1000)

Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6425.1000)

Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6425.1000)

Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6425.1000)

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)

Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6425.1000)

Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6425.1000)

Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6425.1000)

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000)

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000)

Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6425.1000)

Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6425.1000)

Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)

Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6425.1000)

Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6425.1000)

Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6425.1000)

Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6425.1000)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)

Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)

Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)

Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)

Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)

Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)

Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)

Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)

Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)

Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)

Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)

Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)

Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)

Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)

Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)

Mozilla Firefox 8.0.1 (x86 de) (x32 Version: 8.0.1)

Mozilla Thunderbird 15.0.1 (x86 de) (x32 Version: 15.0.1)

Novation USB Audio Driver 2.2 (Version: 2.2)

Origin (x32 Version: 8.5.0.4550)

PDF Settings CS5 (x32 Version: 10.0)

PunkBuster Services (x32 Version: 0.991)

QuickTime (x32 Version: 7.71.80.42)

Safari (x32 Version: 5.34.52.7)

Sins of a Solar Empire (x32 Version: 1.05)

Sins of a Solar Empire (x32)

Ski Challenge 13 (DE) (HKCU)

StarCraft II (x32 Version: 1.5.2.22875)

Steam (x32 Version: 1.0.0.0)

Update for Microsoft Office Word 2007 (KB974631) (x32)

VLC media player 2.0.5 (x32 Version: 2.0.5)

Wall Street Tycoon (x32)

Windows Utils (x32)

WinRAR 4.10 (64-Bit) (Version: 4.10.0)

World of Tanks v.0.8.0 (x32)
 

==================== Restore Points  =========================
 

08-08-2013 17:41:43 Geplanter Prüfpunkt

20-08-2013 15:27:08 Geplanter Prüfpunkt

27-08-2013 08:26:05 lula TV Downloader

27-08-2013 18:29:20 Gerätetreiber-Paketinstallation: Garmin GARMIN Devices

28-08-2013 09:36:32 TubeBox

28-08-2013 09:37:44 TubeBox! wird entfernt
 

==================== Hosts content: ==========================
 

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 => C:\Windows\System32\ndfapi.dll [2009-07-14] (Microsoft Corporation)

Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 => C:\Windows\System32\ndfapi.dll [2009-07-14] (Microsoft Corporation)

Task: {1E4FDB6C-2148-4EB0-B6C6-80E661D8A911} - System32\Tasks\AdobeAAMUpdater-1.0-Schlagi-PC-Schlagi => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)

Task: {26F05C06-536E-470F-B68F-E89634C1E951} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-08-24] ()

Task: {2A85CEAC-0E9F-4776-BC5F-22212F25B068} - System32\Tasks\Hoolapp For Android => C:\Users\Schlagi\AppData\Roaming\HOOLAP~1\UPDATE~1\UPDATE~1.EXE No File

Task: {5EDBF07C-C806-4D20-9A54-8B17B163C3FC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-22] (Adobe Systems Incorporated)

Task: {6EFD555B-4EA3-4C8F-A016-A4182CDE26D6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2435000987-2487341678-1916103114-1000UA => C:\Users\Schlagi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-05] (Google Inc.)

Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\System32\srrstr.dll [2010-11-21] (Microsoft Corporation)

Task: {9EC2C14E-5404-4A6A-A91C-9B2697A4D440} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2435000987-2487341678-1916103114-1000Core => C:\Users\Schlagi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-05] (Google Inc.)

Task: {A7C73732-9F11-4281-8D19-764D4EC9D94D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\System32\aepdu.dll [2010-11-21] (Microsoft Corporation)

Task: {B4B74E87-F9EB-4DD9-B679-296FDD34B3D2} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => C:\Windows\System32\dfdts.dll [2009-07-14] (Microsoft Corporation)

Task: {BA978FF5-0BF0-4400-B9C4-8EE21866F2E9} - System32\Tasks\DealPly => C:\Users\Schlagi\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE No File

Task: {D2C3FFFB-9514-4166-AEB8-A411F32543CE} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)

Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => C:\Windows\System32\acproxy.dll [2009-07-14] (Microsoft Corporation)

Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => C:\Windows\System32\bfe.dll [2010-11-21] (Microsoft Corporation)

Task: {F529A77F-BC85-474D-A450-93DAF1F41500} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-07-08] ()

Task: {F78C46D8-636A-49E2-99C1-30586C2F37E4} - System32\Tasks\Hoolapp Init => C:\Users\Schlagi\AppData\Roaming\HOOLAP~1\Hoolapp.exe No File

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2435000987-2487341678-1916103114-1000Core.job => C:\Users\Schlagi\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2435000987-2487341678-1916103114-1000UA.job => C:\Users\Schlagi\AppData\Local\Google\Update\GoogleUpdate.exe
 

==================== Alternate Data Streams (whitelisted) ==========
 
 
 

==================== Faulty Device Manager Devices =============
 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 

Name: Ethernet-Controller

Description: Ethernet-Controller

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (08/28/2013 00:10:42 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (08/28/2013 00:03:06 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (08/28/2013 09:39:17 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (08/27/2013 09:48:10 PM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.
 

Error: (08/27/2013 09:48:10 PM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.
 

Error: (08/27/2013 09:48:10 PM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.
 

Error: (08/27/2013 09:48:10 PM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.
 

Error: (08/27/2013 09:00:03 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (08/27/2013 08:57:07 PM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.
 

Error: (08/27/2013 08:57:07 PM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.
 
 

System errors:

=============

Error: (08/28/2013 00:10:00 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%-2140993535
 

Error: (08/28/2013 00:10:00 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 

%%-2140993535
 

Error: (08/28/2013 00:09:59 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%-2140993535
 

Error: (08/28/2013 00:09:59 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 

%%-2140993535
 

Error: (08/28/2013 00:10:00 PM) (Source: PNRPSvc) (User: )

Description: 0x80630801
 

Error: (08/28/2013 00:09:59 PM) (Source: PNRPSvc) (User: )

Description: 0x80630801
 

Error: (08/28/2013 00:09:49 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%-2140993535
 

Error: (08/28/2013 00:09:49 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 

%%-2140993535
 

Error: (08/28/2013 00:09:49 PM) (Source: PNRPSvc) (User: )

Description: 0x80630801
 

Error: (08/28/2013 00:09:00 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 
 

Microsoft Office Sessions:

=========================
 

==================== Memory info =========================== 
 

Percentage of memory in use: 39%

Total physical RAM: 4094.18 MB

Available physical RAM: 2457.41 MB

Total Pagefile: 8186.56 MB

Available Pagefile: 6066.89 MB

Total Virtual: 8192 MB

Available Virtual: 8191.8 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:931.5 GB) (Free:781.86 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive e: (TripWayMgrv5) (CDROM) (Total:0.09 GB) (Free:0 GB) CDFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: D2318DFD)

Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

Code:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-08-2013

Ran by Schlagi at 2013-08-28 18:00:50 Run:1

Running from C:\Users\Schlagi\Downloads

Boot Mode: Normal

==============================================
 

Content of fixlist:

*****************

Startup: C:\Users\Schlagi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk

ShortcutTarget: net.lnk -> C:\Users\Schlagi\AppData\Roaming\Windows Net Data\net.exe (Windows Net)

C:\Users\Schlagi\AppData\Roaming\Windows Net Data

         

*****************
 

C:\Users\Schlagi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk => Moved successfully.

C:\Users\Schlagi\AppData\Roaming\Windows Net Data\net.exe => Moved successfully.
 

"C:\Users\Schlagi\AppData\Roaming\Windows Net Data" directory move:
 

C:\Users\Schlagi\AppData\Roaming\Windows Net Data\id.dat => Moved successfully.

C:\Users\Schlagi\AppData\Roaming\Windows Net Data\uninstaller.exe => Moved successfully.

Could not move "C:\Users\Schlagi\AppData\Roaming\Windows Net Data" directory. => Scheduled to move on reboot.
 
 

=========== Result of Scheduled Files to move ===========
 

C:\Users\Schlagi\AppData\Roaming\Windows Net Data => Moved successfully.
 

==== End of Fixlog ====

Code:

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org
 

Datenbank Version: v2013.08.28.02
 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 8.0.7601.17514

Schlagi :: SCHLAGI-PC [Administrator]
 

28.08.2013 18:04:52

mbam-log-2013-08-28 (18-04-52).txt
 

Art des Suchlaufs: Quick-Scan

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 215101

Laufzeit: 3 Minute(n), 29 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 3

C:\Users\Schlagi\AppData\Local\Temp\ICReinstall_ZipOpenerSetup.exe (PUP.Optional.InstallCore) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Schlagi\AppData\Local\Temp\is357113909\DeltaTB.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Schlagi\Downloads\ZipOpenerSetup.exe (PUP.Optional.InstallCore) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

(Ende)

Code:

# AdwCleaner v3.001 - Report created 28/08/2013 at 18:12:52

# Updated 24/08/2013 by Xplode

# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

# Username : Schlagi - SCHLAGI-PC

# Running from : C:\Users\Schlagi\Downloads\adwcleaner.exe

# Option : Clean
 

***** [ Services ] *****
 

[#] Service Deleted : SystemStoreService
 

***** [ Files / Folders ] *****
 

Folder Deleted : C:\ProgramData\Babylon

Folder Deleted : C:\ProgramData\Iminent

Folder Deleted : C:\Program Files (x86)\delta

Folder Deleted : C:\Program Files (x86)\FoxyDeal

Folder Deleted : C:\Program Files (x86)\SoftwareUpdater

Folder Deleted : C:\Program Files (x86)\Common Files\Umbrella

Folder Deleted : C:\Users\Schlagi\AppData\Local\DownloadGuide

Folder Deleted : C:\Users\Schlagi\AppData\Local\PackageAware

Folder Deleted : C:\Users\Schlagi\AppData\LocalLow\delta

Folder Deleted : C:\Users\Schlagi\AppData\Roaming\Iminent

Folder Deleted : C:\Users\Schlagi\AppData\Roaming\Mozilla\Firefox\Profiles\s85cq4r5.default\Extensions\ffxtlbr@delta.com

Folder Deleted : C:\Users\Schlagi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiennapmieppnpfhhogglccgepbdajan

Folder Deleted : C:\Users\Schlagi\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl

File Deleted : C:\Users\Schlagi\AppData\Roaming\Mozilla\Firefox\Profiles\s85cq4r5.default\Extensions\webbooster@iminent.com.xpi

File Deleted : C:\Users\Schlagi\AppData\Roaming\BabMaint.exe

File Deleted : C:\Users\Schlagi\AppData\Roaming\Mozilla\Firefox\Profiles\s85cq4r5.default\searchplugins\Babylon.xml

File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml

File Deleted : C:\Users\Schlagi\AppData\Roaming\Mozilla\Firefox\Profiles\s85cq4r5.default\searchplugins\BrowserProtect.xml

File Deleted : C:\Users\Schlagi\AppData\Roaming\Mozilla\Firefox\Profiles\s85cq4r5.default\searchplugins\delta.xml

File Deleted : C:\Users\Schlagi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage

File Deleted : C:\Users\Schlagi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage-journal

File Deleted : C:\Windows\System32\Tasks\Dealply

File Deleted : C:\Windows\System32\Tasks\Software Updater Ui

File Deleted : C:\Windows\System32\Tasks\Software Updater
 

***** [ Shortcuts ] *****
 
 

***** [ Registry ] *****
 

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL

Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe

Key Deleted : HKLM\SOFTWARE\Classes\Iminent

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS

Key Deleted : HKCU\Software\5a28d88e035ee10

Key Deleted : HKLM\SOFTWARE\5a28d88e035ee10

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Deleted : HKCU\Software\BabylonToolbar

Key Deleted : HKCU\Software\delta LTD

Key Deleted : HKCU\Software\Delta

Key Deleted : HKCU\Software\FoxyDeal

Key Deleted : HKLM\Software\Babylon

Key Deleted : HKLM\Software\DataMngr

Key Deleted : HKLM\Software\Delta

Key Deleted : HKLM\Software\Iminent

Key Deleted : HKLM\Software\Umbrella

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FoxyDeal

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
 

***** [ Browsers ] *****
 

-\\ Internet Explorer v8.0.7601.17514
 

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
 

-\\ Mozilla Firefox v8.0.1 (de)
 

[ File : C:\Users\Schlagi\AppData\Roaming\Mozilla\Firefox\Profiles\s85cq4r5.default\prefs.js ]
 

Line Deleted : user_pref("avg.install.userHPSettings", "hxxp://www.delta-search.com/?affID=119370&babsrc=HP_ss&mntrId=14cad92a000000000000d85d4c8be0d2");

Line Deleted : user_pref("avg.install.userSPSettings", "Delta Search");

Line Deleted : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?affID=119370&babsrc=NT_ss&mntrId=14cad92a000000000000d85d4c8be0d2");

Line Deleted : user_pref("browser.search.selectedEngine", "Delta Search");

Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.delta-search.com/?affID=119370&babsrc=HP_ss&mntrId=14cad92a000000000000d85d4c8be0d2");

Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);

Line Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.delta-search.com/?affID=119370&babsrc=NT_ss&mntrId=14cad92a000000000000d85d4c8be0d2");

Line Deleted : user_pref("extensions.delta.admin", false);

Line Deleted : user_pref("extensions.delta.aflt", "babsst");

Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

Line Deleted : user_pref("extensions.delta.autoRvrt", "false");

Line Deleted : user_pref("extensions.delta.bbDpng", "14");

Line Deleted : user_pref("extensions.delta.cntry", "DE");

Line Deleted : user_pref("extensions.delta.dfltLng", "en");

Line Deleted : user_pref("extensions.delta.excTlbr", false);

Line Deleted : user_pref("extensions.delta.hdrMd5", "6D68BBE4878ACC983DB02C627A5A3DFA");

Line Deleted : user_pref("extensions.delta.id", "14cad92a000000000000d85d4c8be0d2");

Line Deleted : user_pref("extensions.delta.instlDay", "15754");

Line Deleted : user_pref("extensions.delta.instlRef", "sst");

Line Deleted : user_pref("extensions.delta.lastVrsnTs", "1.8.10.017:18:26");

Line Deleted : user_pref("extensions.delta.newTab", false);

Line Deleted : user_pref("extensions.delta.prdct", "delta");

Line Deleted : user_pref("extensions.delta.prtnrId", "delta");

Line Deleted : user_pref("extensions.delta.rvrt", "false");

Line Deleted : user_pref("extensions.delta.sg", "azb");

Line Deleted : user_pref("extensions.delta.smplGrp", "azb");

Line Deleted : user_pref("extensions.delta.tlbrId", "base");

Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");

Line Deleted : user_pref("extensions.delta.vrsn", "1.8.10.0");

Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.10.017:18:26");

Line Deleted : user_pref("extensions.delta.vrsni", "1.8.10.0");

Line Deleted : user_pref("extensions.enabledAddons", "ffxtlbr@delta.com:1.5.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:8.0.1");

Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{[...]
 

-\\ Google Chrome v
 

[ File : C:\Users\Schlagi\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 

Deleted : homepage

Deleted : icon_url

Deleted : search_url

Deleted : keyword
 

*************************
 

AdwCleaner[R0].txt - [17687 octets] - [28/08/2013 18:12:18]

AdwCleaner[S0].txt - [17670 octets] - [28/08/2013 18:12:52]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17731 octets] ##########

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 5.5.4 (08.22.2013:1)

OS: Windows 7 Ultimate x64

Ran by Schlagi on 28.08.2013 at 18:16:31,59

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 
 
 

~~~ Files
 
 
 

~~~ Folders
 
 
 

~~~ FireFox
 

Successfully deleted: [Folder] C:\Users\Schlagi\AppData\Roaming\mozilla\firefox\profiles\s85cq4r5.default\extensions\staged
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 28.08.2013 at 18:20:39,73

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-08-2013

Ran by Schlagi (administrator) on 28-08-2013 18:22:39

Running from C:\Users\Schlagi\Downloads

Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 8

Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

(AMD) C:\Windows\system32\atiesrxx.exe

(AMD) C:\Windows\system32\atieclxx.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

(Google Inc.) C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\chrome.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)

HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-26] (CANON INC.)

HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)

HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1635752 2013-05-04] (Valve Corporation)

HKCU\...\Run: [Google Update] - C:\Users\Schlagi\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-05] (Google Inc.)

HKCU\...\Run: [Hoolapp Android] - "C:\Users\Schlagi\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized [x]

MountPoints2: {36d4629d-296d-11e1-8038-f80d8690f17b} - "D:\WD SmartWare.exe" autoplay=true

MountPoints2: {7985e65d-28b4-11e1-bea0-806e6f6e6963} - E:\Setup.exe

HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-11-02] (Apple Inc.)

HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2012-01-16] (Apple Inc.)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-28] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31072 2008-10-25] (Microsoft Corporation)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: msdaipp - No CLSID Value - 

Handler-x32: msdaipp - No CLSID Value - 

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Schlagi\AppData\Roaming\Mozilla\Firefox\Profiles\s85cq4r5.default

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File

FF Plugin-x32: @esn/esnlaunch,version=2.1.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)

FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Schlagi\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Schlagi\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com

CHR RestoreOnStartup: "hxxp://www.google.de/"

CHR DefaultSearchURL: (Delta Search) - hxxp://www.delta-search.com/?q={searchTerms}&affID=119370&babsrc=SP_ss&mntrId=14cad92a000000000000d85d4c8be0d2

CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}

CHR Plugin: (Shockwave Flash) - C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\29.0.1547.57\gcswf32.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_95.dll No File

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\29.0.1547.57\pdf.dll ()

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)

CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File

CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Google Update) - C:\Users\Schlagi\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File

CHR Plugin: (Default Plug-in) - default_plugin No File

CHR Extension: (YouTube) - C:\Users\Schlagi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0

CHR Extension: (Google Search) - C:\Users\Schlagi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0

CHR Extension: (Chrome In-App Payments service) - C:\Users\Schlagi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0

CHR Extension: (Gmail) - C:\Users\Schlagi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

CHR StartMenuInternet: Google Chrome - C:\Users\Schlagi\AppData\Local\Google\Chrome\Application\chrome.exe
 

==================== Services (Whitelisted) =================
 

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-09-28] (Advanced Micro Devices, Inc.)

R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-02-14] ()
 

==================== Drivers (Whitelisted) ====================
 

R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)

S2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)

R3 NvnUsbAudio; C:\Windows\System32\DRIVERS\nvnusbaudio.sys [53080 2011-07-07] (Novation DMS Ltd.)

R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

S3 VGPU; System32\drivers\rdvgkmd.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-08-28 18:16 - 2013-08-28 18:16 - 00000000 ____D C:\Windows\ERUNT

2013-08-28 18:10 - 2013-08-28 18:13 - 00000000 ____D C:\AdwCleaner

2013-08-28 18:08 - 2013-08-28 18:08 - 01021434 _____ (Thisisu) C:\Users\Schlagi\Downloads\JRT.exe

2013-08-28 18:05 - 2013-08-28 18:05 - 00994642 _____ C:\Users\Schlagi\Downloads\adwcleaner.exe

2013-08-28 12:27 - 2013-08-28 12:27 - 00000000 ___SD C:\ComboFix

2013-08-28 12:27 - 2013-08-28 12:27 - 00000000 ____D C:\Windows\erdnt

2013-08-28 12:27 - 2013-08-28 12:27 - 00000000 ____D C:\Qoobox

2013-08-28 12:27 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe

2013-08-28 12:27 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe

2013-08-28 12:27 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2013-08-28 12:27 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2013-08-28 12:27 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2013-08-28 12:27 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe

2013-08-28 12:27 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe

2013-08-28 12:27 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe

2013-08-28 12:26 - 2013-08-28 12:26 - 05114728 ____R (Swearware) C:\Users\Schlagi\Desktop\ComboFix.exe

2013-08-28 12:17 - 2013-08-28 12:17 - 00018974 _____ C:\Users\Schlagi\Downloads\Addition.txt

2013-08-28 12:11 - 2013-08-28 18:02 - 00000000 ____D C:\FRST

2013-08-28 12:11 - 2013-08-28 12:11 - 01579080 _____ (Farbar) C:\Users\Schlagi\Downloads\FRST64.exe

2013-08-28 12:11 - 2013-08-28 12:11 - 00001132 _____ C:\Users\Schlagi\Desktop\Continue Zip Opener Installation.lnk

2013-08-28 11:35 - 2012-09-13 12:32 - 00000000 ____D C:\Users\Schlagi\Desktop\Natur & Techno

2013-08-28 11:14 - 2013-08-28 11:17 - 171933977 _____ C:\Users\Schlagi\Downloads\Natur & Techno.zip

2013-08-28 11:08 - 2013-08-28 11:08 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-08-28 11:08 - 2013-08-28 11:08 - 00000000 ____D C:\Users\Schlagi\AppData\Roaming\Malwarebytes

2013-08-28 11:08 - 2013-08-28 11:08 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-08-28 11:08 - 2013-08-28 11:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-08-28 11:08 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2013-08-28 11:07 - 2013-08-28 11:07 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Schlagi\Downloads\mbam-setup-1.75.0.1300.exe

2013-08-27 21:40 - 2013-08-27 21:51 - 00000000 ____D C:\Users\Schlagi\AppData\Local\Garmin

2013-08-27 21:39 - 2013-08-27 21:39 - 00000000 ____D C:\Users\Schlagi\AppData\Local\GARMIN_Corp

2013-08-27 21:37 - 2013-08-27 21:38 - 55449536 _____ C:\Users\Schlagi\Downloads\BaseCamp_422.exe

2013-08-27 21:34 - 2013-08-27 21:41 - 263641200 _____ C:\Users\Schlagi\Downloads\mtbbayern.exe

2013-08-27 21:00 - 2013-08-27 21:10 - 505059061 _____ C:\Users\Schlagi\Downloads\OSM Radkarte 19.09.2010 MapSource Installer.exe

2013-08-27 20:59 - 2013-08-27 20:59 - 00000000 ____D C:\ProgramData\GARMIN

2013-08-27 20:57 - 2013-08-27 20:57 - 00000000 ____D C:\Users\Schlagi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Garmin

2013-08-27 20:51 - 2013-08-27 20:57 - 310259515 _____ C:\Users\Schlagi\Downloads\Nicht bestätigt 146666.crdownload

2013-08-27 20:30 - 2013-08-27 20:30 - 00000000 ____D C:\Users\Schlagi\Documents\Mein Garmin

2013-08-27 20:29 - 2013-08-27 21:39 - 00000000 ____D C:\WebUpdater

2013-08-27 17:58 - 2013-08-27 17:59 - 00894600 _____ (CNET Download.com) C:\Users\Schlagi\Downloads\cbsidlm-cbsi134-Garmin_MapSource-ORG-75123302.exe

2013-08-27 17:53 - 2013-08-27 21:42 - 00000000 ____D C:\Garmin

2013-08-27 17:53 - 2013-08-27 17:53 - 02133229 _____ C:\Users\Schlagi\Downloads\GPSMAP60Cx_400.exe

2013-08-27 17:28 - 2013-08-27 21:40 - 00000000 ____D C:\Users\Schlagi\AppData\Roaming\Garmin

2013-08-27 17:28 - 2013-08-27 21:38 - 00000000 ____D C:\Program Files (x86)\Garmin

2013-08-27 17:28 - 2013-08-27 17:28 - 05096296 _____ (Igor Pavlov) C:\Users\Schlagi\Downloads\USBDrivers_231.exe

2013-08-27 17:28 - 2013-08-27 17:28 - 00000000 ____D C:\Program Files\DIFX

2013-08-27 17:26 - 2013-08-27 17:43 - 867543458 _____ C:\Users\Schlagi\Downloads\mtbnavi_alpen_garmin.zip

2013-08-27 10:29 - 2013-08-27 10:29 - 00000000 ____D C:\Users\Schlagi\AppData\Local\Lula

2013-08-27 10:28 - 2013-08-27 10:38 - 00000000 ____D C:\Users\Schlagi\Documents\Lula

2013-08-27 10:27 - 2013-08-27 10:27 - 00000620 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog

2013-08-27 10:25 - 2013-08-27 10:25 - 00000000 ____D C:\Users\Schlagi\AppData\Local\Software Updater

2013-08-22 13:03 - 2013-08-22 13:03 - 17737608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
 

==================== One Month Modified Files and Folders =======
 

2013-08-28 18:21 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-08-28 18:21 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-08-28 18:20 - 2013-08-28 18:20 - 00000769 _____ C:\Users\Schlagi\Desktop\JRT.txt

2013-08-28 18:20 - 2011-04-12 09:43 - 00653928 _____ C:\Windows\system32\perfh007.dat

2013-08-28 18:20 - 2011-04-12 09:43 - 00129800 _____ C:\Windows\system32\perfc007.dat

2013-08-28 18:20 - 2009-07-14 07:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI

2013-08-28 18:19 - 2011-12-21 14:19 - 00000000 ____D C:\Program Files (x86)\Steam

2013-08-28 18:16 - 2013-08-28 18:16 - 00000000 ____D C:\Windows\ERUNT

2013-08-28 18:13 - 2013-08-28 18:10 - 00000000 ____D C:\AdwCleaner

2013-08-28 18:13 - 2011-12-17 15:46 - 01117887 _____ C:\Windows\WindowsUpdate.log

2013-08-28 18:13 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-08-28 18:13 - 2009-07-14 06:51 - 00058574 _____ C:\Windows\setupact.log

2013-08-28 18:10 - 2010-11-21 05:47 - 00055102 _____ C:\Windows\PFRO.log

2013-08-28 18:08 - 2013-08-28 18:08 - 01021434 _____ (Thisisu) C:\Users\Schlagi\Downloads\JRT.exe

2013-08-28 18:05 - 2013-08-28 18:05 - 00994642 _____ C:\Users\Schlagi\Downloads\adwcleaner.exe

2013-08-28 18:04 - 2012-01-05 15:05 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2435000987-2487341678-1916103114-1000UA.job

2013-08-28 18:03 - 2011-12-17 15:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-08-28 18:02 - 2013-08-28 12:11 - 00000000 ____D C:\FRST

2013-08-28 18:00 - 2011-12-17 15:44 - 00000000 ___RD C:\Users\Schlagi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-08-28 12:27 - 2013-08-28 12:27 - 00000000 ___SD C:\ComboFix

2013-08-28 12:27 - 2013-08-28 12:27 - 00000000 ____D C:\Windows\erdnt

2013-08-28 12:27 - 2013-08-28 12:27 - 00000000 ____D C:\Qoobox

2013-08-28 12:26 - 2013-08-28 12:26 - 05114728 ____R (Swearware) C:\Users\Schlagi\Desktop\ComboFix.exe

2013-08-28 12:17 - 2013-08-28 12:17 - 00018974 _____ C:\Users\Schlagi\Downloads\Addition.txt

2013-08-28 12:11 - 2013-08-28 12:11 - 01579080 _____ (Farbar) C:\Users\Schlagi\Downloads\FRST64.exe

2013-08-28 12:11 - 2013-08-28 12:11 - 00001132 _____ C:\Users\Schlagi\Desktop\Continue Zip Opener Installation.lnk

2013-08-28 12:04 - 2012-01-05 15:05 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2435000987-2487341678-1916103114-1000Core.job

2013-08-28 11:52 - 2012-02-03 17:58 - 00000000 ____D C:\Users\Schlagi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TubeBox!

2013-08-28 11:52 - 2012-01-30 20:57 - 00000000 ____D C:\Windows\system32\appmgmt

2013-08-28 11:37 - 2013-02-18 18:19 - 00000000 ____D C:\Program Files (x86)\Freetec

2013-08-28 11:37 - 2013-02-18 18:18 - 00000000 ____D C:\ProgramData\Package Cache

2013-08-28 11:17 - 2013-08-28 11:14 - 171933977 _____ C:\Users\Schlagi\Downloads\Natur & Techno.zip

2013-08-28 11:08 - 2013-08-28 11:08 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-08-28 11:08 - 2013-08-28 11:08 - 00000000 ____D C:\Users\Schlagi\AppData\Roaming\Malwarebytes

2013-08-28 11:08 - 2013-08-28 11:08 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-08-28 11:08 - 2013-08-28 11:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-08-28 11:07 - 2013-08-28 11:07 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Schlagi\Downloads\mbam-setup-1.75.0.1300.exe

2013-08-27 21:51 - 2013-08-27 21:40 - 00000000 ____D C:\Users\Schlagi\AppData\Local\Garmin

2013-08-27 21:42 - 2013-08-27 17:53 - 00000000 ____D C:\Garmin

2013-08-27 21:41 - 2013-08-27 21:34 - 263641200 _____ C:\Users\Schlagi\Downloads\mtbbayern.exe

2013-08-27 21:40 - 2013-08-27 17:28 - 00000000 ____D C:\Users\Schlagi\AppData\Roaming\Garmin

2013-08-27 21:39 - 2013-08-27 21:39 - 00000000 ____D C:\Users\Schlagi\AppData\Local\GARMIN_Corp

2013-08-27 21:39 - 2013-08-27 20:29 - 00000000 ____D C:\WebUpdater

2013-08-27 21:38 - 2013-08-27 21:37 - 55449536 _____ C:\Users\Schlagi\Downloads\BaseCamp_422.exe

2013-08-27 21:38 - 2013-08-27 17:28 - 00000000 ____D C:\Program Files (x86)\Garmin

2013-08-27 21:10 - 2013-08-27 21:00 - 505059061 _____ C:\Users\Schlagi\Downloads\OSM Radkarte 19.09.2010 MapSource Installer.exe

2013-08-27 20:59 - 2013-08-27 20:59 - 00000000 ____D C:\ProgramData\GARMIN

2013-08-27 20:57 - 2013-08-27 20:57 - 00000000 ____D C:\Users\Schlagi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Garmin

2013-08-27 20:57 - 2013-08-27 20:51 - 310259515 _____ C:\Users\Schlagi\Downloads\Nicht bestätigt 146666.crdownload

2013-08-27 20:30 - 2013-08-27 20:30 - 00000000 ____D C:\Users\Schlagi\Documents\Mein Garmin

2013-08-27 17:59 - 2013-08-27 17:58 - 00894600 _____ (CNET Download.com) C:\Users\Schlagi\Downloads\cbsidlm-cbsi134-Garmin_MapSource-ORG-75123302.exe

2013-08-27 17:53 - 2013-08-27 17:53 - 02133229 _____ C:\Users\Schlagi\Downloads\GPSMAP60Cx_400.exe

2013-08-27 17:43 - 2013-08-27 17:26 - 867543458 _____ C:\Users\Schlagi\Downloads\mtbnavi_alpen_garmin.zip

2013-08-27 17:28 - 2013-08-27 17:28 - 05096296 _____ (Igor Pavlov) C:\Users\Schlagi\Downloads\USBDrivers_231.exe

2013-08-27 17:28 - 2013-08-27 17:28 - 00000000 ____D C:\Program Files\DIFX

2013-08-27 13:21 - 2012-09-24 18:44 - 00000000 ____D C:\Users\Schlagi\Desktop\Küche

2013-08-27 10:38 - 2013-08-27 10:28 - 00000000 ____D C:\Users\Schlagi\Documents\Lula

2013-08-27 10:29 - 2013-08-27 10:29 - 00000000 ____D C:\Users\Schlagi\AppData\Local\Lula

2013-08-27 10:28 - 2013-02-18 18:20 - 00000000 ____D C:\Users\Schlagi\AppData\Local\Freetec

2013-08-27 10:27 - 2013-08-27 10:27 - 00000620 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog

2013-08-27 10:25 - 2013-08-27 10:25 - 00000000 ____D C:\Users\Schlagi\AppData\Local\Software Updater

2013-08-23 10:10 - 2012-01-05 15:06 - 00002380 _____ C:\Users\Schlagi\Desktop\Google Chrome.lnk

2013-08-22 13:03 - 2013-08-22 13:03 - 17737608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

2013-08-22 13:03 - 2011-12-17 15:45 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-08-22 13:03 - 2011-12-17 15:45 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-08-22 13:03 - 2011-12-17 15:45 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2013-07-30 19:55 - 2013-05-06 20:06 - 00000000 ____D C:\Users\Schlagi\Documents\ArmA 2
 

Files to move or delete:

====================

C:\Users\Schlagi\AppData\Local\Temp\devcon.exe

C:\Users\Schlagi\AppData\Local\Temp\installerdll103615.dll

C:\Users\Schlagi\AppData\Local\Temp\installerdll177419.dll

C:\Users\Schlagi\AppData\Local\Temp\installerdll178433.dll

C:\Users\Schlagi\AppData\Local\Temp\installerdll185032.dll

C:\Users\Schlagi\AppData\Local\Temp\installerdll327867.dll

C:\Users\Schlagi\AppData\Local\Temp\installerdll372436.dll

C:\Users\Schlagi\AppData\Local\Temp\installerdll6143412.dll

C:\Users\Schlagi\AppData\Local\Temp\installerdll6462559.dll

C:\Users\Schlagi\AppData\Local\Temp\OriginLauncher177419.exe

C:\Users\Schlagi\AppData\Local\Temp\ose00000.exe

C:\Users\Schlagi\AppData\Local\Temp\Quarantine.exe

C:\Users\Schlagi\AppData\Local\Temp\rootsupd.exe

C:\Users\Schlagi\AppData\Local\Temp\Setup.exe

C:\Users\Schlagi\AppData\Local\Temp\sonarinst.exe

C:\Users\Schlagi\AppData\Local\Temp\tmp23E4.exe

C:\Users\Schlagi\AppData\Local\Temp\tmp89F6.exe

C:\Users\Schlagi\AppData\Local\Temp\tmpC13C.tmp.exe

C:\Users\Schlagi\AppData\Local\Temp\tmpF008.exe

C:\Users\Schlagi\AppData\Local\Temp\tmpF131.exe

C:\Users\Schlagi\AppData\Local\Temp\tmpFC8.exe

C:\Users\Schlagi\AppData\Local\Temp\TubeBox_Setup.exe

C:\Users\Schlagi\AppData\Local\Temp\uninst1.exe

C:\Users\Schlagi\AppData\Local\Temp\vcredist_x64.exe

C:\Users\Schlagi\AppData\Local\Temp\vcredist_x86.exe

C:\Users\Schlagi\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe

C:\Users\Schlagi\AppData\Local\Temp\VSDC45D.tmp\DotNetFX\dotnetchk.exe

C:\Users\Schlagi\AppData\Local\Temp\SOERedist\dxwebsetup.exe

C:\Users\Schlagi\AppData\Local\Temp\SOERedist\vcredist_2008_x64.exe

C:\Users\Schlagi\AppData\Local\Temp\SOERedist\vcredist_x86.exe

C:\Users\Schlagi\AppData\Local\Temp\Origin\installerdll165860.dll

C:\Users\Schlagi\AppData\Local\Temp\Origin\OriginLauncher165283.exe

C:\Users\Schlagi\AppData\Local\Temp\mtka_tmp\dsspacker_launcher.exe

C:\Users\Schlagi\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

C:\Users\Schlagi\AppData\Local\Temp\is513561925\TubeBoxSetup_tubebox_org.exe

C:\Users\Schlagi\AppData\Local\Temp\is513561925\wajam_download.exe

C:\Users\Schlagi\AppData\Local\Temp\is513561925\yontoo-c2.exe

C:\Users\Schlagi\AppData\Local\Temp\is357113909\OpenItSetup.exe

C:\Users\Schlagi\AppData\Local\Temp\is357113909\wajam_validate.exe

C:\Users\Schlagi\AppData\Local\Temp\busD632\BabScheduler2.exe

C:\Users\Schlagi\AppData\Local\Temp\bus7464\BabScheduler3.exe

C:\Users\Schlagi\AppData\Local\Temp\bus7223\ChromeExtUpdater.exe

C:\Users\Schlagi\AppData\Local\Temp\bus6CF5\ff21v.exe

C:\Users\Schlagi\AppData\Local\Temp\BEFC.dir\InstallFlashPlayer.exe

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\Setup.exe

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupCHS.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupCHT.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupCSY.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupDAN.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupDEU.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupELL.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupENU.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupESN.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupFIN.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupFRA.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupHRV.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupHUN.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupITA.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupJPN.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupKOR.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupLOC.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupNLD.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupNOR.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupPLK.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupPTB.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupPTG.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupRUS.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupSKY.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupSLV.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupSVE.dll

C:\Users\Schlagi\AppData\Local\Temp\7zS702.tmp\SetupTRK.dll

C:\Users\Schlagi\AppData\Local\Temp\5F4CDC13-BAB0-7891-B712-85B90C18E471\Setup.exe

C:\Users\Schlagi\AppData\Local\Temp\5F4CDC13-BAB0-7891-B712-85B90C18E471\sqlite3.dll

C:\Users\Schlagi\AppData\Local\Temp\5F4CDC13-BAB0-7891-B712-85B90C18E471\Latest\ccp.exe

C:\Users\Schlagi\AppData\Local\Temp\5F4CDC13-BAB0-7891-B712-85B90C18E471\Latest\GUninstaller.exe

C:\Users\Schlagi\AppData\Local\Temp\5F4CDC13-BAB0-7891-B712-85B90C18E471\Latest\IEHelper.dll

C:\Users\Schlagi\AppData\Local\Temp\5F4CDC13-BAB0-7891-B712-85B90C18E471\Latest\Setup.exe

C:\Users\Schlagi\AppData\Local\Temp\5F4CDC13-BAB0-7891-B712-85B90C18E471\Latest\sqlite3.dll
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-08-20 17:20
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Der Internet Explorer öffnet sich nicht mehr! :applaus:

Hoffe das es das gewesen ist. Vielen Dank für die schnelle und unkomplizierte Hilfe.

Super Gemeinschaft!

Vielen vielen Dank !