| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Delta Search und Babylon search - Malware durch Freeware, Windows VistaWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.07.2013, 14:16
| #31 |
 |  Delta Search und Babylon search - Malware durch Freeware, Windows Vista Tut mir leid, dass ich nicht früher scannen konnte, war im Urlaub ! LG  FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-07-2013 01
Ran by HP (administrator) on 12-07-2013 15:05:15
Running from C:\Users\HP\Downloads
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Advanced Micro Devices Inc.) c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
(Hewlett-Packard Company) C:\hp\kbd\kbd.exe
(Google Inc.) C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\HPWUCli.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Google Inc.) C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [CamserviceOG] - "C:\Program Files (x86)\Hercules\Deluxe Optical Glass\XtrCtrl.exe" /startup [x]
HKLM-x32\...\Runonce: [Launcher] - %WINDIR%\SMINST\launcher.exe [x]
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1555968 2009-04-11] (Microsoft Corporation)
HKCU\...\Run: [HPAdvisor] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [972080 2008-07-03] (Hewlett-Packard)
HKCU\...\Run: [Google Update] - "C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2010-09-21] (Google Inc.)
HKCU\...\Run: [msnmsgr] - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [3872080 2010-04-16] (Microsoft Corporation)
HKCU\...\Run: [ISUSPM] - "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler [x]
HKCU\...\Run: [EA Core] - "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent [x]
HKCU\...\Run: [GoogleChromeAutoLaunch_AF07ADB424B82216064A05A2CAB71EA4] - "C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window [825808 2013-06-15] (Google Inc.)
HKCU\...\Run: [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [19604072 2013-06-03] (Skype Technologies S.A.)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
MountPoints2: {aa1e8558-c641-11df-aa9d-00235454eb6e} - K:\Startme.exe
HKLM-x32\...\Run: [hpsysdrv] - c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [KBD] - C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] ()
HKLM-x32\...\Run: [StartCCC] - "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Health Check Scheduler] - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-06-02] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [HP Software Update] - c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4282728 2012-08-21] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] - "C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [450560 2013-04-15] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1263952 2013-02-13] ()
HKU\Default\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [972080 2008-07-03] (Hewlett-Packard)
HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [972080 2008-07-03] (Hewlett-Packard)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=84&bd=Pavilion&pf=cndt
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=84&bd=Pavilion&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {9620C07C-A804-4292-ABF7-372C7906A3A7} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM - {D4B0EDE1-8E99-4B33-8B78-48627813E80B} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\HP\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\HP\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Extension: hdvc - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\profiles\extensions\hdvc@hdvc.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
Chrome:
=======
CHR HomePage: hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=E2A300235454EB6E&affID=119357&tsp=4931
CHR RestoreOnStartup: "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=E2A300235454EB6E&affID=119357&tsp=4931"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\HP\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\HP\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\HP\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - C:\Users\HP\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-08-21] (AVAST Software)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [x]
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-08-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [71600 2012-08-21] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [44272 2012-08-21] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [969200 2012-08-21] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [359464 2012-08-21] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-08-21] (AVAST Software)
S3 hxctlflt; C:\Windows\System32\DRIVERS\hxctlflt.sys [111104 2009-02-09] (Guillemot Corporation)
S4 nvrd64; C:\Windows\system32\drivers\nvrd64.sys [166944 2008-06-06] (NVIDIA Corporation)
R3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10684672 2007-07-17] (Sonix Co. Ltd.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-12 15:04 - 2013-07-12 15:04 - 00000000 ____D C:\FRST
2013-07-12 15:02 - 2013-07-12 15:03 - 01778143 _____ (Farbar) C:\Users\HP\Downloads\FRST64.exe
2013-07-04 13:12 - 2013-07-04 13:12 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\HP\Desktop\tdsskiller.exe
2013-07-04 12:34 - 2013-07-04 12:35 - 04745728 _____ (AVAST Software) C:\Users\HP\Desktop\aswMBR (2).exe
2013-07-03 16:51 - 2013-07-03 17:38 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-03 16:49 - 2013-07-03 16:49 - 00000000 ____D C:\Users\HP\Downloads\mbar-1.06.0.1004 (1)
2013-07-03 16:48 - 2013-07-03 16:49 - 13399154 _____ C:\Users\HP\Downloads\mbar-1.06.0.1004 (1).zip
2013-07-03 16:47 - 2013-07-03 16:47 - 00000000 ____D C:\Users\HP\Downloads\mbar-1.06.0.1004
2013-07-03 16:46 - 2013-07-03 16:47 - 13399154 _____ C:\Users\HP\Downloads\mbar-1.06.0.1004.zip
2013-07-03 16:36 - 2013-07-03 16:36 - 00276008 _____ C:\Windows\Minidump\Mini070313-02.dmp
2013-07-03 16:23 - 2013-07-03 16:23 - 00101071 _____ C:\Users\HP\Desktop\Gmer.txt
2013-07-03 15:30 - 2013-07-03 15:30 - 00000000 _____ C:\Windows\setuperr.log
2013-07-03 15:30 - 2013-07-03 15:30 - 00000000 _____ C:\Windows\setupact.log
2013-07-03 15:23 - 2013-07-03 15:23 - 00377856 _____ C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe
2013-07-03 14:30 - 2013-07-03 14:31 - 00602112 _____ (OldTimer Tools) C:\Users\HP\Downloads\OTL (1).exe
2013-07-03 14:26 - 2013-07-03 14:26 - 00002276 _____ C:\Users\HP\Desktop\JRT.txt
2013-07-03 14:15 - 2013-07-03 14:15 - 00000000 ____D C:\Windows\ERUNT
2013-07-03 14:15 - 2013-07-03 14:15 - 00000000 ____D C:\JRT
2013-07-03 14:14 - 2013-07-03 14:14 - 00545954 _____ (Oleg N. Scherbakov) C:\Users\HP\Downloads\JRT.exe
2013-07-03 13:57 - 2013-07-03 13:57 - 00003839 _____ C:\Users\HP\Desktop\AdwCleaner[S2].txt
2013-07-03 13:52 - 2013-07-03 13:52 - 00280320 _____ C:\Windows\Minidump\Mini070313-01.dmp
2013-07-03 13:51 - 2013-07-03 16:35 - 683871912 _____ C:\Windows\MEMORY.DMP
2013-07-03 13:39 - 2013-07-03 13:39 - 00003839 _____ C:\AdwCleaner[S2].txt
2013-07-03 13:37 - 2013-07-03 13:38 - 00648201 _____ C:\Users\HP\Downloads\adwcleaner.exe
2013-07-03 13:31 - 2013-07-03 13:31 - 00377856 _____ C:\Users\HP\Downloads\gmer_2.1.19163 (1).exe
2013-07-03 13:12 - 2013-07-03 13:12 - 00377856 _____ C:\Users\HP\Downloads\gmer_2.1.19163.exe
2013-07-03 13:06 - 2013-07-03 13:06 - 00059796 _____ C:\Users\HP\Downloads\Extras.Txt
2013-07-03 13:05 - 2013-07-03 14:47 - 00086324 _____ C:\Users\HP\Downloads\OTL.Txt
2013-07-03 12:54 - 2013-07-03 12:54 - 00602112 _____ (OldTimer Tools) C:\Users\HP\Downloads\OTL.exe
2013-07-03 12:53 - 2013-07-03 12:53 - 00000466 _____ C:\Users\HP\Downloads\defogger_disable.log
2013-07-03 12:53 - 2013-07-03 12:53 - 00000000 _____ C:\Users\HP\defogger_reenable
2013-07-03 12:52 - 2013-07-03 12:52 - 00050477 _____ C:\Users\HP\Downloads\Defogger.exe
2013-07-03 12:05 - 2013-07-03 12:05 - 00003350 _____ C:\Windows\System32\Tasks\BrowserDefendert
2013-07-03 11:57 - 2013-07-03 11:57 - 00000000 ____D C:\Users\HP\AppData\Roaming\Malwarebytes
2013-07-03 11:56 - 2013-07-03 11:57 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-03 11:56 - 2013-07-03 11:56 - 00000950 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-03 11:56 - 2013-07-03 11:56 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-03 11:56 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-03 11:55 - 2013-07-03 11:56 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\HP\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-07-03 10:33 - 2013-07-03 10:34 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\HP\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-03 10:33 - 2013-07-03 10:33 - 00726464 _____ (Enigma Software Group USA, LLC.) C:\Users\HP\Downloads\SpyHunter-Installer (2).exe
2013-07-03 10:16 - 2013-07-03 10:16 - 00000000 _____ C:\autoexec.bat
2013-07-03 10:15 - 2013-07-03 10:15 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-03 10:14 - 2013-07-03 15:30 - 00000000 ____D C:\Windows\BCD5545077AC4347B24F654B1189F8D4.TMP
2013-07-03 10:12 - 2013-07-03 10:12 - 00726464 _____ (Enigma Software Group USA, LLC.) C:\Users\HP\Downloads\SpyHunter-Installer (1).exe
2013-07-03 10:02 - 2013-07-03 10:02 - 00726464 _____ (Enigma Software Group USA, LLC.) C:\Users\HP\Downloads\SpyHunter-Installer.exe
2013-07-03 09:53 - 2013-07-03 12:04 - 00003186 _____ C:\Windows\PFRO.log
2013-07-02 20:33 - 2013-07-02 20:33 - 00002766 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-02 20:33 - 2013-07-02 20:33 - 00000772 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-07-02 20:33 - 2013-07-02 20:33 - 00000000 ____D C:\Program Files\CCleaner
2013-07-02 20:28 - 2013-07-02 20:29 - 03357912 _____ (Piriform Ltd) C:\Users\HP\Downloads\ccsetup403_slim.exe
2013-07-02 20:17 - 2013-07-02 20:18 - 04745728 _____ (AVAST Software) C:\Users\HP\Downloads\aswMBR (1).exe
2013-07-02 20:16 - 2013-07-04 13:10 - 00003642 _____ C:\Users\HP\Desktop\aswMBR.txt
2013-07-02 20:16 - 2013-07-04 13:10 - 00000512 _____ C:\Users\HP\Desktop\MBR.dat
2013-07-02 20:09 - 2013-07-02 20:11 - 04745728 _____ (AVAST Software) C:\Users\HP\Downloads\aswMBR.exe
2013-07-02 20:02 - 2013-07-02 20:02 - 00003284 _____ C:\Windows\System32\Tasks\EPUpdater
2013-07-02 20:02 - 2013-07-02 20:02 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-02 20:02 - 2013-07-02 20:02 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-02 20:02 - 2013-07-02 20:02 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-02 20:02 - 2013-07-02 20:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 20:01 - 2013-07-02 20:01 - 00793536 _____ C:\Users\HP\Downloads\ZipOpenerSetup.exe
2013-07-02 20:01 - 2013-07-02 20:01 - 00003698 _____ C:\Windows\System32\Tasks\QtraxPlayer
2013-07-02 20:01 - 2013-07-02 20:01 - 00003396 _____ C:\Windows\System32\Tasks\DealPly
2013-07-02 20:01 - 2013-07-02 20:01 - 00003202 _____ C:\Windows\System32\Tasks\DSite
2013-06-27 18:53 - 2013-07-04 11:16 - 00000000 ____D C:\Users\HP\Desktop\FL STUDIO
2013-06-27 16:35 - 2013-06-27 16:35 - 00000000 ____D C:\Users\HP\AppData\Roaming\SynthMaker
2013-06-26 14:00 - 2013-06-26 14:00 - 00029582 _____ C:\Users\HP\Downloads\Image-Line_FL_Studio_10_Producer_Edition.reg
2013-06-26 13:59 - 2013-06-26 13:59 - 00000983 _____ C:\Users\Public\Desktop\FL Studio 10.lnk
2013-06-26 13:59 - 2013-06-26 13:59 - 00000979 _____ C:\Users\HP\Desktop\ASIO4ALL v2 Instruction Manual.lnk
2013-06-26 13:59 - 2013-06-26 13:59 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2013-06-26 13:59 - 2013-06-26 13:59 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2013-06-26 13:47 - 2013-06-26 13:54 - 234368802 _____ C:\Users\HP\Downloads\flstudio_10.0.9.exe
2013-06-23 16:40 - 2013-06-23 16:40 - 00000000 ____D C:\Users\HP\Documents\Native Instruments
2013-06-23 16:33 - 2013-06-23 16:33 - 00000000 __HDC C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}
2013-06-23 16:33 - 2013-06-23 16:33 - 00000000 __HDC C:\ProgramData\{51B0C2F8-BB02-4FF9-83E6-6BBD135AD344}
2013-06-23 16:19 - 2013-06-23 16:37 - 00000911 _____ C:\Users\Public\Desktop\Traktor 2.lnk
2013-06-23 16:19 - 2013-06-23 16:19 - 00000000 __HDC C:\ProgramData\{60143F1F-63C8-4CC1-A37B-28EB1FC6C10F}
2013-06-23 16:16 - 2013-06-23 16:33 - 00001003 _____ C:\Users\Public\Desktop\Controller Editor.lnk
2013-06-23 16:15 - 2013-06-23 16:33 - 00000968 _____ C:\Users\Public\Desktop\Service Center.lnk
2013-06-23 16:15 - 2013-06-23 16:33 - 00000000 ____D C:\Program Files\Native Instruments
2013-06-23 16:15 - 2013-06-23 16:33 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2013-06-23 16:15 - 2013-06-23 16:16 - 00000000 ____D C:\ProgramData\Native Instruments
2013-06-23 16:00 - 2013-06-23 16:00 - 00000000 ____D C:\Users\HP\Downloads\Traktor_2_260_Demo_PC
2013-06-23 15:18 - 2013-06-23 15:22 - 146091492 _____ C:\Users\HP\Downloads\Traktor_2_260_Demo_PC.zip
2013-06-23 14:06 - 2013-06-26 14:00 - 00000000 ____D C:\Users\HP\AppData\Roaming\Skype
2013-06-23 14:06 - 2013-06-23 14:06 - 00001892 _____ C:\Users\Public\Desktop\Skype.lnk
2013-06-23 14:06 - 2013-06-23 14:06 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-23 14:06 - 2013-06-23 14:06 - 00000000 ____D C:\ProgramData\Skype
2013-06-23 14:05 - 2013-06-23 14:05 - 00001877 _____ C:\Users\Public\Desktop\FL Studio 11.lnk
2013-06-23 14:04 - 2013-06-26 13:59 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2013-06-23 14:04 - 2013-06-23 14:04 - 00000000 ____D C:\Users\HP\AppData\Roaming\Image-Line
2013-06-23 14:04 - 2013-06-23 14:04 - 00000000 ____D C:\Users\HP\AppData\Roaming\FlowStone
2013-06-23 14:04 - 2013-06-23 14:04 - 00000000 ____D C:\Program Files\Image-Line
2013-06-23 14:04 - 2013-06-23 14:04 - 00000000 ____D C:\Program Files (x86)\DSPRobotics
2013-06-23 14:04 - 2009-09-15 11:14 - 01554944 _____ (HMS hxxp://hp.vector.co.jp/authors/VA012897/) C:\Windows\SysWOW64\vorbis.acm
2013-06-23 13:49 - 2013-06-23 13:49 - 00617312 _____ (www.download-sponsor.de) C:\Users\HP\Downloads\fl11.exe
2013-06-13 19:43 - 2013-05-17 04:51 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-06-13 19:43 - 2013-05-17 04:51 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-06-13 19:43 - 2013-05-17 00:17 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-13 19:43 - 2013-05-17 00:16 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-13 19:42 - 2013-05-17 06:05 - 17824768 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-06-13 19:42 - 2013-05-17 05:27 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-06-13 19:42 - 2013-05-17 05:09 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-06-13 19:42 - 2013-05-17 05:02 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-06-13 19:42 - 2013-05-17 05:02 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-06-13 19:42 - 2013-05-17 05:01 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-06-13 19:42 - 2013-05-17 05:00 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-06-13 19:42 - 2013-05-17 04:58 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-06-13 19:42 - 2013-05-17 04:56 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-06-13 19:42 - 2013-05-17 04:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-06-13 19:42 - 2013-05-17 04:55 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-06-13 19:42 - 2013-05-17 04:54 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-06-13 19:42 - 2013-05-17 04:53 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-06-13 19:42 - 2013-05-17 04:46 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-06-13 19:42 - 2013-05-17 01:08 - 12329984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-13 19:42 - 2013-05-17 00:49 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-13 19:42 - 2013-05-17 00:39 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-13 19:42 - 2013-05-17 00:28 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-13 19:42 - 2013-05-17 00:28 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-13 19:42 - 2013-05-17 00:27 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-13 19:42 - 2013-05-17 00:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-13 19:42 - 2013-05-17 00:23 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-13 19:42 - 2013-05-17 00:21 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-13 19:42 - 2013-05-17 00:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-13 19:42 - 2013-05-17 00:20 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-13 19:42 - 2013-05-17 00:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-13 19:42 - 2013-05-17 00:17 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-13 19:42 - 2013-05-17 00:12 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-12 12:47 - 2013-04-24 06:09 - 01269248 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-06-12 12:47 - 2013-04-24 06:09 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-06-12 12:47 - 2013-04-24 06:09 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-06-12 12:47 - 2013-04-24 06:09 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-06-12 12:47 - 2013-04-24 06:00 - 00985600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 12:47 - 2013-04-24 06:00 - 00133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 12:47 - 2013-04-24 06:00 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 12:47 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 12:47 - 2013-04-24 04:10 - 01078272 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-06-12 12:47 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 12:46 - 2013-05-08 06:50 - 01423720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-06-12 12:46 - 2013-05-02 06:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-06-12 12:46 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 12:46 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printcom.dll
2013-06-12 12:46 - 2013-04-17 15:04 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-06-12 12:46 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
==================== One Month Modified Files and Folders =======
2013-07-12 15:04 - 2013-07-12 15:04 - 00000000 ____D C:\FRST
2013-07-12 15:03 - 2013-07-12 15:02 - 01778143 _____ (Farbar) C:\Users\HP\Downloads\FRST64.exe
2013-07-12 15:03 - 2008-01-21 03:53 - 01770661 _____ C:\Windows\WindowsUpdate.log
2013-07-12 15:00 - 2010-09-18 21:51 - 00628742 _____ C:\Windows\system32\perfh007.dat
2013-07-12 15:00 - 2010-09-18 21:51 - 00126486 _____ C:\Windows\system32\perfc007.dat
2013-07-12 15:00 - 2006-11-02 14:46 - 01445546 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-12 14:58 - 2010-09-21 21:16 - 00003574 _____ C:\Windows\System32\Tasks\HP Health Check
2013-07-12 14:55 - 2010-09-22 16:24 - 00000000 ____D C:\Users\HP\Tracing
2013-07-12 14:54 - 2010-09-18 13:01 - 00000000 ____D C:\Windows\SMINST
2013-07-12 14:54 - 2006-11-02 17:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-12 14:54 - 2006-11-02 17:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-12 14:53 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-07 21:45 - 2006-11-02 17:42 - 00032510 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-07 20:51 - 2013-02-23 13:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-07 20:50 - 2010-09-21 21:22 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463736517-1590668850-227724268-1000UA.job
2013-07-07 20:50 - 2010-09-21 21:22 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463736517-1590668850-227724268-1000Core.job
2013-07-07 20:45 - 2010-09-21 21:22 - 00003986 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1463736517-1590668850-227724268-1000UA
2013-07-07 20:45 - 2010-09-21 21:22 - 00003590 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1463736517-1590668850-227724268-1000Core
2013-07-04 13:12 - 2013-07-04 13:12 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\HP\Desktop\tdsskiller.exe
2013-07-04 13:10 - 2013-07-02 20:16 - 00003642 _____ C:\Users\HP\Desktop\aswMBR.txt
2013-07-04 13:10 - 2013-07-02 20:16 - 00000512 _____ C:\Users\HP\Desktop\MBR.dat
2013-07-04 12:35 - 2013-07-04 12:34 - 04745728 _____ (AVAST Software) C:\Users\HP\Desktop\aswMBR (2).exe
2013-07-04 11:16 - 2013-06-27 18:53 - 00000000 ____D C:\Users\HP\Desktop\FL STUDIO
2013-07-03 17:38 - 2013-07-03 16:51 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-03 17:10 - 2010-09-22 17:35 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-07-03 16:49 - 2013-07-03 16:49 - 00000000 ____D C:\Users\HP\Downloads\mbar-1.06.0.1004 (1)
2013-07-03 16:49 - 2013-07-03 16:48 - 13399154 _____ C:\Users\HP\Downloads\mbar-1.06.0.1004 (1).zip
2013-07-03 16:47 - 2013-07-03 16:47 - 00000000 ____D C:\Users\HP\Downloads\mbar-1.06.0.1004
2013-07-03 16:47 - 2013-07-03 16:46 - 13399154 _____ C:\Users\HP\Downloads\mbar-1.06.0.1004.zip
2013-07-03 16:36 - 2013-07-03 16:36 - 00276008 _____ C:\Windows\Minidump\Mini070313-02.dmp
2013-07-03 16:36 - 2011-04-24 23:11 - 00000000 ____D C:\Windows\Minidump
2013-07-03 16:35 - 2013-07-03 13:51 - 683871912 _____ C:\Windows\MEMORY.DMP
2013-07-03 16:23 - 2013-07-03 16:23 - 00101071 _____ C:\Users\HP\Desktop\Gmer.txt
2013-07-03 15:30 - 2013-07-03 15:30 - 00000000 _____ C:\Windows\setuperr.log
2013-07-03 15:30 - 2013-07-03 15:30 - 00000000 _____ C:\Windows\setupact.log
2013-07-03 15:30 - 2013-07-03 10:14 - 00000000 ____D C:\Windows\BCD5545077AC4347B24F654B1189F8D4.TMP
2013-07-03 15:23 - 2013-07-03 15:23 - 00377856 _____ C:\Users\HP\Downloads\gmer_2.1.19163 (2).exe
2013-07-03 14:47 - 2013-07-03 13:05 - 00086324 _____ C:\Users\HP\Downloads\OTL.Txt
2013-07-03 14:31 - 2013-07-03 14:30 - 00602112 _____ (OldTimer Tools) C:\Users\HP\Downloads\OTL (1).exe
2013-07-03 14:26 - 2013-07-03 14:26 - 00002276 _____ C:\Users\HP\Desktop\JRT.txt
2013-07-03 14:15 - 2013-07-03 14:15 - 00000000 ____D C:\Windows\ERUNT
2013-07-03 14:15 - 2013-07-03 14:15 - 00000000 ____D C:\JRT
2013-07-03 14:14 - 2013-07-03 14:14 - 00545954 _____ (Oleg N. Scherbakov) C:\Users\HP\Downloads\JRT.exe
2013-07-03 13:57 - 2013-07-03 13:57 - 00003839 _____ C:\Users\HP\Desktop\AdwCleaner[S2].txt
2013-07-03 13:52 - 2013-07-03 13:52 - 00280320 _____ C:\Windows\Minidump\Mini070313-01.dmp
2013-07-03 13:39 - 2013-07-03 13:39 - 00003839 _____ C:\AdwCleaner[S2].txt
2013-07-03 13:39 - 2013-05-13 20:16 - 00002145 _____ C:\Windows\DeleteOnReboot.bat
2013-07-03 13:38 - 2013-07-03 13:37 - 00648201 _____ C:\Users\HP\Downloads\adwcleaner.exe
2013-07-03 13:31 - 2013-07-03 13:31 - 00377856 _____ C:\Users\HP\Downloads\gmer_2.1.19163 (1).exe
2013-07-03 13:12 - 2013-07-03 13:12 - 00377856 _____ C:\Users\HP\Downloads\gmer_2.1.19163.exe
2013-07-03 13:06 - 2013-07-03 13:06 - 00059796 _____ C:\Users\HP\Downloads\Extras.Txt
2013-07-03 12:54 - 2013-07-03 12:54 - 00602112 _____ (OldTimer Tools) C:\Users\HP\Downloads\OTL.exe
2013-07-03 12:53 - 2013-07-03 12:53 - 00000466 _____ C:\Users\HP\Downloads\defogger_disable.log
2013-07-03 12:53 - 2013-07-03 12:53 - 00000000 _____ C:\Users\HP\defogger_reenable
2013-07-03 12:53 - 2010-09-18 14:02 - 00000000 ____D C:\Users\HP
2013-07-03 12:52 - 2013-07-03 12:52 - 00050477 _____ C:\Users\HP\Downloads\Defogger.exe
2013-07-03 12:05 - 2013-07-03 12:05 - 00003350 _____ C:\Windows\System32\Tasks\BrowserDefendert
2013-07-03 12:04 - 2013-07-03 09:53 - 00003186 _____ C:\Windows\PFRO.log
2013-07-03 11:57 - 2013-07-03 11:57 - 00000000 ____D C:\Users\HP\AppData\Roaming\Malwarebytes
2013-07-03 11:57 - 2013-07-03 11:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-03 11:56 - 2013-07-03 11:56 - 00000950 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-03 11:56 - 2013-07-03 11:56 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-03 11:56 - 2013-07-03 11:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\HP\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-07-03 10:34 - 2013-07-03 10:33 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\HP\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-03 10:33 - 2013-07-03 10:33 - 00726464 _____ (Enigma Software Group USA, LLC.) C:\Users\HP\Downloads\SpyHunter-Installer (2).exe
2013-07-03 10:16 - 2013-07-03 10:16 - 00000000 _____ C:\autoexec.bat
2013-07-03 10:15 - 2013-07-03 10:15 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-03 10:12 - 2013-07-03 10:12 - 00726464 _____ (Enigma Software Group USA, LLC.) C:\Users\HP\Downloads\SpyHunter-Installer (1).exe
2013-07-03 10:05 - 2010-12-19 00:57 - 00000000 ____D C:\ProgramData\MAGIX
2013-07-03 10:05 - 2010-12-19 00:57 - 00000000 ____D C:\Program Files (x86)\MAGIX
2013-07-03 10:02 - 2013-07-03 10:02 - 00726464 _____ (Enigma Software Group USA, LLC.) C:\Users\HP\Downloads\SpyHunter-Installer.exe
2013-07-02 20:50 - 2010-09-18 12:51 - 00000000 ____D C:\ProgramData\WildTangent
2013-07-02 20:50 - 2010-09-18 12:51 - 00000000 ____D C:\Program Files (x86)\HP Games
2013-07-02 20:48 - 2010-09-18 12:31 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-02 20:45 - 2010-09-18 12:34 - 00000000 ____D C:\Program Files (x86)\CyberLink
2013-07-02 20:33 - 2013-07-02 20:33 - 00002766 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-02 20:33 - 2013-07-02 20:33 - 00000772 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-07-02 20:33 - 2013-07-02 20:33 - 00000000 ____D C:\Program Files\CCleaner
2013-07-02 20:29 - 2013-07-02 20:28 - 03357912 _____ (Piriform Ltd) C:\Users\HP\Downloads\ccsetup403_slim.exe
2013-07-02 20:18 - 2013-07-02 20:17 - 04745728 _____ (AVAST Software) C:\Users\HP\Downloads\aswMBR (1).exe
2013-07-02 20:11 - 2013-07-02 20:09 - 04745728 _____ (AVAST Software) C:\Users\HP\Downloads\aswMBR.exe
2013-07-02 20:02 - 2013-07-02 20:02 - 00003284 _____ C:\Windows\System32\Tasks\EPUpdater
2013-07-02 20:02 - 2013-07-02 20:02 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-02 20:02 - 2013-07-02 20:02 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-02 20:02 - 2013-07-02 20:02 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-02 20:02 - 2013-07-02 20:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 20:01 - 2013-07-02 20:01 - 00793536 _____ C:\Users\HP\Downloads\ZipOpenerSetup.exe
2013-07-02 20:01 - 2013-07-02 20:01 - 00003698 _____ C:\Windows\System32\Tasks\QtraxPlayer
2013-07-02 20:01 - 2013-07-02 20:01 - 00003396 _____ C:\Windows\System32\Tasks\DealPly
2013-07-02 20:01 - 2013-07-02 20:01 - 00003202 _____ C:\Windows\System32\Tasks\DSite
2013-06-27 16:35 - 2013-06-27 16:35 - 00000000 ____D C:\Users\HP\AppData\Roaming\SynthMaker
2013-06-26 14:00 - 2013-06-26 14:00 - 00029582 _____ C:\Users\HP\Downloads\Image-Line_FL_Studio_10_Producer_Edition.reg
2013-06-26 14:00 - 2013-06-23 14:06 - 00000000 ____D C:\Users\HP\AppData\Roaming\Skype
2013-06-26 13:59 - 2013-06-26 13:59 - 00000983 _____ C:\Users\Public\Desktop\FL Studio 10.lnk
2013-06-26 13:59 - 2013-06-26 13:59 - 00000979 _____ C:\Users\HP\Desktop\ASIO4ALL v2 Instruction Manual.lnk
2013-06-26 13:59 - 2013-06-26 13:59 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2013-06-26 13:59 - 2013-06-26 13:59 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2013-06-26 13:59 - 2013-06-23 14:04 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2013-06-26 13:56 - 2013-03-31 15:48 - 00000000 ____D C:\Program Files (x86)\Image-Line
2013-06-26 13:54 - 2013-06-26 13:47 - 234368802 _____ C:\Users\HP\Downloads\flstudio_10.0.9.exe
2013-06-23 16:40 - 2013-06-23 16:40 - 00000000 ____D C:\Users\HP\Documents\Native Instruments
2013-06-23 16:37 - 2013-06-23 16:19 - 00000911 _____ C:\Users\Public\Desktop\Traktor 2.lnk
2013-06-23 16:33 - 2013-06-23 16:33 - 00000000 __HDC C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}
2013-06-23 16:33 - 2013-06-23 16:33 - 00000000 __HDC C:\ProgramData\{51B0C2F8-BB02-4FF9-83E6-6BBD135AD344}
2013-06-23 16:33 - 2013-06-23 16:16 - 00001003 _____ C:\Users\Public\Desktop\Controller Editor.lnk
2013-06-23 16:33 - 2013-06-23 16:15 - 00000968 _____ C:\Users\Public\Desktop\Service Center.lnk
2013-06-23 16:33 - 2013-06-23 16:15 - 00000000 ____D C:\Program Files\Native Instruments
2013-06-23 16:33 - 2013-06-23 16:15 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2013-06-23 16:19 - 2013-06-23 16:19 - 00000000 __HDC C:\ProgramData\{60143F1F-63C8-4CC1-A37B-28EB1FC6C10F}
2013-06-23 16:16 - 2013-06-23 16:15 - 00000000 ____D C:\ProgramData\Native Instruments
2013-06-23 16:00 - 2013-06-23 16:00 - 00000000 ____D C:\Users\HP\Downloads\Traktor_2_260_Demo_PC
2013-06-23 15:22 - 2013-06-23 15:18 - 146091492 _____ C:\Users\HP\Downloads\Traktor_2_260_Demo_PC.zip
2013-06-23 14:06 - 2013-06-23 14:06 - 00001892 _____ C:\Users\Public\Desktop\Skype.lnk
2013-06-23 14:06 - 2013-06-23 14:06 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-23 14:06 - 2013-06-23 14:06 - 00000000 ____D C:\ProgramData\Skype
2013-06-23 14:05 - 2013-06-23 14:05 - 00001877 _____ C:\Users\Public\Desktop\FL Studio 11.lnk
2013-06-23 14:05 - 2013-03-31 15:50 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2013-06-23 14:04 - 2013-06-23 14:04 - 00000000 ____D C:\Users\HP\AppData\Roaming\Image-Line
2013-06-23 14:04 - 2013-06-23 14:04 - 00000000 ____D C:\Users\HP\AppData\Roaming\FlowStone
2013-06-23 14:04 - 2013-06-23 14:04 - 00000000 ____D C:\Program Files\Image-Line
2013-06-23 14:04 - 2013-06-23 14:04 - 00000000 ____D C:\Program Files (x86)\DSPRobotics
2013-06-23 13:49 - 2013-06-23 13:49 - 00617312 _____ (www.download-sponsor.de) C:\Users\HP\Downloads\fl11.exe
2013-06-19 09:49 - 2010-09-21 21:23 - 00002029 _____ C:\Users\HP\Desktop\Chrome.lnk
2013-06-19 09:08 - 2010-10-07 12:35 - 00102400 _____ C:\Users\HP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-14 18:25 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache
2013-06-13 19:51 - 2013-02-23 13:53 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-13 19:51 - 2013-02-23 13:53 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-13 19:51 - 2013-02-23 13:53 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-06-12 12:08 - 2010-09-18 14:06 - 00123648 _____ C:\Users\HP\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-12 12:06 - 2006-11-02 17:21 - 00432464 _____ C:\Windows\system32\FNTCACHE.DAT
Files to move or delete:
====================
C:\ProgramData\l_u0_0.pad
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-12 14:59
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-07-2013 01 Ran by HP at 2013-07-12 15:07:05 Running from C:\Users\HP\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Update for Microsoft Office 2007 (KB2508958) (x32) Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0.1) Activation Assistant for the 2007 Microsoft Office suites (x32) Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224) Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224) Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7) AOL Toolbar 5.0 (x32 Version: 5.2.69.1) Apple Application Support (x32 Version: 2.3.3) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (x32 Version: 2.1.3.127) ASIO4ALL (x32 Version: 2.10) ATI Catalyst Install Manager (Version: 3.0.678.0) avast! Free Antivirus (x32 Version: 7.0.1466.0) Bonjour (Version: 3.0.0.10) Cards_Calendar_OrderGift_DoMorePlugout (x32 Version: 2.03.0000) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center Core Implementation (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Graphics Full Existing (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Graphics Full New (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Graphics Light (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Graphics Previews Common (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Graphics Previews Vista (x32 Version: 2008.0514.2139.36863) Catalyst Control Center InstallProxy (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Localization Chinese Standard (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Localization Chinese Traditional (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Localization Czech (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Localization Danish (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Localization Dutch (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Localization Finnish (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Localization French (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Localization German (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Localization Greek (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Localization Hungarian (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Localization Italian (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Localization Japanese (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Localization Korean (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Localization Norwegian (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Localization Polish (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Localization Portuguese (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Localization Russian (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Localization Spanish (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Localization Swedish (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Localization Thai (x32 Version: 2008.0514.2139.36863) Catalyst Control Center Localization Turkish (x32 Version: 2008.0514.2139.36863) CCC Help Chinese Standard (x32 Version: 2008.0514.2138.36863) CCC Help Chinese Traditional (x32 Version: 2008.0514.2138.36863) CCC Help Czech (x32 Version: 2008.0514.2138.36863) CCC Help Danish (x32 Version: 2008.0514.2138.36863) CCC Help Dutch (x32 Version: 2008.0514.2138.36863) CCC Help English (x32 Version: 2008.0514.2138.36863) CCC Help Finnish (x32 Version: 2008.0514.2138.36863) CCC Help French (x32 Version: 2008.0514.2138.36863) CCC Help German (x32 Version: 2008.0514.2138.36863) CCC Help Greek (x32 Version: 2008.0514.2138.36863) CCC Help Hungarian (x32 Version: 2008.0514.2138.36863) CCC Help Italian (x32 Version: 2008.0514.2138.36863) CCC Help Japanese (x32 Version: 2008.0514.2138.36863) CCC Help Korean (x32 Version: 2008.0514.2138.36863) CCC Help Norwegian (x32 Version: 2008.0514.2138.36863) CCC Help Polish (x32 Version: 2008.0514.2138.36863) CCC Help Portuguese (x32 Version: 2008.0514.2138.36863) CCC Help Russian (x32 Version: 2008.0514.2138.36863) CCC Help Spanish (x32 Version: 2008.0514.2138.36863) CCC Help Swedish (x32 Version: 2008.0514.2138.36863) CCC Help Thai (x32 Version: 2008.0514.2138.36863) CCC Help Turkish (x32 Version: 2008.0514.2138.36863) ccc-core-static (x32 Version: 2008.0514.2139.36863) ccc-utility64 (Version: 2008.0514.2139.36863) Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000) CyberLink DVD Suite Deluxe (x32 Version: .1707) Die Sims™ 3 (x32 Version: 1.21.123) Die Sims™ 3 Lebensfreude (x32 Version: 8.0.152) DivX-Setup (x32 Version: 2.6.1.41) eaner (Version: 4.03) FL Studio 10 (x32) FlowStone FL 3.0 (x32) Google Chrome (HKCU Version: 27.0.1453.116) Hardware Diagnose Tools (x32 Version: 5.1.4861.15) Hewlett-Packard Active Check for Health Check (x32 Version: 1.1.15.2) Hewlett-Packard Asset Agent for Health Check (x32 Version: 2.0.63.2) HP Active Support Library (x32 Version: 3.1.6.1) HP Customer Experience Enhancements (x32 Version: 5.6.0.2510) HP Customer Feedback (x32 Version: 1.0.0) HP Easy Setup - Frontend (x32 Version: 5.7.0.2693) HP Photosmart Essential 2.5 (x32 Version: 1.03.0000) HP Photosmart Essential 3.0 (Version: 3.0) HP Picasso Media Center Add-In (x32 Version: 1.0.0) HP Recovery Manager RSS (x32 Version: 84.0.0.7) HP Total Care Advisor (x32 Version: 2.3.4292.2709) HP Update (x32 Version: 4.000.010.008) HPPhotoSmartPhotobookWebPack1 (x32 Version: 2.03.0000) IL Download Manager (x32) iTunes (Version: 11.0.2.26) Java Auto Updater (x32 Version: 2.0.6.1) Java(TM) 6 Update 29 (x32 Version: 6.0.290) Java(TM) SE Runtime Environment 6 Update 1 (x32 Version: 1.6.0.10) MAGIX Music Maker 16 Premium Download-Version (x32 Version: 16.0.0.30) MAGIX Speed burnR (x32 Version: 7.0.1.27) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Choice Guard (x32 Version: 2.0.48.0) Microsoft Office 2007 Service Pack 3 (SP3) (x32) Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000) Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32) Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Silverlight (x32 Version: 5.1.20125.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Sync Framework Runtime Native v1.0 (x86) (x32 Version: 1.0.1215.0) Microsoft Sync Framework Services Native v1.0 (x86) (x32 Version: 1.0.1215.0) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Works (x32 Version: 9.7.0621) Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0) MSVCRT (x32 Version: 14.0.1468.721) MSXML 4.0 SP2 (KB927978) (x32 Version: 4.20.9841.0) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) My HP Games (x32 Version: 1.0.0.52) Native Instruments Controller Editor (Version: 1.5.2.1142) Native Instruments Controller Editor (x32) Native Instruments Service Center (Version: 2.3.2.926) Native Instruments Service Center (x32) Native Instruments Traktor 2 (Version: 2.6.0.14627) Native Instruments Traktor 2 (x32) NVIDIA Drivers Optimierte Multimedia-Tastatur-Lösung (x32) PlayStation(R)Network Downloader (x32 Version: 2.04.00651) PlayStation(R)Store (x32 Version: 4.0.14.10643) Power2Go (x32 Version: 5.6.4109) PSSWCORE (x32 Version: 2.03.0000) Python 2.5.2 (x32 Version: 2.5.2150) QuickTime (x32 Version: 7.73.80.64) Realtek High Definition Audio Driver (x32 Version: 6.0.1.5657) Skins (x32 Version: 2008.0514.2139.36863) Skype™ 6.5 (x32 Version: 6.5.158) Text-To-Speech-Runtime (x32 Version: 1.0.0.0) Ulead Drop Spot (x32 Version: 1.0) Ulead Drop Spot 1.0 (x32 Version: 1.0) Ulead PhotoImpact 8 (x32 Version: 8.0) Update for 2007 Microsoft Office System (KB967642) (x32) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32) Update für Microsoft Office Excel 2007 Help (KB963678) (x32) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32) Update für Microsoft Office Word 2007 Help (KB963665) (x32) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0) VideoToolkit01 (x32 Version: 110.0.171.000) VLC media player 2.0.4 (x32 Version: 2.0.4) Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5) Windows Live Call (x32 Version: 14.0.8117.0416) Windows Live Communications Platform (x32 Version: 14.0.8117.416) Windows Live Essentials (x32 Version: 14.0.8117.0416) Windows Live Essentials (x32 Version: 14.0.8117.416) Windows Live Family Safety (Version: 14.0.8118.427) Windows Live Fotogalerie (x32 Version: 14.0.8117.416) Windows Live Messenger (x32 Version: 14.0.8117.0416) Windows Live Movie Maker (x32 Version: 14.0.8117.0416) Windows Live Sync (x32 Version: 14.0.8117.416) Windows Live Writer (x32 Version: 14.0.8117.0416) Windows Live-Uploadtool (x32 Version: 14.0.8014.1029) Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8) ==================== Restore Points ========================= 04-06-2013 18:22:09 Geplanter Prüfpunkt 06-06-2013 16:25:22 Geplanter Prüfpunkt 07-06-2013 14:14:42 Windows Update 08-06-2013 15:15:15 Geplanter Prüfpunkt 09-06-2013 17:21:35 Geplanter Prüfpunkt 10-06-2013 19:35:51 Geplanter Prüfpunkt 11-06-2013 12:44:14 Windows Update 13-06-2013 17:41:09 Windows Update 14-06-2013 17:00:45 Geplanter Prüfpunkt 15-06-2013 13:57:28 Geplanter Prüfpunkt 18-06-2013 09:22:23 Windows Update 19-06-2013 08:40:25 Geplanter Prüfpunkt 22-06-2013 07:23:06 Windows Update 23-06-2013 13:45:46 Geplanter Prüfpunkt 25-06-2013 11:51:26 Windows Update 26-06-2013 18:23:38 Geplanter Prüfpunkt 27-06-2013 09:58:48 Geplanter Prüfpunkt 28-06-2013 12:15:07 Windows Update 29-06-2013 11:34:48 Geplanter Prüfpunkt 02-07-2013 17:31:09 Windows Update 02-07-2013 18:26:09 Konfiguriert PowerDirector 03-07-2013 08:05:34 Removed LightScribe System Software 1.14.17.1. 03-07-2013 08:15:03 Installed SpyHunter 03-07-2013 10:57:04 Removed SpyHunter 03-07-2013 13:28:37 Removed SpyHunter 04-07-2013 10:24:29 Geplanter Prüfpunkt 06-07-2013 13:19:17 Windows Update ==================== Hosts content: ========================== 2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {088C6CAC-4B2B-4FBD-80DA-8ECEB39DB261} - System32\Tasks\QtraxPlayer => C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe [2013-01-24] (Microsoft Corporation) Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {1C998325-232B-4DFA-8D5B-A777A049EF52} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation) Task: {1E60430C-08B6-445F-99E6-F9D5D49A01A3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2012-08-21] (AVAST Software) Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation) Task: {287F61D9-BDAB-4A01-B0C7-BCE867BADD5D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1463736517-1590668850-227724268-1000Core => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-21] (Google Inc.) Task: {36175126-3C96-45E7-80E8-073D0C4250E2} - System32\Tasks\HP Health Check => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-02] (Hewlett-Packard) Task: {3D5C5602-0435-4D1D-83C0-C40CE40C6D96} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2006-11-02] (Microsoft Corporation) Task: {4084CB2A-A697-4757-80BA-6423B5CFDF90} - System32\Tasks\DSite => C:\Users\HP\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE No File Task: {46E77CBF-09DD-40A1-8182-5C79111798C4} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation) Task: {4C294E95-60F5-4867-86A5-FACA21D1D5BE} - System32\Tasks\PC-Doctor\Scheduled Maintenance Swap => C:\Program Files (x86)\PC-Doctor for Windows\task_swap.exe [2008-03-13] (PC-Doctor, Inc.) Task: {58EEE6D9-0DEB-4C44-AAA5-AB8DAEFE8C2A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1463736517-1590668850-227724268-1000UA => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-21] (Google Inc.) Task: {68F100B2-B855-4574-9B48-19EA3779E421} - System32\Tasks\DealPly => C:\Users\HP\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE No File Task: {6922D56C-91BE-4163-BA13-EEA9F1C0C27D} - System32\Tasks\EPUpdater => C:\Users\HP\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe No File Task: {73D0C621-A4B9-4B02-9DE2-263E320B1727} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-13] (Adobe Systems Incorporated) Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {9948DB64-460E-4983-B649-D6E91163F854} - System32\Tasks\PC-Doctor\Scheduled Maintenance => C:\Program Files (x86)\PC-Doctor for Windows\RunProfiler.exe [2008-04-09] (PC-Doctor, Inc.) Task: {A9683382-0125-42BE-A29E-E39819CD3AF7} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation) Task: {B0A04DDE-541A-462C-9CF2-2EDE14595C4E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd) Task: {C9F45BAA-F6B0-4EEE-935F-F61D19CE5DBB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] () Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463736517-1590668850-227724268-1000Core.job => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1463736517-1590668850-227724268-1000UA.job => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/12/2013 02:55:26 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/07/2013 08:06:06 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/06/2013 03:15:08 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/04/2013 08:24:02 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/04/2013 10:58:24 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/03/2013 04:37:31 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/03/2013 04:22:32 PM) (Source: Application Hang) (User: ) Description: Programm explorer.exe, Version 6.0.6002.18005 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen. Prozess-ID: ea8 Anfangszeit: 01ce77f6af8acde5 Zeitpunkt der Beendigung: 0 Error: (07/03/2013 04:07:43 PM) (Source: Application Hang) (User: ) Description: Programm explorer.exe, Version 6.0.6002.18005 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen. Prozess-ID: 454 Anfangszeit: 01ce77e7b7f9c305 Zeitpunkt der Beendigung: 0 Error: (07/03/2013 03:59:31 PM) (Source: RasClient) (User: ) Description: CoID={D3A8575A-FFB5-4873-9D15-235236674F37}: Der Benutzer "HP-PC\HP" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 814. Error: (07/03/2013 03:58:35 PM) (Source: RasClient) (User: ) Description: CoID={2E84CFA3-F8DC-46CA-A0FA-94B8E7E2DA3F}: Der Benutzer "HP-PC\HP" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 814. System errors: ============= Error: (07/04/2013 00:43:15 PM) (Source: nvstor64) (User: ) Description: Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden. Error: (07/04/2013 00:42:14 PM) (Source: nvstor64) (User: ) Description: Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden. Error: (07/03/2013 03:43:43 PM) (Source: nvstor64) (User: ) Description: Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden. Error: (07/03/2013 03:42:11 PM) (Source: nvstor64) (User: ) Description: Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden. Error: (07/03/2013 03:41:43 PM) (Source: nvstor64) (User: ) Description: Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden. Error: (07/03/2013 03:41:29 PM) (Source: nvstor64) (User: ) Description: Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden. Error: (07/03/2013 03:41:09 PM) (Source: nvstor64) (User: ) Description: Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden. Error: (07/03/2013 03:40:41 PM) (Source: nvstor64) (User: ) Description: Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden. Error: (07/03/2013 03:40:23 PM) (Source: nvstor64) (User: ) Description: Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden. Error: (07/03/2013 03:39:48 PM) (Source: nvstor64) (User: ) Description: Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden. Microsoft Office Sessions: ========================= Error: (06/10/2013 05:57:10 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 457 seconds with 300 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2013-07-03 17:37:43.647 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-07-03 17:37:43.318 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-07-03 17:37:42.986 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-07-03 17:37:42.658 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-07-03 17:36:57.933 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-07-03 17:36:57.497 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-07-03 17:36:57.122 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-07-03 17:36:56.520 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2011-10-17 11:17:21.812 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\KLIFX64\klmouflt.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2011-10-17 11:17:21.582 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\KLIFX64\klmouflt.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 62% Total physical RAM: 4093.58 MB Available physical RAM: 1553.22 MB Total Pagefile: 8401.58 MB Available Pagefile: 5365.11 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: (HP) (Fixed) (Total:582.67 GB) (Free:426.05 GB) NTFS (Disk=0 Partition=1) ==>[Drive with boot components (obtained from BCD)] Drive d: (FACTORY_IMAGE) (Fixed) (Total:13.5 GB) (Free:1.84 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)] Drive i: () (Removable) (Total:1.88 GB) (Free:0.91 GB) FAT (Disk=3 Partition=1) Drive k: (Volume) (Fixed) (Total:931.51 GB) (Free:874.27 GB) NTFS (Disk=5 Partition=1) ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 596 GB) (Disk ID: C834D28F) Partition 1: (Active) - (Size=583 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=13 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (Size: 2 GB) (Disk ID: 00000000) Partition 1: (Not Active) - (Size=2 GB) - (Type=06) ======================================================== Disk: 5 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: E064DE9B) Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
|
12.07.2013, 14:30
| #32 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Delta Search und Babylon search - Malware durch Freeware, Windows Vista Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.
__________________Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter CHR HomePage: http://www.delta-search.com/?babsrc=HP_ss&mntrId=E2A300235454EB6E&affID=119357&tsp=4931
CHR RestoreOnStartup: "http://www.delta-search.com/?babsrc=HP_ss&mntrId=E2A300235454EB6E&affID=119357&tsp=4931"
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ |
|
12.07.2013, 15:15
| #33 |
| | Delta Search und Babylon search - Malware durch Freeware, Windows Vista Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-07-2013 01
__________________Ran by HP at 2013-07-12 16:15:06 Run:1 Running from C:\Users\HP\Desktop Boot Mode: Normal ============================================== CHR HomePage: hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=E2A300235454EB6E&affID=119357&tsp=4931 ==> The Chrome "Settings" can be used to fix the entry. CHR RestoreOnStartup: "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=E2A300235454EB6E&affID=119357&tsp=4931" ==> The Chrome "Settings" can be used to fix the entry. ==== End of Fixlog ==== |
|
14.07.2013, 16:50
| #34 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Delta Search und Babylon search - Malware durch Freeware, Windows Vista Babylon und Delta jetzt komplett weg oder siehst du davon noch was?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.07.2013, 09:44
| #35 |
| | Delta Search und Babylon search - Malware durch Freeware, Windows Vista Ich hab delta search immernoch als Startseite  |
|
15.07.2013, 13:35
| #36 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Delta Search und Babylon search - Malware durch Freeware, Windows Vista Kann eigentlich nicht sein, Delta wurde gefixt Du erzählst auch nicht mit welchem Windows-Benutzer und in welchem Browser genau du das (noch) hast
__________________ --> Delta Search und Babylon search - Malware durch Freeware, Windows Vista |
|
16.07.2013, 10:54
| #37 |
| | Delta Search und Babylon search - Malware durch Freeware, Windows Vista Bei Explorer taucht es nicht mehr auf aber bei GoogleChrome hab ich das immernoch .. und ich hab nur einen Benutzer, nämlich ''HP'' |
|
16.07.2013, 15:03
| #38 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Delta Search und Babylon search - Malware durch Freeware, Windows Vista Bitte adwCleaner und JRT neu runterladen und nochmal usführen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Delta Search und Babylon search - Malware durch Freeware, Windows Vista |
| babylon search, delta, delta search, entfernen, erhalte, explorer, forum, freeware, gekauft, gen, gestartet, guter, immernoch, julia, lizenz, malware, malwarebytes, nichts, problem, programm, search, seite, startseite, vista, windows, windows vista, wirklich |
Linear-Darstellung
