KJ-Antje | 29.08.2013 15:50 | Hallo,
da das Malware-File zu groß ist, kommt es als Anhang.
Ergebnis von AdwCleaner: Code:
# AdwCleaner v3.001 - Report created 29/08/2013 at 16:19:38
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : HP - HERBERT
# Running from : C:\Users\HP\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : Updater Service for AMZN
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer
Folder Deleted : C:\Program Files (x86)\Amazon Browser Bar
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\delta
Folder Deleted : C:\Program Files (x86)\LyriXeeker
Folder Deleted : C:\Program Files (x86)\PC Speed Maximizer
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Users\HP\AppData\Local\Amazon Browser Bar
Folder Deleted : C:\Users\HP\AppData\Local\apn
Folder Deleted : C:\Users\HP\AppData\Local\Temp\Smartbar
Folder Deleted : C:\Users\HP\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\HP\AppData\Roaming\optimizer pro
Folder Deleted : C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Folder Deleted : C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\svovbrig.default\Smartbar
File Deleted : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\svovbrig.default\Extensions\firefox@webconnect.co.xpi
File Deleted : C:\Users\HP\Desktop\Optimizer Pro.lnk
File Deleted : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\svovbrig.default\searchplugins\Web Search.xml
File Deleted : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\svovbrig.default\\invalidprefs.js
File Deleted : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\svovbrig.default\user.js
File Deleted : C:\Windows\System32\Tasks\EPUpdater
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
***** [ Registry ] *****
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [PC Speed Maximizer]
Key Deleted : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB
Key Deleted : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\9ededcb33eb946
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69A72A8A-84ED-4A75-8CE7-263DBEF3E5D3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F443A627-5009-4323-9C1D-7FD598D0D712}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F443A627-5009-4323-9C1D-7FD598D0D712}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EA582743-9076-4178-9AA6-7393FDF4D5CE}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Value Deleted : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\delta LTD
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\SmartbarBackup
Key Deleted : HKCU\Software\SmartbarLog
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\lyrixeeker
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\Software\qvo6Software
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Browser Bar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video downloader
Key Deleted : [x64] HKLM\SOFTWARE\Amazon Browser Bar
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16660
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v23.0.1 (de)
[ File : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\svovbrig.default\prefs.js ]
Line Deleted : user_pref("CT3202918.1000082.isPlayDisplay", "true");
Line Deleted : user_pref("CT3202918.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock\",\"url\":\"hxxp://feedlive.net/california.asx\"}");
Line Deleted : user_pref("CT3202918.1000234.TWC_TMP_city", "SULZBACH");
Line Deleted : user_pref("CT3202918.1000234.TWC_TMP_country", "DE");
Line Deleted : user_pref("CT3202918.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3202918.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3202918.FirstTime", "true");
Line Deleted : user_pref("CT3202918.FirstTimeFF3", "true");
Line Deleted : user_pref("CT3202918.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3202918&SearchSource=2&q=");
Line Deleted : user_pref("CT3202918.UserID", "UN31543359960067097");
Line Deleted : user_pref("CT3202918.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3202918.browser.search.defaultthis.engineName", true);
Line Deleted : user_pref("CT3202918.embeddedsData", "[{\"appId\":\"129773064360875682\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT3202918.enableAlerts", "always");
Line Deleted : user_pref("CT3202918.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT3202918.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3202918.fixUrls", true);
Line Deleted : user_pref("CT3202918.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3202918.isNewTabEnabled", true);
Line Deleted : user_pref("CT3202918.isPerformedSmartBarTransition", "true");
Line Deleted : user_pref("CT3202918.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3202918.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3202918.keyword", true);
Line Deleted : user_pref("CT3202918.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.sweetim.com%2Funinstallbar.asp%3Fbarid%3D%7BE6DD2494-F39A-4B84-B397-22B6B68E4579%7D\",\"[...]
Line Deleted : user_pref("CT3202918.personalApps", "{\"dataType\":\"object\",\"data\":\"[\\\"EMAIL_NOTIFIER\\\",\\\"WEATHER\\\",\\\"BROWSER_COMPONENT\\\"]\"}");
Line Deleted : user_pref("CT3202918.search.searchAppId", "129773064360875682");
Line Deleted : user_pref("CT3202918.search.searchCount", "0");
Line Deleted : user_pref("CT3202918.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3202918.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3202918.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3202918.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3202918.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT3202918.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3202918\"}");
Line Deleted : user_pref("CT3202918.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://FreezbGames.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3202918.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"FreezbGames\"}");
Line Deleted : user_pref("CT3202918.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3202918.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT3202918.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1346109196070");
Line Deleted : user_pref("CT3202918.serviceLayer_services_appsMetadata_lastUpdate", "1346109195817");
Line Deleted : user_pref("CT3202918.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1346109196171");
Line Deleted : user_pref("CT3202918.serviceLayer_services_login_10.10.27.6_lastUpdate", "1347432892348");
Line Deleted : user_pref("CT3202918.serviceLayer_services_menu_434a494ed505ad77ce4cfa879a61a43c_lastUpdate", "1346109197080");
Line Deleted : user_pref("CT3202918.serviceLayer_services_menu_a43e6069358144da1b2908ca82c52bd7_lastUpdate", "1346109196975");
Line Deleted : user_pref("CT3202918.serviceLayer_services_optimizer_lastUpdate", "1346109196327");
Line Deleted : user_pref("CT3202918.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1346109196212");
Line Deleted : user_pref("CT3202918.serviceLayer_services_searchAPI_lastUpdate", "1346109195096");
Line Deleted : user_pref("CT3202918.serviceLayer_services_serviceMap_lastUpdate", "1347356652541");
Line Deleted : user_pref("CT3202918.serviceLayer_services_toolbarContextMenu_lastUpdate", "1346109196135");
Line Deleted : user_pref("CT3202918.serviceLayer_services_toolbarSettings_lastUpdate", "1347432892279");
Line Deleted : user_pref("CT3202918.serviceLayer_services_translation_lastUpdate", "1347356652761");
Line Deleted : user_pref("CT3202918.settingsINI", true);
Line Deleted : user_pref("CT3202918.smartbar.CTID", "CT3202918");
Line Deleted : user_pref("CT3202918.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3202918.smartbar.homepage", true);
Line Deleted : user_pref("CT3202918.smartbar.toolbarName", "FreezbGames ");
Line Deleted : user_pref("CT3202918.toolbarBornServerTime", "28-8-2012");
Line Deleted : user_pref("CT3202918.toolbarCurrentServerTime", "12-9-2012");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3202918&SearchSource=13");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.sweetim.com/search.asp?src=2&crg=3.27010003&q=");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3202918");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.backgroundjs", "\n\n/*****************************************************************************[...]
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.js", "\n\n /************************************************************************************\[...]
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return app[...]
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.plugins.plugin_104.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.plugins.plugin_120.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.plugins.plugin_123.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.plugins.plugin_13.name", "CrossriderAppUtils");
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.plugins.plugin_138.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.plugins.plugin_14.name", "CrossriderUtils");
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.plugins.plugin_155.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _[...]
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1[...]
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.a[...]
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.que[...]
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_con[...]
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());[...]
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.plugins.plugin_78.name", "CrossriderInfo");
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jquery;if(appAPI.platform==\[...]
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.plugins.plugin_91.code", "(function(h){var p=(function(){var R=0;var Z=\"\";function Q(ac){return [...]
Line Deleted : user_pref("extensions.a49ef6b77d54642d3a3a182912137df82350ffb92f05e4412b1997a670953a747com34330.34330.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"undefined\"){appAPI.internal.[...]
Line Deleted : user_pref("extensions.crossrider.bic", "140c95db5d59a5a97aa05544e5f272c9");
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.dfltLng", "de");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.id", "b80572e700000000000090f6520899e6");
Line Deleted : user_pref("extensions.delta.instlDay", "15945");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.24.6");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.24.617:08:45");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.24.6");
Line Deleted : user_pref("extensions.delta_i.babExt", "");
Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=119357&tt=280813_ctrl2&tsp=4988");
Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Line Deleted : user_pref("extensions.helperbar.Visibility", true);
Line Deleted : user_pref("extensions.helperbar.countryiso", "de");
Line Deleted : user_pref("extensions.helperbar.downloadprovider", "bundlore");
Line Deleted : user_pref("extensions.helperbar.installationid", "3fbb78ea-a8e8-8142-1ab4-816673da4088");
Line Deleted : user_pref("extensions.helperbar.installdate", "29/08/2013");
Line Deleted : user_pref("extensions.helperbar.publisher", "bundlore");
*************************
AdwCleaner[R0].txt - [31841 octets] - [29/08/2013 16:18:57]
AdwCleaner[S0].txt - [30175 octets] - [29/08/2013 16:19:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [30236 octets] ########## Ergebnis von JRT: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.5 (08.28.2013:1)
OS: Windows 7 Home Premium x64
Ran by HP on 29.08.2013 at 16:22:43,80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\searchURL\\Default
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\pc speed maximizer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322432230}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366436630}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322432230}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366436630}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366436630}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366436630}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASMANCS
~~~ Files
Successfully deleted: [File] C:\Windows\Tasks\Lyrics Seeker Update.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-3.2-codedownloader.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-3.2-enabler.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-3.2-firefoxinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-3.2-updater.job
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\HP\appdata\local\{17F91264-F46E-48D1-8B4F-A9ACB70DC9D7}
Successfully deleted: [Empty Folder] C:\Users\HP\appdata\local\{36ECBAAB-A81E-4A41-8EF1-8B71FE3F0A8D}
Successfully deleted: [Empty Folder] C:\Users\HP\appdata\local\{DB0E0380-A3D2-415D-8512-B2EA61723139}
~~~ FireFox
Successfully deleted the following from C:\Users\HP\AppData\Roaming\mozilla\firefox\profiles\svovbrig.default\prefs.js
user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?publisher=Bundlore&dpid=Bundlore&co=DE&userid=3fbb78ea-a8e8-8142-1ab4-816673da4088&searchtype=nt&installDate=29/08/201
user_pref("browser.startup.homepage", "hxxp://feed.snapdo.com/?publisher=Bundlore&dpid=Bundlore&co=DE&userid=3fbb78ea-a8e8-8142-1ab4-816673da4088&searchtype=hp&installDate=29/
user_pref("keyword.URL", "hxxp://feed.snapdo.com/?publisher=Bundlore&dpid=Bundlore&co=DE&userid=3fbb78ea-a8e8-8142-1ab4-816673da4088&searchtype=ds&installDate=29/08/2013&q=");
Emptied folder: C:\Users\HP\AppData\Roaming\mozilla\firefox\profiles\svovbrig.default\minidumps [95 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.08.2013 at 16:29:42,38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-08-2013
Ran by HP (administrator) on 29-08-2013 16:31:49
Running from C:\Users\HP\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Easybits) C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Dropbox, Inc.) C:\Users\HP\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Advanced Micro Devices Inc.) c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20681584 2013-07-25] (Skype Technologies S.A.)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] - c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-05-17] (EasyBits Software AS)
HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-05-06] (PDF Complete Inc)
HKLM-x32\...\Run: [Nikon Message Center 2] - C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [619008 2010-05-25] (Nikon Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Magic Desktop for HP notification] - C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1238016 2013-07-28] (Easybits)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
AppInit_DLLs-x32: c:\progra~2\optimi~1\optpro~1.dll [97280 2009-07-14] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Biet-O-Matic - Verknüpfung.lnk
ShortcutTarget: Biet-O-Matic - Verknüpfung.lnk -> C:\Program Files (x86)\Biet-O-Matic\Biet-O-Matic.exe (www.bid-o-matic.org)
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\HP\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=&utm_content=hp&from=cor&uid=HitachiXHDS721010CLA632_JP2940N0103WBV103WBVX&ts=1377702850
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {23F4C8FC-61B8-4FC0-9AA8-6CF90F056A4A} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL [52920 2012-07-27] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\svovbrig.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\svovbrig.default\Extensions\49ef6b77-d546-42d3-a3a1-82912137df82@350ffb92-f05e-4412-b199-7a670953a747.com
FF Extension: No Name - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\svovbrig.default\Extensions\{3fbb78ea-a8e8-8142-1ab4-816673da4088}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKCU\...\Firefox\Extensions: [{12505464-a1b4-47a9-98ac-e7ed5e887d66}] C:\Program Files (x86)\LyricsSeeker\131.xpi
FF Extension: No Name - C:\Program Files (x86)\LyricsSeeker\131.xpi
==================== Services (Whitelisted) =================
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-02] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-06] (PDF Complete Inc)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-28] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-29 16:22 - 2013-08-29 16:22 - 00000000 ____D C:\Windows\ERUNT
2013-08-29 16:21 - 2013-08-29 16:21 - 00030373 _____ C:\Users\HP\Desktop\AdwCleaner[S0].txt
2013-08-29 16:18 - 2013-08-29 16:19 - 00000000 ____D C:\AdwCleaner
2013-08-29 16:18 - 2013-08-29 16:18 - 01023533 _____ (Thisisu) C:\Users\HP\Desktop\JRT.exe
2013-08-29 16:17 - 2013-08-29 16:17 - 00994642 _____ C:\Users\HP\Desktop\adwcleaner.exe
2013-08-29 15:58 - 2013-08-29 15:58 - 00000000 ____D C:\Users\HP\AppData\Roaming\Malwarebytes
2013-08-29 15:54 - 2013-08-29 15:54 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-29 15:54 - 2013-08-29 15:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-29 15:54 - 2013-08-29 15:54 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-29 15:54 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-29 15:53 - 2013-08-29 15:53 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\HP\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-29 15:53 - 2013-08-29 15:53 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\HP\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-08-29 11:19 - 2013-08-29 11:19 - 00097967 _____ C:\Windows\unins000.dat
2013-08-29 11:19 - 2013-08-29 11:19 - 00002005 _____ C:\Users\HP\Desktop\Video Downloader.lnk
2013-08-29 11:19 - 2013-08-29 11:19 - 00000000 ____D C:\Program Files (x86)\vGrabber-software
2013-08-29 11:19 - 2013-08-29 11:16 - 01169609 _____ C:\Windows\unins000.exe
2013-08-29 11:18 - 2013-08-29 16:09 - 00000000 ____D C:\Program Files (x86)\Plus-HD-3.2
2013-08-29 11:17 - 2013-08-29 11:17 - 00002386 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-08-29 11:17 - 2013-08-29 11:17 - 00002324 _____ C:\Users\HP\Desktop\Search.lnk
2013-08-29 11:16 - 2013-08-29 11:16 - 01385792 _____ ( ) C:\Users\HP\Downloads\setup.exe
2013-08-29 11:15 - 2013-08-29 11:15 - 00000000 _____ C:\Users\HP\Desktop\Neues Textdokument.txt
2013-08-29 11:11 - 2013-08-29 16:21 - 00000382 _____ C:\Windows\Tasks\Lyrics Seeker Update.job
2013-08-29 11:11 - 2013-08-29 16:09 - 00000000 ____D C:\Program Files (x86)\LyricsSeeker
2013-08-29 11:11 - 2013-08-29 11:11 - 00003024 _____ C:\Windows\System32\Tasks\Lyrics Seeker Update
2013-08-28 19:44 - 2013-08-28 19:44 - 00030428 _____ C:\ComboFix.txt
2013-08-28 19:10 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-28 19:10 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-28 19:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-28 19:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-28 19:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-28 19:10 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-28 19:10 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-28 19:10 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-28 19:09 - 2013-08-28 19:44 - 00000000 ____D C:\Qoobox
2013-08-28 19:09 - 2013-08-28 19:39 - 00000000 ____D C:\Windows\erdnt
2013-08-28 19:07 - 2013-08-28 19:08 - 05114728 ____R (Swearware) C:\Users\HP\Desktop\ComboFix.exe
2013-08-28 18:05 - 2013-08-29 16:22 - 00000000 ____D C:\Users\HP\AppData\Roaming\Skype
2013-08-28 18:04 - 2013-08-28 18:04 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-28 18:04 - 2013-08-28 18:04 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-28 18:04 - 2013-08-28 18:04 - 00000000 ____D C:\ProgramData\Skype
2013-08-28 18:03 - 2013-08-28 18:04 - 32776560 _____ (Skype Technologies S.A.) C:\Users\HP\Downloads\SkypeSetupFull.exe
2013-08-28 17:39 - 2013-08-28 17:39 - 00030560 _____ C:\Users\HP\Desktop\Addition.txt
2013-08-28 17:38 - 2013-08-28 17:38 - 00000000 ____D C:\FRST
2013-08-28 17:36 - 2013-08-28 17:37 - 01579080 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2013-08-28 17:15 - 2013-08-28 17:15 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-08-28 17:15 - 2013-08-28 17:15 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-08-28 17:14 - 2013-08-28 17:14 - 00000000 ____D C:\User Data
2013-08-28 17:08 - 2013-08-28 17:08 - 20586496 _____ C:\Users\HP\Downloads\SkypeSetup.exe
2013-08-28 17:08 - 2013-08-28 17:08 - 00001123 _____ C:\Users\HP\Desktop\PC Speed Maximizer.lnk
2013-08-28 17:07 - 2013-08-28 17:07 - 00607368 _____ C:\Users\HP\Downloads\SkypeSetup(1).exe
2013-08-25 07:07 - 2013-08-28 17:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-20 22:07 - 2013-08-20 22:07 - 00001785 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-20 22:07 - 2013-08-20 22:07 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-20 22:07 - 2013-08-20 22:07 - 00000000 ____D C:\Program Files\iTunes
2013-08-20 22:07 - 2013-08-20 22:07 - 00000000 ____D C:\Program Files\iPod
2013-08-20 21:53 - 2013-08-20 21:53 - 00003351 _____ C:\Users\HP\AppData\Local\recently-used.xbel
2013-08-15 22:51 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 22:51 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 22:51 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 22:51 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 22:51 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 22:51 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 22:51 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 22:51 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 22:51 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 22:51 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 22:51 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 22:51 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 22:51 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 22:51 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 22:51 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 22:51 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 22:51 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 22:51 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 22:51 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 22:51 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 22:51 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 22:51 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 22:51 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 22:51 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 22:51 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 22:51 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 22:51 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 22:51 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 22:51 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 22:51 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 22:51 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-15 13:03 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 13:03 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 13:03 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 13:03 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 13:03 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 13:03 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 13:03 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 13:03 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 13:03 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 13:03 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 13:02 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 13:02 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 13:02 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 13:02 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 13:02 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 13:02 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 13:02 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 13:02 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 13:02 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 13:02 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 13:02 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 13:02 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 13:02 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 13:02 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 13:02 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 13:02 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 13:02 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-07 20:14 - 2013-08-07 20:15 - 00000000 ____D C:\Users\HP\Desktop\von SD-Karte
==================== One Month Modified Files and Folders =======
2013-08-29 16:29 - 2013-08-29 16:29 - 00004029 _____ C:\Users\HP\Desktop\JRT.txt
2013-08-29 16:28 - 2012-07-27 21:12 - 00696620 _____ C:\Windows\system32\perfh007.dat
2013-08-29 16:28 - 2012-07-27 21:12 - 00147916 _____ C:\Windows\system32\perfc007.dat
2013-08-29 16:28 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-29 16:28 - 2009-07-14 06:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-29 16:28 - 2009-07-14 06:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-29 16:25 - 2012-07-27 13:39 - 01185055 _____ C:\Windows\WindowsUpdate.log
2013-08-29 16:22 - 2013-08-29 16:22 - 00000000 ____D C:\Windows\ERUNT
2013-08-29 16:22 - 2013-08-28 18:05 - 00000000 ____D C:\Users\HP\AppData\Roaming\Skype
2013-08-29 16:21 - 2013-08-29 16:21 - 00030373 _____ C:\Users\HP\Desktop\AdwCleaner[S0].txt
2013-08-29 16:21 - 2013-08-29 11:11 - 00000382 _____ C:\Windows\Tasks\Lyrics Seeker Update.job
2013-08-29 16:21 - 2013-04-22 22:12 - 00000000 ____D C:\Users\HP\AppData\Roaming\BOM
2013-08-29 16:21 - 2013-01-29 14:46 - 00000000 ___RD C:\Users\HP\Dropbox
2013-08-29 16:21 - 2013-01-29 14:41 - 00000000 ____D C:\Users\HP\AppData\Roaming\Dropbox
2013-08-29 16:21 - 2012-08-14 19:52 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-29 16:21 - 2012-07-27 21:43 - 00000000 ____D C:\ProgramData\PDFC
2013-08-29 16:21 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-29 16:21 - 2009-07-14 06:51 - 00076513 _____ C:\Windows\setupact.log
2013-08-29 16:19 - 2013-08-29 16:18 - 00000000 ____D C:\AdwCleaner
2013-08-29 16:19 - 2013-04-02 21:21 - 00001055 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-29 16:19 - 2012-07-27 13:42 - 00000991 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-29 16:18 - 2013-08-29 16:18 - 01023533 _____ (Thisisu) C:\Users\HP\Desktop\JRT.exe
2013-08-29 16:17 - 2013-08-29 16:17 - 00994642 _____ C:\Users\HP\Desktop\adwcleaner.exe
2013-08-29 16:12 - 2010-11-21 05:47 - 01137524 _____ C:\Windows\PFRO.log
2013-08-29 16:09 - 2013-08-29 11:18 - 00000000 ____D C:\Program Files (x86)\Plus-HD-3.2
2013-08-29 16:09 - 2013-08-29 11:11 - 00000000 ____D C:\Program Files (x86)\LyricsSeeker
2013-08-29 16:04 - 2012-08-14 19:52 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-29 15:58 - 2013-08-29 15:58 - 00000000 ____D C:\Users\HP\AppData\Roaming\Malwarebytes
2013-08-29 15:54 - 2013-08-29 15:54 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-29 15:54 - 2013-08-29 15:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-29 15:54 - 2013-08-29 15:54 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-29 15:53 - 2013-08-29 15:53 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\HP\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-29 15:53 - 2013-08-29 15:53 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\HP\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-08-29 15:47 - 2012-09-06 14:49 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-29 13:32 - 2012-08-21 16:56 - 00000000 ____D C:\Users\HP\AppData\Local\CrashDumps
2013-08-29 11:19 - 2013-08-29 11:19 - 00097967 _____ C:\Windows\unins000.dat
2013-08-29 11:19 - 2013-08-29 11:19 - 00002005 _____ C:\Users\HP\Desktop\Video Downloader.lnk
2013-08-29 11:19 - 2013-08-29 11:19 - 00000000 ____D C:\Program Files (x86)\vGrabber-software
2013-08-29 11:17 - 2013-08-29 11:17 - 00002386 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-08-29 11:17 - 2013-08-29 11:17 - 00002324 _____ C:\Users\HP\Desktop\Search.lnk
2013-08-29 11:16 - 2013-08-29 11:19 - 01169609 _____ C:\Windows\unins000.exe
2013-08-29 11:16 - 2013-08-29 11:16 - 01385792 _____ ( ) C:\Users\HP\Downloads\setup.exe
2013-08-29 11:15 - 2013-08-29 11:15 - 00000000 _____ C:\Users\HP\Desktop\Neues Textdokument.txt
2013-08-29 11:11 - 2013-08-29 11:11 - 00003024 _____ C:\Windows\System32\Tasks\Lyrics Seeker Update
2013-08-28 19:44 - 2013-08-28 19:44 - 00030428 _____ C:\ComboFix.txt
2013-08-28 19:44 - 2013-08-28 19:09 - 00000000 ____D C:\Qoobox
2013-08-28 19:44 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-08-28 19:39 - 2013-08-28 19:09 - 00000000 ____D C:\Windows\erdnt
2013-08-28 19:29 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-08-28 19:08 - 2013-08-28 19:07 - 05114728 ____R (Swearware) C:\Users\HP\Desktop\ComboFix.exe
2013-08-28 18:04 - 2013-08-28 18:04 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-28 18:04 - 2013-08-28 18:04 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-28 18:04 - 2013-08-28 18:04 - 00000000 ____D C:\ProgramData\Skype
2013-08-28 18:04 - 2013-08-28 18:03 - 32776560 _____ (Skype Technologies S.A.) C:\Users\HP\Downloads\SkypeSetupFull.exe
2013-08-28 17:39 - 2013-08-28 17:39 - 00030560 _____ C:\Users\HP\Desktop\Addition.txt
2013-08-28 17:38 - 2013-08-28 17:38 - 00000000 ____D C:\FRST
2013-08-28 17:37 - 2013-08-28 17:36 - 01579080 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2013-08-28 17:16 - 2012-08-15 13:51 - 00000320 _____ C:\Windows\Tasks\HPCeeScheduleForHP.job
2013-08-28 17:15 - 2013-08-28 17:15 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-08-28 17:15 - 2013-08-28 17:15 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-08-28 17:14 - 2013-08-28 17:14 - 00000000 ____D C:\User Data
2013-08-28 17:11 - 2012-08-15 13:51 - 00003168 _____ C:\Windows\System32\Tasks\HPCeeScheduleForHP
2013-08-28 17:11 - 2012-08-08 07:18 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-08-28 17:10 - 2013-05-15 17:35 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-08-28 17:09 - 2012-08-08 07:16 - 00000000 ____D C:\Users\HP\AppData\Roaming\HP Support Assistant
2013-08-28 17:09 - 2012-07-31 19:17 - 00000000 ____D C:\Users\HP\AppData\Roaming\HpUpdate
2013-08-28 17:08 - 2013-08-28 17:08 - 20586496 _____ C:\Users\HP\Downloads\SkypeSetup.exe
2013-08-28 17:08 - 2013-08-28 17:08 - 00001123 _____ C:\Users\HP\Desktop\PC Speed Maximizer.lnk
2013-08-28 17:08 - 2013-08-25 07:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-28 17:07 - 2013-08-28 17:07 - 00607368 _____ C:\Users\HP\Downloads\SkypeSetup(1).exe
2013-08-28 16:53 - 2013-05-02 16:05 - 00026433 _____ C:\Users\HP\Desktop\Monatskosten.xlsx
2013-08-26 07:40 - 2012-08-01 19:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-20 22:07 - 2013-08-20 22:07 - 00001785 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-20 22:07 - 2013-08-20 22:07 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-20 22:07 - 2013-08-20 22:07 - 00000000 ____D C:\Program Files\iTunes
2013-08-20 22:07 - 2013-08-20 22:07 - 00000000 ____D C:\Program Files\iPod
2013-08-20 22:07 - 2012-09-30 22:42 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-20 21:53 - 2013-08-20 21:53 - 00003351 _____ C:\Users\HP\AppData\Local\recently-used.xbel
2013-08-20 21:53 - 2013-07-16 20:30 - 00000000 ____D C:\Users\HP\AppData\Local\gtk-2.0
2013-08-20 21:53 - 2013-07-16 20:27 - 00000000 ____D C:\Users\HP\.gimp-2.8
2013-08-20 21:43 - 2012-08-08 19:44 - 00000020 ____H C:\ProgramData\PKP_DLes.DAT
2013-08-20 20:59 - 2012-08-08 19:44 - 00000020 ____H C:\ProgramData\PKP_DLet.DAT
2013-08-20 20:47 - 2012-09-06 14:49 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-20 20:47 - 2012-09-06 14:49 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-20 20:47 - 2012-07-27 21:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-20 20:39 - 2012-10-16 13:32 - 00000000 ____D C:\Users\HP\Documents\Briefe
2013-08-18 18:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-15 22:47 - 2013-07-16 22:21 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 22:45 - 2012-10-03 10:58 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-12 21:40 - 2013-06-27 18:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-08-07 20:15 - 2013-08-07 20:14 - 00000000 ____D C:\Users\HP\Desktop\von SD-Karte
2013-08-06 18:06 - 2012-08-01 22:31 - 00000000 ____D C:\ProgramData\tmp
2013-08-05 21:51 - 2013-07-15 12:00 - 00000000 ____D C:\Users\HP\Desktop\Entwickeln
2013-08-01 21:56 - 2012-08-14 19:52 - 00000000 ____D C:\Program Files (x86)\Google
Files to move or delete:
====================
C:\Users\HP\AppData\Local\Temp\Quarantine.exe
C:\Users\HP\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
C:\Users\HP\AppData\Local\Temp\is-518JH.tmp\OptProCrash.dll
C:\Users\HP\AppData\Local\Temp\HP Support Framework\HPSF_Config1.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-22 15:09
==================== End Of Log ============================ --- --- ---
--- --- ---
...und addition Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-08-2013
Ran by HP at 2013-08-29 16:32:12
Running from C:\Users\HP\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
AAVUpdateManager (x32 Version: 18.00.0000)
Adobe AIR (x32 Version: 2.6.0.19120)
Adobe Download Assistant (x32 Version: 1.2.5)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95)
AMD APP SDK Runtime (Version: 2.4.650.9)
AMD Media Foundation Decoders (Version: 1.0.60524.2309)
AMD VISION Engine Control Center (x32 Version: 2011.0524.2352.41027)
ANNO 1503 (x32 Version: 1.04.00)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.829.0)
Avira Free Antivirus (x32 Version: 13.0.0.3885)
Bejeweled 3 (x32 Version: 2.2.0.97)
Biet-O-Matic v2.14.12 (x32 Version: 2.14.12)
Bing Bar (x32 Version: 7.0.610.0)
Blasterball 3 (x32 Version: 2.2.0.97)
Bonjour (Version: 3.0.0.10)
Bounce Symphony (x32 Version: 2.2.0.97)
Cake Mania (x32 Version: 2.2.0.95)
capella reader (x32 Version: 7.1.15)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0524.2352.41027)
Catalyst Control Center InstallProxy (x32 Version: 2011.0524.2352.41027)
Catalyst Control Center Localization All (x32 Version: 2011.0524.2352.41027)
CCC Help Chinese Standard (x32 Version: 2011.0524.2351.41027)
CCC Help Chinese Traditional (x32 Version: 2011.0524.2351.41027)
CCC Help Czech (x32 Version: 2011.0524.2351.41027)
CCC Help Danish (x32 Version: 2011.0524.2351.41027)
CCC Help Dutch (x32 Version: 2011.0524.2351.41027)
CCC Help English (x32 Version: 2011.0524.2351.41027)
CCC Help Finnish (x32 Version: 2011.0524.2351.41027)
CCC Help French (x32 Version: 2011.0524.2351.41027)
CCC Help German (x32 Version: 2011.0524.2351.41027)
CCC Help Greek (x32 Version: 2011.0524.2351.41027)
CCC Help Hungarian (x32 Version: 2011.0524.2351.41027)
CCC Help Italian (x32 Version: 2011.0524.2351.41027)
CCC Help Japanese (x32 Version: 2011.0524.2351.41027)
CCC Help Korean (x32 Version: 2011.0524.2351.41027)
CCC Help Norwegian (x32 Version: 2011.0524.2351.41027)
CCC Help Polish (x32 Version: 2011.0524.2351.41027)
CCC Help Portuguese (x32 Version: 2011.0524.2351.41027)
CCC Help Russian (x32 Version: 2011.0524.2351.41027)
CCC Help Spanish (x32 Version: 2011.0524.2351.41027)
CCC Help Swedish (x32 Version: 2011.0524.2351.41027)
CCC Help Thai (x32 Version: 2011.0524.2351.41027)
CCC Help Turkish (x32 Version: 2011.0524.2351.41027)
ccc-utility64 (Version: 2011.0524.2352.41027)
Chronicles of Albian (x32 Version: 2.2.0.95)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
Cradle of Rome 2 (x32 Version: 2.2.0.95)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
dm-Fotowelt (x32 Version: 5.0.4)
Dropbox (HKCU Version: 2.0.22)
Farm Frenzy (x32 Version: 2.2.0.95)
FATE (x32 Version: 2.2.0.97)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.153)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95)
Heroes of Might and Magic® III Complete (x32)
Heroes of Might and Magic® IV (x32)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP Games (x32 Version: 1.0.2.5)
HP LinkUp (x32 Version: 2.01.028)
HP Odometer (x32 Version: 2.10.0000)
HP Setup (x32 Version: 8.7.4747.3786)
HP Setup Manager (x32 Version: 1.1.13880.3792)
HP Support Assistant (x32 Version: 7.0.39.15)
HP Support Information (x32 Version: 10.1.1000)
HP Update (x32 Version: 5.002.003.003)
HP Vision Hardware Diagnostics (Version: 2.9.0.0)
iTunes (Version: 11.0.5.5)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Jewel Quest Solitaire (x32 Version: 2.2.0.95)
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
LabelPrint (x32 Version: 2.5.3925)
Lyrics Seeker (x32)
Magic Desktop (x32 Version: 3.0)
Mah Jong Medley (x32 Version: 2.2.0.95)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Security Scan Plus (x32 Version: 3.0.318.3)
Meine CEWE FOTOWELT (x32)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Mathematics (x32 Version: 4.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Home and Business 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Müller Foto (x32 Version: 4.8.4)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97)
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95)
Nikon Message Center 2 (x32 Version: 2.0.1)
Norton Online Backup (x32 Version: 2.1.17869)
OpenOffice.org 3.4 (x32 Version: 3.4.9590)
P 2.8.6 (Version: 2.8.6)
PC Speed Maximizer v3.1 (x32 Version: 3.1)
PDF Complete Special Edition (x32 Version: 4.0.54)
Penguins! (x32 Version: 2.2.0.95)
Picture Control Utility (x32 Version: 1.2.2)
Pixum Fotobuch (x32)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Plus-HD-3.2 (x32 Version: 1.27.153.8)
Polar Bowler (x32 Version: 2.2.0.97)
Power2Go (x32 Version: 6.1.5331)
QuickTime (x32 Version: 7.74.80.86)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6378)
Recovery Manager (x32 Version: 5.5.0.4222)
Remote Graphics Receiver (x32 Version: 5.4.5)
Sid Meier's Civilization 4 (x32 Version: 1.61)
Skype™ 6.7 (x32 Version: 6.7.102)
Slingo Deluxe (x32 Version: 2.2.0.95)
Snap.Do (x32 Version: 1.104.1.11691)
Snap.Do Engine (HKCU Version: 1.104.1.11691)
Steuer-Spar-Erklärung 2013 (x32 Version: 18.09)
TL-WN822N Driver (x32 Version: 1.00.0000)
TP-LINK Wireless Configuration Utility (x32 Version: 2.01.0012)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update Installer for WildTangent Games App (x32)
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97)
Video Downloader version 2.0 (x32 Version: 2.0)
ViewNX 2 (x32 Version: 2.1.2)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95)
VLC media player 2.0.7 (x32 Version: 2.0.7)
VoiceOver Kit (x32 Version: 1.42.128.0)
WebConnect 3.0.0 (Version: 3.0.0)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
WinRAR 4.20 (32-bit) (x32 Version: 4.20.0)
Zinio Reader 4 (x32 Version: 4.2.4164)
Zuma Deluxe (x32 Version: 2.2.0.95)
==================== Restore Points =========================
29-08-2013 13:27:57 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2009-07-14 04:34 - 2013-08-28 19:26 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 => C:\Windows\System32\ndfapi.dll [2009-07-14] (Microsoft Corporation)
Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 => C:\Windows\System32\ndfapi.dll [2009-07-14] (Microsoft Corporation)
Task: {13350A19-1B67-41F6-8642-C64187BECEE0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated)
Task: {25CC8260-78DF-4A44-8316-77E582F9FEB8} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2011-06-23] (CyberLink)
Task: {298CDADD-D48E-4112-BE9E-E9ED547E2AEE} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => C:\Windows\System32\dfdts.dll [2009-07-14] (Microsoft Corporation)
Task: {3157FED1-EF4E-40A6-887E-8B27C735F33B} - \EPUpdater No Task File
Task: {31E394AD-B01C-4CFA-9DA7-F40CB1C6FAB4} - System32\Tasks\User_Feed_Synchronization-{438785F1-F8AD-46B4-9064-0E0A18270836} => C:\Windows\system32\msfeedssync.exe [2013-04-01] (Microsoft Corporation)
Task: {3782DE96-E780-4F25-A18F-CA21CD9DA64E} - System32\Tasks\HPCeeScheduleForHP => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {3ADF3A47-9853-49A4-83F0-94A728388F23} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-14] (Google Inc.)
Task: {4C1F8CEC-FFF1-4D40-B8EE-D4291016D108} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-09-05] (Hewlett-Packard Company)
Task: {4E0E9B39-520E-4F9D-81BB-59F108D70F01} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {52CE1B4B-8F05-4454-8AAE-04377D4395EF} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {63052272-C0E8-43FD-8898-8BE49AA90686} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {711DD830-F61A-4BA7-A0D2-83B96027CAC3} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {7648EF69-B456-4B11-BE2A-AA66F9741075} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-14] (Google Inc.)
Task: {91467664-413E-49EA-8F9D-59671F07EB50} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\System32\srrstr.dll [2010-11-21] (Microsoft Corporation)
Task: {A393590E-06AC-4930-81C6-FEC1C22E5B16} - System32\Tasks\Lyrics Seeker Update => C:\Program Files (x86)\LyricsSeeker\Lupdate.exe [2013-08-29] ()
Task: {A7C73732-9F11-4281-8D19-764D4EC9D94D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\System32\aepdu.dll [2010-11-21] (Microsoft Corporation)
Task: {C64542BC-2431-4ED5-85F3-886949B5FE2B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D0038725-E205-46BA-BEF1-11C3CE300847} - System32\Tasks\WPD\SqmUpload_S-1-5-21-3418871380-3702506198-2498725809-1000 => C:\Windows\System32\portabledeviceapi.dll [2010-11-21] (Microsoft Corporation)
Task: {D5365D79-A631-4C55-86C4-7C1AB49757E2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => C:\Windows\System32\acproxy.dll [2009-07-14] (Microsoft Corporation)
Task: {DA0105BE-FC23-4097-A777-49BC80AB40BA} - \Scheduled Update for Ask Toolbar No Task File
Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => C:\Windows\System32\bfe.dll [2010-11-21] (Microsoft Corporation)
Task: {F319C697-CD64-4DC9-8DFA-5D8967694ACC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-08-09] (Hewlett-Packard)
Task: {F7C858AA-75EE-49EF-A52E-513620870E57} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForHP.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Lyrics Seeker Update.job => C:\Program Files (x86)\LyricsSeeker\Lupdate.exe
==================== Alternate Data Streams (whitelisted) ==========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-08-28 19:19:04.152
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-08-28 19:19:04.082
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 28%
Total physical RAM: 5618.85 MB
Available physical RAM: 4024.99 MB
Total Pagefile: 11235.88 MB
Available Pagefile: 9250.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:919.06 GB) (Free:838.51 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:12.36 GB) (Free:1.52 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HEROES3) (CDROM) (Total:0.97 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 906F8625)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=919 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS)
==================== End Of Log ============================ Sollte ich eigentlich am Ende, wenn alles weg ist, den Rechner komplett neu installieren? Würdest du das empfehlen?
Gruß,
Karen |