Snap.de toolbar kann nicht deinstalliert werden

spigi01 · 16.07.2013, 09:29

Hallo geschätztes Trojaner- Board Team

Meine Tochter hat sich vor ein paar Tagen die Snap.de Toolbar auf ihrem Uni- Laptop eingefangen

Das Gerät ist mit Windows7 geladen.
Die Tollbar konnte ich löschen, aber das Programm Snap.de kann ich nicht deinstallieren.
Desshalb gelange ich mit der Bitte mich zu unterstützen an euch.
Die Anleitung des Boards habe ich durchgearbeitet, defogger, OTL und GMER ausgeführt.
Anbei die Logs als Anhang.

Besten Dank für eure Unterstützung

smeenk · 16.07.2013, 10:03

Ich bin smeenk und ich werde versuchen dir zu helfen

Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/

Bitte deaktiviere während des Scans alle Virenscanner, da sie das Ergebnis beeinflussen
Starte Zoek.exe mit einem Doppelklick.
Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und könnte andere Computer beschädigen.

Kopiere den Text der folgenden Box in das Skriptfenster von Zoek:

Code:

ATTFilter

firefoxlook;
{EC7E7E44-5DFE-427A-9842-3DE4FF974828};c
{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9};c
{8A96AF9E-4074-43b7-BEA3-87217BDA7102};c
{41C4AA37-1DDD-4345-B8DC-734E4B38414D};c
{1e48c56f-08cd-43aa-a6ef-c1ec891551ab};c
{C1AF5FA5-852C-4C90-812E-A7F75E011D87};c
{D4027C7F-154A-4066-A1AD-4243D8127440};c
{21FA44EF-376D-4D53-9B0F-8A89D3229068};c
C:\ProgramData\BrowserDefender;fs
C:\Users\Fabiène\AppData\Local\AskToolbar;fs
C:\Users\Fabiène\AppData\Local\Smartbar;fs
C:\Users\Fabiène\AppData\Roaming\BabSolution;fs
C:\Users\Fabiène\AppData\Roaming\Babylon;fs
C:\ProgramData\Babylon;fs
C:\Users\Fabiène\AppData\Roaming\OpenCandy;fs
C:\windows\SysWow64\searchplugins;fs
C:\windows\SysWow64\Extensions;fs
C:\Users\Fabiène\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender;fs
C:\Program Files (x86)\Windows jZip Toolbar;fs
C:\Program Files (x86)\Delta;fs
emptytemp;
{6A1806CD-94D4-4689-BA73-E35EA1EA9990}-iedefaults;
shortcutfix;
filesrcm;
uninstall-list;
chromelook;
startupall;
emptyclsid;

Nun klicke auf "Run script" und sei geduldig bis das Skript durchläuft.
Wenn das Tool fertig ist wird sich Notepad mit dem Logfile öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:
Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken)

spigi01 · 16.07.2013, 11:24

Hy smeenk

Vielen Dank, dass du dich unserem Problem annimmst.
Nachstehend das Log-file von zoek.exe

Code:

ATTFilter

Zoek.exe Version 4.0.0.4 Updated 14-July-2013
Tool run by FabiŠne on 16.07.2013 at 11:59:59.53.
Microsoft Windows 7 Professional  6.1.7600  x64
Running in: Normal Mode Internet Access Detected

==== Older Logs ======================

C:\zoek-results16.07.2013-1154.log	8889 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41C4AA37-1DDD-4345-B8DC-734E4B38414D} deleted successfully
HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1e48c56f-08cd-43aa-a6ef-c1ec891551ab} deleted successfully
HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully
HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully
HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41C4AA37-1DDD-4345-B8DC-734E4B38414D} deleted successfully
HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully

==== Deleting Files \ Folders ======================

"C:\Users\Fabiène\AppData\Local\AskToolbar" not found 
"C:\Users\Fabiène\AppData\Local\Smartbar" not found 
"C:\Users\Fabiène\AppData\Roaming\BabSolution" not found 
"C:\Users\Fabiène\AppData\Roaming\Babylon" not found 
"C:\ProgramData\Babylon" not found 
"C:\Users\Fabiène\AppData\Roaming\OpenCandy" not found 
"C:\windows\SysWow64\searchplugins" not found 
"C:\windows\SysWow64\Extensions" not found 
"C:\Users\Fabiène\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender" not found 
"C:\Program Files (x86)\Windows jZip Toolbar" not found 
"C:\Program Files (x86)\Delta" not found 
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted
"C:\ProgramData\BrowserDefender" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension" not deleted
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted

==== Files Recently Created / Modified ======================

====== C:\windows ====
====== C:\Users\FABINE~1\AppData\Local\Temp ====
====== C:\windows\SysWOW64 =====
====== C:\windows\SysWOW64\drivers =====
====== C:\windows\Sysnative =====
====== C:\windows\Sysnative\drivers =====
====== C:\windows\Tasks ======
2013-07-12 08:25:42	0D845630CF686F5FCE6348C879027C29	3436	----a-w-	C:\windows\Sysnative\Tasks\BrowserDefendert
2013-07-12 08:25:33	730820A998F2DFCFF71F00C08C61F3B7	3402	----a-w-	C:\windows\Sysnative\Tasks\EPUpdater
====== C:\windows\Temp ======
======= C:\Program Files =====
======= C:\Program Files (x86) =====
======= C: =====
====== C:\Users\FabiŠne\AppData\Roaming ======
====== C:\Users\FabiŠne ======
2013-07-12 08:25:39	--------	d-----w-	C:\ProgramData\BrowserDefender

====== C: exe-files ==
2013-07-16 09:57:17	D95AB4EDFAED36330095E9A1470B2880	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-1359661392-1277086489-3976402912-1003\$IA6MT9G.exe
2013-07-16 09:45:48	D6073ACBF3E25B983AFFCEE155469F60	1274523	----a-w-	C:\$Recycle.Bin\S-1-5-21-1359661392-1277086489-3976402912-1003\$RA6MT9G.exe
2013-07-16 07:49:37	60BF4AE8CC40B0E3E28613657ED2EED8	377856	----a-w-	C:\Users\Fabiène\Desktop\gmer_2.1.19163.exe
2013-07-16 07:31:30	4ADCFEE16EE9978F06157634669D36FB	602112	----a-w-	C:\Users\Fabiène\Desktop\OTL.exe
2013-07-16 07:28:07	9146F21288AB749C4C729343F5F285A1	50477	----a-w-	C:\Users\Fabiène\Desktop\Defogger.exe
2013-07-16 07:18:46	A6F8D4FBC12177A75AB4C06D059229B6	784664	----a-w-	C:\Users\Fabiène\AppData\Local\Google\Update\1.3.21.153\GoogleUpdateSetup.exe
2013-07-16 07:18:46	6466C051022547489D3409205128881B	59784	----atw-	C:\Users\Fabiène\AppData\Local\Google\Update\1.3.21.153\GoogleUpdateBroker.exe
2013-07-16 07:18:46	1CA3976D1B1FE826ADF339F90AC25C60	59784	----atw-	C:\Users\Fabiène\AppData\Local\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe
2013-07-16 07:18:41	D9A08472D8D0218A0AE2C9D9F63EA531	290696	----atw-	C:\Users\Fabiène\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
2013-07-16 07:18:41	8726802EA4FBFFA3FD54FD2449BF51D4	217992	----atw-	C:\Users\Fabiène\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe
2013-07-16 07:18:41	506708142BC63DABA64F2D3AD1DCD5BF	116648	----atw-	C:\Users\Fabiène\AppData\Local\Google\Update\1.3.21.153\GoogleUpdate.exe
2013-07-16 07:18:40	A6F8D4FBC12177A75AB4C06D059229B6	784664	----a-w-	C:\Users\Fabiène\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.153\GoogleUpdateSetup.exe
2013-07-12 08:34:43	E3F41B79939E0913449F3B8C86483D82	588296	----a-w-	C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\ytgroovlc.exe
2013-07-12 08:34:43	B786DD5822A06F8BDD6A02B0590B96B4	493576	----a-w-	C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\SettingsHelper.exe
2013-07-12 08:34:43	5B50C299AB402CAD9F348D8605A17E51	695304	----a-w-	C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\PrerequisiteCheck.exe
2013-07-12 08:34:43	313269D551538D2ABDAF86FA35147F96	272392	----a-w-	C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\insthpr.exe
2013-07-12 08:34:43	264909F77E7D13F8F731D7446838B6C5	285192	----a-w-	C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\ffmpeg.exe
2013-07-12 08:34:41	F2C1FE3DD4E14EC1328B769F7E16ADF1	241160	----a-w-	C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\dvsservice.exe
2013-07-12 08:34:41	DA5B402E81974BFC7AB4E0176B0FADF8	1055752	----a-w-	C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSSysReport.exe
2013-07-12 08:34:41	54C8BD47F68EE42A90B9D89657111F2A	1457152	----a-w-	C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\SubscriptionOffer.exe
2013-07-12 08:34:39	FD1BBF12CEE59CD6B5A3E5E37105CD2C	317440	----a-w-	C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe
2013-07-12 08:34:39	E878BD0CD5A5A28C5524B0982176DE13	1157144	----a-w-	C:\Program Files (x86)\DVDVideoSoft\unins000.exe
2013-07-12 08:32:52	4CD3EE1DECC298EC17F430AD5DE6D870	25326392	----a-w-	C:\Users\Fabiène\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\933Y9916\FreeYouTubeToMP3Converter.exe
2013-07-12 08:32:21	6466C051022547489D3409205128881B	59784	----atw-	C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleUpdateBroker.exe
2013-07-12 08:32:21	1CA3976D1B1FE826ADF339F90AC25C60	59784	----atw-	C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe
2013-07-12 08:32:20	A6F8D4FBC12177A75AB4C06D059229B6	784664	----a-w-	C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleUpdateSetup.exe
2013-07-12 08:32:15	D9A08472D8D0218A0AE2C9D9F63EA531	290696	----atw-	C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
2013-07-12 08:32:15	8726802EA4FBFFA3FD54FD2449BF51D4	217992	----atw-	C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
2013-07-12 08:32:15	506708142BC63DABA64F2D3AD1DCD5BF	116648	----atw-	C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleUpdate.exe
2013-07-12 08:32:14	A6F8D4FBC12177A75AB4C06D059229B6	784664	----a-w-	C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.153\GoogleUpdateSetup.exe
2013-07-12 08:25:42	013A330F16B1CECBDE5CB6F921689523	2827728	----a-w-	C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe
2013-07-12 08:25:41	013A330F16B1CECBDE5CB6F921689523	2827728	----a-w-	C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
2013-07-12 08:25:32	B0F6507F8666E89DD9F192313D88EB98	389632	----a-w-	C:\Users\Fabiène\AppData\Roaming\BabSolution\Shared\GUninstaller.exe
2013-07-12 08:25:32	71D490C463014E4FB88B8CBA700B111E	4608	----a-w-	C:\Users\Fabiène\AppData\Roaming\BabSolution\Shared\BabMaint.exe
2013-07-12 08:22:10	A70249E0A3434458821C2BD45A6E6CC5	24116824	----a-w-	C:\Users\Fabiène\Downloads\FreeVideoToMP3Converter.exe
=== C: other files ==
2013-07-16 08:21:27	53ABD100B97778285CA380F1C48FC4CC	37716	----a-w-	C:\Users\Fabiène\Desktop\Desktop.zip
2013-07-12 09:21:43	82F5C942549405F61A8808D0EA0FA9E2	25575	----a-w-	C:\Users\Fabiène\AppData\Local\Temp\_MEI33722\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx
2013-07-12 08:25:35	591A05C4D202D8EB94FD5B60F8E0D34B	390077	----a-w-	C:\Users\Fabiène\AppData\Roaming\BabSolution\CR\Delta.crx

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe"
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"MobileDocuments"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe"
"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"
"Google Update"="C:\Users\FabiŠne\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Browser Infrastructure Helper"="C:\Users\FabiŠne\AppData\Local\Smartbar\Application\SnapDo.exe startup"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"File Sanitizer"="c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe"
"PDFHook"="C:\Program Files (x86)\Nuance\PDF Professional 6\pdfpro6hook.exe"
"PDF6 Registry Controller"="C:\Program Files (x86)\Nuance\PDF Professional 6\RegistryController.exe"
"Nuance PDF Reader-reminder"="C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe -r C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
"NortonOnlineBackup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe"
"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"HPUsageTracking"="C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe C:\Program Files (x86)\HP\HP UT\"
"DATAMNGR"="C:\PROGRA~2\WIF0E7~1\Datamngr\DATAMN~1.EXE"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"QLBController"="C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start"
"Cisco AnyConnect Secure Mobility Agent for Windows"="C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe -minimized"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"ApnUpdater"="C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"HP Connection Manager.exe"=""C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HP Connection Manager.exe""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe"
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"MobileDocuments"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe"
"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"
"Google Update"="C:\Users\FabiŠne\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Browser Infrastructure Helper"="C:\Users\FabiŠne\AppData\Local\Smartbar\Application\SnapDo.exe startup"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe"
"IgfxTray"="C:\windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\windows\system32\hkcmd.exe"
"Persistence"="C:\windows\system32\igfxpers.exe"
"HP Color LaserJet CM1312 MFP Series Fax"="C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe HP Color LaserJet CM1312 MFP Series Fax"
"HPWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden"
"HPPowerAssistant"="C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

==== Startup Folders ======================

2010-09-06 08:44:56	836	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
2010-11-04 11:16:50	2099	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12.06.2013 02:49]
C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01.11.2010 23:01]
C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01.11.2010 23:01]
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1359661392-1277086489-3976402912-1003Core.job --a------ C:\Users\Fabine\AppData\Local\Google\Update\GoogleUpdate.exe []
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1359661392-1277086489-3976402912-1003UA.job --a------ C:\Users\Fabine\AppData\Local\Google\Update\GoogleUpdate.exe []
C:\windows\tasks\HPCeeScheduleForFabiène.job  [Undetermined Task]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\FabiŠne\AppData\Roaming\BabSolution\CR\Delta.crx[12.05.2013 12:17]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.avira.com/de/upgrade-avira-free-antivirus?x-a-version=free&x-origin=product&x-product=free_product"
"bProtector Start Page"="hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=1E4E00A0C6000000&affID=121563&tsp=4941"
"Search Page"="hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=CH&userid=765d8154-d3c8-4711-8722-9adaa57e372b&searchtype=ds&q={searchTerms}&installDate={installDate}"
"Search Bar"="hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=CH&userid=765d8154-d3c8-4711-8722-9adaa57e372b&searchtype=ds&q={searchTerms}&installDate={installDate}"
"Use Search Asst"="yes"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=CH&userid=765d8154-d3c8-4711-8722-9adaa57e372b&searchtype=ds&q={searchTerms}&installDate={installDate}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=CH&userid=765d8154-d3c8-4711-8722-9adaa57e372b&searchtype=ds&q={searchTerms}&installDate={installDate}"
"SearchAssistant"="hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=CH&userid=765d8154-d3c8-4711-8722-9adaa57e372b&searchtype=ds&q={searchTerms}&installDate={installDate}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{24B010C2-D81E-4A73-9BD9-E0EBFEA7C75A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"bProtector Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Use Search Asst"="no"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Delta Search Url="hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1E4E00A0C6000000&affID=121563&tsp=4941"
{24B010C2-D81E-4A73-9BD9-E0EBFEA7C75A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_de"

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader 9.lnk - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe 
C:\Users\Public\Desktop\ArcSoft Camera Suite.lnk - C:\Program Files (x86)\Arcsoft\Camera Suite\TMExtreme.exe 
C:\Users\Public\Desktop\Avira Control Center.lnk - C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe 
C:\Users\Public\Desktop\Browserwahl.lnk - C:\Windows\System32\browserchoice.exe /launch
C:\Users\Public\Desktop\Corel Home Office.lnk - C:\Program Files (x86)\Corel\Corel Home Office\CorelLaunchIt.exe 
C:\Users\Public\Desktop\FirstClass.lnk - C:\Program Files (x86)\FirstClass\fcc32.exe 
C:\Users\Public\Desktop\HP Connection Manager.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HP Connection Manager.exe 
C:\Users\Public\Desktop\HP QuickSync.lnk - C:\Program Files (x86)\Hewlett-Packard\HP QuickSync\HPQuickSync.exe 
C:\Users\Public\Desktop\HP Support Assistant.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe 
C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe 
C:\Users\Public\Desktop\Microsoft Office - 60 Day Trial.lnk - C:\Program Files (x86)\Microsoft Office Suite Activation Assistant\OAA.exe 
C:\Users\Public\Desktop\Private Tax 2010.lnk - C:\Program Files (x86)\Private Tax 2010\PrivateTax2010NP.exe 
C:\Users\Public\Desktop\Private Tax 2011.lnk - C:\Program Files (x86)\Private Tax 2011\Private Tax 2011.exe 
C:\Users\Public\Desktop\Private Tax 2012.lnk - C:\Program Files (x86)\Private Tax 2012\Private Tax 2012.exe 
C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe 
C:\Users\Public\Desktop\Skype.lnk - C:\windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe 
C:\Users\Public\Desktop\WinZip.lnk - C:\Program Files (x86)\WinZip\WINZIP32.EXE 

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\Silverlight.Configuration.exe 

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== Uninstall List x64 ======================

64 Bit HP CIO Components Installer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0611B3CC-B5DB-4B93-ACE4-97B8F938E6B7}]
Adobe Flash Player 11 ActiveX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX]
Adobe Reader 9.4.0 - Deutsch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1031-7B44-A94000000001}]
Apple Application Support [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}]
Apple Mobile Device Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2F72F540-1F60-4266-9506-952B21D6640D}]
Apple Software Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}]
ArcSoft Camera Suite [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A117C1DE-00F1-4634-A9A9-6E6FC70FBD4B}]
ArcSoft Camera Suite [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ArcSoft Camera Suite]
ArcSoft Webcam Sharing Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}]
Ask Toolbar [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}]
Avira Free Antivirus [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Avira AntiVir Desktop]
Avira SearchFree Toolbar plus Web Protection Updater [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}]
Bing Bar [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B4089055-D468-45A4-A6BA-5A138DD715FC}]
Bonjour  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}]
Broadcom 2070 Bluetooth 3.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}]
Broadcom 802.11 Wireless LAN Adapter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Broadcom 802.11 Wireless LAN Adapter]
BrowserDefender  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}]
BufferChm  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{687FEF8A-8597-40b4-832C-297EA3F35817}]
Cisco AnyConnect Secure Mobility Client  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Cisco AnyConnect Secure Mobility Client]
Cisco AnyConnect Secure Mobility Client [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E69BD802-57A2-428F-9CA6-9C006E5F8DFA}]
Corel Home Office - CS Templates [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1A1E33D2-9824-454A-B8CB-50072118635A}]
Corel Home Office - CT Templates [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26D19512-874B-4EDA-B7F1-779850B2AD5A}]
Corel Home Office - IPM [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B2187A6-8ACC-4012-9817-9221211EF407}]
Corel Home Office - JP Templates [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1D11E96F-0405-4B99-8356-5750B1D9FAE9}]
Corel Home Office - KR Templates [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5746E4F9-77C6-47E8-A737-A5975A57B4AA}]
Corel Home Office - Launcher [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E74EA3B1-7192-489D-9A57-0AE918FEC001}]
Corel Home Office - Templates RU [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F45048A1-12C4-4B08-A3EB-32D88033368A}]
Corel Home Office - Templates1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5017D60D-C0A5-4CC8-8D2F-0BDA1ADF39D0}]
Corel Home Office [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\_{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}]
Corel Home Office [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}]
Corel Home Office [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CCFC5B6F-CF69-45A7-AD62-119B7E65ADE7}]
CustomerResearchQFolder  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}]
Delta Chrome Toolbar [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar]
Delta toolbar   [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\delta]
Device Access Manager for HP ProtectTools [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{55B52830-024A-443E-AF61-61E1E71AFA1B}]
DeviceDiscovery  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}]
DeviceManagementQFolder  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AB5D51AE-EBC3-438D-872C-705C7C2084B0}]
Drive Encryption for HP ProtectTools [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{34E6F14D-68F9-486D-87BA-6AA8431F3F44}]
Drive Encryption for HP ProtectTools [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Drive Encryption]
Dropbox  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dropbox]
Energy Star Digital Logo [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}]
Face Recognition for HP ProtectTools [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E793990C-90BE-4B69-AC29-BF5E8FD4ED54}]
File Sanitizer For HP ProtectTools [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}]
FirstClass Client [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6EBED885-73D9-4750-B96E-FD654500E59F}]
Free Audio CD Burner version 1.4.7 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Free Audio CD Burner_is1]
Free Studio version 5.1.5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Free Studio_is1]
Free YouTube to MP3 Converter version 3.12.7.711 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Free YouTube to MP3 Converter_is1]
Google Drive [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{989FB5FD-9B00-4B32-8663-849CB1370DD1}]
Google Talk Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6D2A900D-EB39-3386-8D9F-3B8F069C57A5}]
Google Toolbar for Internet Explorer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}]
Google Toolbar for Internet Explorer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}]
Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]
Hewlett-Packard ACLM.NET v1.2.1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6F340107-F9AA-47C6-B54C-C3A19F11553F}]
HP 3D DriveGuard [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8F258628-2E18-4C2E-8127-EF4EFAF5F75C}]
HP Advisor [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}]
HP Color LaserJet CM1312 MFP Series 5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8EEDB90E-6ABC-42bb-AD4C-39DEE05E3EEA}]
HP Connection Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DE637160-7A1C-4F73-B1AB-4300AE2C2DDE}]
HP Customer Experience Enhancements [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{07FA4960-B038-49EB-891B-9F95930AA544}]
HP Customer Participation Program 10.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HPExtendedCapabilities]
HP Documentation [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96260076-8327-41C1-8E7F-BF6D45AA735A}]
HP ESU for Microsoft Windows 7 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A6365256-0FBA-4DCD-88CE-D92A4DC9328E}]
HP HotKey Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{91265FED-244B-4DAF-A8E5-EA386209169C}]
HP Imaging Device Functions 10.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Imaging Device Functions]
HP Power Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{682FBA83-2CCA-4CFA-A08A-6767DAB2FC9C}]
HP Power Data [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{339F5747-BED1-44AF-8583-8BBA2B342703}]
HP Product Detection [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}]
HP ProtectTools Security Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{75126DE9-C8EC-46B2-949F-EFA770AAFD9B}]
HP ProtectTools Security Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HPProtectTools]
HP QuickLook [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E6BEE2A9-04CF-42FF-B95B-BB70FAD2DC3E}]
HP QuickSync [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9DAED690-F643-410D-9FAD-0AE43FF402D8}]
HP QuickWeb [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7861911B-4270-498A-8F7A-FCF0570F48A8}]
HP QuickWeb [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7861911B-4270-498A-8F7A-FCF0570F48E3}]
HP Setup [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96AC1B0B-02D1-4FAA-9C1E-C92ECA74921A}]
HP SoftPaq Download Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E1CD7FC4-98F6-4A14-A8C8-A01D6F6F8FC3}]
HP Software Framework [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{483539DB-FA71-4C45-8438-55D3DCFDECC8}]
HP Software Setup [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C689F3AD-85D9-47CA-AC42-29DDC53F428E}]
HP Support Assistant [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}]
HP Webcam Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}]
HP Wireless Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9EA86AD9-FB32-4B9E-BD56-3068F9B8031F}]
hppCLJCM1312  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{07B85EEC-05BD-4E6A-AAEB-502FB2473DFA}]
hppFaxDrvCM1312  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7985C7FA-B151-4BA7-B19E-1577A7B527F1}]
hppFaxUtilityCM1312  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0626C86E-5A8F-4A6D-8C0A-5FF38BD2DA3A}]
hppFonts  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{995F2783-8311-49BF-833E-DB659774B4F6}]
hppManualsCM1312  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ED498DD7-FBC1-4C67-8D9B-C9218FBC818D}]
hppQFolderCM1312  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{583EDB12-4CEA-48B5-A7BA-88069DD47BA2}]
hppScanToCM1312  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B59ACF5E-0FF7-44D2-B57D-E516F334AC2E}]
hppSendFaxCM1312  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{484A13AB-A4C1-41FD-87E0-EBE2DA01250E}]
hppusgCM1312  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{325D1D94-4F34-46A7-A489-737C801B931D}]
iCloud  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{704C0303-D20C-45AF-BD2B-556EAF31BE09}]
IDT Audio [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}]
Intel(R) Graphics Media Accelerator Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}]
Intel(R) Management Engine Components [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}]
Intel© Matrix Storage Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}]
iTunes  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7FCDABCC-1A1E-4D61-909D-BA9495172774}]
Java Auto Updater [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}]
Java(TM) 6 Update 27 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216027FF}]
jZip  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\jZip]
MarketResearch  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}]
Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}]
Microsoft .NET Framework 4 Client Profile DEU Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0E3DAF3D-FF69-345A-A99E-1FED304CA083}]
Microsoft Choice Guard [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}]
Microsoft Office Professional Plus 2010 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Office14.PROPLUSR]
Microsoft Office Suite Activation Assistant [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}]
Microsoft Project Professional 2010 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Office14.PRJPROR]
Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}]
Microsoft Sync Framework Runtime Native v1.0 (x86) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}]
Microsoft Sync Framework Services Native v1.0 (x86) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}]
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}]
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{071c9b48-7c32-4621-a0ac-3f809523288f}]
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}]
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}]
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}]
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}]
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}]
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}]
MSVCRT  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}]
MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}]
MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}]
Norton Online Backup [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}]
Nuance PDF Professional 6 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DFF39912-EE94-46F8-8DBD-216F6D60453D}]
Nuance PDF Reader [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B480904D-F73F-4673-B034-8A5F492C9184}]
PDF Complete Special Edition [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PDF Complete]
Privacy Manager for HP ProtectTools [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{32394B71-1E8E-4233-8958-B84F4CDC8F4D}]
Private Tax 2010 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Private Tax 2010]
Private Tax 2011 1.3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\4095-7861-2728-4611]
Private Tax 2012 2.4 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\6753-7911-9438-6061]
Qualcomm Gobi 2000 Package for HP [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5A771AE0-513F-4EC5-AB09-A7D3D22A2E20}]
QuickTime  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B67BAFBA-4C9F-48FA-9496-933E3B255044}]
Realtek Ethernet Controller All-In-One Windows Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}]
Realtek USB 2.0 Card Reader [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96AE7E41-E34E-47D0-AC07-1091A8127911}]
Roxio Activation Module [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EC877639-07AB-495C-BFD1-D63AF9140810}]
Roxio Creator Audio [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}]
Roxio Creator Business [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}]
Roxio Creator Business v10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ED439A64-F018-4DD4-8BA5-328D85AB09AB}]
Roxio Creator Copy [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}]
Roxio Creator Data [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{08E81ABD-79F7-49C2-881F-FD6CB0975693}]
Roxio Creator Tools [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}]
Roxio Express Labeler 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}]
Scansoft PDF Professional [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}]
SDK  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}]
Skype Click to Call [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B6CF2967-C81E-40C0-9815-C05774FEF120}]
SkypeT 6.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}]
Snap.Do  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A2FEAED3-17DB-4D60-867B-8FA5B7105F2C}]
Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SynTPDeinstKey]
Theft Recovery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}]
Theft Recovery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}]
Tour Your PC [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6725EABF-A984-4D87-8A09-694F8547E5C8}]
TrayApp  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5ACE69F0-A3E8-44eb-88C1-0A841E700180}]
UCINET 6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BDCB1E95-D35A-4ADC-8FF1-777A066BE92B}]
UCINET 6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\UCINET 6]
Uninstall 1.0.0.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Uninstall_is1]
Validity Fingerprint Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}]
WebReg  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CCB9B81A-167F-4832-B305-D2A0430840B3}]
Windows 7 Default Setting [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5BF8E079-D6E2-4323-B794-75152371122A}]
Windows jZip Toolbar [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\jZip 102 MediaBar]
Windows Live-Uploadtool [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{205C6BDD-7B73-42DE-8505-9A093F35A238}]
Windows Live Anmelde-Assistent [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{52B97218-98CB-4B8B-9283-D213C85E1AA4}]
Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}]
Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite_Wave3]
WinZip 14.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BC}]

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\FABINE~1\AppData\Local\Temp successfully emptied

==== Deleting Files / Folders ======================

"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22"  not found
"C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23"  not found
"C:\ProgramData\BrowserDefender"  not found
"C:\ProgramData\BrowserDefender"  not found

==== EOF on 16.07.2013 at 12:16:02.02 ======================

smeenk · 16.07.2013, 11:48

Bitte deaktiviere während des Scans alle Virenscanner, da sie das Ergebnis beeinflussen
Starte Zoek.exe mit einem Doppelklick.
Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und könnte andere Computer beschädigen.

Kopiere den Text der folgenden Box in das Skriptfenster von Zoek:

Code:

ATTFilter

C:\windows\Sysnative\Tasks\BrowserDefendert;f
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];r
"DATAMNGR"=-;r
"ApnUpdater"=-;r
Snap.Do;a
Delta Chrome Toolbar;a
autoclean;
eooncjejnppfjjklapaamhcdmjbilmde;chr
[-HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar];r64
[-HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\delta];r64
[-HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}];r64
[-HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A2FEAED3-17DB-4D60-867B-8FA5B7105F2C}];r64
[-HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}];r64
[-HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\jZip 102 MediaBar];r64
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r
"Browser Infrastructure Helper"=-;r
{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9};c
C:\Users\Fabiène\AppData\Roaming\BabSolution;fs
C:\windows\Sysnative\Tasks\EPUpdater;f

Nun klicke auf "Run script" und sei geduldig bis das Skript durchläuft.
Wenn das Tool fertig ist wird sich Notepad mit dem Logfile öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:
Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken)

spigi01 · 16.07.2013, 13:30

Während des zweiten zoek.exe Durchgangs hat sich der Compi ausgeschaltet. Und jetzt will er nicht mehr starten.... Bildschirm bleibt schwarz

Habe ihn unter 5 sekundigem Halten des Pwr Switches ausgeschaltet und nach einer längeren Zeit wieder probiert, ohne Erfolg.

Ein CD Laufwerk hat das Teil nicht und ich habe auch kein externes.

Nachdem ich die Stromversorgung und den Akku wegenommen habe und dann nochmals versucht habe zu starten hats dann doch noch geklappt.

log-file kommt

Code:

ATTFilter

Zoek.exe Version 4.0.0.4 Updated 14-July-2013
Tool run by FabiŠne on 16.07.2013 at 12:59:03.73.
Microsoft Windows 7 Professional  6.1.7600  x64
Running in: Normal Mode Internet Access Detected

==== Older Logs ======================

C:\zoek-results16.07.2013-1154.log	8889 bytes
C:\zoek-results16.07.2013-1216.log	53200 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BrowserDefendert deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BrowserDefendert deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
"DATAMNGR"=- 
"ApnUpdater"=- 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] 
"Browser Infrastructure Helper"=- 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"bProtector Start Page"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"bProtectorDefaultScope"=-

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar] 
[-HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\delta] 
[-HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}] 
[-HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A2FEAED3-17DB-4D60-867B-8FA5B7105F2C}] 
[-HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] 
[-HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\jZip 102 MediaBar] 

==== Deleting Files \ Folders ======================

"C:\windows\Sysnative\Tasks\BrowserDefendert" not found 
"C:\Users\Fabiène\AppData\Roaming\Zeon" not found 
"C:\Users\Fabiène\AppData\Roaming\hpqLog" not found 
"C:\Users\Fabiène\AppData\Roaming\BabSolution" not found 
"C:\Users\Fabiène\AppData\Roaming\DVDVideoSoftIEHelpers" not found 
"C:\Users\Fabiène\AppData\Roaming\BabSolution" not found 
"C:\Users\Fabiène\AppData\Roaming\Babylon" not found 
"C:\Users\Fabiène\AppData\Roaming\OpenCandy" not found 
"C:\Users\Fabiène\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender" not found 
"C:\Users\Fabiène\AppData\Local\jZip" not found 
"C:\Users\Fabiène\AppData\Local\AskToolbar" not found 
"C:\Users\Fabiène\AppData\Local\Smartbar" not found 
"C:\Users\Fabiène\AppData\LocalLow\AskToolbar" not found 
"C:\Users\Fabiène\AppData\LocalLow\Smartbar" not found 
"C:\Users\Fabiène\Desktop\Search.lnk" not found 
"C:\windows\Sysnative\Tasks\EPUpdater" deleted
"C:\windows\SysNative\Tasks\EPUpdater" deleted
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe" deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\TB" deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\bin" deleted
"C:\Program Files (x86)\Ask.com" deleted
"C:\windows\SysWow64\searchplugins" deleted
"C:\windows\SysWow64\Extensions" deleted
"C:\windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}" deleted
"C:\Program Files (x86)\Ask.com\Updater" deleted

==== Registry Search Results for "Snap.Do" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7B0EE1CE-B2EF-49D6-AF4D-EBF8240EF2C2}]
"URLInfoAbout"="hxxp://snap.do"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7B0EE1CE-B2EF-49D6-AF4D-EBF8240EF2C2}]
"DisplayName"="Snap.Do"

[HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\Microsoft\Installer\Products\EC1EE0B7FE2B6D94FAD4BE8F42E02F2C]
"ProductName"="Snap.Do"

[HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\Microsoft\Windows\CurrentVersion\Uninstall\{b5cc7599-3fcc-4fa7-80b3-3d80bd1bdc5c}]
"DisplayName"="Snap.Do Engine"

==== Registry Search Results for "Delta Chrome Toolbar" ======================


[HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\BabSolution\Updater\Instances\Delta Chrome Toolbar]

[HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\BabSolution\Updater\Instances\Delta Chrome Toolbar]
"UninstKey"="Delta Chrome Toolbar"

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\FabiŠne\AppData\Roaming\BabSolution\CR\Delta.crx[12.05.2013 12:17]

==== Chrome Fix ======================

C:\Users\FabiŠne\AppData\Roaming\BabSolution\CR\Delta.crx deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=CH&userid=765d8154-d3c8-4711-8722-9adaa57e372b&searchtype=hp&installDate=12/07/2013"
"Search Page"="hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=CH&userid=765d8154-d3c8-4711-8722-9adaa57e372b&searchtype=ds&q={searchTerms}&installDate=12/07/2013"
"Search Bar"="hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=CH&userid=765d8154-d3c8-4711-8722-9adaa57e372b&searchtype=ds&q={searchTerms}&installDate=12/07/2013"
"Use Search Asst"="yes"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
"Default"="hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=CH&userid=765d8154-d3c8-4711-8722-9adaa57e372b&searchtype=ds&q={searchTerms}&installDate=12/07/2013"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=CH&userid=765d8154-d3c8-4711-8722-9adaa57e372b&searchtype=ds&q={searchTerms}&installDate=12/07/2013"
"SearchAssistant"="hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=CH&userid=765d8154-d3c8-4711-8722-9adaa57e372b&searchtype=ds&q={searchTerms}&installDate=12/07/2013"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{006ee092-9658-4fd6-bd8e-a21a348e59f5}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="hxxp://www.google.com"
"Use Search Asst"="no"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Fabiène\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Fabiène\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\FABINE~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 16.07.2013 at 14:34:31.70 ======================

smeenk · 16.07.2013, 13:51

Zitat:

Während des zweiten zoek.exe Durchgangs hat sich der Compi ausgeschaltet. Und jetzt will er nicht mehr starten.... Bildschirm bleibt schwarz

Das muss wohl ein Schreckmoment gewesen sein

Im Log-Datei ist keine Ursache dafür zu sehen, hoffen wir es wiederholt sich nicht mehr.

Bitte deaktiviere während des Scans alle Virenscanner, da sie das Ergebnis beeinflussen
Starte Zoek.exe mit einem Doppelklick.
Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und könnte andere Computer beschädigen.

Kopiere den Text der folgenden Box in das Skriptfenster von Zoek:

Code:

ATTFilter

[-HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\Microsoft\Installer\Products\EC1EE0B7FE2B6D94FAD4BE8F42E02F2C];r
[-HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\Microsoft\Windows\CurrentVersion\Uninstall\{b5cc7599-3fcc-4fa7-80b3-3d80bd1bdc5c}];r
[-HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\BabSolution];r

Nun klicke auf "Run script" und sei geduldig bis das Skript durchläuft.
Wenn das Tool fertig ist wird sich Notepad mit dem Logfile öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:
Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken)

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

spigi01 · 16.07.2013, 14:01

Meine Tochter hat mir erzählt, dass sie das Problem mit den Starten schon einige male gehabt hat, schon seit sie das Sch...ding gekauft hat....

Also hier das erneute Zoek log-file, das Adwcleaner file kommt nach

Code:

ATTFilter

Zoek.exe Version 4.0.0.4 Updated 14-July-2013
Tool run by FabiŠne on 16.07.2013 at 14:54:48.86.
Microsoft Windows 7 Professional  6.1.7600  x64
Running in: Normal Mode Internet Access Detected

==== Older Logs ======================

C:\zoek-results16.07.2013-1154.log	8889 bytes
C:\zoek-results16.07.2013-1216.log	53200 bytes
C:\zoek-results16.07.2013-1434.log	11366 bytes

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\Microsoft\Installer\Products\EC1EE0B7FE2B6D94FAD4BE8F42E02F2C] 
[-HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\Microsoft\Windows\CurrentVersion\Uninstall\{b5cc7599-3fcc-4fa7-80b3-3d80bd1bdc5c}] 
[-HKEY_USERS\S-1-5-21-1359661392-1277086489-3976402912-1003\Software\BabSolution] 

==== EOF on 16.07.2013 at 14:56:26.12 ======================

und hier das Adw file. Adw cleaner hat nur einmal einen neustart verlangt.

Code:

ATTFilter

# AdwCleaner v2.305 - Datei am 16/07/2013 um 15:05:49 erstellt
# Aktualisiert am 11/07/2013 von Xplode
# Betriebssystem : Windows 7 Professional  (64 bits)
# Benutzer : Fabiène - FABIENE-HP
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Fabiène\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Program Files (x86)\jZip
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jZip
Ordner Gelöscht : C:\Users\Fabiène\AppData\Local\AskToolbar
Ordner Gelöscht : C:\Users\Fabiène\AppData\Local\jZip
Ordner Gelöscht : C:\Users\Fabiène\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\Fabiène\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Fabiène\AppData\LocalLow\jZip
Ordner Gelöscht : C:\Users\Fabiène\AppData\LocalLow\jziptoolbar
Ordner Gelöscht : C:\Users\Fabiène\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\Fabiène\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Fabiène\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Fabiène\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Fabiène\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Ordner Gelöscht : C:\Users\Fabiène\AppData\Roaming\OpenCandy

***** [Registrierungsdatenbank] *****

Daten Gelöscht : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\WIF0E7~1\Datamngr\x64\datamngr.dll
Daten Gelöscht : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\WIF0E7~1\Datamngr\x64\IEBHO.dll
Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\jZip
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E48C56F-08CD-43AA-A6EF-C1EC891551AB}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41C4AA37-1DDD-4345-B8DC-734E4B38414D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\SmartbarBackup
Schlüssel Gelöscht : HKCU\Software\SmartbarLog
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\5a53da8cb73eb914
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\DeviceVM
Schlüssel Gelöscht : HKLM\Software\jZip
Schlüssel Gelöscht : HKLM\Software\jZipMediabarTb
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\5a53da8cb73eb914
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E48C56F-08CD-43AA-A6EF-C1EC891551AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\jZip
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Die Registrierungsdatenbank ist sauber.

*************************

AdwCleaner[S1].txt - [13287 octets] - [16/07/2013 15:05:49]

########## EOF - C:\AdwCleaner[S1].txt - [13348 octets] ##########

Uebrigens besten Dank, dass du dir an einem so schönen nachmittag die Zeit nimmst

smeenk · 16.07.2013, 14:35

Bemerkst Du Momentan noch einige Probleme?

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

Snap.de toolbar kann nicht deinstalliert werden

Plagegeister aller Art und deren Bekämpfung: Snap.de toolbar kann nicht deinstalliert werden