| |
| |||||||
Log-Analyse und Auswertung: Problem mit SoftwareUpdater.ui.exeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
07.08.2013, 22:20
| #16 |
| /// Malware-holic   |  Problem mit SoftwareUpdater.ui.exe poste die Logs doch wie angefordert gleichzeitig, nu muss ich sonst wieder unnötigerweise hier reingucken bis alle logs da sind, da die nächsten an den vorherigen post angehangen werden... rest also auf einmal posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
07.08.2013, 22:46
| #17 |
 | Problem mit SoftwareUpdater.ui.exe Sry,dachte du beziehst das mit den 3 logs auf den TDSS-killer.mein fehler. tzzz
__________________JRT: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.3.6 (08.07.2013:2)
OS: Windows Vista (TM) Home Premium x86
Ran by hp on 07.08.2013 at 23:19:45,67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\bProtectTabs
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\powerpack
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\trolltech
Successfully deleted: [Registry Key] "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3524643148-3702010791-4215702888-1000\Software\SweetIM"
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2FE86616-3BB0-428D-B002-0A681483E5C9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{459BE92D-CF5C-4D82-9B9D-1BC9646AED3F}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8DDAD536-952F-4A67-AEF3-9B670C1F5B5A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{1645A33F-0A96-4315-904E-29E188E7720E}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2FE86616-3BB0-428D-B002-0A681483E5C9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{459BE92D-CF5C-4D82-9B9D-1BC9646AED3F}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{8DDAD536-952F-4A67-AEF3-9B670C1F5B5A}
~~~ Files
~~~ Folders
~~~ FireFox
Successfully deleted: [File] C:\Users\hp\AppData\Roaming\mozilla\firefox\profiles\bhe5s909.default\invalidprefs.js
Successfully deleted the following from C:\Users\hp\AppData\Roaming\mozilla\firefox\profiles\bhe5s909.default\prefs.js
user_pref("extensions.crossrider.bic", "13ebcd6822acf723a97f306b3d08cfb9");
user_pref("extensions.helperbar.SmartbarDisabled", false);
user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Emptied folder: C:\Users\hp\AppData\Roaming\mozilla\firefox\profiles\bhe5s909.default\minidumps [127 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.08.2013 at 23:21:33,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter
|
|
07.08.2013, 23:36
| #18 |
| /// Malware-holic | Problem mit SoftwareUpdater.ui.exe Hi,
__________________kennst bzw nutzt du: C:\Program Files\RADVideo falls ja, musst du es wohl neu instalieren, falls nein, gehe in den Ordner, nutze die uninstall.exe, damit das Programm deinstaliert wird. lösche mit Hitmanpro, nach schließen des Browser, alle Kookies + unwanted Programs. neustart, neues frst log
__________________ |
|
08.08.2013, 00:03
| #19 |
| | Problem mit SoftwareUpdater.ui.exe hi, kenn das programm nach nem g++gle suchlauf,habs aba nicht wirklich benutzt.jetzt is es deinstaliert. hitmanpro: Code:
ATTFilter
|
|
08.08.2013, 00:20
| #20 |
| /// Malware-holic | Problem mit SoftwareUpdater.ui.exe FRST Log fehlt. gehe ich recht in der Anname das die Fehlermeldung nicht mehr auftritt?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.08.2013, 00:35
| #21 |
| | Problem mit SoftwareUpdater.ui.exe sry,wer klar lesen kann,is im vorteil.die anfrage kommt nach dem jetzigen neustart leider immernoch. FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-08-2013
Ran by hp (administrator) on 08-08-2013 01:32:01
Running from C:\Users\hp\Desktop\Zubehör
Microsoft® Windows Vista™ Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\aestsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\SMINST\BLService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
() C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
() C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink Corp.) C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
(CyberLink Corp.) C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
(CyberLink) C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(CyberLink Corp.) C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Hewlett-Packard) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-08-29] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [DVDAgent] - C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200 2008-11-28] (CyberLink Corp.)
HKLM\...\Run: [TSMAgent] - C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1316136 2008-12-25] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer for HP TouchSmart] - C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736 2008-12-25] (CyberLink)
HKLM\...\Run: [UCam_Menu] - C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [218408 2008-11-14] (CyberLink Corp.)
HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [914224 2008-11-18] (Hewlett-Packard)
HKLM\...\Run: [UpdateLBPShortCut] - C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] - C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-11-26] (CyberLink Corp.)
HKLM\...\Run: [QlbCtrl.exe] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [206128 2008-10-10] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [UpdateP2GoShortCut] - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-10-30] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDIRShortCut] - C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [WirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [432432 2008-12-08] (Hewlett-Packard)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2010-03-17] (Apple Inc.)
HKLM\...\Run: [TVAgent] - C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe [206120 2009-02-09] (CyberLink Corp.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-01-12] (Hewlett-Packard)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [1667164 2012-10-24] (IDT, Inc.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-08-06] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKCU\...\Run: [HPAdvisor] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [966656 2008-11-18] (Hewlett-Packard)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [Wisdom-soft AutoScreenRecorder 3.1 Free] - 0 [x]
HKCU\...\Run: [Facebook Update] - C:\Users\hp\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-08-30] (Facebook Inc.)
HKU\Administrator\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2008-11-18] (Hewlett-Packard)
HKU\Administrator\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [ 2008-06-09] (Hewlett-Packard Company)
HKU\Default\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2008-11-18] (Hewlett-Packard)
HKU\eva\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2008-11-18] (Hewlett-Packard)
HKU\eva\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [ 2008-06-09] (Hewlett-Packard Company)
HKU\eva\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {45F56C1F-676E-40D2-9858-9D86D50B3E42} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKCU - {1242985B-D351-4F7D-B658-4846BA8EA341} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {45F56C1F-676E-40D2-9858-9D86D50B3E42} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKCU - {6A780789-F49D-47EA-BC1E-D40DEF7BFC66} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU -No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default
FF Homepage: hxxp://web.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer - C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\hp\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\searchplugins\firefox-add-ons.xml
FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\searchplugins\google-de-ssl.xml.txt
FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\searchplugins\google-deutschland.xml
FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\searchplugins\webde-suche.xml
FF Extension: No Name - C:\Users\hp\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Flagfox - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: Google Toolbar for Firefox - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(159)
FF Extension: No Name - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07}(282)
FF Extension: No Name - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\Extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba}(283)
FF Extension: No Name - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\Extensions\{a7dcc461-04ba-445f-857a-8aa4ed0c3fc1}
FF Extension: Cookies Manager+ - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
FF Extension: about-addons-memory - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\Extensions\about-addons-memory@tn123.org.xpi
FF Extension: langpack-de - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\Extensions\langpack-de@firefox.mozilla.org.xpi
FF Extension: No Name - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\Extensions\{338e0b96-2285-4424-b4c8-e25560750fa3}.xpi
FF Extension: No Name - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: No Name - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-08-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-08-06] (Avira Operations GmbH & Co. KG)
S2 gupdate1cb00d464d5003f; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2010-05-31] (Google Inc.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [106280 2013-08-07] (SurfRight B.V.)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard)
R2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-12-17] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [307282 2012-10-24] (IDT, Inc.)
R2 TVCapSvc; C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2009-02-09] ()
R2 TVSched; C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116096 2009-02-09] ()
==================== Drivers (Whitelisted) ====================
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [75776 2013-01-15] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-08-06] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-08-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-08-06] (Avira Operations GmbH & Co. KG)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [23128 2011-07-25] (JMicron Technology Corp.)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy)
R2 NPF_devolo; C:\Windows\system32\drivers\npf_devolo.sys [35840 2009-07-13] (CACE Technologies)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-06] (Avira GmbH)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl [87536 2008-11-28] (CyberLink Corp.)
S3 catchme; \??\C:\Users\hp\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-08 00:55 - 2013-08-08 00:55 - 00002292 _____ C:\Users\hp\Desktop\HitmanPro_20130808_0055.log
2013-08-07 23:29 - 2013-08-07 23:29 - 00001744 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2013-08-07 23:29 - 2013-08-07 23:29 - 00000000 ____D C:\Program Files\HitmanPro
2013-08-07 23:28 - 2013-08-07 23:41 - 00000000 ____D C:\ProgramData\HitmanPro
2013-08-07 23:19 - 2013-08-07 23:19 - 00000000 ____D C:\Windows\ERUNT
2013-08-07 23:06 - 2013-08-07 23:06 - 00000100 _____ C:\Windows\DeleteOnReboot.bat
2013-08-07 23:05 - 2013-08-07 23:06 - 00016166 _____ C:\AdwCleaner[S1].txt
2013-08-07 22:00 - 2013-08-07 22:02 - 09167352 _____ (SurfRight B.V.) C:\Users\hp\Desktop\HitmanPro.exe
2013-08-07 21:59 - 2013-08-07 21:59 - 00666633 _____ C:\Users\hp\Desktop\adwcleaner.exe
2013-08-07 21:59 - 2013-08-07 21:59 - 00563082 _____ (Oleg N. Scherbakov) C:\Users\hp\Desktop\JRT.exe
2013-08-07 21:54 - 2013-08-07 21:54 - 00000000 ___SD C:\Users\hp\Documents\Eigene Webs
2013-08-07 21:46 - 2013-08-07 21:47 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\hp\Desktop\tdsskiller.exe
2013-08-07 21:43 - 2013-08-07 21:43 - 00000000 ___SD C:\ComboFix
2013-08-07 21:42 - 2013-08-07 21:43 - 00000000 ___SD C:\32788R22FWJFW
2013-08-07 21:25 - 2013-08-07 21:25 - 00014612 _____ C:\combofix.log
2013-08-07 20:50 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-07 20:50 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-07 20:50 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-07 20:50 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-07 20:50 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-07 20:50 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-07 20:50 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-07 20:50 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-07 20:49 - 2013-08-07 21:43 - 00000000 ____D C:\Qoobox
2013-08-07 20:49 - 2013-08-07 21:02 - 00000000 ____D C:\Windows\erdnt
2013-08-07 20:47 - 2013-08-07 20:48 - 05100713 ____R (Swearware) C:\Users\hp\Desktop\ComboFix.exe
2013-08-07 20:31 - 2013-08-07 20:31 - 00001892 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2013-08-07 20:30 - 2013-08-07 20:30 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-08-07 20:21 - 2013-08-07 20:21 - 00001057 _____ C:\Users\hp\Desktop\Revo Uninstaller.lnk
2013-08-07 20:21 - 2013-08-07 20:21 - 00000000 ____D C:\Program Files\VS Revo Group
2013-08-07 20:18 - 2013-08-07 20:18 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-07 20:18 - 2013-08-07 20:18 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-07 14:12 - 2013-08-07 14:12 - 00000000 ____D C:\FRST
2013-08-07 14:09 - 2013-08-07 14:09 - 00000000 _____ C:\Users\hp\defogger_reenable
2013-08-06 23:33 - 2013-08-06 23:33 - 00000000 ____D C:\Intel
2013-08-06 23:15 - 2013-08-06 23:15 - 00000000 ____D C:\Users\hp\AppData\Roaming\Avira
2013-08-06 23:09 - 2013-08-06 23:09 - 00001847 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-06 23:09 - 2013-08-06 23:09 - 00000000 ____D C:\ProgramData\Avira
2013-08-06 23:09 - 2013-08-06 23:09 - 00000000 ____D C:\Program Files\Avira
2013-08-06 23:09 - 2013-08-06 22:57 - 00135136 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-08-06 23:09 - 2013-08-06 22:57 - 00084744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-08-06 23:09 - 2013-08-06 22:57 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-08-06 23:09 - 2013-08-06 22:57 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-08-06 20:59 - 2013-08-06 20:59 - 00000000 ____D C:\Windows\system32\SRSLabs
2013-08-06 20:59 - 2012-10-24 22:53 - 13893724 _____ (IDT, Inc.) C:\Windows\system32\idtcpl.cpl
2013-08-06 20:59 - 2012-10-24 22:53 - 06111232 _____ (IDT, Inc.) C:\Windows\system32\stlang.dll
2013-08-06 20:59 - 2012-10-24 22:53 - 01667164 _____ (IDT, Inc.) C:\Windows\sttray.exe
2013-08-06 20:59 - 2012-10-24 22:53 - 00536576 _____ (IDT, Inc.) C:\Windows\system32\idtmini1.exe
2013-08-06 20:59 - 2012-03-29 22:47 - 00174688 _____ (Andrea Electronics Corporation) C:\Windows\system32\aestacap.dll
2013-08-06 20:59 - 2012-03-29 22:47 - 00068192 _____ (Andrea Electronics Corporation) C:\Windows\system32\aestaren.dll
2013-08-06 20:59 - 2009-10-10 00:45 - 00380928 _____ (Andrea Electronics Corporation) C:\Windows\system32\aestecap.dll
2013-08-06 20:59 - 2009-03-03 01:47 - 00086016 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTCom.dll
2013-08-06 20:58 - 2012-10-24 22:53 - 01459712 _____ (IDT, Inc.) C:\Windows\system32\stapo.dll
2013-08-06 20:58 - 2012-10-24 22:53 - 00548352 ____N (IDT, Inc.) C:\Windows\system32\stapi32.dll
2013-08-06 20:58 - 2012-10-24 22:53 - 00454656 _____ (IDT, Inc.) C:\Windows\system32\stcplx.dll
2013-08-06 20:58 - 2012-10-24 22:53 - 00452096 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt.sys
2013-08-06 20:58 - 2012-10-24 22:53 - 00211968 _____ (IDT, Inc.) C:\Windows\system32\st326433.dll
2013-08-06 09:00 - 2013-08-07 21:28 - 00014016 _____ C:\Windows\PFRO.log
2013-08-06 06:31 - 2013-08-06 06:38 - 00000000 ____D C:\ProgramData\FreeDriverScout
2013-08-06 06:31 - 2013-08-06 06:31 - 00000000 ____D C:\Users\hp\Documents\Freemium Driver Utilities
2013-08-06 06:00 - 2013-08-07 23:15 - 00000000 ____D C:\Program Files\SoftwareUpdater
2013-07-24 19:03 - 2013-07-24 19:07 - 00000000 ____D C:\Windows\system32\MRT
2013-07-15 14:01 - 2013-07-15 14:00 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-15 14:01 - 2013-07-15 14:00 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-15 14:01 - 2013-07-15 14:00 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-15 14:01 - 2013-07-15 14:00 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
==================== One Month Modified Files and Folders =======
2013-08-08 01:32 - 2010-05-05 23:19 - 00000000 ___RD C:\Users\hp\Desktop\Zubehör
2013-08-08 01:28 - 2010-05-31 17:42 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-08 01:28 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-08 01:28 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-08 01:28 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-08 01:27 - 2010-05-03 08:09 - 01913855 _____ C:\Windows\WindowsUpdate.log
2013-08-08 01:27 - 2006-11-02 15:01 - 00032626 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-08 01:03 - 2006-11-02 12:33 - 01445310 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-08 00:55 - 2013-08-08 00:55 - 00002292 _____ C:\Users\hp\Desktop\HitmanPro_20130808_0055.log
2013-08-08 00:46 - 2010-05-03 09:39 - 00000000 ___RD C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-08-08 00:36 - 2010-05-31 17:42 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-07 23:41 - 2013-08-07 23:28 - 00000000 ____D C:\ProgramData\HitmanPro
2013-08-07 23:41 - 2013-04-29 14:13 - 00000000 ____D C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bink and Smacker
2013-08-07 23:29 - 2013-08-07 23:29 - 00001744 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2013-08-07 23:29 - 2013-08-07 23:29 - 00000000 ____D C:\Program Files\HitmanPro
2013-08-07 23:19 - 2013-08-07 23:19 - 00000000 ____D C:\Windows\ERUNT
2013-08-07 23:15 - 2013-08-06 06:00 - 00000000 ____D C:\Program Files\SoftwareUpdater
2013-08-07 23:12 - 2012-08-30 17:07 - 00000916 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3524643148-3702010791-4215702888-1000UA.job
2013-08-07 23:06 - 2013-08-07 23:06 - 00000100 _____ C:\Windows\DeleteOnReboot.bat
2013-08-07 23:06 - 2013-08-07 23:05 - 00016166 _____ C:\AdwCleaner[S1].txt
2013-08-07 23:06 - 2010-05-05 20:03 - 00000000 ____D C:\ProgramData\ICQ
2013-08-07 22:02 - 2013-08-07 22:00 - 09167352 _____ (SurfRight B.V.) C:\Users\hp\Desktop\HitmanPro.exe
2013-08-07 21:59 - 2013-08-07 21:59 - 00666633 _____ C:\Users\hp\Desktop\adwcleaner.exe
2013-08-07 21:59 - 2013-08-07 21:59 - 00563082 _____ (Oleg N. Scherbakov) C:\Users\hp\Desktop\JRT.exe
2013-08-07 21:54 - 2013-08-07 21:54 - 00000000 ___SD C:\Users\hp\Documents\Eigene Webs
2013-08-07 21:47 - 2013-08-07 21:46 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\hp\Desktop\tdsskiller.exe
2013-08-07 21:43 - 2013-08-07 21:43 - 00000000 ___SD C:\ComboFix
2013-08-07 21:43 - 2013-08-07 21:42 - 00000000 ___SD C:\32788R22FWJFW
2013-08-07 21:43 - 2013-08-07 20:49 - 00000000 ____D C:\Qoobox
2013-08-07 21:28 - 2013-08-06 09:00 - 00014016 _____ C:\Windows\PFRO.log
2013-08-07 21:25 - 2013-08-07 21:25 - 00014612 _____ C:\combofix.log
2013-08-07 21:03 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Default
2013-08-07 21:03 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-08-07 21:02 - 2013-08-07 20:49 - 00000000 ____D C:\Windows\erdnt
2013-08-07 21:01 - 2006-11-02 12:23 - 00000215 _____ C:\Windows\system.ini
2013-08-07 20:48 - 2013-08-07 20:47 - 05100713 ____R (Swearware) C:\Users\hp\Desktop\ComboFix.exe
2013-08-07 20:32 - 2010-05-06 04:37 - 00000000 ____D C:\Users\hp\AppData\Local\Adobe
2013-08-07 20:31 - 2013-08-07 20:31 - 00001892 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2013-08-07 20:30 - 2013-08-07 20:30 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-08-07 20:30 - 2010-05-05 23:04 - 00000000 ____D C:\Program Files\Adobe
2013-08-07 20:30 - 2009-01-20 06:15 - 00000000 ____D C:\ProgramData\Adobe
2013-08-07 20:26 - 2010-06-07 19:05 - 00000000 ____D C:\Program Files\EA SPORTS
2013-08-07 20:21 - 2013-08-07 20:21 - 00001057 _____ C:\Users\hp\Desktop\Revo Uninstaller.lnk
2013-08-07 20:21 - 2013-08-07 20:21 - 00000000 ____D C:\Program Files\VS Revo Group
2013-08-07 20:18 - 2013-08-07 20:18 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-07 20:18 - 2013-08-07 20:18 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-07 20:09 - 2010-05-05 20:17 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-07 19:59 - 2010-05-05 23:51 - 00000000 ____D C:\ProgramData\VistaCodecs
2013-08-07 19:53 - 2010-12-10 13:50 - 00000000 ____D C:\Program Files\JDownloader
2013-08-07 17:12 - 2012-08-30 17:07 - 00000894 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3524643148-3702010791-4215702888-1000Core.job
2013-08-07 15:35 - 2010-05-12 15:27 - 00000052 _____ C:\Windows\system32\DOErrors.log
2013-08-07 14:12 - 2013-08-07 14:12 - 00000000 ____D C:\FRST
2013-08-07 14:09 - 2013-08-07 14:09 - 00000000 _____ C:\Users\hp\defogger_reenable
2013-08-07 14:09 - 2010-05-03 09:39 - 00000000 ____D C:\Users\hp
2013-08-07 13:55 - 2012-05-23 17:59 - 00000000 ____D C:\Program Files\SpeedFan
2013-08-07 13:51 - 2010-05-08 03:09 - 00000000 ____D C:\Program Files\PokerStars
2013-08-07 13:41 - 2012-03-01 14:03 - 00000000 ____D C:\Users\hp\Documents\888poker
2013-08-07 13:39 - 2010-05-08 03:09 - 00000000 ____D C:\Users\hp\AppData\Local\PokerStars.EU
2013-08-07 13:35 - 2010-05-22 11:40 - 00000000 ____D C:\Windows\system32\mai _0509 dir
2013-08-07 13:35 - 2009-01-20 06:28 - 00000000 ____D C:\Program Files\Java
2013-08-07 13:35 - 2009-01-20 06:28 - 00000000 ____D C:\Program Files\Common Files\Java
2013-08-07 13:32 - 2013-04-30 11:23 - 00000000 ____D C:\Program Files\Full Tilt Poker.Eu
2013-08-07 13:31 - 2012-12-16 14:04 - 00000000 ____D C:\Program Files\Common Files\AVSMedia
2013-08-07 13:31 - 2012-12-16 14:04 - 00000000 ____D C:\Program Files\AVS4YOU
2013-08-07 13:13 - 2011-05-31 16:19 - 00000000 ____D C:\Users\hp\AppData\Roaming\DVDVideoSoft
2013-08-07 12:06 - 2010-05-06 21:23 - 00000000 ___RD C:\Users\hp\Desktop\Filme
2013-08-06 23:33 - 2013-08-06 23:33 - 00000000 ____D C:\Intel
2013-08-06 23:15 - 2013-08-06 23:15 - 00000000 ____D C:\Users\hp\AppData\Roaming\Avira
2013-08-06 23:09 - 2013-08-06 23:09 - 00001847 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-06 23:09 - 2013-08-06 23:09 - 00000000 ____D C:\ProgramData\Avira
2013-08-06 23:09 - 2013-08-06 23:09 - 00000000 ____D C:\Program Files\Avira
2013-08-06 22:57 - 2013-08-06 23:09 - 00135136 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-08-06 22:57 - 2013-08-06 23:09 - 00084744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-08-06 22:57 - 2013-08-06 23:09 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-08-06 22:57 - 2013-08-06 23:09 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-08-06 21:00 - 2010-05-03 08:16 - 00000000 ____D C:\Program Files\IDT
2013-08-06 20:59 - 2013-08-06 20:59 - 00000000 ____D C:\Windows\system32\SRSLabs
2013-08-06 09:11 - 2012-12-16 13:37 - 00000000 ____D C:\Program Files\Rovio
2013-08-06 09:10 - 2010-05-22 12:55 - 00000000 ___RD C:\Users\hp\Desktop\Spiele
2013-08-06 06:38 - 2013-08-06 06:31 - 00000000 ____D C:\ProgramData\FreeDriverScout
2013-08-06 06:31 - 2013-08-06 06:31 - 00000000 ____D C:\Users\hp\Documents\Freemium Driver Utilities
2013-08-02 17:02 - 2011-05-09 18:13 - 00000000 ____D C:\Users\hp\AppData\Roaming\HpUpdate
2013-08-01 03:58 - 2010-05-06 15:55 - 00170496 _____ C:\Users\hp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-29 05:33 - 2010-06-04 17:15 - 00000000 ___RD C:\Users\hp\Desktop\Mucke
2013-07-24 19:07 - 2013-07-24 19:03 - 00000000 ____D C:\Windows\system32\MRT
2013-07-21 20:57 - 2012-08-08 12:57 - 00006836 _____ C:\Users\hp\AppData\Local\d3d9caps.dat
2013-07-21 20:57 - 2011-01-04 10:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-20 18:43 - 2009-01-20 06:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-15 14:00 - 2013-07-15 14:01 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-15 14:00 - 2013-07-15 14:01 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-15 14:00 - 2013-07-15 14:01 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-15 14:00 - 2013-07-15 14:01 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-07-15 14:00 - 2012-06-19 05:11 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npdeployJava1.dll
2013-07-15 14:00 - 2011-01-10 18:57 - 00789416 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-14 03:26 - 2011-05-06 21:11 - 00006836 _____ C:\Users\eva\AppData\Local\d3d9caps.dat
Files to move or delete:
====================
C:\Users\Public\SweetImSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-08 01:04
==================== End Of Log ============================
|
|
08.08.2013, 01:00
| #22 |
| /// Malware-holic | Problem mit SoftwareUpdater.ui.exe Hi, a bissel noch zu tun. 1. Fix mit FRST Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
Toolbar: HKCU -No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
FF Extension: Google Toolbar for Firefox - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(159)
FF Extension: No Name - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\Extensions\{a7dcc461-04ba-445f-857a-8aa4ed0c3fc1}
2013-08-06 06:00 - 2013-08-07 23:15 - 00000000 ____D C:\Program Files\SoftwareUpdater
2013-08-07 23:15 - 2013-08-06 06:00 - 00000000 ____D C:\Program Files\SoftwareUpdater
bitte teste, ob es im Firefox, internet explorer, und sonstigen evtl. instalierte Browser, irgendwelche ungewollten toolbars, umleitungen oder sonstigen Probleme gibt. Teste wie pc und programme allgemein laufen. Wenn dies passt, gehts weiter, sonst melden 3. Die Reihenfolge ist hier entscheidend.
4. Bitte beginne damit, Windows Updates zu instalieren. Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst. Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist: - Updates automatisch Instalieren, - Täglich - Uhrzeit wählen - Bitte den gesammten rest anhaken, außer: - detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist. Klicke jetzt die Schaltfläche "OK" Klicke jetzt "nach Updates suchen". Bitte instaliere zunächst wichtige Updates. Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren. Mache das selbe bitte mit den optionalen Updates. Prüfe, ob du das Servicepack 2 (SP2) instaliert hast. Rechtsklick auf Computer, eigenschaften, dort siehst du das.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.08.2013, 02:59
| #23 |
| | Problem mit SoftwareUpdater.ui.exe Service Pack 2 ist installiert.Browser laufen.Die "SoftwareUpdater.ui.exe" kam beim jetzigen Neustart nicht.Mach mich jetzt ma in die Heia. Danke,erstmal für die Geduld mit mir.  Schau dann morgen wieder rein. Hier noch die Fixlog.txt Log [/CODE]Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-08-2013 Ran by hp at 2013-08-08 02:06:34 Run:1 Running from C:\Users\hp\Desktop\Zubehör Boot Mode: Normal ============================================== HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key deleted successfully. HKCR\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully. HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found. C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(159) => Moved successfully. C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\bhe5s909.default\Extensions\{a7dcc461-04ba-445f-857a-8aa4ed0c3fc1} => Moved successfully. C:\Program Files\SoftwareUpdater => Moved successfully. "C:\Program Files\SoftwareUpdater" => File/Directory not found. ==== End of Fixlog ====[/CODE] |
|
08.08.2013, 12:57
| #24 |
| /// Malware-holic | Problem mit SoftwareUpdater.ui.exe Sehr gut, dann kannst du mit dem Rest loslegen, wenn du so weit bist :-)
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
09.08.2013, 08:55
| #25 |
| | Problem mit SoftwareUpdater.ui.exe HI, da bin ich wieder.wie sieht denn der Rest aus?Ich bin bereit.Übrigens die Meldung kam auch heut nicht mehr. |
|
09.08.2013, 17:32
| #26 |
| /// Malware-holic | Problem mit SoftwareUpdater.ui.exe Was für ein Rest, PC absicherung steht doch alles da :-)
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
09.08.2013, 18:49
| #27 |
| | Problem mit SoftwareUpdater.ui.exe Hab gedacht,da ist noch etwas zu tun?! Die Schritte hab ich soweit alle befolgt.Der Laptop läuft und die Meldung erscheint auch nicht mehr.Okay,wenn es das war ... ganz,ganz herzlichen Dank. MfG Erik |
|
12.08.2013, 15:28
| #28 |
| /// Malware-holic | Problem mit SoftwareUpdater.ui.exe Hi, reicht das etwa nicht :d ich möchte erst mal anhand einer checkliste prüfen ob du alles hast. - instalieren von optionalen und wichtigen updates. - konfigurieren von windows updates. - dep für alle prozesse aktivieren. - sehop aktivieren. - chrome instalieren. - sandboxie instalieren. - autorun deaktivieren. - panda vaccine instalieren. - secunia instalieren. - file hippo instalieren. beachte: secunia und file hippo bieten englische updates, überall wo du auf die nutzeroberfläche zugreifst, wie zb reader, browser, etc benötigst du deutsche updates, also hier die hersteller seiten in den favoriten deines browsers speichern und wenn ein update gezeigt wird, von dort hohlen, bei java, flash quicktime, ist es egal ob deutsch oder englisch. - backup software instalieren, backup und rettungsdvd erstellen. hier ne kurze anleitung: Anleitung: Systemabbild mit Paragon Drive Backup - NETZWELT - wenn du onlinebanking machst, kann ich noch kurz was über die vorteile von card reader und banking software sagen. - passwort manager instaliert.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Problem mit SoftwareUpdater.ui.exe |
| 32 bit, appl/installiq.gen5, appl/killapp.a, avira searchfree toolbar, branding, cursor, device driver, error, excel, farbar, farbar recovery scan tool, fehler, firefox, flash player, freemium, help, helper, homepage, installation, launch, msiinstaller, ntdll.dll, officejet, plug-in, problem, security, smartbar, software, software updater ui, svchost.exe, system, warnung, windows, wscript.exe |
Linear-Darstellung
