| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: ZEOK.exe als Malware durch AVAST erkannt. Download nicht möglichWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
26.11.2014, 14:59
| #1 |
 |  ZEOK.exe als Malware durch AVAST erkannt. Download nicht möglich hallo zusammen, ich habe seit heute obiges Problem. Wollte ZOEK.exe ausführen, Fehlermeldung: Software wird nicht mehr unterstützt mit download Link zum Update unter: hxxp://hijackthis.nl/smeenk/ Während des Downloads poppt Avast auf mit folgender Meldung: Avast Datei-schutz hat eine Bedrohung gefunden Win32Malware-Gen Download wird abgebrochen. Komische Sache, habe schon öfter Update von ZOEK geholt ohne dieses Problem. Hab dann erstmal OTL ausgeführt aber ohne Erfolg. Betriebssystem ist Win7 Pro 32 SP1 Avast ist auf neuestem Stand Wenn noch weitere Infos nötig ... bitte Bescheid sagen. Danke vorab Christian |
|
26.11.2014, 15:08
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | ZEOK.exe als Malware durch AVAST erkannt. Download nicht möglich Dein primäres Problem ist aber nicht, dass ZOEK durch nen Fehlalarm als Malware eingestuft wird.
__________________Wer hat dich angewiesen ZOEK auszuführen? Warum willst du Logs posten?
__________________ |
|
26.11.2014, 15:16
| #3 |
| | ZEOK.exe als Malware durch AVAST erkannt. Download nicht möglich @Cosinus
__________________Erstmal Danke für deine Antwort. Zoek wollte ich ausführen, weil der Rechner in letzter Zeit recht langsam geworden ist. Das hat sich aber durch OTL anscheinend gelöst. Das der Zoek-download Avast-Warnung auslöst war eine zufällige Erkenntnis dabei. |
|
26.11.2014, 15:19
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ZEOK.exe als Malware durch AVAST erkannt. Download nicht möglich Durch OTL allein löst sich nichts von allein. Was genau hast du mit den Tools gemacht? 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
26.11.2014, 15:22
| #5 |
| | ZEOK.exe als Malware durch AVAST erkannt. Download nicht möglich ich habe leider wenig Ahnung von der Materie. Man half mir hier bereits einmal mit einem anderen Problem und ich dachte, ich lass OTL mal laufen .... bzw. vorher ZOEK was ich getan habe: start "OTL" as administrator under Extra Registry select Use SafeList check: Scan all Users. set: Dateialter click: Run Scan |
|
26.11.2014, 15:36
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ZEOK.exe als Malware durch AVAST erkannt. Download nicht möglich Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ --> ZEOK.exe als Malware durch AVAST erkannt. Download nicht möglich |
|
26.11.2014, 15:46
| #7 |
| | ZEOK.exe als Malware durch AVAST erkannt. Download nicht möglich getan(32 Bit), allerdings erhalte ich beim ausführen des Programms sofort folgenden Fehlerdialog(Zitat): Line 10380 (File "") Error: "EndIf" statement with no matching "If" statement |
|
26.11.2014, 16:10
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ZEOK.exe als Malware durch AVAST erkannt. Download nicht möglich Später bitte nochmal FRST runterladen, anscheinend hat die aktuelle FRST irgendwelche Fehler. Du bist schon der zweite Patient mit dem Problem bei FRST... 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.11.2014, 17:13
| #9 |
| | ZEOK.exe als Malware durch AVAST erkannt. Download nicht möglich jetzt hab ich beim download von FRST die gleiche/ähnliche Malware-Warnung durch Avast wie vorher beim download von ZOEK Win32Evo-gen |
|
26.11.2014, 21:48
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ZEOK.exe als Malware durch AVAST erkannt. Download nicht möglich Ich weiß nicht wie oft ich das noch posten werden muss: unsere Tools sind keine Malware! Wenn Virenscanner darin meinen was zu sehen dann sind das Fehlalarme! Das erklärt auch warum hier she roft in Anleitungen zu lesen ist: "Beende deinen AV-Wächter" Die Bereinigung wird einfach zu oft störend beeinflusst von Virenscannern!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.11.2014, 22:25
| #11 |
| | ZEOK.exe als Malware durch AVAST erkannt. Download nicht möglich hm. tut mir leid, ich kenn mich. wie gesagt nicht aus und ich hatte auch keinen ähnlichen post gefunden bzw. hinweis, dass der viren scanner auszuschalten ist. ... scan läuft ... |
|
26.11.2014, 22:30
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ZEOK.exe als Malware durch AVAST erkannt. Download nicht möglich Naja, immer nicht, aber in vielen Anleitungen wird es erwähnt, dass der Virenscanner auszuschalten sei Also, Virenscanner deaktivieren, FRST nochmal neu runterladen und erneut probieren
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.11.2014, 22:32
| #13 |
| | ZEOK.exe als Malware durch AVAST erkannt. Download nicht möglich FRST.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-11-2014 01
Ran by HP (administrator) on HP-HP on 26-11-2014 22:27:19
Running from C:\Users\HP\Downloads
Loaded Profile: HP (Available profiles: HP)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AVAST Software) C:\projects\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Portrait Displays, Inc.) C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
() C:\projects\ERL593~1.1\ERTS-5~1.1\bin\epmd.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVAST Software) C:\projects\AVAST Software\Avast\avastui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\projects\eclipse\eclipse.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Oracle Corporation) C:\Program Files\Java\jdk1.7.0\bin\javaw.exe
(Oracle Corporation) C:\Program Files\Java\jdk1.7.0\bin\javaw.exe
(Oracle Corporation) C:\Program Files\Java\jdk1.7.0\bin\javaw.exe
(Oracle Corporation) C:\Program Files\Java\jdk1.7.0\bin\javaw.exe
(Oracle Corporation) C:\Program Files\Java\jdk1.7.0\bin\javaw.exe
(Oracle Corporation) C:\Program Files\Java\jdk1.7.0\bin\javaw.exe
(Oracle Corporation) C:\Program Files\Java\jdk1.7.0\bin\javaw.exe
(Oracle Corporation) C:\Program Files\Java\jdk1.7.0\bin\javaw.exe
(Oracle Corporation) C:\Program Files\Java\jdk1.7.0\bin\javaw.exe
(Farbar) C:\Users\HP\Downloads\FRST(1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\projects\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-20] (AVAST Software)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\DeviceNP: C:\windows\system32\DeviceNP.dll (Hewlett-Packard Limited)
HKU\S-1-5-21-4093947724-3987431265-750155669-1002\...\Run: [DAEMON Tools Lite] => C:\projects\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-4093947724-3987431265-750155669-1002\...\Run: [Browser Infrastructure Helper] => C:\Users\HP\AppData\Local\Smartbar\Application\Smartbar.exe startup
HKU\S-1-5-21-4093947724-3987431265-750155669-1002\...\Run: [Google Update] => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-13] (Google Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\projects\AVAST Software\Avast\ashShell.dll (AVAST Software)
CHR HKU\S-1-5-21-4093947724-3987431265-750155669-1002\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-4093947724-3987431265-750155669-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-4093947724-3987431265-750155669-1002\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-4093947724-3987431265-750155669-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-4093947724-3987431265-750155669-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Klq2X4N_-Hafwr7NThwH06eSAoMmD1eEh3Jv2aNlyLBMcYi0Z3-2GxqXUIf2FA6z989APOT7PxUgXBcf7NiSbVlypf0ffpCJAi-D1hTI1cG4Fpe3sUx75qwhg-_62niQY7LD7ySeVHxxBmEDl5ZJ03LeXFNOkm1yA0sw,,&q={searchTerms}
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4093947724-3987431265-750155669-1002 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4093947724-3987431265-750155669-1002 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Klq2X4N_-Hafwr7NThwH06eSAoMmD1eEh3Jv2aNlyLBMcYi0Z3-2GxqXUIf2FA6z989APOT7PxUgXBcf7NiSbVlypf0ffpCJAi-D1hTI1cG4Fpe3sUx75qwhg-_62niQY7LD7ySeVHxxBmEDl-f9o0yg5lAHzeczQHkQ,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4093947724-3987431265-750155669-1002 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll No File
BHO: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Wondershare Video Converter Ultimate -> {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} -> C:\projects\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\projects\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKU\S-1-5-21-4093947724-3987431265-750155669-1002 -> No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\a4m46ss3.default-1411560254280
FF Homepage: https://www.google.de/
FF Keyword.URL: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Klq2X4N_-Hafwr7NThwH06eSAoMmD1eEh3Jv2aNlyLBMcYi0Z3-2GxqXUIf2FA6z989APOT7PxUgXBcf7NiSbVlypf0ffpCJAi-D1hTI1cG4Fpe3sUx75qwhg-_62niQY7LD7ySeVHxxBmEDl-f9o0yg5lAHzeczQHkQ,,&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\projects\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\projects\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\projects\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4093947724-3987431265-750155669-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\HP\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-4093947724-3987431265-750155669-1002: @talk.google.com/O1DPlugin -> C:\Users\HP\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-4093947724-3987431265-750155669-1002: @tools.google.com/Google Update;version=3 -> C:\Users\HP\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-4093947724-3987431265-750155669-1002: @tools.google.com/Google Update;version=9 -> C:\Users\HP\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-4093947724-3987431265-750155669-1002: @zoom.us/ZoomVideoPlugin -> C:\Users\HP\AppData\Roaming\Zoom\bin\npzoomplugin.dll (Zoom Video Communications, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\HP\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\HP\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\a4m46ss3.default-1411560254280\searchplugins\Web Search.xml
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-11-17]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-11-17]
FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2010-09-20]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\projects\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\projects\AVAST Software\Avast\WebRep\FF [2013-03-29]
FF HKLM\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\projects\Wondershare\Video Converter Ultimate\SVRFirefoxExt
FF Extension: No Name - C:\projects\Wondershare\Video Converter Ultimate\SVRFirefoxExt [2014-04-04]
Chrome:
=======
CHR HomePage: Default -> https://de.yahoo.com?fr=hp-avast&type=avastbcl
CHR StartupUrls: Default -> "https://de.yahoo.com?fr=hp-avast&type=avastbcl"
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-12]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-11]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2012-11-27]
CHR Extension: (Google-Suche) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-11]
CHR Extension: (Applet2Object) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\djgfnbkiakemcmleeihmdngpamaknnem [2012-11-27]
CHR Extension: (avast! Online Security) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-06]
CHR Extension: (Google Wallet) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-09-24]
CHR Extension: (Google Mail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-11]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\projects\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\projects\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-10]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR StartMenuInternet: Google Chrome - C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [207400 2009-06-04] (ActivIdentity)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2010-01-21] (LSI Corporation)
R2 avast! Antivirus; C:\projects\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-10] (AVAST Software)
S3 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
S3 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S4 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [300808 2010-03-31] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\system32\flcdlock.exe [362040 2009-12-07] (Hewlett-Packard Ltd)
R2 HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [142904 2011-09-12] (Hewlett-Packard Company)
R2 HP ProtectTools Service; c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2010-03-17] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-04-05] (Hewlett-Packard)
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe [90112 2010-06-14] (Hewlett-Packard Company) [File not signed]
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2010-02-02] (McAfee, Inc.)
R2 HPFSService; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984 2010-01-19] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2010-02-22] (Hewlett-Packard Company) [File not signed]
R2 PdiService; C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [113264 2011-03-16] (Portrait Displays, Inc.)
S2 RabbitMQ; C:\projects\erl5.9.3.1\erts-5.9.3.1\bin\erlsrv.exe [146944 2012-12-06] () [File not signed]
S3 SkypeUpdate; C:\projects\Skype\Updater\Updater.exe [315008 2014-04-03] (Skype Technologies)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [254034 2012-07-25] (IDT, Inc.)
R2 vcsFPService; C:\windows\system32\vcsFPService.exe [1664304 2010-02-18] (Validity Sensors, Inc.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2014-11-10] ()
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [70384 2014-11-10] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81768 2014-11-10] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49944 2014-11-10] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [787800 2014-11-22] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [423784 2014-11-20] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [91496 2014-11-10] (AVAST Software)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [206248 2014-11-10] ()
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv.sys [32312 2009-10-21] (Hewlett-Packard Development Company L.P.)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-11-02] (Disc Soft Ltd)
R0 KL1; C:\windows\System32\DRIVERS\kl1.sys [133208 2012-01-09] (Kaspersky Lab ZAO)
R1 kl2; C:\windows\System32\DRIVERS\kl2.sys [11352 2012-01-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\windows\System32\DRIVERS\klif.sys [468272 2012-01-09] (Kaspersky Lab)
S3 L6PODHDBEAN; C:\windows\System32\Drivers\L6PODHDBEAN.sys [583808 2013-09-23] (Line 6)
R2 risdpcie; C:\windows\System32\DRIVERS\risdpe86.sys [47616 2009-10-28] (REDC)
R2 rixdpcie; C:\windows\System32\DRIVERS\rixdpe86.sys [38912 2009-12-11] (REDC)
R1 RsvLock; C:\windows\system32\Drivers\RsvLock.sys [40088 2010-02-02] (McAfee, Inc.)
R0 SafeBoot; C:\windows\system32\Drivers\SafeBoot.sys [110520 2010-02-02] () [File not signed]
S3 Saffire; C:\windows\System32\Drivers\Saffire.sys [172880 2013-09-18] (Focusrite A.E.)
S3 SaffireAudio; C:\windows\System32\drivers\SaffireAudio.sys [38608 2013-09-18] (Focusrite A.E.)
S3 SaffireMidi; C:\windows\System32\drivers\SaffireMidi.sys [31056 2013-09-18] (Focusrite A.E.)
R0 SbAlg; C:\windows\system32\Drivers\SbAlg.sys [51800 2010-02-02] (McAfee, Inc.)
R0 SbFsLock; C:\windows\system32\Drivers\SbFsLock.sys [13256 2010-02-02] (McAfee, Inc.)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1763968 2010-01-18] ()
S3 SWDUMon; C:\windows\System32\DRIVERS\SWDUMon.sys [13464 2014-04-21] ()
S3 teamviewervpn; C:\windows\System32\DRIVERS\teamviewervpn.sys [25088 2012-11-28] (TeamViewer GmbH)
R3 vpcbus; C:\windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
U5 UnlockerDriver5; C:\projects\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-26 22:27 - 2014-11-26 22:28 - 00023613 _____ () C:\Users\HP\Downloads\FRST.txt
2014-11-26 22:26 - 2014-11-26 22:27 - 00000000 ____D () C:\FRST
2014-11-26 22:26 - 2014-11-26 22:26 - 01109504 _____ (Farbar) C:\Users\HP\Downloads\FRST(1).exe
2014-11-26 14:51 - 2014-11-26 14:51 - 02886322 _____ () C:\Users\HP\Downloads\zoek(1).zip
2014-11-26 14:41 - 2014-11-26 14:41 - 00602112 _____ (OldTimer Tools) C:\Users\HP\Downloads\OTL(1).exe
2014-11-26 14:21 - 2014-11-26 14:41 - 00000000 ____D () C:\ProgramData\ParetoLogic
2014-11-26 14:21 - 2014-11-26 14:21 - 00000000 ____D () C:\Users\HP\AppData\Roaming\ParetoLogic
2014-11-26 14:21 - 2014-11-26 14:21 - 00000000 ____D () C:\Users\HP\AppData\Roaming\DriverCure
2014-11-26 14:20 - 2014-11-26 14:20 - 05249448 _____ (ParetoLogic Inc.) C:\Users\HP\Downloads\ParetoLogic PC Health Advisor_de.exe
2014-11-26 14:17 - 2014-11-26 14:18 - 00602112 _____ (OldTimer Tools) C:\Users\HP\Downloads\otl.exe
2014-11-26 13:39 - 2014-11-26 13:39 - 04123426 _____ () C:\Users\HP\Downloads\zoek.zip
2014-11-26 11:42 - 2014-11-26 11:44 - 70158763 _____ () C:\Users\HP\Downloads\currentDemos-140121.zip
2014-11-26 10:33 - 2014-11-26 10:33 - 00000000 ____D () C:\Users\HP\Downloads\BiometricSDK1_1
2014-11-26 10:32 - 2014-11-26 10:32 - 00860112 _____ () C:\Users\HP\Downloads\BiometricSDK1_1.zip
2014-11-25 09:32 - 2014-11-25 09:33 - 00000000 ____D () C:\Users\HP\Downloads\Aufgabe 2
2014-11-25 09:32 - 2014-11-25 09:32 - 00923215 _____ () C:\Users\HP\Downloads\Aufgabe 2.zip
2014-11-22 15:19 - 2014-11-22 15:19 - 00000000 ____D () C:\Users\HP\AppData\Local\{EAF30311-C2F9-4088-882F-0314987EC275}
2014-11-20 21:36 - 2014-11-20 21:51 - 00000954 _____ () C:\Users\HP\Desktop\my-desc.txt
2014-11-20 14:51 - 2014-11-20 14:51 - 02173824 _____ () C:\Users\HP\Downloads\Jars.zip
2014-11-20 14:51 - 2014-11-20 14:51 - 00000000 ____D () C:\Users\HP\Downloads\Jars
2014-11-20 10:32 - 2014-11-26 12:40 - 00000000 ____D () C:\Users\HP\Desktop\FOM-TobiasAlthoff
2014-11-20 09:53 - 2014-11-20 09:53 - 00000050 _____ () C:\Users\HP\Desktop\edita-GEZ.txt
2014-11-19 09:36 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-19 09:36 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-11-18 17:01 - 2014-11-26 13:25 - 00000356 _____ () C:\Users\HP\Desktop\venues-to-book.txt
2014-11-17 16:10 - 2014-11-17 16:10 - 00001147 _____ () C:\Users\HP\Desktop\drummer-gesucht-141117.txt
2014-11-17 14:07 - 2014-11-17 14:07 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-16 11:11 - 2014-11-16 11:12 - 21809696 _____ () C:\Users\HP\Downloads\Dufte Musikbar.zip
2014-11-13 23:12 - 2014-11-13 23:12 - 00000000 __SHD () C:\Users\HP\AppData\Local\EmieBrowserModeList
2014-11-13 13:28 - 2014-11-13 13:29 - 00000000 ____D () C:\Users\HP\Downloads\bilder
2014-11-13 13:28 - 2014-11-13 13:28 - 00310856 _____ () C:\Users\HP\Downloads\bilder.zip
2014-11-12 12:50 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-11-12 12:50 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-11-12 12:50 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-11-12 12:50 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-11-12 12:50 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-11-12 12:50 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-11-12 12:50 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-11-12 12:50 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-11-12 12:50 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-11-12 12:50 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-11-12 12:50 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-11-12 12:50 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-11-12 12:50 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-11-12 12:50 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-11-12 12:50 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-11-12 12:50 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-11-12 12:50 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-11-12 12:50 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-11-12 12:50 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-11-12 12:50 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2014-11-12 12:49 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-11-12 12:49 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-11-12 12:49 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-11-12 12:48 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-11-12 12:48 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-11-12 12:48 - 2014-11-06 04:28 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-11-12 12:48 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-11-12 12:48 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-11-12 12:48 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-11-12 12:48 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-11-12 12:48 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-11-12 12:48 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-11-12 12:48 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-11-12 12:48 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-11-12 12:48 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-11-12 12:48 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-11-12 12:48 - 2014-11-06 03:59 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-11-12 12:48 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-11-12 12:48 - 2014-11-06 03:51 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-12 12:48 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-11-12 12:48 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 12:48 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-11-12 12:48 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-11-12 12:48 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-11-12 12:48 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-11-12 12:48 - 2014-11-06 03:22 - 00683008 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-11-12 12:48 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-11-12 12:48 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-11-12 12:48 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-11-12 12:48 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-11-12 12:48 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-11-12 12:48 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-11-12 12:48 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-11-10 17:21 - 2014-11-10 17:21 - 00291352 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-11-10 17:21 - 2014-11-10 17:21 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-11-07 00:57 - 2014-11-07 00:57 - 01215010 _____ () C:\Users\HP\Downloads\D.zip
2014-11-07 00:57 - 2014-11-07 00:57 - 00000000 ____D () C:\Users\HP\Downloads\D
2014-11-05 15:33 - 2014-11-12 13:56 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Line 6
2014-11-05 15:30 - 2014-11-05 15:31 - 00004428 _____ () C:\windows\DPINST.LOG
2014-11-05 15:30 - 2014-11-05 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Line 6
2014-11-05 15:30 - 2014-11-05 15:30 - 00000000 ____D () C:\Users\HP\Documents\Line 6
2014-11-05 15:30 - 2014-11-05 15:30 - 00000000 ____D () C:\ProgramData\Line 6
2014-11-05 15:26 - 2014-11-05 15:27 - 36242784 _____ () C:\Users\HP\Downloads\POD HD Edit v2.23 Installer.exe
2014-11-05 15:17 - 2014-11-07 10:28 - 00000000 ____D () C:\Users\HP\Desktop\Line6-PODHD
2014-11-04 23:21 - 2014-11-04 23:22 - 00000293 _____ () C:\Users\HP\Desktop\proberaum.txt
2014-11-04 13:33 - 2014-11-04 13:35 - 00000000 ____D () C:\Users\HP\Downloads\build-basic-responsive-site-css-demo
2014-11-04 13:33 - 2014-11-04 13:33 - 00088493 _____ () C:\Users\HP\Downloads\netmag-build-a-basic-responsive-site-with-css.zip
2014-11-04 13:33 - 2014-11-04 13:33 - 00088493 _____ () C:\Users\HP\Downloads\build-basic-responsive-site-css-demo.zip
2014-11-04 13:33 - 2014-11-04 13:33 - 00000000 ____D () C:\Users\HP\Downloads\netmag-build-a-basic-responsive-site-with-css
2014-11-04 01:00 - 2014-11-05 13:33 - 00000000 ____D () C:\Users\HP\Desktop\Codementor
2014-11-03 18:59 - 2014-11-03 18:59 - 00000000 ____D () C:\Users\HP\AppData\Roaming\MSPS
2014-11-03 14:06 - 2014-11-03 14:06 - 00000000 ____D () C:\Users\HP\Downloads\jexcelapi_2_6_12
2014-11-02 16:48 - 2014-11-02 16:48 - 00001118 _____ () C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-02 15:21 - 2014-11-02 15:21 - 00002438 _____ () C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-11-02 15:20 - 2014-11-11 22:11 - 00000000 ____D () C:\Users\HP\AppData\Local\LPT
2014-11-02 15:20 - 2014-11-02 15:20 - 00000000 ____D () C:\Users\HP\AppData\Local\Smartbar
2014-11-02 15:18 - 2014-11-02 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-11-02 15:17 - 2014-11-02 15:17 - 00243128 _____ (Disc Soft Ltd) C:\windows\system32\Drivers\dtsoftbus01.sys
2014-11-02 15:16 - 2014-11-02 15:19 - 00000000 ____D () C:\Users\HP\AppData\Roaming\DAEMON Tools Lite
2014-11-01 09:30 - 2014-11-01 09:30 - 00000000 ____D () C:\Users\HP\AppData\Roaming\JetBrains
2014-11-01 09:28 - 2014-11-01 09:28 - 00000000 ____D () C:\Users\HP\.AndroidStudioBeta
2014-10-30 11:23 - 2014-10-30 15:09 - 00000294 _____ () C:\Users\HP\.genymotion-eclipse.log
2014-10-30 11:17 - 2014-11-25 10:26 - 00000000 ____D () C:\Users\HP\AppData\Local\Genymobile
2014-10-30 11:17 - 2014-11-25 10:23 - 00000000 ____D () C:\Users\HP\.VirtualBox
2014-10-30 11:15 - 2014-10-30 11:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2014-10-30 11:15 - 2013-04-12 12:33 - 00188176 _____ (Oracle Corporation) C:\windows\system32\Drivers\VBoxDrv.sys
2014-10-30 11:15 - 2013-04-12 12:33 - 00094480 _____ (Oracle Corporation) C:\windows\system32\Drivers\VBoxUSBMon.sys
2014-10-30 11:13 - 2014-10-30 11:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genymotion
2014-10-28 15:27 - 2014-10-28 15:27 - 00000000 ____D () C:\Users\HP\Downloads\Angular-Design-Patterns-Best-Practices-master
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-26 22:15 - 2012-07-13 16:46 - 00001108 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4093947724-3987431265-750155669-1002UA.job
2014-11-26 22:12 - 2013-07-15 19:23 - 00001098 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-26 21:42 - 2012-10-05 08:13 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-26 21:20 - 2009-07-14 05:34 - 00020720 _____ () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-26 21:20 - 2009-07-14 05:34 - 00020720 _____ () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-26 21:18 - 2011-11-24 23:41 - 02016480 _____ () C:\windows\WindowsUpdate.log
2014-11-26 21:16 - 2012-07-13 17:37 - 00000000 ____D () C:\Users\HP\AppData\Local\Eclipse
2014-11-26 21:13 - 2010-09-20 15:34 - 00000000 ____D () C:\ProgramData\HPQLOG
2014-11-26 21:12 - 2014-07-17 09:22 - 00016132 _____ () C:\windows\setupact.log
2014-11-26 21:12 - 2013-07-15 19:23 - 00001094 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-26 21:12 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-26 15:44 - 2013-03-29 09:53 - 00000000 ____D () C:\Users\HP\Desktop\MalwareWar
2014-11-26 15:15 - 2012-07-13 16:46 - 00001056 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4093947724-3987431265-750155669-1002Core.job
2014-11-26 14:21 - 2012-07-13 10:29 - 00000000 ____D () C:\projects
2014-11-26 14:14 - 2014-08-16 08:23 - 00008308 _____ () C:\windows\PFRO.log
2014-11-26 11:57 - 2014-03-15 11:04 - 03538944 _____ () C:\Users\HP\Desktop\venuesAndBookings.accdb
2014-11-26 11:46 - 2013-09-05 12:13 - 17956864 _____ () C:\Users\HP\Desktop\mib.accdb
2014-11-25 23:42 - 2012-07-14 13:30 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-11-25 23:42 - 2012-07-14 13:30 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-25 22:23 - 2013-03-15 18:32 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Skype
2014-11-25 20:24 - 2012-07-13 16:33 - 00000000 ____D () C:\Users\HP\AppData\Roaming\FileZilla
2014-11-25 12:38 - 2010-09-20 15:18 - 01619284 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-24 13:18 - 2012-07-25 07:17 - 00000308 _____ () C:\windows\Tasks\HPCeeScheduleForHP.job
2014-11-23 20:16 - 2012-07-13 11:00 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Mozilla
2014-11-22 15:18 - 2013-10-26 00:00 - 00000000 ____D () C:\Users\HP\AppData\Roaming\vlc
2014-11-22 09:59 - 2014-09-21 17:40 - 00000511 _____ () C:\Users\HP\Desktop\Musicians.txt
2014-11-22 09:51 - 2013-03-29 13:04 - 00787800 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2014-11-20 20:52 - 2013-03-29 13:04 - 00423784 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-11-18 09:35 - 2012-07-13 16:22 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-12 23:49 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\rescache
2014-11-12 16:10 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\Microsoft.NET
2014-11-12 14:24 - 2009-07-14 05:33 - 00412096 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-12 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\system32\de-DE
2014-11-12 12:56 - 2012-07-13 17:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-10 17:21 - 2014-04-18 18:08 - 00024184 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-11-10 17:21 - 2013-12-19 14:13 - 00091496 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2014-11-10 17:21 - 2013-03-29 13:04 - 00206248 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-11-10 17:21 - 2013-03-29 13:04 - 00081768 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-11-10 17:21 - 2013-03-29 13:04 - 00070384 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-11-10 17:21 - 2013-03-29 13:04 - 00049944 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-11-04 14:30 - 2012-07-13 16:45 - 00229000 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-11-03 10:15 - 2014-07-21 19:13 - 00000000 ____D () C:\Users\HP\Desktop\Android-All
2014-11-02 15:20 - 2012-07-13 16:55 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-11-01 10:02 - 2012-11-21 12:44 - 00000000 ____D () C:\Users\HP\.gradle
2014-11-01 09:51 - 2014-09-14 10:49 - 00000000 ____D () C:\Users\HP\.android
2014-11-01 09:28 - 2012-06-26 16:48 - 00000000 ____D () C:\Users\HP
2014-10-29 06:13 - 2014-08-26 09:42 - 00000000 ____D () C:\Users\HP\AppData\Local\Adobe
2014-10-27 17:48 - 2014-05-12 17:54 - 00000000 ____D () C:\xampp183
2014-10-27 11:13 - 2014-01-02 08:47 - 00001060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
Some content of TEMP:
====================
C:\Users\HP\AppData\Local\Temp\bitool.dll
C:\Users\HP\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\HP\AppData\Local\Temp\L6GPInst.dll
C:\Users\HP\AppData\Local\Temp\SDShelEx-win32.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-10 11:49
==================== End Of Log ============================
Addition.txt FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-11-2014 01
Ran by HP at 2014-11-26 22:28:41
Running from C:\Users\HP\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
ActivClient x86 (HKLM\...\{1BE8806A-84F8-4655-A381-0D5524430944}) (Version: 6.2 - ActivIdentity)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader X (10.1.8) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Android SDK Tools (HKLM\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
AnyVideo Converter HD (HKLM\...\{2BA688E3-3381-4D29-8312-EE95CC41E26C}) (Version: 2.1.3 - vivica)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{C3FC277D-B89D-572A-AF44-F3870B2838B4}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
Avast Free Antivirus (HKLM\...\avast) (Version: 10.0.2208 - AVAST Software)
Blue Cat's Chorus VST 4.01 (HKLM\...\{16414746-4C9F-45F5-9D0B-1BB2F257710A}) (Version: 4.01 - Blue Cat Audio)
Blue Cat's Flanger VST 3.01 (HKLM\...\{AD5E66F6-AABE-4C99-B302-8C1545DD898F}) (Version: 3.01 - Blue Cat Audio)
Blue Cat's Freeware Pack VST 2.01 (HKLM\...\{0EB8339B-59A8-46e5-9D41-44458EBD7085}) (Version: 2.01 - Blue Cat Audio)
Blue Cat's FreqAnalyst VST 2.01 (HKLM\...\{44D94F3A-D38C-48DF-AEF7-4CD8B078F30F}) (Version: 2.01 - Blue Cat Audio)
Blue Cat's Gain Suite VST 3.01 (HKLM\...\{07C621A7-3284-4AD4-AFC8-7F41C475F056}) (Version: 3.01 - Blue Cat Audio)
Blue Cat's Phaser VST 3.01 (HKLM\...\{697CE55E-469F-4FB7-9FB6-8CC4E50852B2}) (Version: 3.01 - Blue Cat Audio)
Blue Cat's Triple EQ VST 4.01 (HKLM\...\{F2D66909-5A27-4F0F-8E53-18BAE15178EC}) (Version: 4.01 - Blue Cat Audio)
Broadcom 2070 Bluetooth 2.1 + EDR (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1100 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.48.35 - Broadcom Corporation)
ccc-core-static (Version: 2010.0408.1106.18043 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Composer - Php Dependency Manager (HKLM\...\{7315AF68-E777-496A-A6A2-4763A98ED35A}_is1) (Version: - getcomposer.org)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 5.0.1.6 - Hewlett-Packard)
DIG 2.0 (HKLM\...\DIG 2.0_is1) (Version: - )
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Drive Encryption for HP ProtectTools (HKLM\...\Drive Encryption) (Version: 5.0.6.0 - Hewlett-Packard)
Drive Encryption for HP ProtectTools (Version: 5.0.6.0 - Hewlett-Packard) Hidden
Energy Star Digital Logo (HKLM\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ffdshow v1.2.4422 [2012-04-09] (HKLM\...\ffdshow_is1) (Version: 1.2.4422.0 - )
File Sanitizer For HP ProtectTools (HKLM\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 5.0.1.3 - Hewlett-Packard)
FileZilla Client 3.9.0.5 (HKLM\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Genymotion version 2.3.0 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.3.0 - Genymobile)
Git version 1.9.4-preview20140611 (HKLM\...\Git_is1) (Version: 1.9.4-preview20140611 - The Git Development Community)
GlaceVerb 1.01 (HKLM\...\GlaceVerb_is1) (Version: - Dasample)
Google Chrome (HKU\S-1-5-21-4093947724-3987431265-750155669-1002\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM\...\{24DA8058-C0E5-351B-8B55-F6DC5A2B22EF}) (Version: 5.38.7.0 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Web Toolkit Developer Plugin for IE (x86) (HKLM\...\{0402D28F-B9B7-4983-93FC-DBF673736D3F}) (Version: 1.2.9570 - Google)
Graphviz (HKLM\...\{884CF059-9A11-4DF7-A2A7-17EFE90B9278}) (Version: 2.38 - AT&T Research Labs.)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (HKLM\...\{299625B9-6C69-462C-9CEA-8E06D878B1C5}) (Version: 4.0.5.1 - Hewlett-Packard Company)
HP Advisor (HKLM\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Documentation (HKLM\...\{4054365C-8CD6-4F08-A2F9-44CADFD7A9D0}) (Version: 1.1.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM\...\{D9989A13-B173-4048-B8A5-93C204DCB1B3}) (Version: 1.1.6.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}) (Version: 3.5.15.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{09A06482-FAF9-4DC5-9EC7-D340B394E22A}) (Version: 2.0.6.0 - Hewlett-Packard Company)
HP Power Data (HKLM\...\{5CEE98FB-1963-4662-A780-410DA4533D53}) (Version: 1.0.35.187 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 5.07.711 - Hewlett-Packard)
HP QuickLook (HKLM\...\{E6BEE2A9-04CF-42FF-B95B-BB70FAD2DC3E}) (Version: 3.3.1.4 - Hewlett-Packard Company)
HP QuickWeb (HKLM\...\{7861911B-4270-498A-8F7A-FCF0570F48E3}) (Version: 1.0.1.74 - DeviceVM, Inc.)
HP Setup (HKLM\...\{96AC1B0B-02D1-4FAA-9C1E-C92ECA74921A}) (Version: 8.2.4130.3367 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company)
HP Software Framework (HKLM\...\{DA200FDD-DE3D-4958-8465-C4FBC869544B}) (Version: 3.5.20.1 - Hewlett-Packard Company)
HP Software Setup (HKLM\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.6 - Hewlett-Packard Company)
HP Support Assistant (HKLM\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP Webcam (HKLM\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.26.3 - Roxio)
HP Webcam Driver (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50012.1 - Sonix)
HP Wireless Assistant (HKLM\...\{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}) (Version: 4.0.6.0 - Hewlett-Packard)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6300.0 - IDT)
ImageMagick 6.8.9-8 Q16 (32-bit) (2014-09-15) (HKLM\...\ImageMagick 6.8.9 Q16 (32-bit)_is1) (Version: 6.8.9 - ImageMagick Studio LLC)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Card Security for HP ProtectTools (HKLM\...\{F4477CC0-7293-414A-93BC-20EE897A80F0}) (Version: 5.0.4.1 - Hewlett-Packard)
Java DB 10.6.2.1 (HKLM\...\{73EC658D-A1C6-40CA-8E86-E05821BAACE7}) (Version: 10.6.2.1 - Oracle)
Java SE Development Kit 7 Update 45 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Java SE Development Kit 8 Update 20 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180200}) (Version: 8.0.200.26 - Oracle Corporation)
Java(TM) SE Development Kit 7 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170000}) (Version: 1.7.0.0 - Oracle)
JavaFX Scene Builder 2.0 (HKLM\...\{B4665EB1-1F7A-44F5-AD07-C20A938E8BC2}) (Version: 2.0 - Oracle)
LightScribe System Software (HKLM\...\{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}) (Version: 1.18.12.1 - LightScribe)
Line 6 Uninstaller (HKLM\...\Line 6 Uninstaller) (Version: - Line 6)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
MeldaProduction MFreeEffectsBundle 7 (HKLM\...\MeldaProduction MFreeEffectsBundle 7) (Version: - MeldaProduction)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 33.1.1 (x86 de) (HKLM\...\Mozilla Firefox 33.1.1 (x86 de)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Node.js (HKLM\...\{1DC1EC3E-C400-4945-BADA-BBD09F375978}) (Version: 0.10.29 - Joyent, Inc. and other Node contributors)
Notepad++ (HKLM\...\Notepad++) (Version: 6.2 - )
Oracle VM VirtualBox 4.2.12 (HKLM\...\{5FA29565-1B72-488F-B975-E3C76F179F36}) (Version: 4.2.12 - Oracle Corporation)
Privacy Manager for HP ProtectTools (HKLM\...\{350F790E-5C32-4B3A-8AAB-B0478BB76D11}) (Version: 5.10.796 - Hewlett-Packard)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RICOH Media Driver (HKLM\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.14.00.05 - RICOH)
Ruby 1.9.3-p545 (HKU\S-1-5-21-4093947724-3987431265-750155669-1002\...\{17E73B15-62D2-43FD-B851-ACF86A8C9D25}_is1) (Version: 1.9.3-p545 - RubyInstaller Team)
Saffire MixControl 3.3 (HKLM\...\Saffire PRO 40_is1) (Version: 3.3 - Focusrite Audio Engineering Ltd.)
SDK (Version: 2.26.012 - Portrait Displays, Inc.) Hidden
Seven Phases Spectrum Analyzer (HKU\S-1-5-21-4093947724-3987431265-750155669-1002\...\Seven Phases Spectrum Analyzer) (Version: - )
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.21 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Steinberg Cubase 5 (HKLM\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (HKLM\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKU\S-1-5-21-4093947724-3987431265-750155669-1002\...\TeamSpeak 3 Client) (Version: 3.0.6 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Theft Recovery (HKLM\...\InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}) (Version: 5.1.0.21 - Hewlett-Packard)
Theft Recovery (Version: 5.1.0.21 - Hewlett-Packard) Hidden
Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Validity Fingerprint Driver (HKLM\...\{78365FC6-09CA-4AC3-BC01-70FB46596047}) (Version: 4.0.15.0 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-4093947724-3987431265-750155669-1002\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows 7 Default Setting (HKLM\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.7 - Hewlett-Packard Company)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (12/16/2009 6.2.0.9414) (HKLM\...\0973B297E079B467E3776E59F763D63FD557795B) (Version: 12/16/2009 6.2.0.9414 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinHTTrack Website Copier 3.48-1 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.1 - HTTrack)
Wondershare Video Converter Ultimate(Build 7.0.0.3) (HKLM\...\Wondershare Video Converter Ultimate_is1) (Version: 7.0.0.3 - Wondershare Software)
XAMPP (HKLM\...\xampp) (Version: 1.8.3-4 - Bitnami)
Yahoo Community Smartbar (HKLM\...\{4E732E5D-E577-451A-9BB1-CBE64A2CBC2F}) (Version: 11.112.66.19229 - Linkury Inc.) <==== ATTENTION
ZoneAlarm Antivirus (Version: 10.2.064.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (Version: 11.0.000.018 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security (Version: 11.0.000.018 - Check Point Software Technologies Ltd.) Hidden
Zoom (HKU\S-1-5-21-4093947724-3987431265-750155669-1002\...\ZoomUMX) (Version: 3.0 - Zoom Video Communications, Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4093947724-3987431265-750155669-1002_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4093947724-3987431265-750155669-1002_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4093947724-3987431265-750155669-1002_Classes\CLSID\{1A2A78F4-B5A4-4208-B520-BDDA0A7EC5CB}\InprocServer32 -> C:\Users\HP\AppData\Roaming\Google\Google Web Toolkit\Developer Plugin\IE\Win32\oophm.dll No File
CustomCLSID: HKU\S-1-5-21-4093947724-3987431265-750155669-1002_Classes\CLSID\{1D6156B6-002B-49E7-B5CA-C138FB843B4E}\InprocServer32 -> C:\Users\HP\AppData\Roaming\Google\Google Web Toolkit\Developer Plugin\IE\Win32\oophm.dll No File
CustomCLSID: HKU\S-1-5-21-4093947724-3987431265-750155669-1002_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4093947724-3987431265-750155669-1002_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4093947724-3987431265-750155669-1002_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-4093947724-3987431265-750155669-1002_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4093947724-3987431265-750155669-1002_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\HP\AppData\Local\Google\Chrome\Application\39.0.2171.71\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4093947724-3987431265-750155669-1002_Classes\CLSID\{644FD769-8B9D-4AC4-A79E-AAAF5CD751C1}\InprocServer32 -> C:\Users\HP\AppData\Roaming\Google\Google Web Toolkit\Developer Plugin\IE\Win32\oophm.dll No File
CustomCLSID: HKU\S-1-5-21-4093947724-3987431265-750155669-1002_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-4093947724-3987431265-750155669-1002_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4093947724-3987431265-750155669-1002_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4093947724-3987431265-750155669-1002_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\projects\Git\git-cheetah\git_shell_ext.dll ()
CustomCLSID: HKU\S-1-5-21-4093947724-3987431265-750155669-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4093947724-3987431265-750155669-1002_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4093947724-3987431265-750155669-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
==================== Restore Points =========================
09-11-2014 14:06:55 Windows Update
10-11-2014 16:20:14 avast! antivirus system restore point
12-11-2014 11:50:44 Windows Update
18-11-2014 12:40:46 Windows Update
19-11-2014 08:36:33 Windows Update
25-11-2014 19:16:14 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2012-10-22 11:59 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0DE2272D-359A-4BED-9681-4E7ED6B94A5C} - System32\Tasks\Registration => C:\Program Files\Hewlett-Packard\HP Setup\RemEngine.exe [2010-04-22] ()
Task: {13B9CA3A-880C-4913-927A-243DEEC73600} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
Task: {2683B56A-4B2C-4642-BFE3-8EF0C383CDEF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {36604D7F-7E03-4CAB-B6EA-9D7FD9BE0265} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-15] (Google Inc.)
Task: {3886ADA6-A100-4C7C-B17B-18E46056CBBA} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-25] (Adobe Systems Incorporated)
Task: {3EFA0F47-FE62-4966-9A5E-9DD72B75A28B} - System32\Tasks\Notebookschoner => C:\Users\HP\Documents\Notebookschoner\Screen.exe
Task: {40BC610C-A44D-4302-9916-4200D2BFDDD0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4093947724-3987431265-750155669-1002Core => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-13] (Google Inc.)
Task: {4ABCC136-29E4-4F36-8DB3-A5A9AAA20CE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {4D7D6387-A262-4649-9245-51939E976F71} - System32\Tasks\Google Updater and Installer => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-13] (Google Inc.)
Task: {6F15CA53-09B4-4A94-A046-CD342286FBCD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-15] (Google Inc.)
Task: {7B9A03AB-5E0C-475A-847C-2E31AE2ECE18} - System32\Tasks\HPCeeScheduleForHP => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {8CAE12A5-5E1F-422B-B622-4C4DC97B43EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {92101CD0-7FF0-4107-B3D9-03006698F40F} - System32\Tasks\SpottyFiles Update => C:\Program Files\SpottyFiles\SpottyFilesUpdater.exe
Task: {A7DA4E22-0180-465C-A676-193FAE7B3BA9} - System32\Tasks\avast! Emergency Update => C:\projects\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-10] (AVAST Software)
Task: {B0E20778-3AC3-48EE-8A00-A450E1757F6A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company)
Task: {B4B4DA66-738E-485F-8EBB-B8D92EDCBB7E} - System32\Tasks\{75358032-1B3D-45C4-94E8-B7FB09D7BF52} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.107/de/abandoninstall?page=tsProgressBar
Task: {B5C323EE-5D6A-4A2B-84F4-77E60CA7122E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {BAF24584-00FA-4C79-AAE3-E44D2A486BD0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4093947724-3987431265-750155669-1002UA => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-13] (Google Inc.)
Task: {DF99DF47-3699-43C3-A0A3-1F8FF22EF9CD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {F8E51955-9AF2-457C-9B71-D3151F21FA01} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2012-07-30] (Microsoft)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4093947724-3987431265-750155669-1002Core.job => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4093947724-3987431265-750155669-1002UA.job => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForHP.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2014-11-26 10:36 - 2014-11-26 10:36 - 02903552 _____ () C:\projects\AVAST Software\Avast\defs\14112600\algo.dll
2014-09-06 17:44 - 2014-09-06 17:44 - 00035328 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () C:\Program Files\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () C:\Program Files\FileZilla FTP Client\libstdc++-6.dll
2012-12-06 19:48 - 2012-12-06 19:48 - 00035840 _____ () C:\projects\ERL593~1.1\ERTS-5~1.1\bin\epmd.exe
2014-11-10 17:21 - 2014-11-10 17:21 - 38562088 _____ () C:\projects\AVAST Software\Avast\libcef.dll
2014-11-17 14:07 - 2014-11-17 14:07 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2012-07-13 17:35 - 2013-02-04 13:05 - 00319488 _____ () C:\projects\eclipse\eclipse.exe
2013-05-03 10:44 - 2012-10-03 11:53 - 00053248 _____ () C:\projects\eclipse\plugins\org.eclipse.equinox.launcher.win32.win32.x86_1.1.200.v20120913-144807\eclipse_1503.dll
2013-12-12 13:34 - 2013-12-12 13:34 - 00047616 _____ () C:\projects\eclipse\configuration\org.eclipse.osgi\bundles\3283\1\.cp\os\win32\x86\localfile_1_0_0.dll
2014-09-01 11:41 - 2014-09-01 11:41 - 00032768 _____ () C:\projects\eclipse\configuration\org.eclipse.osgi\bundles\3288\1\.cp\os\win32\x86\win32refresh.dll
2013-12-12 13:34 - 2013-12-12 13:34 - 00044544 _____ () C:\projects\eclipse\configuration\org.eclipse.osgi\bundles\3286\1\.cp\jWinHttp-1.0.0.dll
2014-09-01 11:41 - 2014-09-01 11:41 - 00095685 _____ () C:\projects\eclipse\configuration\org.eclipse.osgi\bundles\4315\1\.cp\os\win32\x86\jnotify.dll
2011-09-12 16:14 - 2011-09-12 16:14 - 00891960 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2010-04-05 19:12 - 2010-04-05 19:12 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-4093947724-3987431265-750155669-500 - Administrator - Disabled)
Gast (S-1-5-21-4093947724-3987431265-750155669-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4093947724-3987431265-750155669-1004 - Limited - Enabled)
HP (S-1-5-21-4093947724-3987431265-750155669-1002 - Administrator - Enabled) => C:\Users\HP
==================== Faulty Device Manager Devices =============
Name: HP Integrated Module with Bluetooth 2.1 Wireless Technology
Description: HP Integrated Module with Bluetooth 2.1 Wireless Technology
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/25/2014 04:15:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EXCEL.EXE, Version: 12.0.6683.5002, Zeitstempel: 0x520bb25f
Name des fehlerhaften Moduls: EXCEL.EXE, Version: 12.0.6683.5002, Zeitstempel: 0x520bb25f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00013246
ID des fehlerhaften Prozesses: 0x229c
Startzeit der fehlerhaften Anwendung: 0xEXCEL.EXE0
Pfad der fehlerhaften Anwendung: EXCEL.EXE1
Pfad des fehlerhaften Moduls: EXCEL.EXE2
Berichtskennung: EXCEL.EXE3
Error: (11/25/2014 04:15:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EXCEL.EXE, Version: 12.0.6683.5002, Zeitstempel: 0x520bb25f
Name des fehlerhaften Moduls: EXCEL.EXE, Version: 12.0.6683.5002, Zeitstempel: 0x520bb25f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00013246
ID des fehlerhaften Prozesses: 0x229c
Startzeit der fehlerhaften Anwendung: 0xEXCEL.EXE0
Pfad der fehlerhaften Anwendung: EXCEL.EXE1
Pfad des fehlerhaften Moduls: EXCEL.EXE2
Berichtskennung: EXCEL.EXE3
Error: (11/11/2014 10:11:44 PM) (Source: MsiInstaller) (EventID: 11704) (User: HP-HP)
Description: Product: Google Talk Plugin -- Error 1704. An installation for Yahoo Community Smartbar (by Linkury) is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?
Error: (11/11/2014 10:11:44 PM) (Source: MsiInstaller) (EventID: 11704) (User: HP-HP)
Description: Product: Google Talk Plugin -- Error 1704. An installation for Yahoo Community Smartbar (by Linkury) is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?
Error: (11/11/2014 10:11:44 PM) (Source: MsiInstaller) (EventID: 11704) (User: HP-HP)
Description: Product: Google Talk Plugin -- Error 1704. An installation for Yahoo Community Smartbar (by Linkury) is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?
Error: (11/11/2014 10:11:44 PM) (Source: MsiInstaller) (EventID: 11704) (User: HP-HP)
Description: Product: Google Talk Plugin -- Error 1704. An installation for Yahoo Community Smartbar (by Linkury) is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?
Error: (11/11/2014 10:11:44 PM) (Source: MsiInstaller) (EventID: 11704) (User: HP-HP)
Description: Product: Google Talk Plugin -- Error 1704. An installation for Yahoo Community Smartbar (by Linkury) is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?
Error: (11/11/2014 10:11:44 PM) (Source: MsiInstaller) (EventID: 11704) (User: HP-HP)
Description: Product: Google Talk Plugin -- Error 1704. An installation for Yahoo Community Smartbar (by Linkury) is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?
Error: (11/11/2014 10:11:44 PM) (Source: MsiInstaller) (EventID: 11704) (User: HP-HP)
Description: Product: Google Talk Plugin -- Error 1704. An installation for Yahoo Community Smartbar (by Linkury) is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?
Error: (11/11/2014 10:11:44 PM) (Source: MsiInstaller) (EventID: 11704) (User: HP-HP)
Description: Product: Google Talk Plugin -- Error 1704. An installation for Yahoo Community Smartbar (by Linkury) is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?
System errors:
=============
Error: (11/26/2014 09:13:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "RabbitMQ" wurde mit folgendem Fehler beendet:
%%1067
Error: (11/26/2014 09:13:02 PM) (Source: ErlSrv) (EventID: 17) (User: )
Description: RabbitMQ: Erlang machine stopped instantly (distribution name conflict?). The service is not restarted as OnFail is set to ignore.
Error: (11/26/2014 02:15:28 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "RabbitMQ" wurde mit folgendem Fehler beendet:
%%1067
Error: (11/26/2014 02:15:28 PM) (Source: ErlSrv) (EventID: 17) (User: )
Description: RabbitMQ: Erlang machine stopped instantly (distribution name conflict?). The service is not restarted as OnFail is set to ignore.
Error: (11/26/2014 09:38:07 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "RabbitMQ" wurde mit folgendem Fehler beendet:
%%1067
Error: (11/26/2014 09:38:07 AM) (Source: ErlSrv) (EventID: 17) (User: )
Description: RabbitMQ: Erlang machine stopped instantly (distribution name conflict?). The service is not restarted as OnFail is set to ignore.
Error: (11/25/2014 08:12:08 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "RabbitMQ" wurde mit folgendem Fehler beendet:
%%1067
Error: (11/25/2014 08:12:08 PM) (Source: ErlSrv) (EventID: 17) (User: )
Description: RabbitMQ: Erlang machine stopped instantly (distribution name conflict?). The service is not restarted as OnFail is set to ignore.
Error: (11/25/2014 09:09:36 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "RabbitMQ" wurde mit folgendem Fehler beendet:
%%1067
Error: (11/25/2014 09:09:36 AM) (Source: ErlSrv) (EventID: 17) (User: )
Description: RabbitMQ: Erlang machine stopped instantly (distribution name conflict?). The service is not restarted as OnFail is set to ignore.
Microsoft Office Sessions:
=========================
Error: (11/25/2014 04:15:37 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 13173 seconds with 3300 seconds of active time. This session ended with a crash.
Error: (12/28/2013 00:39:03 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 7363 seconds with 720 seconds of active time. This session ended with a crash.
Error: (12/17/2013 08:29:02 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2566 seconds with 1980 seconds of active time. This session ended with a crash.
Error: (09/14/2013 06:12:56 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1633 seconds with 1380 seconds of active time. This session ended with a crash.
Error: (09/13/2013 09:22:06 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 702 seconds with 660 seconds of active time. This session ended with a crash.
Error: (01/07/2013 04:10:12 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 22893 seconds with 540 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2013-04-14 20:52:04.250
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-14 20:25:16.178
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-14 19:19:13.301
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-14 18:48:10.722
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-14 17:40:32.176
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-14 17:25:55.017
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-14 15:43:21.333
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-14 15:32:11.138
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-14 15:14:34.904
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-14 15:06:00.537
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD Phenom(tm) II N850 Triple-Core Processor
Percentage of memory in use: 69%
Total physical RAM: 2806.43 MB
Available physical RAM: 856.78 MB
Total Pagefile: 5611.15 MB
Available Pagefile: 2633.96 MB
Total Virtual: 2047.88 MB
Available Virtual: 1890.38 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:280.8 GB) (Free:128.3 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.48 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 2A72D50E)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=280.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)
==================== End Of Log ============================
|
|
26.11.2014, 22:33
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ZEOK.exe als Malware durch AVAST erkannt. Download nicht möglich Adware/Junkware/Toolbars entfernen (alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!) 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
27.11.2014, 05:51
| #15 |
| | ZEOK.exe als Malware durch AVAST erkannt. Download nicht möglich sorry ... das logfile war plötzlich nicht mehr zu sehen ... dachte es hätte nicht geklappt. ok, ich danke dir erstmal viemals, ich werd das abarbeiten und die ergebnise wieder einstellen. adw cleaner log der rest ist noch in arbeit ... AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v4.102 - Bericht erstellt am 27/11/2014 um 05:26:56
# Aktualisiert 23/11/2014 von Xplode
# Database : 2014-11-26.1 [Live]
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : XXX
# Gestartet von : C:\Users\HP\Downloads\AdwCleaner_4.102.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\ParetoLogic
Ordner Gelöscht : C:\Program Files\NCH Software
Ordner Gelöscht : C:\Users\HP\AppData\Local\LPT
Ordner Gelöscht : C:\Users\HP\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\HP\AppData\Local\Temp\Smartbar
Ordner Gelöscht : C:\Users\HP\AppData\Roaming\DriverCure
Ordner Gelöscht : C:\Users\HP\AppData\Roaming\NCH Software
Ordner Gelöscht : C:\Users\HP\AppData\Roaming\ParetoLogic
Datei Gelöscht : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\a4m46ss3.default-1411560254280\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\0cv0rhgx.default\user.js
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime deinstallieren.lnk
Verknüpfung Desinfiziert : C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppPath\jZip.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\ParetoLogic
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\ParetoLogic
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4E732E5D-E577-451A-9BB1-CBE64A2CBC2F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17420
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v33.1.1 (x86 de)
[a4m46ss3.default-1411560254280\prefs.js] - Zeile gelöscht : user_pref("keyword.URL", "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Klq2X4N_-Hafwr7NThwH06eSAoMmD1eEh3Jv2aNlyLBMcYi0Z3-2GxqXUIf2FA6z989APOT7PxUgXBcf7NiSbVl[...]
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [3072 octets] - [07/09/2013 14:09:20]
AdwCleaner[R1].txt - [1304 octets] - [07/09/2013 14:12:54]
AdwCleaner[R2].txt - [1303 octets] - [07/09/2013 14:16:06]
AdwCleaner[R3].txt - [5252 octets] - [27/11/2014 05:23:06]
AdwCleaner[S0].txt - [3135 octets] - [07/09/2013 14:10:19]
AdwCleaner[S1].txt - [1365 octets] - [07/09/2013 14:13:51]
AdwCleaner[S2].txt - [4573 octets] - [27/11/2014 05:26:56]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [4633 octets] ##########
[/CODE] JRT.txt JRT Logfile: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 7 Professional x86
Ran by HP on 27.11.2014 at 5:33:32,54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65DEE40A-3E93-4CAE-9F98-B8E06DCEE2BF}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\HP\start menu\programs\browser manager"
Successfully deleted: [Empty Folder] C:\Users\HP\appdata\local\{EAF30311-C2F9-4088-882F-0314987EC275}
~~~ FireFox
Emptied folder: C:\Users\HP\AppData\Roaming\mozilla\firefox\profiles\a4m46ss3.default-1411560254280\minidumps [18 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.11.2014 at 5:38:26,66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST log FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-11-2014 01
Ran by HP (administrator) on HP-HP on 27-11-2014 05:49:14
Running from C:\Users\HP\Downloads
Loaded Profile: HP (Available profiles: HP)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AVAST Software) C:\projects\AVAST Software\Avast\AvastSvc.exe
(ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Portrait Displays, Inc.) C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
() C:\projects\ERL593~1.1\ERTS-5~1.1\bin\epmd.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVAST Software) C:\projects\AVAST Software\Avast\avastui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Farbar) C:\Users\HP\Downloads\FRST(2).exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\projects\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-20] (AVAST Software)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\DeviceNP: C:\windows\system32\DeviceNP.dll (Hewlett-Packard Limited)
HKU\S-1-5-21-4093947724-3987431265-750155669-1002\...\Run: [DAEMON Tools Lite] => C:\projects\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-4093947724-3987431265-750155669-1002\...\Run: [Google Update] => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-13] (Google Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\projects\AVAST Software\Avast\ashShell.dll (AVAST Software)
CHR HKU\S-1-5-21-4093947724-3987431265-750155669-1002\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-4093947724-3987431265-750155669-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-4093947724-3987431265-750155669-1002\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-4093947724-3987431265-750155669-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-4093947724-3987431265-750155669-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4093947724-3987431265-750155669-1002 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4093947724-3987431265-750155669-1002 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll No File
BHO: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\projects\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-4093947724-3987431265-750155669-1002 -> No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\a4m46ss3.default-1411560254280
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\projects\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\projects\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\projects\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4093947724-3987431265-750155669-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\HP\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-4093947724-3987431265-750155669-1002: @talk.google.com/O1DPlugin -> C:\Users\HP\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-4093947724-3987431265-750155669-1002: @tools.google.com/Google Update;version=3 -> C:\Users\HP\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-4093947724-3987431265-750155669-1002: @tools.google.com/Google Update;version=9 -> C:\Users\HP\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-4093947724-3987431265-750155669-1002: @zoom.us/ZoomVideoPlugin -> C:\Users\HP\AppData\Roaming\Zoom\bin\npzoomplugin.dll (Zoom Video Communications, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\HP\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\HP\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-11-17]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-11-17]
FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2010-09-20]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\projects\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\projects\AVAST Software\Avast\WebRep\FF [2013-03-29]
FF HKLM\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\projects\Wondershare\Video Converter Ultimate\SVRFirefoxExt
FF Extension: No Name - C:\projects\Wondershare\Video Converter Ultimate\SVRFirefoxExt [2014-04-04]
Chrome:
=======
CHR HomePage: Default -> https://de.yahoo.com?fr=hp-avast&type=avastbcl
CHR StartupUrls: Default -> "https://de.yahoo.com?fr=hp-avast&type=avastbcl"
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-12]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-11]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2012-11-27]
CHR Extension: (Google-Suche) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-11]
CHR Extension: (Applet2Object) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\djgfnbkiakemcmleeihmdngpamaknnem [2012-11-27]
CHR Extension: (avast! Online Security) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-06]
CHR Extension: (Google Wallet) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-09-24]
CHR Extension: (Google Mail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-11]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\projects\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-10]
CHR StartMenuInternet: Google Chrome - C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [207400 2009-06-04] (ActivIdentity)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2010-01-21] (LSI Corporation)
R2 avast! Antivirus; C:\projects\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-10] (AVAST Software)
S3 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
S3 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S4 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [300808 2010-03-31] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\system32\flcdlock.exe [362040 2009-12-07] (Hewlett-Packard Ltd)
R2 HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [142904 2011-09-12] (Hewlett-Packard Company)
R2 HP ProtectTools Service; c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2010-03-17] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-04-05] (Hewlett-Packard)
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe [90112 2010-06-14] (Hewlett-Packard Company) [File not signed]
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2010-02-02] (McAfee, Inc.)
R2 HPFSService; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984 2010-01-19] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2010-02-22] (Hewlett-Packard Company) [File not signed]
R2 PdiService; C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [113264 2011-03-16] (Portrait Displays, Inc.)
S2 RabbitMQ; C:\projects\erl5.9.3.1\erts-5.9.3.1\bin\erlsrv.exe [146944 2012-12-06] () [File not signed]
S3 SkypeUpdate; C:\projects\Skype\Updater\Updater.exe [315008 2014-04-03] (Skype Technologies)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [254034 2012-07-25] (IDT, Inc.)
R2 vcsFPService; C:\windows\system32\vcsFPService.exe [1664304 2010-02-18] (Validity Sensors, Inc.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2014-11-10] ()
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [70384 2014-11-10] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81768 2014-11-10] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49944 2014-11-10] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [787800 2014-11-22] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [423784 2014-11-20] (AVAST Software)
S2 aswStm; C:\windows\system32\drivers\aswStm.sys [91496 2014-11-10] (AVAST Software)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [206248 2014-11-10] ()
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv.sys [32312 2009-10-21] (Hewlett-Packard Development Company L.P.)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-11-02] (Disc Soft Ltd)
R0 KL1; C:\windows\System32\DRIVERS\kl1.sys [133208 2012-01-09] (Kaspersky Lab ZAO)
R1 kl2; C:\windows\System32\DRIVERS\kl2.sys [11352 2012-01-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\windows\System32\DRIVERS\klif.sys [468272 2012-01-09] (Kaspersky Lab)
S3 L6PODHDBEAN; C:\windows\System32\Drivers\L6PODHDBEAN.sys [583808 2013-09-23] (Line 6)
R2 risdpcie; C:\windows\System32\DRIVERS\risdpe86.sys [47616 2009-10-28] (REDC)
R2 rixdpcie; C:\windows\System32\DRIVERS\rixdpe86.sys [38912 2009-12-11] (REDC)
R1 RsvLock; C:\windows\system32\Drivers\RsvLock.sys [40088 2010-02-02] (McAfee, Inc.)
R0 SafeBoot; C:\windows\system32\Drivers\SafeBoot.sys [110520 2010-02-02] () [File not signed]
S3 Saffire; C:\windows\System32\Drivers\Saffire.sys [172880 2013-09-18] (Focusrite A.E.)
S3 SaffireAudio; C:\windows\System32\drivers\SaffireAudio.sys [38608 2013-09-18] (Focusrite A.E.)
S3 SaffireMidi; C:\windows\System32\drivers\SaffireMidi.sys [31056 2013-09-18] (Focusrite A.E.)
R0 SbAlg; C:\windows\system32\Drivers\SbAlg.sys [51800 2010-02-02] (McAfee, Inc.)
R0 SbFsLock; C:\windows\system32\Drivers\SbFsLock.sys [13256 2010-02-02] (McAfee, Inc.)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1763968 2010-01-18] ()
S3 SWDUMon; C:\windows\System32\DRIVERS\SWDUMon.sys [13464 2014-04-21] ()
S3 teamviewervpn; C:\windows\System32\DRIVERS\teamviewervpn.sys [25088 2012-11-28] (TeamViewer GmbH)
R3 vpcbus; C:\windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
U5 UnlockerDriver5; C:\projects\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-27 05:46 - 2014-11-27 05:46 - 01109504 _____ (Farbar) C:\Users\HP\Downloads\FRST(2).exe
2014-11-27 05:43 - 2014-11-27 05:43 - 00203075 _____ () C:\Users\HP\Downloads\FRST.exe
2014-11-27 05:38 - 2014-11-27 05:38 - 00001413 _____ () C:\Users\HP\Desktop\JRT.txt
2014-11-27 05:33 - 2014-11-27 05:33 - 00000000 ____D () C:\windows\ERUNT
2014-11-27 05:32 - 2014-11-27 05:32 - 01707532 _____ (Thisisu) C:\Users\HP\Downloads\JRT.exe
2014-11-27 05:21 - 2014-11-27 05:21 - 02148864 _____ () C:\Users\HP\Downloads\AdwCleaner_4.102.exe
2014-11-26 22:28 - 2014-11-26 22:30 - 00042450 _____ () C:\Users\HP\Downloads\Addition.txt
2014-11-26 22:27 - 2014-11-27 05:49 - 00021116 _____ () C:\Users\HP\Downloads\FRST.txt
2014-11-26 22:26 - 2014-11-27 05:49 - 00000000 ____D () C:\FRST
2014-11-26 22:26 - 2014-11-26 22:26 - 01109504 _____ (Farbar) C:\Users\HP\Downloads\FRST(1).exe
2014-11-26 14:51 - 2014-11-26 14:51 - 02886322 _____ () C:\Users\HP\Downloads\zoek(1).zip
2014-11-26 14:41 - 2014-11-26 14:41 - 00602112 _____ (OldTimer Tools) C:\Users\HP\Downloads\OTL(1).exe
2014-11-26 14:20 - 2014-11-26 14:20 - 05249448 _____ (ParetoLogic Inc.) C:\Users\HP\Downloads\ParetoLogic PC Health Advisor_de.exe
2014-11-26 14:17 - 2014-11-26 14:18 - 00602112 _____ (OldTimer Tools) C:\Users\HP\Downloads\otl.exe
2014-11-26 13:39 - 2014-11-26 13:39 - 04123426 _____ () C:\Users\HP\Downloads\zoek.zip
2014-11-26 11:42 - 2014-11-26 11:44 - 70158763 _____ () C:\Users\HP\Downloads\currentDemos-140121.zip
2014-11-26 10:33 - 2014-11-26 10:33 - 00000000 ____D () C:\Users\HP\Downloads\BiometricSDK1_1
2014-11-26 10:32 - 2014-11-26 10:32 - 00860112 _____ () C:\Users\HP\Downloads\BiometricSDK1_1.zip
2014-11-25 09:32 - 2014-11-25 09:33 - 00000000 ____D () C:\Users\HP\Downloads\Aufgabe 2
2014-11-25 09:32 - 2014-11-25 09:32 - 00923215 _____ () C:\Users\HP\Downloads\Aufgabe 2.zip
2014-11-20 21:36 - 2014-11-20 21:51 - 00000954 _____ () C:\Users\HP\Desktop\my-desc.txt
2014-11-20 14:51 - 2014-11-20 14:51 - 02173824 _____ () C:\Users\HP\Downloads\Jars.zip
2014-11-20 14:51 - 2014-11-20 14:51 - 00000000 ____D () C:\Users\HP\Downloads\Jars
2014-11-20 10:32 - 2014-11-26 12:40 - 00000000 ____D () C:\Users\HP\Desktop\FOM-TobiasAlthoff
2014-11-20 09:53 - 2014-11-20 09:53 - 00000050 _____ () C:\Users\HP\Desktop\edita-GEZ.txt
2014-11-19 09:36 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-19 09:36 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-11-18 17:01 - 2014-11-26 13:25 - 00000356 _____ () C:\Users\HP\Desktop\venues-to-book.txt
2014-11-17 16:10 - 2014-11-17 16:10 - 00001147 _____ () C:\Users\HP\Desktop\drummer-gesucht-141117.txt
2014-11-17 14:07 - 2014-11-17 14:07 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-16 11:11 - 2014-11-16 11:12 - 21809696 _____ () C:\Users\HP\Downloads\Dufte Musikbar.zip
2014-11-13 23:12 - 2014-11-13 23:12 - 00000000 __SHD () C:\Users\HP\AppData\Local\EmieBrowserModeList
2014-11-13 13:28 - 2014-11-13 13:29 - 00000000 ____D () C:\Users\HP\Downloads\bilder
2014-11-13 13:28 - 2014-11-13 13:28 - 00310856 _____ () C:\Users\HP\Downloads\bilder.zip
2014-11-12 12:50 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-11-12 12:50 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-11-12 12:50 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-11-12 12:50 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-11-12 12:50 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-11-12 12:50 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-11-12 12:50 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-11-12 12:50 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-11-12 12:50 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-11-12 12:50 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-11-12 12:50 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-11-12 12:50 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-11-12 12:50 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-11-12 12:50 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-11-12 12:50 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-11-12 12:50 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-11-12 12:50 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-11-12 12:50 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-11-12 12:50 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-11-12 12:50 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2014-11-12 12:49 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-11-12 12:49 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-11-12 12:49 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-11-12 12:48 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-11-12 12:48 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-11-12 12:48 - 2014-11-06 04:28 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-11-12 12:48 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-11-12 12:48 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-11-12 12:48 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-11-12 12:48 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-11-12 12:48 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-11-12 12:48 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-11-12 12:48 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-11-12 12:48 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-11-12 12:48 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-11-12 12:48 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-11-12 12:48 - 2014-11-06 03:59 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-11-12 12:48 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-11-12 12:48 - 2014-11-06 03:51 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-12 12:48 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-11-12 12:48 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 12:48 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-11-12 12:48 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-11-12 12:48 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-11-12 12:48 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-11-12 12:48 - 2014-11-06 03:22 - 00683008 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-11-12 12:48 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-11-12 12:48 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-11-12 12:48 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-11-12 12:48 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-11-12 12:48 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-11-12 12:48 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-11-12 12:48 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-11-10 17:21 - 2014-11-10 17:21 - 00291352 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-11-10 17:21 - 2014-11-10 17:21 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-11-07 00:57 - 2014-11-07 00:57 - 01215010 _____ () C:\Users\HP\Downloads\D.zip
2014-11-07 00:57 - 2014-11-07 00:57 - 00000000 ____D () C:\Users\HP\Downloads\D
2014-11-05 15:33 - 2014-11-12 13:56 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Line 6
2014-11-05 15:30 - 2014-11-05 15:31 - 00004428 _____ () C:\windows\DPINST.LOG
2014-11-05 15:30 - 2014-11-05 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Line 6
2014-11-05 15:30 - 2014-11-05 15:30 - 00000000 ____D () C:\Users\HP\Documents\Line 6
2014-11-05 15:30 - 2014-11-05 15:30 - 00000000 ____D () C:\ProgramData\Line 6
2014-11-05 15:26 - 2014-11-05 15:27 - 36242784 _____ () C:\Users\HP\Downloads\POD HD Edit v2.23 Installer.exe
2014-11-05 15:17 - 2014-11-07 10:28 - 00000000 ____D () C:\Users\HP\Desktop\Line6-PODHD
2014-11-04 23:21 - 2014-11-04 23:22 - 00000293 _____ () C:\Users\HP\Desktop\proberaum.txt
2014-11-04 13:33 - 2014-11-04 13:35 - 00000000 ____D () C:\Users\HP\Downloads\build-basic-responsive-site-css-demo
2014-11-04 13:33 - 2014-11-04 13:33 - 00088493 _____ () C:\Users\HP\Downloads\netmag-build-a-basic-responsive-site-with-css.zip
2014-11-04 13:33 - 2014-11-04 13:33 - 00088493 _____ () C:\Users\HP\Downloads\build-basic-responsive-site-css-demo.zip
2014-11-04 13:33 - 2014-11-04 13:33 - 00000000 ____D () C:\Users\HP\Downloads\netmag-build-a-basic-responsive-site-with-css
2014-11-04 01:00 - 2014-11-05 13:33 - 00000000 ____D () C:\Users\HP\Desktop\Codementor
2014-11-03 18:59 - 2014-11-03 18:59 - 00000000 ____D () C:\Users\HP\AppData\Roaming\MSPS
2014-11-03 14:06 - 2014-11-03 14:06 - 00000000 ____D () C:\Users\HP\Downloads\jexcelapi_2_6_12
2014-11-02 16:48 - 2014-11-02 16:48 - 00001118 _____ () C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-02 15:21 - 2014-11-27 05:27 - 00001037 _____ () C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-11-02 15:18 - 2014-11-02 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-11-02 15:17 - 2014-11-02 15:17 - 00243128 _____ (Disc Soft Ltd) C:\windows\system32\Drivers\dtsoftbus01.sys
2014-11-02 15:16 - 2014-11-02 15:19 - 00000000 ____D () C:\Users\HP\AppData\Roaming\DAEMON Tools Lite
2014-11-01 09:30 - 2014-11-01 09:30 - 00000000 ____D () C:\Users\HP\AppData\Roaming\JetBrains
2014-11-01 09:28 - 2014-11-01 09:28 - 00000000 ____D () C:\Users\HP\.AndroidStudioBeta
2014-10-30 11:23 - 2014-10-30 15:09 - 00000294 _____ () C:\Users\HP\.genymotion-eclipse.log
2014-10-30 11:17 - 2014-11-25 10:26 - 00000000 ____D () C:\Users\HP\AppData\Local\Genymobile
2014-10-30 11:17 - 2014-11-25 10:23 - 00000000 ____D () C:\Users\HP\.VirtualBox
2014-10-30 11:15 - 2014-10-30 11:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2014-10-30 11:15 - 2013-04-12 12:33 - 00188176 _____ (Oracle Corporation) C:\windows\system32\Drivers\VBoxDrv.sys
2014-10-30 11:15 - 2013-04-12 12:33 - 00094480 _____ (Oracle Corporation) C:\windows\system32\Drivers\VBoxUSBMon.sys
2014-10-30 11:13 - 2014-10-30 11:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genymotion
2014-10-28 15:27 - 2014-10-28 15:27 - 00000000 ____D () C:\Users\HP\Downloads\Angular-Design-Patterns-Best-Practices-master
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-27 05:45 - 2014-07-17 09:22 - 00016244 _____ () C:\windows\setupact.log
2014-11-27 05:45 - 2013-07-15 19:23 - 00001094 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-27 05:45 - 2010-09-20 15:34 - 00000000 ____D () C:\ProgramData\HPQLOG
2014-11-27 05:45 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-11-27 05:44 - 2011-11-24 23:41 - 02042456 _____ () C:\windows\WindowsUpdate.log
2014-11-27 05:42 - 2012-10-05 08:13 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-11-27 05:41 - 2013-03-29 09:53 - 00000000 ____D () C:\Users\HP\Desktop\MalwareWar
2014-11-27 05:36 - 2009-07-14 05:34 - 00020720 _____ () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-27 05:36 - 2009-07-14 05:34 - 00020720 _____ () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-27 05:28 - 2014-08-16 08:23 - 00008622 _____ () C:\windows\PFRO.log
2014-11-27 05:27 - 2013-09-07 14:08 - 00000000 ____D () C:\AdwCleaner
2014-11-27 05:27 - 2013-05-24 18:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-11-27 05:15 - 2012-07-13 16:46 - 00001108 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4093947724-3987431265-750155669-1002UA.job
2014-11-27 05:12 - 2013-07-15 19:23 - 00001098 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-27 02:08 - 2012-07-13 17:37 - 00000000 ____D () C:\Users\HP\AppData\Local\Eclipse
2014-11-26 15:15 - 2012-07-13 16:46 - 00001056 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4093947724-3987431265-750155669-1002Core.job
2014-11-26 14:21 - 2012-07-13 10:29 - 00000000 ____D () C:\projects
2014-11-26 11:57 - 2014-03-15 11:04 - 03538944 _____ () C:\Users\HP\Desktop\venuesAndBookings.accdb
2014-11-26 11:46 - 2013-09-05 12:13 - 17956864 _____ () C:\Users\HP\Desktop\mib.accdb
2014-11-25 23:42 - 2012-07-14 13:30 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-11-25 23:42 - 2012-07-14 13:30 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-25 22:23 - 2013-03-15 18:32 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Skype
2014-11-25 20:24 - 2012-07-13 16:33 - 00000000 ____D () C:\Users\HP\AppData\Roaming\FileZilla
2014-11-25 12:38 - 2010-09-20 15:18 - 01619284 _____ () C:\windows\system32\PerfStringBackup.INI
2014-11-24 13:18 - 2012-07-25 07:17 - 00000308 _____ () C:\windows\Tasks\HPCeeScheduleForHP.job
2014-11-23 20:16 - 2012-07-13 11:00 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Mozilla
2014-11-22 15:18 - 2013-10-26 00:00 - 00000000 ____D () C:\Users\HP\AppData\Roaming\vlc
2014-11-22 09:59 - 2014-09-21 17:40 - 00000511 _____ () C:\Users\HP\Desktop\Musicians.txt
2014-11-22 09:51 - 2013-03-29 13:04 - 00787800 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2014-11-20 20:52 - 2013-03-29 13:04 - 00423784 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-11-18 09:35 - 2012-07-13 16:22 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-12 23:49 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\rescache
2014-11-12 16:10 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\Microsoft.NET
2014-11-12 14:24 - 2009-07-14 05:33 - 00412096 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-12 14:02 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\system32\de-DE
2014-11-12 12:56 - 2012-07-13 17:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-10 17:21 - 2014-04-18 18:08 - 00024184 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-11-10 17:21 - 2013-12-19 14:13 - 00091496 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2014-11-10 17:21 - 2013-03-29 13:04 - 00206248 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-11-10 17:21 - 2013-03-29 13:04 - 00081768 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-11-10 17:21 - 2013-03-29 13:04 - 00070384 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-11-10 17:21 - 2013-03-29 13:04 - 00049944 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-11-04 14:30 - 2012-07-13 16:45 - 00229000 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-11-03 10:15 - 2014-07-21 19:13 - 00000000 ____D () C:\Users\HP\Desktop\Android-All
2014-11-02 15:20 - 2012-07-13 16:55 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-11-01 10:02 - 2012-11-21 12:44 - 00000000 ____D () C:\Users\HP\.gradle
2014-11-01 09:51 - 2014-09-14 10:49 - 00000000 ____D () C:\Users\HP\.android
2014-11-01 09:28 - 2012-06-26 16:48 - 00000000 ____D () C:\Users\HP
2014-10-29 06:13 - 2014-08-26 09:42 - 00000000 ____D () C:\Users\HP\AppData\Local\Adobe
Some content of TEMP:
====================
C:\Users\HP\AppData\Local\Temp\bitool.dll
C:\Users\HP\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\HP\AppData\Local\Temp\L6GPInst.dll
C:\Users\HP\AppData\Local\Temp\Quarantine.exe
C:\Users\HP\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\HP\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-10 11:49
==================== End Of Log ============================
--- --- --- |
|
Linear-Darstellung
