Trojaner-Board - Aufforderung Java neu zu installieren ist wohl ein Virus

Hallo, :wtf:
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-02-2014

Ran by(administrator) on-PC on 17-02-2014 00:20:02

Running from C:\Users\P\Downloads

Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) OS Language: German Standard

Internet Explorer Version 9

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe

(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe

(Andrea Electronics Corporation) C:\Windows\system32\AEADISRV.EXE

(Agere Systems) C:\Windows\system32\agrsmsvc.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

() C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe

(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe

() C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe

(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

() C:\Program Files\veberGreat\updateveberGreat.exe

() C:\Program Files\veberGreat\bin\utilveberGreat.exe

() C:\Windows\SMINST\scheduler.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe

(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

(Hewlett-Packard) C:\Program Files\Hp\HP Software Update\hpwuschd2.exe

( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe

(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

(Intel Corporation) C:\Windows\system32\igfxsrvc.exe

( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE

() C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe

(Hewlett-Packard) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\system32\UI0Detect.exe

(Google Inc.) C:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\system32\msiexec.exe

(Farbar) C:\Users\Petra Himmel\Downloads\FRST (1).exe

(Microsoft Corporation) C:\Windows\system32\conime.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)

HKLM\...\Run: [PTHOSTTR] - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [145184 2007-01-09] (Hewlett-Packard Development Company, L.P.)

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [833072 2007-06-07] (Synaptics, Inc.)

HKLM\...\Run: [hpWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [480560 2007-10-03] (Hewlett-Packard Development Company, L.P.)

HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)

HKLM\...\Run: [QlbCtrl.exe] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2009-11-11] ( Hewlett-Packard Development Company, L.P.)

HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM\...\RunOnce: [ST Recovery Launcher] - %WINDIR%\SMINST\launcher.exe [44168 2007-06-06] (soft thinks)

Winlogon\Notify\DeviceNP: C:\Windows\system32\DeviceNP.dll (Hewlett-Packard Limited)

HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-21-1973165993-3819719015-322512523-1006\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [484904 2007-04-19] (Hewlett-Packard Company)

HKU\S-1-5-21-1973165993-3819719015-322512523-1006\...\Run: [SDP] - C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto 

HKU\S-1-5-21-1973165993-3819719015-322512523-1006\...\Run: [GoogleChromeAutoLaunch_DB7643C1211EA935D3C53F3E46416A63] - C:\Program Files\Google\Chrome\Application\chrome.exe [866632 2014-02-02] (Google Inc.)

HKU\S-1-5-21-1973165993-3819719015-322512523-1006\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)

HKU\S-1-5-21-1973165993-3819719015-322512523-1006\...\MountPoints2: {9165d013-7afa-11e0-9b9c-001a73bf046b} - G:\.\Autorun.exe AUTORUN=1

HKU\S-1-5-21-1973165993-3819719015-322512523-1006\...\MountPoints2: {e82c0e52-883b-11e3-a80d-001a73bf046b} - G:\.\Autorun.exe AUTORUN=1
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1392077874&from=cvs&uid=HitachiXHTS542512K9SA00_080107BB0200WBJ5NPJAX

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=b14625ea-48d9-633a-b3ac-a9d35fe84c29&searchtype=ds&q={searchTerms}&installDate=17/11/2013

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1392077874&from=cvs&uid=HitachiXHTS542512K9SA00_080107BB0200WBJ5NPJAX

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=b14625ea-48d9-633a-b3ac-a9d35fe84c29&searchtype=ds&q={searchTerms}&installDate=17/11/2013

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1392077874&from=cvs&uid=HitachiXHTS542512K9SA00_080107BB0200WBJ5NPJAX

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1392077874&from=cvs&uid=HitachiXHTS542512K9SA00_080107BB0200WBJ5NPJAX

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392077874&from=cvs&uid=HitachiXHTS542512K9SA00_080107BB0200WBJ5NPJAX&q={searchTerms}

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1392077874&from=cvs&uid=HitachiXHTS542512K9SA00_080107BB0200WBJ5NPJAX&q={searchTerms}

StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1392077874&from=cvs&uid=HitachiXHTS542512K9SA00_080107BB0200WBJ5NPJAX

SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392077874&from=cvs&uid=HitachiXHTS542512K9SA00_080107BB0200WBJ5NPJAX&q={searchTerms}

SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=b14625ea-48d9-633a-b3ac-a9d35fe84c29&searchtype=ds&q={searchTerms}&installDate=17/11/2013

SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392077874&from=cvs&uid=HitachiXHTS542512K9SA00_080107BB0200WBJ5NPJAX&q={searchTerms}

SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392077874&from=cvs&uid=HitachiXHTS542512K9SA00_080107BB0200WBJ5NPJAX&q={searchTerms}

SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus

SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392077874&from=cvs&uid=HitachiXHTS542512K9SA00_080107BB0200WBJ5NPJAX&q={searchTerms}

BHO: SavingsBull - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files\SavingsBull\IECore.dll ()

BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited)

BHO: AddLyrics - {4145006D-47F8-42F2-8186-2225AAFECDD3} -  No File

BHO: veberGreat - {7d22614c-6dd5-4a12-8680-026be7220328} - C:\Program Files\veberGreat\veberGreatbho.dll (veberGreat)

BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)

BHO: Web Check - {E155F23C-9931-47c6-A619-20E6FCA86D75} - C:\Program Files\Web Check\WebCheck.dll (Web Check)

BHO: No Name - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} -  No File

Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{E0B2B2C3-A202-4A57-86BB-5D7B3E1D5D4F}: [NameServer]192.168.178.253
 

FireFox:

========

FF ProfilePath: C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default

FF SearchEngineOrder.1: Ask.com

FF Homepage: hxxp://www.awesomehp.com/?type=hp&ts=1392077874&from=cvs&uid=HitachiXHTS542512K9SA00_080107BB0200WBJ5NPJAX

FF Keyword.URL: hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=b14625ea-48d9-633a-b3ac-a9d35fe84c29&searchtype=ds&installDate=17/11/2013&q=

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()

FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @google.com/npPicasa2,version=2.0.0 - C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)

FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\P\Neuer Ordner\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)

FF SearchPlugin: C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\searchplugins\Web Search.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\awesomehp.xml

FF Extension: Plus-HD-1.3 - C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\Extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com [2014-02-01]

FF Extension: vis - C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM [2014-02-10]

FF Extension: FRITZ!Box AddOn - C:\Users\Petra Himmel\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\Extensions\fb_add_on@avm.de [2013-04-13]

FF Extension: Lightning Speed Dial - C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\Extensions\lightningnewtab@gmail.com [2014-02-15]

FF Extension: SavingsBull - C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\Extensions\SavingsBull@jetpack [2014-02-13]

FF Extension: Microsoft .NET Framework Assistant - C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-28]

FF Extension: Yahoo! Toolbar - C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2013-04-11]

FF Extension: Extension_Protected - C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\Extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack.xpi [2014-02-11]

FF Extension: veberGreat - C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\Extensions\{85280d41-aaff-423b-b5f7-c41996a73cad}.xpi [2014-02-11]

FF Extension: Adblock Plus - C:\User\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-10]

FF HKLM\...\Firefox\Extensions: [{3112ca9c-de6d-4884-a869-9855de68056c}] - C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}

FF Extension: Google Toolbar for Firefox - C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2009-03-21]

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

FF HKLM\...\Firefox\Extensions: [{52b0f3db-f988-4788-b9dc-861d016f4487}] - C:\Program Files\Web Check\WebCheck.xpi

FF Extension: Web Check - C:\Program Files\Web Check\WebCheck.xpi [2013-08-12]

FF HKLM\...\Firefox\Extensions: [lightningnewtab@gmail.com] - C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\extensions\lightningnewtab@gmail.com.xpi

FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

FF HKCU\...\Firefox\Extensions: [addlyrics@addlyrics.net] - C:\Users\P\AppData\Local\AddLyrics\FF\
 

Chrome: 

=======

CHR HomePage: hxxp://www.awesomehp.com/?type=hp&ts=1392077874&from=cvs&uid=HitachiXHTS542512K9SA00_080107BB0200WBJ5NPJAX

CHR DefaultSearchProvider: Google \u00DCbersetzer

CHR DefaultSearchURL: hxxp://translate.google.de/?source=osdd#auto|auto|{searchTerms}

CHR DefaultNewTabURL: 

CHR Extension: (Extended Protection) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml [2014-02-11]

CHR Extension: (Web Check) - C:\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacechnliklhcacondhhkkfobapdopee [2014-02-10]

CHR Extension: (Plus-HD-1.3) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl [2013-11-12]

CHR Extension: (SavingsBull) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngaeinfoeljecnggcbonnohnjpepenmb [2014-02-13]

CHR Extension: (Google Wallet) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-10]

CHR Extension: (Lightning speedDial) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkndmigholgfjlniaohblojbhgjbkakn [2014-02-15]

CHR HKLM\...\Chrome\Extension: [dacechnliklhcacondhhkkfobapdopee] - C:\Program Files\Web Check\WebCheck.crx [2013-08-12]

CHR HKLM\...\Chrome\Extension: [kdlfddggdloaadnphbhejknhaggjaeld] - C:\User\AppData\Local\AddLyrics\Chrome.crx [2013-08-12]

CHR HKLM\...\Chrome\Extension: [pkndmigholgfjlniaohblojbhgjbkakn] - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-02-11]
 

========================== Services (Whitelisted) =================
 

S3 FLCDLOCK; C:\Windows\system32\flcdlock.exe [172131 2007-06-08] (Hewlett-Packard Ltd)

S2 gupdate1c9aa22527800c0; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-03-21] (Google Inc.)

R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard)

R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [508016 2014-01-14] (Cherished Technololgy LIMITED)

R2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe [546112 2014-01-27] ()

S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)

R2 Radio.fx; C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe [3673944 2011-11-18] ()

S2 SystemStoreService; C:\Program Files\SoftwareUpdater\SystemStore.exe [297984 2014-02-16] ()

R2 Update veberGreat; C:\Program Files\veberGreat\updateveberGreat.exe [80672 2014-02-13] ()

R2 Util veberGreat; C:\Program Files\veberGreat\bin\utilveberGreat.exe [80672 2014-02-13] ()

R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [493568 2014-02-11] (Cherished Technololgy LIMITED)
 

==================== Drivers (Whitelisted) ====================
 

S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv.sys [30008 2007-06-08] (Hewlett-Packard Development Company L.P.)

R3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2010-10-06] (TeamViewer GmbH)

S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]

S3 cpuz134; \??\C:\Users\PETRAH~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]

U4 eabfiltr; 

S3 ewsercd; system32\DRIVERS\ewsercd.sys [X]

S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S1 netfilter; system32\drivers\netfilter.sys [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-02-17 00:20 - 2014-02-17 00:21 - 00021500 _____ () C:\Downloads\FRST.txt

2014-02-17 00:19 - 2014-02-17 00:20 - 00000000 ____D () C:\FRST

2014-02-17 00:17 - 2014-02-17 00:17 - 02152448 _____ (Farbar) C:\Users\P\Downloads\FRST64.exe

2014-02-17 00:12 - 2014-02-17 00:12 - 01141248 _____ (Farbar) C:\Users\P\Downloads\FRST (1).exe

2014-02-17 00:11 - 2014-02-17 00:11 - 01141248 _____ (Farbar) C:\Users\P\Downloads\FRST.exe

2014-02-16 23:31 - 2014-02-16 23:31 - 00002003 _____ () C:\Users\P\Desktop\Chrome App Launcher.lnk

2014-02-16 23:31 - 2014-02-16 23:31 - 00000000 ____D () C:\Users\P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-02-15 00:00 - 2014-02-15 23:30 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-02-13 13:46 - 2014-02-13 13:46 - 00000000 ____D () C:\Program Files\SavingsBull

2014-02-13 01:32 - 2014-02-05 09:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-02-13 01:32 - 2014-02-05 09:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-02-13 01:32 - 2014-02-05 09:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-02-13 01:32 - 2014-02-05 09:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-02-13 01:32 - 2014-02-05 09:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-02-13 01:32 - 2014-02-05 09:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-02-13 01:32 - 2014-02-05 09:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-02-13 01:32 - 2014-02-05 09:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-02-13 01:32 - 2014-02-05 09:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-02-13 01:32 - 2014-02-05 09:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-02-13 01:32 - 2014-02-05 09:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-02-13 01:32 - 2014-02-05 09:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-02-13 01:32 - 2014-02-05 09:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-02-13 01:32 - 2014-02-05 09:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-02-13 01:32 - 2014-02-05 09:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-02-13 01:32 - 2014-02-05 09:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-02-13 00:58 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-02-11 01:18 - 2014-02-11 01:18 - 00000000 ____D () C:\ProgramData\WPM

2014-02-11 01:18 - 2014-02-11 01:18 - 00000000 ____D () C:\ProgramData\IePluginService

2014-02-11 01:18 - 2014-02-11 01:18 - 00000000 ____D () C:\Program Files\SupTab

2014-02-11 01:18 - 2014-02-11 01:18 - 00000000 ____D () C:\Program Files\Level Quality Watcher

2014-02-11 01:16 - 2014-02-11 01:16 - 00000000 ____D () C:\Users\P\AppData\Local\Software Updater

2014-02-10 23:34 - 2014-02-10 23:34 - 00000000 ____D () C:\Users\P\AppData\Local\SoftwareUpdater

2014-02-10 22:28 - 2014-02-10 22:28 - 24489184 _____ (Mozilla) C:\Users\P\Downloads\Firefox_Setup_27.0.exe

2014-02-10 21:26 - 2014-02-10 21:26 - 00000000 ____D () C:\Users\P\AppData\Local\Freemium

2014-02-10 21:20 - 2014-02-10 22:24 - 00000000 ____D () C:\Program Files\veberGreat

2014-02-10 21:19 - 2014-02-10 21:19 - 00000000 ____D () C:\Users\P\AppData\Roaming\Windows Net Data

2014-02-10 21:18 - 2014-02-10 21:18 - 00001918 _____ () C:\Users\Public\Desktop\Free System Utilities.lnk

2014-02-10 21:18 - 2014-02-10 21:18 - 00000000 ____D () C:\ProgramData\FreeSystemUtilities

2014-02-10 21:18 - 2014-02-10 21:18 - 00000000 ____D () C:\Program Files\Covus Freemium

2014-02-10 21:16 - 2014-02-10 21:16 - 00000000 ____D () C:\Program Files\Web Check

2014-02-10 21:15 - 2014-02-10 21:16 - 00000000 ____D () C:\Program Files\SoftwareUpdater

2014-02-10 21:14 - 2014-02-10 21:15 - 00000000 ____D () C:\Users\P\AppData\Local\DownloadGuide

2014-02-10 21:13 - 2014-02-10 21:19 - 00000000 ____D () C:\ProgramData\Package Cache

2014-02-10 21:12 - 2014-02-10 21:12 - 00666528 _____ () C:\Users\P\Downloads\free-system-utilities_1.1_de-DE.exe

2014-02-10 21:10 - 2014-02-10 21:10 - 00550008 _____ (Sterkly LLC) C:\Usersl\Downloads\freesystemutilities_setup.exe

2014-02-10 21:08 - 2014-02-10 21:08 - 00710848 _____ ( ) C:\Users\P\Downloads\COMPUTER_BILD-Download-Manager_fuer_freesystemutilities_setup.exe

2014-02-02 01:13 - 2014-02-02 01:26 - 130658432 _____ () C:\Users\P\Downloads\avira_free_antivirus_de(2).exe

2014-02-01 21:03 - 2014-02-01 21:05 - 03975896 _____ (Avira Operations GmbH & Co. KG) C:\Users\Petra Himmel\Downloads\avira_oe_client_antivirus_de.exe
 

==================== One Month Modified Files and Folders =======
 

2014-02-17 00:21 - 2014-02-17 00:20 - 00021500 _____ () C:\Users\P\Downloads\FRST.txt

2014-02-17 00:20 - 2014-02-17 00:19 - 00000000 ____D () C:\FRST

2014-02-17 00:19 - 2012-07-14 16:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-02-17 00:17 - 2014-02-17 00:17 - 02152448 _____ (Farbar) C:\Users\P\Downloads\FRST64.exe

2014-02-17 00:12 - 2014-02-17 00:12 - 01141248 _____ (Farbar) C:\Users\P\Downloads\FRST (1).exe

2014-02-17 00:11 - 2014-02-17 00:11 - 01141248 _____ (Farbar) C:\User\Downloads\FRST.exe

2014-02-17 00:03 - 2009-07-29 20:35 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-02-16 23:33 - 2006-11-02 13:45 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-02-16 23:33 - 2006-11-02 13:45 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-02-16 23:31 - 2014-02-16 23:31 - 00002003 _____ () C:\Users\P\Desktop\Chrome App Launcher.lnk

2014-02-16 23:31 - 2014-02-16 23:31 - 00000000 ____D () C:\Users\P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-02-16 23:27 - 2009-03-21 11:36 - 01123873 _____ () C:\Windows\WindowsUpdate.log

2014-02-16 22:27 - 2013-11-12 16:22 - 00001896 _____ () C:\Windows\Tasks\Plus-HD-1.3-chromeinstaller.job

2014-02-16 22:23 - 2013-11-12 16:23 - 00001298 _____ () C:\Windows\Tasks\Plus-HD-1.3-updater.job

2014-02-16 22:23 - 2013-11-12 16:23 - 00001200 _____ () C:\Windows\Tasks\Plus-HD-1.3-codedownloader.job

2014-02-16 22:23 - 2013-11-12 16:23 - 00001100 _____ () C:\Windows\Tasks\Plus-HD-1.3-enabler.job

2014-02-16 22:22 - 2013-11-12 16:22 - 00001820 _____ () C:\Windows\Tasks\Plus-HD-1.3-firefoxinstaller.job

2014-02-16 20:51 - 2013-01-17 20:47 - 00000376 _____ () C:\Windows\Tasks\AddLyrics update.job

2014-02-16 17:03 - 2009-07-29 20:35 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-02-16 15:10 - 2009-11-11 07:49 - 00001052 _____ () C:\Windows\Tasks\Google Software Updater.job

2014-02-16 11:34 - 2007-12-15 01:20 - 00000000 ____D () C:\Windows\SMINST

2014-02-16 11:33 - 2007-12-15 01:38 - 00163050 _____ () C:\Windows\PFRO.log

2014-02-16 11:33 - 2006-11-02 13:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-02-16 02:24 - 2006-11-09 17:42 - 00000012 _____ () C:\Windows\bthservsdp.dat

2014-02-16 02:24 - 2006-11-02 13:58 - 00032628 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-02-15 23:30 - 2014-02-15 00:00 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-02-13 13:46 - 2014-02-13 13:46 - 00000000 ____D () C:\Program Files\SavingsBull

2014-02-13 01:38 - 2013-08-02 01:34 - 00000000 ____D () C:\Windows\system32\MRT

2014-02-13 01:34 - 2006-11-02 11:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2014-02-11 05:46 - 2007-12-15 01:20 - 00000000 __SHD () C:\System Recovery

2014-02-11 01:18 - 2014-02-11 01:18 - 00000000 ____D () C:\ProgramData\WPM

2014-02-11 01:18 - 2014-02-11 01:18 - 00000000 ____D () C:\ProgramData\IePluginService

2014-02-11 01:18 - 2014-02-11 01:18 - 00000000 ____D () C:\Program Files\SupTab

2014-02-11 01:18 - 2014-02-11 01:18 - 00000000 ____D () C:\Program Files\Level Quality Watcher

2014-02-11 01:17 - 2013-09-10 12:45 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-02-11 01:17 - 2009-03-21 12:07 - 00001163 _____ () C:\Users\P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-02-11 01:16 - 2014-02-11 01:16 - 00000000 ____D () C:\Users\P\AppData\Local\Software Updater

2014-02-10 23:34 - 2014-02-10 23:34 - 00000000 ____D () C:\User\AppData\Local\SoftwareUpdater

2014-02-10 22:38 - 2013-05-30 13:37 - 00000000 ____D () C:\ProgramData\Apple Computer

2014-02-10 22:28 - 2014-02-10 22:28 - 24489184 _____ (Mozilla) C:\User\Downloads\Firefox_Setup_27.0.exe

2014-02-10 22:24 - 2014-02-10 21:20 - 00000000 ____D () C:\Program Files\veberGreat

2014-02-10 21:26 - 2014-02-10 21:26 - 00000000 ____D () C:\Users\P\AppData\Local\Freemium

2014-02-10 21:19 - 2014-02-10 21:19 - 00000000 ____D () C:\Users\P\AppData\Roaming\Windows Net Data

2014-02-10 21:19 - 2014-02-10 21:13 - 00000000 ____D () C:\ProgramData\Package Cache

2014-02-10 21:18 - 2014-02-10 21:18 - 00001918 _____ () C:\Users\Public\Desktop\Free System Utilities.lnk

2014-02-10 21:18 - 2014-02-10 21:18 - 00000000 ____D () C:\ProgramData\FreeSystemUtilities

2014-02-10 21:18 - 2014-02-10 21:18 - 00000000 ____D () C:\Program Files\Covus Freemium

2014-02-10 21:16 - 2014-02-10 21:16 - 00000000 ____D () C:\Program Files\Web Check

2014-02-10 21:16 - 2014-02-10 21:15 - 00000000 ____D () C:\Program Files\SoftwareUpdater

2014-02-10 21:15 - 2014-02-10 21:14 - 00000000 ____D () C:\User\AppData\Local\DownloadGuide

2014-02-10 21:12 - 2014-02-10 21:12 - 00666528 _____ () C:\User\Downloads\free-system-utilities_1.1_de-DE.exe

2014-02-10 21:10 - 2014-02-10 21:10 - 00550008 _____ (Sterkly LLC) C:\Users\P\Downloads\freesystemutilities_setup.exe

2014-02-10 21:08 - 2014-02-10 21:08 - 00710848 _____ ( ) C:\User\Downloads\COMPUTER_BILD-Download-Manager_fuer_freesystemutilities_setup.exe

2014-02-10 20:33 - 2013-11-17 19:19 - 00000000 ____D () C:\Users\Petra Himmel\AppData\Local\Smartbar

2014-02-10 19:27 - 2006-11-02 11:33 - 01634660 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-02-10 19:26 - 2006-11-02 13:49 - 00035682 _____ () C:\Windows\setupact.log

2014-02-08 00:21 - 2012-07-14 16:02 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2014-02-08 00:21 - 2012-07-14 16:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2014-02-05 09:58 - 2014-02-13 01:32 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-02-05 09:56 - 2014-02-13 01:32 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-02-05 09:53 - 2014-02-13 01:32 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-02-05 09:51 - 2014-02-13 01:32 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-02-05 09:50 - 2014-02-13 01:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-02-05 09:49 - 2014-02-13 01:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-02-05 09:49 - 2014-02-13 01:32 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-02-05 09:48 - 2014-02-13 01:32 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-02-05 09:48 - 2014-02-13 01:32 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-02-05 09:48 - 2014-02-13 01:32 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-02-05 09:48 - 2014-02-13 01:32 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-02-05 09:48 - 2014-02-13 01:32 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-02-05 09:47 - 2014-02-13 01:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-02-05 09:47 - 2014-02-13 01:32 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-02-05 09:47 - 2014-02-13 01:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-02-05 09:46 - 2014-02-13 01:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-02-02 01:26 - 2014-02-02 01:13 - 130658432 _____ () C:\Users\P\Downloads\avira_free_antivirus_de(2).exe

2014-02-02 01:06 - 2013-11-12 16:22 - 00000000 ____D () C:\Program Files\Plus-HD-1.3

2014-02-01 21:05 - 2014-02-01 21:03 - 03975896 _____ (Avira Operations GmbH & Co. KG) C:\Users\P\Downloads\avira_oe_client_antivirus_de.exe

2014-01-24 12:02 - 2013-05-17 17:32 - 00000162 ____H () C:\Users\P\Downloads\.picasa.ini

2014-01-24 11:56 - 2009-03-21 13:40 - 00000000 ____D () C:\Program Files\Picasa2
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\system32\winlogon.exe => MD5 is legit

C:\Windows\system32\wininit.exe => MD5 is legit

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\services.exe => MD5 is legit

C:\Windows\system32\User32.dll => MD5 is legit

C:\Windows\system32\userinit.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-02-16 23:45
 

:dankeschoen:
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

[CODE][/CODEAdditional scan result of Farbar Recovery Scan Tool (x86) Version: 16-02-2014
Ran by Petra Himmel at 2014-02-17 00:23:31
Running from C:\Users\Petra Himmel\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Flash Player 12 Plugin (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (Version: 10.1.9 - Adobe Systems Incorporated)
Agere Systems HDA Modem (Version: - LSI Corporation)
Amazon MP3-Downloader 1.0.17 (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
Application Installer 4.00.B14 (Version: 4.00.B14 - Hewlett-Packard Company)
BIOS Configuration for HP ProtectTools (Version: 3.00 F1 - Hewlett-Packard)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (Version: 4.170.25.4 - Broadcom Corporation)
Business Contact Manager für Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager für Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Device Access Manager for HP ProtectTools (Version: 2.0.0.0 - Ihr Firmenname)
ESU for Microsoft Vista (Version: 1.0.20.1 - Hewlett-Packard)
Free System Utilities (Version: 1.1.0.0 - Covus Freemium GmbH)
Free SystemUtilities (Version: 1.1.0.0 - Covus Freemium GmbH) Hidden
Google Chrome (Version: 32.0.1700.107 - Google Inc.)
Google Earth (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
Google Updater (Version: 2.4.2432.1652 - Google Inc.)
HP Active Support Library (Version: 3.1.9.1 - Hewlett-Packard)
HP Active Support Library 32 bit components (Version: 2.1.0 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (Version: 5.3.0.2325 - Hewlett-Packard)
HP Doc Viewer (Version: 1.01.0005 - Hewlett-Packard)
HP Easy Setup - Frontend (Version: 5.3.0.2325 - Hewlett-Packard)
HP Help and Support (Version: 1.2.2 - Hewlett-Packard)
HP Notebook Accessories Product Tour (Version: 13.0.0 - Hewlett-Packard)
HP ProtectTools Security Manager (Version: 3.00 A10 - Hewlett-Packard)
HP Quick Launch Buttons (Version: 6.50.14.1 - Hewlett-Packard Company)
HP Update (Version: 5.002.007.004 - Hewlett-Packard)
HP User Guides 0084 (Version: 1.02.0000 - Hewlett-Packard)
HP Wireless Assistant (Version: 3.00 H3 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden
IePluginService12.27.0.3326 (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
Intel(R) Graphics Media Accelerator Driver (Version: - )
Intel(R) PRO Network Connections Drivers (Version: - )
InterVideo DVD Check (Version: - )
InterVideo Register Manager (Version: 1.0.4.0 - InterVideo Inc.) Hidden
InterVideo WinDVD (Version: 5.0-B11.1166 - InterVideo Inc.)
iTunes (Version: 11.1.3.8 - Apple Inc.)
LightScribe 1.6.43.1 (Version: 1.6.43.1 - hxxp://www.lightscribe.com) Hidden
Microsoft .NET Framework 1.1 (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 German Language Pack (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (Version: - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Fix it Center (Version: 1.0.0100 - Microsoft Corporation)
Microsoft Office 2003 Web Components (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
OpenOffice.org 3.0 (Version: 3.0.9379 - OpenOffice.org)
Picasa 3 (Version: 3.9 - Google, Inc.)
Plus-HD-1.3 (Version: 1.30.153.0 - Plus HD) <==== ATTENTION
PricePeep (Version: 2.2.0.4 - betwikx LLC) <==== ATTENTION
QLBCASL (Version: 6.40.17.2 - Hewlett-Packard) Hidden
QuickTime (Version: 7.74.80.86 - Apple Inc.)
Roxio Activation Module (Version: 1.0 - Roxio) Hidden
Roxio Creator Audio (Version: 3.5.0 - Roxio)
Roxio Creator Basic v9 (Version: 3.5.0 - Roxio)
Roxio Creator Copy (Version: 3.5.0 - Roxio)
Roxio Creator Data (Version: 3.5.0 - Roxio)
Roxio Creator Tools (Version: 3.5.0 - Roxio)
Roxio Express Labeler 3 (Version: 3.2.1 - Roxio)
Roxio MyDVD Basic v9 (Version: 9.2.053 - Roxio)
Roxio Update Manager (Version: 6.0.0 - Roxio)
SavingsBull (Version: 1.0.0.0 - SavingsBull)
Sonic CinePlayer Decoder Pack (Version: 4.2.0 - Sonic Solutions)
SoundMAX (Version: 6.10.1.5180 - Analog Devices)
ST Wiederherstellungs- & Sicherungsprogramme (Version: 4.0.19 - Hewlett-Packard Company )
SupTab (Version: 1.1.1.0 - ) <==== ATTENTION
Synaptics Pointing Device Driver (Version: 9.1.11.3 - Synaptics)
TeamViewer 5 (Version: 5.1.9290 - TeamViewer GmbH)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (Version: 9.00.5000.00 - Microsoft Corporation)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
veberGreat (Version: 2014.02.05.153917 - veberGreat)
VIS (Version: - ) <==== ATTENTION
Vista Default Settings (Version: 1.00 C2 - Hewlett-Packard)
WDR RadioRecorder (Version: - Tobit.Software)
Web Check (Version: - )
WPM17.8.0.3325 (Version: 17.8.0.3325 - Cherished Technololgy LIMITED) <==== ATTENTION

==================== Restore Points =========================

10-02-2014 20:11:11 Free System Utilities
10-02-2014 20:16:13 Free System Utilities
10-02-2014 20:18:53 Free System Utilities
10-02-2014 20:22:28 Free System Utilities
10-02-2014 21:20:43 Windows Update
10-02-2014 21:44:18 Windows Update
11-02-2014 00:19:53 Windows Update
11-02-2014 11:34:04 Windows Update
12-02-2014 01:49:24 Windows Update
12-02-2014 12:34:20 Windows Update
13-02-2014 00:30:38 Windows Update
14-02-2014 00:37:57 Windows Update
14-02-2014 23:48:34 Windows Update
15-02-2014 22:25:28 Windows Update
16-02-2014 01:23:17 Windows Update

==================== Hosts content: ==========================

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {00110563-B80E-4BD5-8FA9-2E64065137F4} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {01A47623-2F0B-4771-A40C-F8C575D96E4E} - System32\Tasks\Plus-HD-1.3-codedownloader => C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-codedownloader.exe [2013-11-12] (Plus HD) <==== ATTENTION
Task: {05E0A810-C28A-456D-B0A1-9B8CC87D9239} - System32\Tasks\Plus-HD-1.3-chromeinstaller => C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-chromeinstaller.exe [2013-11-12] (Plus HD) <==== ATTENTION
Task: {0D4897C6-4904-4957-B5AE-80330076E31E} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files\TuneUp Utilities 2010\OneClick.exe
Task: {18DFD9FC-082E-4E9B-8285-5F21D2B4EDAE} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1D805720-68D7-4861-8D81-D82420D89395} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)
Task: {1E0EAC48-F89B-43A3-968A-355C10E932E4} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-10-15] (Google)
Task: {1EB2C480-7150-4C6B-AC6A-6F3FFAEA2086} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {2CA53A3D-6D2E-4C52-B3E4-046B839F4680} - System32\Tasks\Software Updater Ui => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe [2014-02-10] ()
Task: {37456B0F-3188-4D77-BED9-3DD89A393E58} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {395601FD-AF75-490A-9E01-1026CD5BE1E6} - System32\Tasks\AddLyrics update => C:\Users\P\AppData\Local\AddLyrics\alcsur.exe <==== ATTENTION
Task: {58FC6128-5B02-4E7D-91E2-B301AC579D80} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-21] (Google Inc.)
Task: {5916F864-469C-4391-8604-E4EA141A2699} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {643FC1B5-46B4-4221-BEEB-D92F01424637} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminder => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)
Task: {7AF67C6B-A0EA-4131-A131-ECD76BD24E20} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-08] (Adobe Systems Incorporated)
Task: {8AEE6E2B-9433-4F45-8DAF-2B96A1770185} - System32\Tasks\Java Update Scheduler => C:\Program Files\Java\jre6\bin\jusched.exe
Task: {8B0E6FAB-F43A-4988-AF0A-A21646C212F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {94E0835E-5318-426F-B236-1227C89AD324} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9CEB4C44-F46D-42B5-8530-90EF44A8F812} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {9D6433E7-2DBB-4BC4-9448-2A474D5A8420} - System32\Tasks\Plus-HD-1.3-updater => C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-updater.exe [2013-11-12] (Plus HD) <==== ATTENTION
Task: {9ED703A9-5FFD-40D5-895A-4385EE1509DE} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {A0C36B3E-042A-41A8-96A4-8E1359D12151} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2014-02-10] ()
Task: {A31D55D6-047A-41E1-BBA1-BC909B3E14C9} - System32\Tasks\Plus-HD-1.3-enabler => C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-enabler.exe [2013-11-12] (Plus HD) <==== ATTENTION
Task: {B2AAC36F-3EAB-4C5B-BD5B-A147ED36E296} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-21] (Google Inc.)
Task: {E022CA30-26ED-44AB-AF71-6B254410F883} - System32\Tasks\Freemium1ClickMaint => C:\Users\P\Downloads\1Click.exe
Task: {E811251B-2D0A-4C4C-B9E9-0450E30D9AEF} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09] (Hewlett-Packard)
Task: {E92B78FF-1DF6-4C61-8CA3-E3798A6C610C} - System32\Tasks\HP Health Check Scheduler => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {FF6D6608-E8A8-4E5D-8859-A08A84C89288} - System32\Tasks\Plus-HD-1.3-firefoxinstaller => C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-firefoxinstaller.exe [2013-11-12] (Plus HD) <==== ATTENTION
Task: C:\Windows\Tasks\AddLyrics update.job => C:\Users\P\AppData\Local\AddLyrics\alcsur.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-1.3-chromeinstaller.job => C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-1.3-codedownloader.job => C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-1.3-enabler.job => C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-1.3-firefoxinstaller.job => C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-1.3-updater.job => C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-updater.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2007-08-24 13:28 - 2007-08-24 13:28 - 00249856 _____ () C:\Windows\system32\igfxTMM.dll
2007-12-15 01:20 - 2007-06-06 14:34 - 00715912 _____ () C:\Windows\SMINST\scheduler.exe
2007-12-15 01:20 - 2007-02-15 16:37 - 00446464 _____ () C:\Windows\SMINST\naspp.dll
2007-06-08 09:05 - 2007-06-08 09:05 - 00274432 _____ () C:\Windows\system32\flcdlmsg.dll
2007-02-16 17:40 - 2007-02-16 17:40 - 01466368 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2007-02-16 17:40 - 2007-02-16 17:40 - 05521408 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2014-02-08 18:49 - 2014-02-02 00:42 - 04055368 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-08 18:49 - 2014-02-02 00:42 - 00399688 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-08 18:48 - 2014-02-02 00:41 - 01634632 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
2009-07-01 14:44 - 2009-07-01 14:44 - 00632888 _____ () C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
2014-02-08 18:49 - 2014-02-02 00:42 - 13616456 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
2014-02-15 23:54 - 2014-02-15 23:54 - 04591616 _____ () C:\Users\P\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libglesv2.dll
2014-02-15 23:54 - 2014-02-15 23:54 - 00112128 _____ () C:\Users\P\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

Name: isatap.{A482B1A9-ED4F-485A-AA55-7FCA5B961AC9}
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun-Miniportadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (02/16/2014 11:37:48 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6002.18005, Zeitstempel 0x49e01da5, fehlerhaftes Modul wmp.dll, Version 11.0.6002.18311, Zeitstempel 0x4c8e47da, Ausnahmecode 0xc0000005, Fehleroffset 0x001e0835,
Prozess-ID 0x6ac, Anwendungsstartzeit Explorer.EXE0.

Error: (02/16/2014 02:31:42 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2964

Error: (02/16/2014 02:31:42 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2964

Error: (02/16/2014 02:31:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/16/2014 02:24:02 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft Office 2007 Primary Interop Assemblies - Update "Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition" konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (02/16/2014 02:24:02 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Microsoft Office 2007 Primary Interop Assemblies -- Please install Microsoft Office 2007 before installing this product.

Error: (02/15/2014 11:38:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8096

Error: (02/15/2014 11:38:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8096

Error: (02/15/2014 11:38:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/15/2014 11:38:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6630

System errors:
=============
Error: (02/16/2014 11:34:51 AM) (Source: Service Control Manager) (User: )
Description: netfilter

Error: (02/16/2014 02:24:06 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: 0x80070643Sicherheitsupdate für Microsoft Office PowerPoint 2007 (KB2596764){7EC1A3D1-87DD-4552-B8C8-FCA1EF07E5EB}111

Error: (02/15/2014 11:36:08 PM) (Source: DCOM) (User: P-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}P-PCPS-1-5-21-1973165993-3819719015-322512523-1006LocalHost (unter Verwendung von LRPC)

Error: (02/15/2014 11:28:28 PM) (Source: Service Control Manager) (User: )
Description: netfilter

Error: (02/15/2014 11:26:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: 0x80070643Sicherheitsupdate für Microsoft Office PowerPoint 2007 (KB2596764){7EC1A3D1-87DD-4552-B8C8-FCA1EF07E5EB}111

Error: (02/15/2014 11:25:51 PM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (02/15/2014 10:25:56 AM) (Source: Service Control Manager) (User: )
Description: Windows Media Player-Netzwerkfreigabedienst%%1053

Error: (02/15/2014 10:25:56 AM) (Source: Service Control Manager) (User: )
Description: 30000Windows Media Player-Netzwerkfreigabedienst

Error: (02/15/2014 10:24:53 AM) (Source: Service Control Manager) (User: )
Description: netfilter

Error: (02/15/2014 00:49:13 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: 0x80070643Sicherheitsupdate für Microsoft Office PowerPoint 2007 (KB2596764){7EC1A3D1-87DD-4552-B8C8-FCA1EF07E5EB}111

Microsoft Office Sessions:
=========================
Error: (02/16/2014 11:37:48 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.0.6002.1800549e01da5wmp.dll11.0.6002.183114c8e47dac0000005001e08356ac01cf2b0293c6f354

Error: (02/16/2014 02:31:42 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2964

Error: (02/16/2014 02:31:42 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2964

Error: (02/16/2014 02:31:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/16/2014 02:24:02 AM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Microsoft Office 2007 Primary Interop AssembliesSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition1603(NULL)(NULL)

Error: (02/16/2014 02:24:02 AM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Microsoft Office 2007 Primary Interop Assemblies -- Please install Microsoft Office 2007 before installing this product.(NULL)(NULL)(NULL)(NULL)

Error: (02/15/2014 11:38:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8096

Error: (02/15/2014 11:38:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8096

Error: (02/15/2014 11:38:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/15/2014 11:38:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6630

CodeIntegrity Errors:
===================================
Date: 2012-09-28 23:30:26.327
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\igdumd32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-09-28 23:30:25.788
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\igdumd32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-09-28 23:30:24.828
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\igdumd32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-09-28 23:30:24.449
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\igdumd32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-08-13 12:30:37.591
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\igdumd32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-08-13 12:30:36.970
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\igdumd32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-08-13 12:30:35.944
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\igdumd32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-08-13 12:30:35.477
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\igdumd32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2011-07-19 14:03:50.692
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\igdumd32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2011-07-19 14:03:50.353
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\igdumd32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

==================== Memory info ===========================

Percentage of memory in use: 62%
Total physical RAM: 3062.52 MB
Available physical RAM: 1157.75 MB
Total Pagefile: 6355.32 MB
Available Pagefile: 4370 MB
Total Virtual: 2047.88 MB
Available Virtual: 1896.04 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:102.43 GB) (Free:48.97 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (OS_TOOLS) (Fixed) (Total:1.55 GB) (Free:1.32 GB) NTFS
Drive f: (HP_RECOVERY) (Fixed) (Total:7.8 GB) (Free:0.74 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 112 GB) (Disk ID: 0C45C84D)
Partition 1: (Active) - (Size=102 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=2 GB) - (Type=07 NTFS)

==================== End Of Log ============================]

:confused: :heulen:

:dankeschoen:

:dankeschoen:

Code:

# AdwCleaner v3.019 - Bericht erstellt am 17/02/2014 um 15:39:42

# Aktualisiert 17/02/2014 von Xplode

# Betriebssystem : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)

# Benutzername :  - P-PC

# Gestartet von : C:\Users\P\Downloads\adwcleaner (1).exe

# Option : Löschen
 

***** [ Dienste ] *****
 

[#] Dienst Gelöscht : SystemStoreService
 

***** [ Dateien / Ordner ] *****
 

Ordner Gelöscht : C:\ProgramData\Ask

Ordner Gelöscht : C:\ProgramData\WPM

Ordner Gelöscht : C:\Program Files\Level Quality Watcher

Ordner Gelöscht : C:\Program Files\MyPC Backup

Ordner Gelöscht : C:\Program Files\optimizer pro

Ordner Gelöscht : C:\Program Files\SoftwareUpdater

Ordner Gelöscht : C:\Windows\system32\ARFC

Ordner Gelöscht : C:\Users\Pl\AppData\Local\DownloadGuide

Ordner Gelöscht : C:\Users\P\AppData\Local\SoftwareUpdater

Ordner Gelöscht : C:\Users\P\AppData\LocalLow\GutscheinCodes

Ordner Gelöscht : C:\Users\P\AppData\Roaming\Advanced System Protector

Ordner Gelöscht : C:\Users\P\AppData\Roaming\Systweak

Ordner Gelöscht : C:\Users\P\AppData\Roaming\Windows Net Data

Ordner Gelöscht : C:\Users\P\Documents\optimizer pro

Ordner Gelöscht : C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

Ordner Gelöscht : C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM

Datei Gelöscht : C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

Datei Gelöscht : C:\END

Datei Gelöscht : C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\searchplugins\Web Search.xml

Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater Ui

Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater
 

***** [ Verknüpfungen ] *****
 

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Google Chrome.lnk

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk

Verknüpfung Desinfiziert : C:\Users\P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

Verknüpfung Desinfiziert : C:\Users\P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk

Verknüpfung Desinfiziert : C:\Users\P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

Verknüpfung Desinfiziert : C:\Users\P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
 

***** [ Registrierungsdatenbank ] *****
 

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2CA53A3D-6D2E-4C52-B3E4-046B839F4680}

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CA53A3D-6D2E-4C52-B3E4-046B839F4680}

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A0C36B3E-042A-41A8-96A4-8E1359D12151}

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E0EAC48-F89B-43A3-968A-355C10E932E4}

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0C36B3E-042A-41A8-96A4-8E1359D12151}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GutscheinCodes.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GutscheinCodes.GutscheinCodesBHO

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GutscheinCodes.GutscheinCodesBHO.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{59279625-EFF0-4F55-98F0-51EDDD800DD9}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322122257}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322852232}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355125557}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355855532}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366126657}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366856632}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{F905535E-9C87-4A3F-8A3E-4E3B54C461C5}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344124457}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344854432}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

Schlüssel Gelöscht : HKCU\Software\APN PIP

Schlüssel Gelöscht : HKCU\Software\InstallCore

Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions

Schlüssel Gelöscht : HKCU\Software\powerpack

Schlüssel Gelöscht : HKCU\Software\SmartBar

Schlüssel Gelöscht : HKCU\Software\systweak

Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar

Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}

Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

Schlüssel Gelöscht : HKLM\Software\PIP

Schlüssel Gelöscht : HKLM\Software\supTab

Schlüssel Gelöscht : HKLM\Software\supWPM

Schlüssel Gelöscht : HKLM\Software\systweak

Schlüssel Gelöscht : HKLM\Software\Uniblue

Schlüssel Gelöscht : HKLM\Software\Wpm

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IePlugins

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PricePeep

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\supTab

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wpm

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C19AC53289098045B06B0DD1D37CBAB

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23D9E9D21B4E77E41B9F50DD22F24E20

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23EEA1F105A7F45449974D9B95E7AC89

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26982796A8AFD1246B95E00265A95BF9

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42D92D0D75AFEF74297E03876C8D9D33

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50FFE845C555A6E4BADB7CB7A145BFEB

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\715A3348920B6534690067594BB69F60

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7B7B13B037A7C2A42AC3E3EAF14D7107

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D05B2942E9CC80499F397F6114DFB35

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8591B8948E1C4A04F90505B3CDEE8555

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D841C5FEC311624CB88D49DB3884FA7

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD746BF3B3B3FD8409B86604BA85982A

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F355F0DB7A2E3A14B8E7A568FBA25937
 

***** [ Browser ] *****
 

-\\ Internet Explorer v9.0.8112.16533
 

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
 

-\\ Mozilla Firefox v
 

[ Datei : C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\prefs.js ]
 

Zeile gelöscht : user_pref("accessibility.lightning.homepage", "hxxp://www.awesomehp.com/?type=hp&ts=1392077874&from=cvs&uid=HitachiXHTS542512K9SA00_080107BB0200WBJ5NPJAX");

Zeile gelöscht : user_pref("browser.search.order.1", "Ask.com");

Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.awesomehp.com/?type=hp&ts=1392077874&from=cvs&uid=HitachiXHTS542512K9SA00_080107BB0200WBJ5NPJAX");

Zeile gelöscht : user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.internaldb.__GAM__gam_domains.value", "%7B%22gambling%22%3A%22casino.williamhill.com%7Cvegas.willi[...]

Zeile gelöscht : user_pref("extensions.crossrider.bic", "1424cea3b921027b86600460d9b36ebd");

Zeile gelöscht : user_pref("extensions.toolbar.mindspark._4zMembers_.hp.enabled", true);

Zeile gelöscht : user_pref("extensions.toolbar.mindspark._4zMembers_.hp.lastGuardTime", 1242673965);

Zeile gelöscht : user_pref("extensions.toolbar.mindspark._4zMembers_.hp.numGuards", 1);

Zeile gelöscht : user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true);

Zeile gelöscht : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", "");

Zeile gelöscht : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2013011621");

Zeile gelöscht : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "^HJ^xdm255^YY^de");

Zeile gelöscht : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "CMS0gLjV7bQCFUlc3godX2MA5A");

Zeile gelöscht : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", true);

Zeile gelöscht : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.toolbarId", "629F56E3-C40A-4ECF-A363-BDF459B3819D");

Zeile gelöscht : user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1358459091213");

Zeile gelöscht : user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", true);

Zeile gelöscht : user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", true);

Zeile gelöscht : user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", true);

Zeile gelöscht : user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", true);

Zeile gelöscht : user_pref("extensions.toolbar.mindspark._4zMembers_.searchHistory", "come mi vuoi");

Zeile gelöscht : user_pref("extensions.toolbar.mindspark._4zMembers_.weather.location", "10001");

Zeile gelöscht : user_pref("extensions.toolbar.mindspark.hp.enabled", true);

Zeile gelöscht : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "videodownloadconverter@mindspark.com");

Zeile gelöscht : user_pref("extensions.toolbar.mindspark.lastInstalled", "videodownloadconverter@mindspark.com");

Zeile gelöscht : user_pref("extensions.wajam.affiliate_id", "7001");

Zeile gelöscht : user_pref("extensions.wajam.firstrun", "false");

Zeile gelöscht : user_pref("extensions.wajam.log_send_info", "false");

Zeile gelöscht : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21088\",\"update_interval\":1115,\"base_url\":\"hxxp:\\/\\/www.wajam.com\\/\",\"update_url\":\"hxxp:\\/\\/www.wajam.com\\/addon\\/[...]

Zeile gelöscht : user_pref("extensions.wajam.no_trace", "false");

Zeile gelöscht : user_pref("extensions.wajam.server_current_mapping_version", "0.21088");

Zeile gelöscht : user_pref("extensions.wajam.supported_sites.wajam_settings.wajam_utils", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam'[...]

Zeile gelöscht : user_pref("extensions.wajam.supported_sites.wikipedia.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';wind[...]

Zeile gelöscht : user_pref("extensions.wajam.trace_log", "1391304439105 - onFlagInfoReceived - No user current mapping version specified, set to '0'\n1391304439106 - onFlagInfoReceived - Unique ID saved\n");

Zeile gelöscht : user_pref("extensions.wajam.unique_id", "D8317D2F3E6A9BE2E1ADCCF7D536919F");

Zeile gelöscht : user_pref("extensions.wajam.user_current_mapping_version", "0");

Zeile gelöscht : user_pref("extensions.wajam.version", "1.26");

Zeile gelöscht : user_pref("extensions.wajam.website_version", "1.00290.0");

Zeile gelöscht : user_pref("keyword.URL", "hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=b14625ea-48d9-633a-b3ac-a9d35fe84c29&searchtype=ds&installDate=17/11/2013&q=");
 

-\\ Google Chrome v32.0.1700.107
 

[ Datei : C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 

Gelöscht : homepage
 

*************************
 

AdwCleaner[R0].txt - [15329 octets] - [17/02/2014 15:35:21]

AdwCleaner[S0].txt - [14118 octets] - [17/02/2014 15:39:42]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14179 octets] ##########

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.1 (02.04.2014:1)

OS: Windows Vista (TM) Home Basic x86

Ran by  on 17.02.2014 at 16:02:20,96

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1973165993-3819719015-322512523-1006\Software\ib updater

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311121157}
 
 
 

~~~ Files
 

Successfully deleted: [File] C:\Windows\System32\Tasks\AddLyrics update

Successfully deleted: [File] C:\Windows\Tasks\AddLyrics update.job
 
 
 

~~~ Folders
 
 
 

~~~ FireFox
 

Successfully deleted the following from C:\Users\P\AppData\Roaming\mozilla\firefox\profiles\7mk3mgpf.default\prefs.js
 

user_pref("extensions.wajam.supported_sites.amazon_product.priam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_

user_pref("extensions.wajam.supported_sites.amazon_v2.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL

user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM

user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_L

user_pref("extensions.wajam.supported_sites.youtubesearch.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_L

Emptied folder: C:\Users\P\AppData\Roaming\mozilla\firefox\profiles\7mk3mgpf.default\minidumps [1217 files]
 
 
 

~~~ Chrome
 

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kdlfddggdloaadnphbhejknhaggjaeld
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 17.02.2014 at 16:10:01,46

Computer was rebooted

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-02-2014

Ran by P (administrator) on -PC on 17-02-2014 17:13:57

Running from C:\Users\P\Downloads

Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) OS Language: German Standard

Internet Explorer Version 9

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(Andrea Electronics Corporation) C:\Windows\system32\AEADISRV.EXE

(Agere Systems) C:\Windows\system32\agrsmsvc.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

() C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe

(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

() C:\Windows\SMINST\scheduler.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe

(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

(Hewlett-Packard) C:\Program Files\Hp\HP Software Update\hpwuschd2.exe

( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe

(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

(Google Inc.) C:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

(Intel Corporation) C:\Windows\system32\igfxsrvc.exe

( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE

() C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

(Microsoft Corporation) C:\Windows\system32\conime.exe

(Hewlett-Packard) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

(Microsoft Corporation) C:\Program Files\Windows Mail\WinMail.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Farbar) C:\Users\P\Downloads\FRST (2).exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)

HKLM\...\Run: [PTHOSTTR] - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [145184 2007-01-09] (Hewlett-Packard Development Company, L.P.)

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [833072 2007-06-07] (Synaptics, Inc.)

HKLM\...\Run: [hpWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [480560 2007-10-03] (Hewlett-Packard Development Company, L.P.)

HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)

HKLM\...\Run: [QlbCtrl.exe] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2009-11-11] ( Hewlett-Packard Development Company, L.P.)

HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM\...\RunOnce: [ST Recovery Launcher] - %WINDIR%\SMINST\launcher.exe [44168 2007-06-06] (soft thinks)

Winlogon\Notify\DeviceNP: C:\Windows\system32\DeviceNP.dll (Hewlett-Packard Limited)

HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-21-1973165993-3819719015-322512523-1006\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [484904 2007-04-19] (Hewlett-Packard Company)

HKU\S-1-5-21-1973165993-3819719015-322512523-1006\...\Run: [GoogleChromeAutoLaunch_DB7643C1211EA935D3C53F3E46416A63] - C:\Program Files\Google\Chrome\Application\chrome.exe [866632 2014-02-02] (Google Inc.)

HKU\S-1-5-21-1973165993-3819719015-322512523-1006\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)

HKU\S-1-5-21-1973165993-3819719015-322512523-1006\...\MountPoints2: {9165d013-7afa-11e0-9b9c-001a73bf046b} - G:\.\Autorun.exe AUTORUN=1

HKU\S-1-5-21-1973165993-3819719015-322512523-1006\...\MountPoints2: {e82c0e52-883b-11e3-a80d-001a73bf046b} - G:\.\Autorun.exe AUTORUN=1
 

==================== Internet (Whitelisted) ====================
 

StartMenuInternet: IEXPLORE.EXE - iexplore.exe

SearchScopes: HKLM - DefaultScope value is missing.

BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)

BHO: Web Check - {E155F23C-9931-47c6-A619-20E6FCA86D75} - C:\Program Files\Web Check\WebCheck.dll (Web Check)

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{E0B2B2C3-A202-4A57-86BB-5D7B3E1D5D4F}: [NameServer]192.168.178.253
 

FireFox:

========

FF ProfilePath: C:\Users\PAppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()

FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @google.com/npPicasa2,version=2.0.0 - C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)

FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Petra Himmel\Neuer Ordner\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)

FF Extension: Plus-HD-1.3 - C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\Extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com [2014-02-01]

FF Extension: FRITZ!Box AddOn - C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\Extensions\fb_add_on@avm.de [2013-04-13]

FF Extension: Lightning Speed Dial - C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\Extensions\lightningnewtab@gmail.com [2014-02-15]

FF Extension: SavingsBull - C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\Extensions\SavingsBull@jetpack [2014-02-13]

FF Extension: Microsoft .NET Framework Assistant - C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-28]

FF Extension: Extension_Protected - C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\Extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack.xpi [2014-02-11]

FF Extension: veberGreat - C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\7mk3mgpf.default\Extensions\{85280d41-aaff-423b-b5f7-c41996a73cad}.xpi [2014-02-11]

FF HKLM\...\Firefox\Extensions: [{3112ca9c-de6d-4884-a869-9855de68056c}] - C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}

FF Extension: Google Toolbar for Firefox - C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2009-03-21]

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

FF HKLM\...\Firefox\Extensions: [{52b0f3db-f988-4788-b9dc-861d016f4487}] - C:\Program Files\Web Check\WebCheck.xpi

FF Extension: No Name - C:\Program Files\Web Check\WebCheck.xpi [2013-08-12]

FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

FF HKCU\...\Firefox\Extensions: [addlyrics@addlyrics.net] - C:\Users\P\AppData\Local\AddLyrics\FF\
 

Chrome: 

=======

CHR HomePage: hxxp://www.awesomehp.com/?type=hp&ts=1392077874&from=cvs&uid=HitachiXHTS542512K9SA00_080107BB0200WBJ5NPJAX

CHR DefaultSearchProvider: Google \u00DCbersetzer

CHR DefaultSearchURL: hxxp://translate.google.de/?source=osdd#auto|auto|{searchTerms}

CHR DefaultNewTabURL: 

CHR Extension: (Web Check) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacechnliklhcacondhhkkfobapdopee [2014-02-10]

CHR Extension: (SavingsBull) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngaeinfoeljecnggcbonnohnjpepenmb [2014-02-13]

CHR Extension: (Google Wallet) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-10]

CHR HKLM\...\Chrome\Extension: [dacechnliklhcacondhhkkfobapdopee] - C:\Program Files\Web Check\WebCheck.crx [2013-08-12]
 

========================== Services (Whitelisted) =================
 

S3 FLCDLOCK; C:\Windows\system32\flcdlock.exe [172131 2007-06-08] (Hewlett-Packard Ltd)

S2 gupdate1c9aa22527800c0; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-03-21] (Google Inc.)

R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard)

R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)

R2 Radio.fx; C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe [3673944 2011-11-18] ()
 

==================== Drivers (Whitelisted) ====================
 

S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv.sys [30008 2007-06-08] (Hewlett-Packard Development Company L.P.)

S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [75480 2014-02-17] (Malwarebytes Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)

R3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2010-10-06] (TeamViewer GmbH)

S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]

S3 cpuz134; \??\C:\Users\PETRAH~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]

U4 eabfiltr; 

S3 ewsercd; system32\DRIVERS\ewsercd.sys [X]

S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S1 netfilter; system32\drivers\netfilter.sys [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-02-17 17:15 - 2014-02-17 17:15 - 02152448 _____ (Farbar) C:\Users\P\Downloads\FRST64 (1).exe

2014-02-17 17:13 - 2014-02-17 17:13 - 01141248 _____ (Farbar) C:\Users\P\Downloads\FRST (2).exe

2014-02-17 16:10 - 2014-02-17 16:10 - 00002453 _____ () C:\Users\P\Desktop\JRT.txt

2014-02-17 15:56 - 2014-02-17 15:57 - 01037530 _____ (Thisisu) C:\Users\P\Downloads\JRT.exe

2014-02-17 15:35 - 2014-02-17 15:40 - 00000000 ____D () C:\AdwCleaner

2014-02-17 15:34 - 2014-02-17 15:35 - 01241888 _____ () C:\Users\P\Downloads\adwcleaner (1).exe

2014-02-17 15:33 - 2014-02-17 15:34 - 01241888 _____ () C:\Users\P\Downloads\adwcleaner.exe

2014-02-17 14:09 - 2014-02-17 14:12 - 12589848 _____ (Malwarebytes Corp.) C:\Users\P\Downloads\mbar-1.07.0.1009 (2).exe

2014-02-17 12:50 - 2014-02-17 12:56 - 00000906 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-17 12:50 - 2014-02-17 12:56 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware

2014-02-17 12:50 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-02-17 12:43 - 2014-02-17 12:43 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-02-17 12:43 - 2014-02-17 12:43 - 00000000 ____D () C:\Users\P\Desktop\mbar

2014-02-17 12:41 - 2014-02-17 12:42 - 12589848 _____ (Malwarebytes Corp.) C:\Users\P\Downloads\mbar-1.07.0.1009 (1).exe

2014-02-17 12:39 - 2014-02-17 12:41 - 12589848 _____ (Malwarebytes Corp.) C:\Users\P\Downloads\mbar-1.07.0.1009.exe

2014-02-17 00:23 - 2014-02-17 00:24 - 00026708 _____ () C:\Users\P\Downloads\Addition.txt

2014-02-17 00:20 - 2014-02-17 17:14 - 00015120 _____ () C:\Users\\Downloads\FRST.txt

2014-02-17 00:19 - 2014-02-17 17:13 - 00000000 ____D () C:\FRST

2014-02-17 00:17 - 2014-02-17 00:17 - 02152448 _____ (Farbar) C:\Users\P\Downloads\FRST64.exe

2014-02-17 00:12 - 2014-02-17 00:12 - 01141248 _____ (Farbar) C:\Users\P\Downloads\FRST (1).exe

2014-02-17 00:11 - 2014-02-17 00:11 - 01141248 _____ (Farbar) C:\Users\P\Downloads\FRST.exe

2014-02-16 23:31 - 2014-02-16 23:31 - 00002003 _____ () C:\Users\P\Desktop\Chrome App Launcher.lnk

2014-02-16 23:31 - 2014-02-16 23:31 - 00000000 ____D () C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-02-15 00:00 - 2014-02-15 23:30 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-02-13 13:46 - 2014-02-17 14:37 - 00000000 ____D () C:\Program Files\SavingsBull

2014-02-13 01:32 - 2014-02-05 09:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-02-13 01:32 - 2014-02-05 09:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-02-13 01:32 - 2014-02-05 09:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-02-13 01:32 - 2014-02-05 09:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-02-13 01:32 - 2014-02-05 09:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-02-13 01:32 - 2014-02-05 09:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-02-13 01:32 - 2014-02-05 09:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-02-13 01:32 - 2014-02-05 09:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-02-13 01:32 - 2014-02-05 09:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-02-13 01:32 - 2014-02-05 09:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-02-13 01:32 - 2014-02-05 09:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-02-13 01:32 - 2014-02-05 09:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-02-13 01:32 - 2014-02-05 09:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-02-13 01:32 - 2014-02-05 09:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-02-13 01:32 - 2014-02-05 09:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-02-13 01:32 - 2014-02-05 09:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-02-13 00:58 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-02-11 01:16 - 2014-02-11 01:16 - 00000000 ____D () C:\Users\P\AppData\Local\Software Updater

2014-02-10 22:28 - 2014-02-10 22:28 - 24489184 _____ (Mozilla) C:\Users\P\Downloads\Firefox_Setup_27.0.exe

2014-02-10 21:26 - 2014-02-10 21:26 - 00000000 ____D () C:\Users\P\AppData\Local\Freemium

2014-02-10 21:16 - 2014-02-10 21:16 - 00000000 ____D () C:\Program Files\Web Check

2014-02-10 21:12 - 2014-02-10 21:12 - 00666528 _____ () C:\Users\P\Downloads\free-system-utilities_1.1_de-DE.exe

2014-02-10 21:10 - 2014-02-10 21:10 - 00550008 _____ (Sterkly LLC) C:\Users\P\Downloads\freesystemutilities_setup.exe

2014-02-10 21:08 - 2014-02-10 21:08 - 00710848 _____ ( ) C:\Users\P\Downloads\COMPUTER_BILD-Download-Manager_fuer_freesystemutilities_setup.exe

2014-02-02 01:13 - 2014-02-02 01:26 - 130658432 _____ () C:\Users\P\Downloads\avira_free_antivirus_de(2).exe

2014-02-01 21:03 - 2014-02-01 21:05 - 03975896 _____ (Avira Operations GmbH & Co. KG) C:\Users\P\Downloads\avira_oe_client_antivirus_de.exe
 

==================== One Month Modified Files and Folders =======
 

2014-02-17 17:16 - 2014-02-17 00:20 - 00015120 _____ () C:\Users\P\Downloads\FRST.txt

2014-02-17 17:15 - 2014-02-17 17:15 - 02152448 _____ (Farbar) C:\Users\P\Downloads\FRST64 (1).exe

2014-02-17 17:13 - 2014-02-17 17:13 - 01141248 _____ (Farbar) C:\Users\\Downloads\FRST (2).exe

2014-02-17 17:13 - 2014-02-17 00:19 - 00000000 ____D () C:\FRST

2014-02-17 17:03 - 2009-07-29 20:35 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-02-17 16:10 - 2014-02-17 16:10 - 00002453 _____ () C:\Users\P\Desktop\JRT.txt

2014-02-17 16:05 - 2009-03-21 11:36 - 01218315 _____ () C:\Windows\WindowsUpdate.log

2014-02-17 16:05 - 2006-11-02 13:45 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-02-17 16:05 - 2006-11-02 13:45 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-02-17 16:00 - 2007-12-15 01:20 - 00000000 ____D () C:\Windows\SMINST

2014-02-17 16:00 - 2006-11-02 13:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-02-17 15:59 - 2006-11-09 17:42 - 00000012 _____ () C:\Windows\bthservsdp.dat

2014-02-17 15:59 - 2006-11-02 13:58 - 00032628 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-02-17 15:58 - 2013-02-16 02:17 - 00000000 ____D () C:\Windows\ERUNT

2014-02-17 15:57 - 2014-02-17 15:56 - 01037530 _____ (Thisisu) C:\Users\P\Downloads\JRT.exe

2014-02-17 15:40 - 2014-02-17 15:35 - 00000000 ____D () C:\AdwCleaner

2014-02-17 15:39 - 2013-09-10 12:45 - 00001067 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-02-17 15:39 - 2009-03-21 12:07 - 00000989 _____ () C:\Users\P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-02-17 15:35 - 2014-02-17 15:34 - 01241888 _____ () C:\Users\P\Downloads\adwcleaner (1).exe

2014-02-17 15:34 - 2014-02-17 15:33 - 01241888 _____ () C:\Users\P\Downloads\adwcleaner.exe

2014-02-17 15:19 - 2012-07-14 16:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-02-17 15:10 - 2007-12-15 01:38 - 00244794 _____ () C:\Windows\PFRO.log

2014-02-17 15:03 - 2009-07-29 20:35 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-02-17 14:57 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\tapi

2014-02-17 14:46 - 2009-11-11 07:49 - 00001052 _____ () C:\Windows\Tasks\Google Software Updater.job

2014-02-17 14:37 - 2014-02-13 13:46 - 00000000 ____D () C:\Program Files\SavingsBull

2014-02-17 14:12 - 2014-02-17 14:09 - 12589848 _____ (Malwarebytes Corp.) C:\Users\P\Downloads\mbar-1.07.0.1009 (2).exe

2014-02-17 12:56 - 2014-02-17 12:50 - 00000906 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-17 12:56 - 2014-02-17 12:50 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware

2014-02-17 12:43 - 2014-02-17 12:43 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-02-17 12:43 - 2014-02-17 12:43 - 00000000 ____D () C:\Users\P\Desktop\mbar

2014-02-17 12:42 - 2014-02-17 12:41 - 12589848 _____ (Malwarebytes Corp.) C:\Users\P\Downloads\mbar-1.07.0.1009 (1).exe

2014-02-17 12:41 - 2014-02-17 12:39 - 12589848 _____ (Malwarebytes Corp.) C:\Users\P\Downloads\mbar-1.07.0.1009.exe

2014-02-17 00:24 - 2014-02-17 00:23 - 00026708 _____ () C:\Users\P\Downloads\Addition.txt

2014-02-17 00:17 - 2014-02-17 00:17 - 02152448 _____ (Farbar) C:\Users\P\Downloads\FRST64.exe

2014-02-17 00:12 - 2014-02-17 00:12 - 01141248 _____ (Farbar) C:\Users\P\Downloads\FRST (1).exe

2014-02-17 00:11 - 2014-02-17 00:11 - 01141248 _____ (Farbar) C:\Users\P\Downloads\FRST.exe

2014-02-16 23:31 - 2014-02-16 23:31 - 00002003 _____ () C:\Users\P\Desktop\Chrome App Launcher.lnk

2014-02-16 23:31 - 2014-02-16 23:31 - 00000000 ____D () C:\Users\P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-02-16 20:51 - 2013-01-17 20:47 - 00000376 _____ () C:\Windows\Tasks\AddLyrics update.job

2014-02-15 23:30 - 2014-02-15 00:00 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-02-13 01:38 - 2013-08-02 01:34 - 00000000 ____D () C:\Windows\system32\MRT

2014-02-13 01:34 - 2006-11-02 11:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2014-02-11 05:46 - 2007-12-15 01:20 - 00000000 __SHD () C:\System Recovery

2014-02-11 01:16 - 2014-02-11 01:16 - 00000000 ____D () C:\Users\P\AppData\Local\Software Updater

2014-02-10 22:38 - 2013-05-30 13:37 - 00000000 ____D () C:\ProgramData\Apple Computer

2014-02-10 22:28 - 2014-02-10 22:28 - 24489184 _____ (Mozilla) C:\Users\P\Downloads\Firefox_Setup_27.0.exe

2014-02-10 21:26 - 2014-02-10 21:26 - 00000000 ____D () C:\Users\P\AppData\Local\Freemium

2014-02-10 21:16 - 2014-02-10 21:16 - 00000000 ____D () C:\Program Files\Web Check

2014-02-10 21:12 - 2014-02-10 21:12 - 00666528 _____ () C:\Users\P\Downloads\free-system-utilities_1.1_de-DE.exe

2014-02-10 21:10 - 2014-02-10 21:10 - 00550008 _____ (Sterkly LLC) C:\Users\P\Downloads\freesystemutilities_setup.exe

2014-02-10 21:08 - 2014-02-10 21:08 - 00710848 _____ ( ) C:\Users\P\Downloads\COMPUTER_BILD-Download-Manager_fuer_freesystemutilities_setup.exe

2014-02-10 19:27 - 2006-11-02 11:33 - 01634660 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-02-10 19:26 - 2006-11-02 13:49 - 00035682 _____ () C:\Windows\setupact.log

2014-02-08 00:21 - 2012-07-14 16:02 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2014-02-08 00:21 - 2012-07-14 16:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2014-02-05 09:58 - 2014-02-13 01:32 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-02-05 09:56 - 2014-02-13 01:32 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-02-05 09:53 - 2014-02-13 01:32 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-02-05 09:51 - 2014-02-13 01:32 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-02-05 09:50 - 2014-02-13 01:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-02-05 09:49 - 2014-02-13 01:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-02-05 09:49 - 2014-02-13 01:32 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-02-05 09:48 - 2014-02-13 01:32 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-02-05 09:48 - 2014-02-13 01:32 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-02-05 09:48 - 2014-02-13 01:32 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-02-05 09:48 - 2014-02-13 01:32 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-02-05 09:48 - 2014-02-13 01:32 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-02-05 09:47 - 2014-02-13 01:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-02-05 09:47 - 2014-02-13 01:32 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-02-05 09:47 - 2014-02-13 01:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-02-05 09:46 - 2014-02-13 01:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-02-02 01:26 - 2014-02-02 01:13 - 130658432 _____ () C:\Users\P\Downloads\avira_free_antivirus_de(2).exe

2014-02-01 21:05 - 2014-02-01 21:03 - 03975896 _____ (Avira Operations GmbH & Co. KG) C:\Users\P\Downloads\avira_oe_client_antivirus_de.exe

2014-01-24 12:02 - 2013-05-17 17:32 - 00000162 ____H () C:\Users\P\Downloads\.picasa.ini

2014-01-24 11:56 - 2009-03-21 13:40 - 00000000 ____D () C:\Program Files\Picasa2
 

Some content of TEMP:

====================

C:\Users\\AppData\Local\Temp\Quarantine.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\system32\winlogon.exe => MD5 is legit

C:\Windows\system32\wininit.exe => MD5 is legit

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\services.exe => MD5 is legit

C:\Windows\system32\User32.dll => MD5 is legit

C:\Windows\system32\userinit.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-02-17 16:08
 

==================== End Of Log ============================

--- --- ---

:dankeschoen: