| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Extended Protection 2.1Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.01.2014, 17:24
| #1 |
| |  Extended Protection 2.1 Diese Erweiterung kommt immer wieder bei meinem chrome server auf obwohl ich es immer wieder entferne.... Außerdem öffnet er mir immer wieder diese hxxp://www.nationzoom.com/ seite als startseite, obwohl ich eine andere angegeben habe. kann mir einer sagen woran das liegt und was ich nun tun kann? Danke im Vorraus |
|
18.01.2014, 17:47
| #2 |
| /// TB-Ausbilder   |  Extended Protection 2.1 Hallo,
__________________mach bitte einen FRST-Scan: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
19.01.2014, 18:27
| #3 |
| | Extended Protection 2.1 FRST Logfile:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-01-2014 03
Ran by steffen (administrator) on STEFFEN-PC on 19-01-2014 18:23:08
Running from C:\Users\steffen\Downloads
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Ellora Assets Corp.) C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
() C:\Program Files\ICQ6Toolbar\ICQ Service.exe
() C:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
(DoctorSoft) C:\Program Files\AnyPC Client\APLangApp.exe
() C:\Program Files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\Scan2pc.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Facebook Inc.) C:\Users\steffen\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\steffen\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NvCplDaemon] - C:\windows\system32\NvCpl.dll [13834856 2010-02-09] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8129056 2009-12-26] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1578280 2009-10-10] (Synaptics Incorporated)
HKLM\...\Run: [FreeFallProtection] - C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe [2482176 2010-02-22] ()
HKLM\...\Run: [UpdateLBPShortCut] - C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [UpdateP2GoShortCut] - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDRShortCut] - C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM\...\Run: [RemoteControl8] - C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [PDVD8LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [UpdatePPShortCut] - C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] - C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-07-21] (CyberLink Corp.)
HKLM\...\Run: [APLangApp] - C:\Program Files\AnyPC Client\APLangApp.exe [13312 2009-11-20] (DoctorSoft)
HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [Logan_S2P] - C:\Program Files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\Scan2pc.exe [253952 2007-06-11] ()
HKLM\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\SSMMgr.exe [552960 2009-03-09] ()
HKLM\...\Run: [SSBkgdUpdate] - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] - C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM\...\Run: [BrMfcWnd] - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] - C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [PDFPrint] - C:\Program Files\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe
HKCU\...\Run: [msnmsgr] - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [Facebook Update] - C:\Users\steffen\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-24] (Facebook Inc.)
HKCU\...\Run: [GarminExpressTrayApp] - C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1093464 2013-08-15] (Garmin Ltd or its subsidiaries)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [NextLive] - C:\Users\steffen\AppData\Roaming\newnext.me\nengine.dll [1283584 2014-01-06] (NewNextDotMe)
MountPoints2: F - F:\LaunchU3.exe -a
MountPoints2: {6dc14340-db68-11df-9657-00245489d605} - F:\LaunchU3.exe -a
AppInit_DLLs: => File Not Found
Startup: C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\steffen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d4f7c117-3759-754d-6921-960c021e8dd8&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=09/01/2014&type=hp1000
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Nation Zoom
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Nation Zoom
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d4f7c117-3759-754d-6921-960c021e8dd8&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=09/01/2014&type=hp1000
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390057011&from=tugs&uid=HitachiXHTS545032B9A300_100425PBN3031TKD80YRX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Nation Zoom
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Nation Zoom
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1390057011&from=tugs&uid=HitachiXHTS545032B9A300_100425PBN3031TKD80YRX&q={searchTerms}
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKLM - (No Name) - {adca5064-9e30-43fe-9856-58b07a3149fe} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe Nation Zoom
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390057011&from=tugs&uid=HitachiXHTS545032B9A300_100425PBN3031TKD80YRX&q={searchTerms}
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d4f7c117-3759-754d-6921-960c021e8dd8&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=09/01/2014&type=hp1000
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390057011&from=tugs&uid=HitachiXHTS545032B9A300_100425PBN3031TKD80YRX&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390057011&from=tugs&uid=HitachiXHTS545032B9A300_100425PBN3031TKD80YRX&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d4f7c117-3759-754d-6921-960c021e8dd8&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=09/01/2014&type=hp1000
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390057011&from=tugs&uid=HitachiXHTS545032B9A300_100425PBN3031TKD80YRX&q={searchTerms}
SearchScopes: HKCU - {F09C2463-3A11-4976-AF62-CB3D8067B60D} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3322950&CUI=UN12248898314691135&UM=2
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name - {adca5064-9e30-43fe-9856-58b07a3149fe} - No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - C:\windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKLM - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKCU - No Name - {ADCA5064-9E30-43FE-9856-58B07A3149FE} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default
FF NewTab: hxxp://www.nationzoom.com/newtab/?type=nt&ts=1390057011&from=tugs&uid=HitachiXHTS545032B9A300_100425PBN3031TKD80YRX
FF DefaultSearchEngine: FreemiumA Customized Web Search
FF SelectedSearchEngine: FreemiumA Customized Web Search
FF Homepage: hxxp://www.nationzoom.com/?type=hp&ts=1390057011&from=tugs&uid=HitachiXHTS545032B9A300_100425PBN3031TKD80YRX
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3322950&SearchSource=2&CUI=UN35014252225894811&UM=2&q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\steffen\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\searchplugins\freemiuma-customized-web-search.xml
FF SearchPlugin: C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\nationzoom.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Garmin Communicator - C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-25]
FF Extension: ICQ Toolbar - C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2012-07-25]
FF Extension: FreemiumA - C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\Extensions\{afa59d4f-18ec-4866-949b-f406270e15cb} [2014-01-18]
FF Extension: WEB.DE MailCheck - C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\Extensions\toolbar@web.de.xpi [2013-09-02]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]
FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-03-16]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe Nation Zoom
Chrome:
=======
CHR HomePage: hxxp://www.nationzoom.com/?type=hp&ts=1390057011&from=tugs&uid=HitachiXHTS545032B9A300_100425PBN3031TKD80YRX
CHR Extension: (Bookmark Manager) - C:\Users\steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml [2014-01-18]
CHR Extension: (Google Wallet) - C:\Users\steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-12]
CHR HKLM\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-09-12]
CHR HKLM\...\Chrome\Extension: [dbgalemaidlifaeappogmgmgifhkfkee] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-09-12]
CHR HKLM\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-09-12]
CHR HKLM\...\Chrome\Extension: [hkhjppglbhfdpdameiopkfoopdchkgef] - C:\Users\steffen\AppData\Local\CRE\hkhjppglbhfdpdameiopkfoopdchkgef.crx [2014-01-12]
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2014-01-18]
CHR HKLM\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\steffen\AppData\Local\Wajam\Chrome\wajam.crx [2012-10-05]
CHR HKCU\...\Chrome\Extension: [hkhjppglbhfdpdameiopkfoopdchkgef] - C:\Users\steffen\AppData\Local\CRE\hkhjppglbhfdpdameiopkfoopdchkgef.crx [2014-01-12]
CHR StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe Nation Zoom
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
========================== Services (Whitelisted) =================
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-03-28] (LSI Corporation)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-05-14] (Ellora Assets Corp.)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [220504 2013-08-15] (Garmin Ltd or its subsidiaries)
R2 ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [247096 2010-09-06] ()
R2 InstallFilterService; C:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe [60928 2010-02-10] ()
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
==================== Drivers (Whitelisted) ====================
R3 Acceler; C:\Windows\System32\DRIVERS\Acceler.sys [42416 2010-02-10] (ST Microelectronics)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2010-06-10] (Windows (R) 2003 DDK 3790 provider)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [14808 2009-11-02] ()
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-19 18:22 - 2014-01-19 18:22 - 00024526 _____ C:\Users\steffen\Downloads\Addition.txt
2014-01-19 18:21 - 2014-01-19 18:23 - 00023722 _____ C:\Users\steffen\Downloads\FRST.txt
2014-01-19 18:21 - 2014-01-19 18:21 - 00000000 ____D C:\FRST
2014-01-19 18:20 - 2014-01-19 18:21 - 01221120 _____ (Farbar) C:\Users\steffen\Downloads\FRST.exe
2014-01-19 18:19 - 2014-01-19 18:20 - 02076672 _____ (Farbar) C:\Users\steffen\Downloads\FRST64.exe
2014-01-19 11:41 - 2014-01-19 11:43 - 00000000 ____D C:\Users\steffen\Desktop\Gruppenarbeit Entfaltung
2014-01-19 11:40 - 2014-01-19 11:41 - 00000000 ____D C:\Users\steffen\Desktop\Musik-referat
2014-01-18 16:20 - 2014-01-18 16:20 - 00001085 _____ C:\Users\steffen\Desktop\Continue VuuPC Installation.lnk
2014-01-18 16:14 - 2014-01-18 16:14 - 00000000 ____D C:\Users\steffen\AppData\Roaming\OpenOffice
2014-01-18 16:10 - 2014-01-18 16:48 - 00000000 ____D C:\Program Files\Optimizer Pro
2014-01-18 16:10 - 2014-01-18 16:10 - 00000000 ____D C:\Users\steffen\Documents\Optimizer Pro
2014-01-18 16:04 - 2014-01-18 16:04 - 00001070 _____ C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2014-01-18 16:02 - 2014-01-18 16:14 - 00000000 ____D C:\Program Files\OpenOffice 4
2014-01-18 16:01 - 2014-01-18 16:02 - 00000000 ____D C:\Users\steffen\Desktop\OpenOffice 4.0.0 (en-US) Installation Files
2014-01-18 15:59 - 2014-01-18 16:48 - 00000000 ____D C:\Program Files\MyPC Backup
2014-01-18 15:58 - 2014-01-19 18:15 - 00000000 ____D C:\Users\steffen\AppData\Roaming\newnext.me
2014-01-18 15:58 - 2014-01-18 16:54 - 00000000 ____D C:\Users\steffen\AppData\Local\Mobogenie
2014-01-18 15:58 - 2014-01-18 16:11 - 00000000 ____D C:\Users\steffen\AppData\Local\genienext
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 ____D C:\Users\steffen\Documents\Mobogenie
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 ____D C:\Users\steffen\AppData\Local\cache
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 ____D C:\Users\steffen\.android
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 _____ C:\Users\steffen\daemonprocess.txt
2014-01-18 15:57 - 2014-01-18 16:54 - 00000000 ____D C:\Program Files\Mobogenie
2014-01-18 15:57 - 2014-01-18 15:59 - 00000000 ____D C:\Users\steffen\AppData\Local\Lollipop
2014-01-18 15:57 - 2014-01-18 15:59 - 00000000 ____D C:\ProgramData\WPM
2014-01-18 10:39 - 2014-01-18 10:39 - 00000000 ____D C:\windows\system32\SearchProtect
2014-01-18 10:39 - 2014-01-18 10:39 - 00000000 ____D C:\Program Files\Conduit
2014-01-18 10:38 - 2014-01-18 11:27 - 00000000 ____D C:\Users\steffen\AppData\Local\Conduit
2014-01-18 10:38 - 2014-01-18 10:38 - 00000000 ____D C:\Users\steffen\AppData\Local\NativeMessaging
2014-01-18 10:38 - 2014-01-18 10:38 - 00000000 ____D C:\Users\steffen\AppData\Local\CRE
2014-01-18 10:38 - 2014-01-18 10:38 - 00000000 ____D C:\ProgramData\Conduit
2014-01-18 10:37 - 2014-01-18 10:37 - 00000000 ____D C:\Users\steffen\AppData\Local\DownloadGuide
2014-01-18 10:36 - 2014-01-18 11:25 - 00000000 ____D C:\Program Files\Sweet Home 3D
2014-01-18 10:35 - 2014-01-18 10:36 - 33746304 _____ (eTeks ) C:\Users\steffen\Desktop\SweetHome3D-4-2-windows-oc.exe
2014-01-15 21:53 - 2013-11-27 02:14 - 00258560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00024064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00006016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-01-15 21:53 - 2013-11-26 12:11 - 00240576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-01-15 21:53 - 2013-11-26 11:10 - 02349056 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-01-14 13:14 - 2014-01-14 13:14 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-01-10 12:00 - 2014-01-11 11:01 - 00000000 ____D C:\Users\steffen\Desktop\LI
2014-01-09 11:52 - 2014-01-18 15:56 - 00001336 _____ C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-01-09 10:49 - 2014-01-09 11:16 - 00000000 ____D C:\ProgramData\TuneUp Software
2014-01-09 10:49 - 2014-01-09 10:49 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-09 10:49 - 2014-01-09 10:49 - 00000000 ____D C:\Users\steffen\AppData\Roaming\TuneUp Software
2014-01-09 10:45 - 2014-01-18 16:55 - 00000000 ____D C:\Users\steffen\AppData\Roaming\DVDVideoSoft
2014-01-03 23:08 - 2014-01-06 11:49 - 00000000 ____D C:\Users\steffen\Documents\Ahnenblatt
2014-01-03 23:08 - 2014-01-06 11:49 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Ahnenblatt
2014-01-03 22:27 - 2014-01-03 22:29 - 00000000 ____D C:\Users\steffen\Documents\MyHeritage
2014-01-03 22:26 - 2004-12-07 11:11 - 00258352 _____ (Microsoft Corporation) C:\windows\system32\unicows.dll
2014-01-03 22:25 - 2014-01-06 11:49 - 00000000 ____D C:\Program Files\MyHeritage
2014-01-03 13:10 - 2014-01-06 11:47 - 00000444 __RSH C:\Users\steffen\ntuser.pol
2014-01-03 13:10 - 2014-01-03 13:10 - 00001072 _____ C:\Users\Public\Desktop\Finale NotePad 2012.lnk
2014-01-03 13:09 - 2014-01-03 13:10 - 00000000 ____D C:\Program Files\Finale NotePad 2012
2014-01-03 13:07 - 2014-01-03 13:09 - 103516232 _____ (MakeMusic) C:\Users\steffen\Desktop\InstallFinaleNotePad2012.exe
2014-01-03 11:46 - 2014-01-03 11:47 - 00000000 ____D C:\Users\steffen\.lilypond-fonts.cache-2
2014-01-03 11:36 - 2014-01-03 11:36 - 00000027 _____ C:\windows\{_ini}
2014-01-03 11:36 - 2014-01-03 11:36 - 00000000 ____D C:\Users\steffen\Documents\schobuk
2013-12-20 13:36 - 2013-12-20 13:37 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2014-01-19 18:23 - 2014-01-19 18:21 - 00023722 _____ C:\Users\steffen\Downloads\FRST.txt
2014-01-19 18:22 - 2014-01-19 18:22 - 00024526 _____ C:\Users\steffen\Downloads\Addition.txt
2014-01-19 18:21 - 2014-01-19 18:21 - 00000000 ____D C:\FRST
2014-01-19 18:21 - 2014-01-19 18:20 - 01221120 _____ (Farbar) C:\Users\steffen\Downloads\FRST.exe
2014-01-19 18:20 - 2014-01-19 18:19 - 02076672 _____ (Farbar) C:\Users\steffen\Downloads\FRST64.exe
2014-01-19 18:15 - 2014-01-18 15:58 - 00000000 ____D C:\Users\steffen\AppData\Roaming\newnext.me
2014-01-19 18:15 - 2013-09-02 21:06 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Skype
2014-01-19 18:15 - 2010-03-16 18:54 - 01737347 _____ C:\windows\WindowsUpdate.log
2014-01-19 11:43 - 2014-01-19 11:41 - 00000000 ____D C:\Users\steffen\Desktop\Gruppenarbeit Entfaltung
2014-01-19 11:41 - 2014-01-19 11:40 - 00000000 ____D C:\Users\steffen\Desktop\Musik-referat
2014-01-19 11:41 - 2013-12-12 11:34 - 00119296 ___SH C:\Users\steffen\Desktop\Thumbs.db
2014-01-19 11:33 - 2009-07-14 05:34 - 00014752 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-19 11:33 - 2009-07-14 05:34 - 00014752 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-19 11:27 - 2011-07-18 15:16 - 00000000 ___RD C:\Users\steffen\Dropbox
2014-01-19 11:27 - 2011-07-18 15:14 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Dropbox
2014-01-19 11:25 - 2010-08-04 11:26 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-01-19 11:24 - 2013-06-10 17:03 - 00015729 _____ C:\windows\setupact.log
2014-01-19 11:24 - 2010-03-16 03:04 - 00787534 _____ C:\windows\PFRO.log
2014-01-19 11:24 - 2009-07-14 05:33 - 00478064 _____ C:\windows\system32\FNTCACHE.DAT
2014-01-18 16:55 - 2014-01-09 10:45 - 00000000 ____D C:\Users\steffen\AppData\Roaming\DVDVideoSoft
2014-01-18 16:54 - 2014-01-18 15:58 - 00000000 ____D C:\Users\steffen\AppData\Local\Mobogenie
2014-01-18 16:54 - 2014-01-18 15:57 - 00000000 ____D C:\Program Files\Mobogenie
2014-01-18 16:48 - 2014-01-18 16:10 - 00000000 ____D C:\Program Files\Optimizer Pro
2014-01-18 16:48 - 2014-01-18 15:59 - 00000000 ____D C:\Program Files\MyPC Backup
2014-01-18 16:20 - 2014-01-18 16:20 - 00001085 _____ C:\Users\steffen\Desktop\Continue VuuPC Installation.lnk
2014-01-18 16:14 - 2014-01-18 16:14 - 00000000 ____D C:\Users\steffen\AppData\Roaming\OpenOffice
2014-01-18 16:14 - 2014-01-18 16:02 - 00000000 ____D C:\Program Files\OpenOffice 4
2014-01-18 16:11 - 2014-01-18 15:58 - 00000000 ____D C:\Users\steffen\AppData\Local\genienext
2014-01-18 16:10 - 2014-01-18 16:10 - 00000000 ____D C:\Users\steffen\Documents\Optimizer Pro
2014-01-18 16:08 - 2010-08-04 11:36 - 00138224 _____ C:\Users\steffen\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-18 16:04 - 2014-01-18 16:04 - 00001070 _____ C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2014-01-18 16:02 - 2014-01-18 16:01 - 00000000 ____D C:\Users\steffen\Desktop\OpenOffice 4.0.0 (en-US) Installation Files
2014-01-18 15:59 - 2014-01-18 15:57 - 00000000 ____D C:\Users\steffen\AppData\Local\Lollipop
2014-01-18 15:59 - 2014-01-18 15:57 - 00000000 ____D C:\ProgramData\WPM
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 ____D C:\Users\steffen\Documents\Mobogenie
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 ____D C:\Users\steffen\AppData\Local\cache
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 ____D C:\Users\steffen\.android
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 _____ C:\Users\steffen\daemonprocess.txt
2014-01-18 15:56 - 2014-01-09 11:52 - 00001336 _____ C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-01-18 15:56 - 2013-09-12 08:38 - 00002339 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-18 15:56 - 2010-08-04 17:09 - 00001323 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-18 15:56 - 2010-08-04 11:46 - 00001627 _____ C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-18 11:27 - 2014-01-18 10:38 - 00000000 ____D C:\Users\steffen\AppData\Local\Conduit
2014-01-18 11:25 - 2014-01-18 10:36 - 00000000 ____D C:\Program Files\Sweet Home 3D
2014-01-18 10:39 - 2014-01-18 10:39 - 00000000 ____D C:\windows\system32\SearchProtect
2014-01-18 10:39 - 2014-01-18 10:39 - 00000000 ____D C:\Program Files\Conduit
2014-01-18 10:38 - 2014-01-18 10:38 - 00000000 ____D C:\Users\steffen\AppData\Local\NativeMessaging
2014-01-18 10:38 - 2014-01-18 10:38 - 00000000 ____D C:\Users\steffen\AppData\Local\CRE
2014-01-18 10:38 - 2014-01-18 10:38 - 00000000 ____D C:\ProgramData\Conduit
2014-01-18 10:37 - 2014-01-18 10:37 - 00000000 ____D C:\Users\steffen\AppData\Local\DownloadGuide
2014-01-18 10:36 - 2014-01-18 10:35 - 33746304 _____ (eTeks ) C:\Users\steffen\Desktop\SweetHome3D-4-2-windows-oc.exe
2014-01-17 22:05 - 2013-08-03 20:45 - 00000000 ____D C:\Users\steffen\Desktop\JULE + JENS
2014-01-17 14:23 - 2009-07-14 03:37 - 00000000 ____D C:\windows\system32\NDF
2014-01-17 13:55 - 2013-03-20 20:35 - 00000000 ____D C:\Users\steffen\Meins
2014-01-16 11:17 - 2013-05-13 10:35 - 00000000 ____D C:\Users\steffen\Desktop\Jens
2014-01-16 08:58 - 2011-07-18 15:14 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-15 22:22 - 2013-08-20 16:45 - 00000000 ____D C:\windows\system32\MRT
2014-01-15 22:20 - 2010-10-21 12:35 - 83425928 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-01-14 13:14 - 2014-01-14 13:14 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-01-11 11:01 - 2014-01-10 12:00 - 00000000 ____D C:\Users\steffen\Desktop\LI
2014-01-10 11:20 - 2009-07-26 21:06 - 01498742 _____ C:\windows\system32\PerfStringBackup.INI
2014-01-09 11:16 - 2014-01-09 10:49 - 00000000 ____D C:\ProgramData\TuneUp Software
2014-01-09 10:49 - 2014-01-09 10:49 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-09 10:49 - 2014-01-09 10:49 - 00000000 ____D C:\Users\steffen\AppData\Roaming\TuneUp Software
2014-01-09 10:47 - 2011-02-04 19:04 - 00000000 ____D C:\Program Files\Freemake
2014-01-09 10:46 - 2011-02-04 18:17 - 00000000 ____D C:\Users\steffen\Documents\DVDVideoSoft
2014-01-09 10:45 - 2013-05-24 09:42 - 00000000 ____D C:\Users\steffen\AppData\Roaming\OpenCandy
2014-01-06 21:49 - 2010-12-02 09:01 - 00132216 _____ C:\Users\steffen\AppData\Roaming\GDIPFONTCACHEV1.DAT
2014-01-06 11:49 - 2014-01-03 23:08 - 00000000 ____D C:\Users\steffen\Documents\Ahnenblatt
2014-01-06 11:49 - 2014-01-03 23:08 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Ahnenblatt
2014-01-06 11:49 - 2014-01-03 22:25 - 00000000 ____D C:\Program Files\MyHeritage
2014-01-06 11:47 - 2014-01-03 13:10 - 00000444 __RSH C:\Users\steffen\ntuser.pol
2014-01-03 22:29 - 2014-01-03 22:27 - 00000000 ____D C:\Users\steffen\Documents\MyHeritage
2014-01-03 13:10 - 2014-01-03 13:10 - 00001072 _____ C:\Users\Public\Desktop\Finale NotePad 2012.lnk
2014-01-03 13:10 - 2014-01-03 13:09 - 00000000 ____D C:\Program Files\Finale NotePad 2012
2014-01-03 13:10 - 2009-07-14 03:37 - 00000000 ___HD C:\windows\system32\GroupPolicy
2014-01-03 13:09 - 2014-01-03 13:07 - 103516232 _____ (MakeMusic) C:\Users\steffen\Desktop\InstallFinaleNotePad2012.exe
2014-01-03 11:47 - 2014-01-03 11:46 - 00000000 ____D C:\Users\steffen\.lilypond-fonts.cache-2
2014-01-03 11:38 - 2009-07-14 05:52 - 00000000 ____D C:\windows\system32\FxsTmp
2014-01-03 11:36 - 2014-01-03 11:36 - 00000027 _____ C:\windows\{_ini}
2014-01-03 11:36 - 2014-01-03 11:36 - 00000000 ____D C:\Users\steffen\Documents\schobuk
2014-01-03 09:53 - 2012-05-15 10:08 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-20 13:37 - 2013-12-20 13:36 - 00000000 ____D C:\Program Files\Mozilla Firefox
Some content of TEMP:
====================
C:\Users\steffen\AppData\Local\Temp\avgnt.exe
C:\Users\steffen\AppData\Local\Temp\BackupSetup.exe
C:\Users\steffen\AppData\Local\Temp\detectionapi_rd.dll
C:\Users\steffen\AppData\Local\Temp\directx9tests_rd.dll
C:\Users\steffen\AppData\Local\Temp\DLG_shopping-toolbar_softonic_de-DE.exe
C:\Users\steffen\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\steffen\AppData\Local\Temp\eauninstall.exe
C:\Users\steffen\AppData\Local\Temp\ICReinstall_Setup.exe
C:\Users\steffen\AppData\Local\Temp\install_reader11_de_mssa_aaa_aih.exe
C:\Users\steffen\AppData\Local\Temp\iobwnedxjvdevl.exe
C:\Users\steffen\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\steffen\AppData\Local\Temp\local.dll
C:\Users\steffen\AppData\Local\Temp\mfc80.dll
C:\Users\steffen\AppData\Local\Temp\mfc80u.dll
C:\Users\steffen\AppData\Local\Temp\mfcm80.dll
C:\Users\steffen\AppData\Local\Temp\mfcm80u.dll
C:\Users\steffen\AppData\Local\Temp\msvcm80.dll
C:\Users\steffen\AppData\Local\Temp\msvcp80.dll
C:\Users\steffen\AppData\Local\Temp\msvcr80.dll
C:\Users\steffen\AppData\Local\Temp\Need for Speed Most Wanted_uninst.exe
C:\Users\steffen\AppData\Local\Temp\nsb634B.exe
C:\Users\steffen\AppData\Local\Temp\nsbBB08.exe
C:\Users\steffen\AppData\Local\Temp\nsdF99F.exe
C:\Users\steffen\AppData\Local\Temp\nsg5563.exe
C:\Users\steffen\AppData\Local\Temp\nsqD693.exe
C:\Users\steffen\AppData\Local\Temp\nsqF33A.exe
C:\Users\steffen\AppData\Local\Temp\nswD3E8.exe
C:\Users\steffen\AppData\Local\Temp\schobuk.exe
C:\Users\steffen\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\steffen\AppData\Local\Temp\Softonic_chr_1-8-29-3_cn.exe
C:\Users\steffen\AppData\Local\Temp\SPStub.exe
C:\Users\steffen\AppData\Local\Temp\tbFree.dll
C:\Users\steffen\AppData\Local\Temp\uninst1.exe
C:\Users\steffen\AppData\Local\Temp\vcredist_x86.exe
C:\Users\steffen\AppData\Local\Temp\VIS_DE-2013-12-13.exe
C:\Users\steffen\AppData\Local\Temp\VIS_DE-2013-12-13[1].exe
C:\Users\steffen\AppData\Local\Temp\_is777F.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-04 12:11
==================== End Of Log ============================
--- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 19-01-2014 03
Ran by steffen at 2014-01-19 18:23:35
Running from C:\Users\steffen\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Accelerometer (Version: 1.06.08.45 - STMicroelectronics)
Adobe Flash Player 10 ActiveX (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) - Deutsch (Version: 11.0.03 - Adobe Systems Incorporated)
AnyPC Client (Version: 1.0.0.25 - Doctorsoft)
Apple Application Support (Version: 2.3.4 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (Version: 1.0.2.1119 - Atheros)
Avira Free Antivirus (Version: 14.0.2.286 - Avira)
BatteryLifeExtender (Version: 1.0.1 - Samsung)
Brother MFL-Pro Suite MFC-5890CN (Version: 1.0.1.0 - Brother Industries, Ltd.)
ChargeableUSB (Version: 1.0.0.0 - SAMSUNG)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite (Version: 6.0.2806 - CyberLink Corp.)
CyberLink DVD Suite (Version: 6.0.2806 - CyberLink Corp.) Hidden
CyberLink LabelPrint (Version: 2.5.1916 - CyberLink Corp.)
CyberLink LabelPrint (Version: 2.5.1916 - CyberLink Corp.) Hidden
CyberLink Power2Go (Version: 6.0.3108a - CyberLink Corp.)
CyberLink Power2Go (Version: 6.0.3108a - CyberLink Corp.) Hidden
CyberLink PowerDirector (Version: 7.0.3213 - CyberLink Corp.)
CyberLink PowerDirector (Version: 7.0.3213 - CyberLink Corp.) Hidden
CyberLink PowerDVD 8 (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerDVD 8 (Version: 8.0.2815b - CyberLink Corp.) Hidden
CyberLink PowerProducer (Version: 5.0.1.1812 - CyberLink Corp.)
CyberLink PowerProducer (Version: 5.0.1.1812 - CyberLink Corp.) Hidden
CyberLink YouCam (Version: 2.0.3707 - CyberLink Corp.)
CyberLink YouCam (Version: 2.0.3707 - CyberLink Corp.) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
dm-Fotowelt (Version: 5.1.2 - CEWE COLOR AG u Co. OHG)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
Easy Display Manager (Version: 3.1 - Samsung Electronics Co., Ltd.)
Easy Network Manager (Version: 4.2.8 - Samsung)
Easy SpeedUp Manager (Version: 3.0.0.6 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (Version: 4.0.0.3 - Samsung)
Elevated Installer (Version: 2.2.20 - Garmin Ltd or its subsidiaries) Hidden
f4 2012 (Version: - audiotranskription.de)
Facebook Video Calling 2.0.0.447 (Version: 2.0.447 - Skype Limited)
Finale NotePad 2012 (Version: 2012..r1.1 - MakeMusic)
FreeMake Toolbar (Version: 6.8.9.0 - FreeMake)
Freemake Video Downloader (Version: 3.5.1 - Ellora Assets Corporation)
Garmin Express (Version: 2.2.20 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 2.2.20 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (Version: 2.2.20 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (Version: 32.0.1700.76 - Google Inc.)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
ICQ Toolbar (Version: 3.0.0 - ICQ)
ICQ7.6 (Version: 7.6 - ICQ)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) PROSet/Wireless WiFi Software (Version: 13.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 9.5.4.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (Version: 01.01.01.1007 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (Version: 1.0.186.6 - Intel)
Java 7 Update 45 (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Korean Fonts Support For Adobe Reader 9 (Version: 9.0.0 - Adobe Systems Incorporated)
LSI HDA Modem (Version: 2.2.97 - LSI Corporation)
Marvell Miniport Driver (Version: 11.22.3.3 - Marvell)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (Version: 2.9 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (Version: 1.10 - NVIDIA Corporation)
OpenOffice 4.0.0 (Version: 4.00.9702 - Apache Software Foundation)
PaperPort Image Printer (Version: 1.00.0000 - Nuance Communications, Inc.)
PDF Architect (Version: 1.0.52.8917 - pdfforge)
PDF24 Creator 5.7.0 (Version: - PDF24.org)
PDFCreator (Version: 1.6.2 - pdfforge)
PerfectTablePlan 5.1.1 (Version: - Oryx Digital Ltd)
QuickTime (Version: 7.74.80.86 - Apple Inc.)
Readiris Pro 10 (Version: - )
Realtek High Definition Audio Driver (Version: 6.0.1.6013 - Realtek Semiconductor Corp.)
Samsung Recovery Solution 4 (Version: 4.0.0.6 - Samsung)
Samsung SCX-4500 Series (Version: - Samsung Electronics CO.,LTD)
Samsung Support Center (Version: 1.1.0 - Samsung)
Samsung Update Plus (Version: 2.0 - Samsung Electronics Co., Ltd.)
ScanSoft PaperPort 11 (Version: 11.2.0000 - Nuance Communications, Inc.)
Skype™ 6.11 (Version: 6.11.102 - Skype Technologies S.A.)
SmarThru 4 (Version: - )
Synaptics Pointing Device Driver (Version: 14.0.10.0 - Synaptics Incorporated)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (Version: 9.00.3042.00 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
User Guide (Version: 1.0 - )
VLC media player 1.1.11 (Version: 1.1.11 - VideoLAN)
WIDCOMM Bluetooth Software (Version: 6.2.1.800 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) (Version: 09/11/2009 6.2.0.9407 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinPcap 4.1.2 (Version: 4.1.0.2001 - CACE Technologies)
WinRAR (Version: - )
==================== Restore Points =========================
18-12-2013 21:10:45 Windows Update
09-01-2014 10:50:08 TuneUp Utilities 2014 wird entfernt
09-01-2014 10:51:49 TuneUp Utilities 2014 (de-DE) wird entfernt
15-01-2014 21:20:02 Windows Update
18-01-2014 14:58:09 Uniblue SpeedUpMyPC installation
18-01-2014 15:02:29 Installed OpenOffice 4.0.0
==================== Hosts content: ==========================
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {1379FE3F-3A28-471E-A420-4BBEFA912DF4} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-04-20] ()
Task: {1D995AB7-A868-46D6-B50A-F678CD63D5BD} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-10-16] (SAMSUNG Electronics co., LTD.)
Task: {326A118E-3AB9-4E19-A6AB-0A09EA2CDCD3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2096383324-2889373705-592675725-1000Core => C:\Users\steffen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-24] (Facebook Inc.)
Task: {436946A4-8016-4CCF-A9D0-B121190C28F6} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {45A8B007-B1CC-4157-84B1-CA0047D07A90} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2009-12-14] (SAMSUNG Electronics)
Task: {5150384C-4986-4253-AF59-E5ADEBD8A293} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2010-03-05] (Samsung Electronics Co., Ltd.)
Task: {56341EF7-7330-46B6-A1EA-5A1A593630EC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2096383324-2889373705-592675725-1000UA => C:\Users\steffen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-24] (Facebook Inc.)
Task: {5ECEBFCF-DB4E-49FA-B5BE-97C2342E335D} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2009-11-19] (Samsung Electronics. Co. Ltd.)
Task: {80F05905-E34E-47E4-9393-95B8E9626536} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-11-11] (Samsung Electronics Co., Ltd.)
Task: {94F4355D-9C5F-4245-ACB0-7F50F606F001} - System32\Tasks\APSchedulerC => C:\Program Files\AnyPC Client\APLanMgrC.exe [2009-11-20] (DoctorSoft)
Task: {C8488655-83F7-4B5C-87D3-B9AC1CF3C90E} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-13] (Adobe Systems Incorporated)
Task: {D1D7C3E2-BA2F-4B5D-9A71-2521A563B035} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2096383324-2889373705-592675725-1000Core.job => C:\Users\steffen\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2096383324-2889373705-592675725-1000UA.job => C:\Users\steffen\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1cef0f5cccf2e3e.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2009-10-30 04:08 - 2009-10-30 04:08 - 00022723 _____ () C:\windows\System32\ml163sl3.dll
2010-08-04 21:14 - 2007-01-11 04:28 - 00022723 _____ () C:\windows\System32\sx450sl3.dll
2012-12-20 09:48 - 2012-09-19 18:17 - 00397088 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2011-01-05 10:57 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2011-01-05 10:57 - 2002-11-26 13:43 - 00106496 ____N () C:\windows\system32\BrMuSNMP.dll
2010-11-11 16:48 - 2010-03-15 11:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2009-06-03 12:59 - 2009-06-03 12:59 - 00619816 ____N () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2009-06-03 12:59 - 2009-06-03 12:59 - 00013096 ____N () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2010-08-04 21:17 - 2007-01-09 11:29 - 00184320 _____ () C:\Program Files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\IMFilter.dll
2010-08-04 21:17 - 2007-01-09 11:30 - 01384520 _____ () C:\Program Files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\ssole.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\steffen\AppData\Roaming\Dropbox\bin\libcef.dll
2014-01-16 08:27 - 2014-01-11 11:28 - 00715544 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
2014-01-16 08:27 - 2014-01-11 11:28 - 00100120 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\libegl.dll
2014-01-16 08:27 - 2014-01-11 11:29 - 04055320 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-16 08:27 - 2014-01-11 11:29 - 00399640 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-16 08:27 - 2014-01-11 11:28 - 01634584 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
2014-01-16 08:27 - 2014-01-11 11:29 - 13615896 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== Faulty Device Manager Devices =============
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/19/2014 06:18:07 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/01/19 18:18:07.601]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.178.20]
Error: (01/19/2014 06:15:01 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/01/19 18:15:01.613]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.178.20]
Error: (01/19/2014 05:45:25 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/01/19 17:45:25.160]: [00002160]: GetDeviceIpAddress: GetAddressByName [BRN001BA95A3E1B] Error
Error: (01/18/2014 03:58:01 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {f4a53f49-fec7-4cf0-a3cf-9246e37b604b}
Error: (01/18/2014 03:48:41 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/01/18 15:48:41.676]: [00002184]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.178.20]
Error: (01/18/2014 00:32:08 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/01/18 12:32:08.089]: [00002184]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.178.20]
Error: (01/18/2014 10:39:05 AM) (Source: CltMngSvc) (User: )
Description: CltMngSvcServiceInstall: Fail to Start serviceSearch Protect by Conduit Updater (Error: 1056)
Error: (01/18/2014 10:38:38 AM) (Source: CltMngSvc) (User: )
Description: CltMngSvcServiceInstall: Fail to Start serviceSearch Protect by Conduit Updater (Error: 1056)
Error: (01/18/2014 10:38:06 AM) (Source: CltMngSvc) (User: )
Description: CltMngSvcServiceMain Version 2. (Error: 87)
Error: (01/18/2014 10:11:22 AM) (Source: Microsoft-Windows-RestartManager) (User: steffen-PC)
Description: Die Anwendung oder der Dienst "Windows-Explorer" konnte nicht heruntergefahren werden.
System errors:
=============
Error: (01/19/2014 06:20:28 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.21
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (01/19/2014 06:15:18 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.21
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (01/19/2014 11:28:01 AM) (Source: DCOM) (User: )
Description: {CC957078-B838-47C4-A7CF-626E7A82FC58}
Error: (01/19/2014 11:26:47 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/19/2014 11:26:47 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Media Player-Netzwerkfreigabedienst erreicht.
Error: (01/19/2014 11:26:07 AM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.21
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (01/19/2014 11:25:53 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error: (01/19/2014 11:25:46 AM) (Source: Service Control Manager) (User: )
Description: Dienst "SQL Server VSS Writer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/19/2014 11:25:03 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error: (01/18/2014 04:10:14 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "MgAssist Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Microsoft Office Sessions:
=========================
Error: (01/19/2014 06:18:07 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2014/01/19 18:18:07.601]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.178.20]
Error: (01/19/2014 06:15:01 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2014/01/19 18:15:01.613]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.178.20]
Error: (01/19/2014 05:45:25 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2014/01/19 17:45:25.160]: [00002160]: GetDeviceIpAddress: GetAddressByName [BRN001BA95A3E1B] Error
Error: (01/18/2014 03:58:01 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {f4a53f49-fec7-4cf0-a3cf-9246e37b604b}
Error: (01/18/2014 03:48:41 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2014/01/18 15:48:41.676]: [00002184]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.178.20]
Error: (01/18/2014 00:32:08 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2014/01/18 12:32:08.089]: [00002184]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.178.20]
Error: (01/18/2014 10:39:05 AM) (Source: CltMngSvc)(User: )
Description: CltMngSvcServiceInstall: Fail to Start serviceSearch Protect by Conduit Updater (Error: 1056)
Error: (01/18/2014 10:38:38 AM) (Source: CltMngSvc)(User: )
Description: CltMngSvcServiceInstall: Fail to Start serviceSearch Protect by Conduit Updater (Error: 1056)
Error: (01/18/2014 10:38:06 AM) (Source: CltMngSvc)(User: )
Description: CltMngSvcServiceMain Version 2. (Error: 87)
Error: (01/18/2014 10:11:22 AM) (Source: Microsoft-Windows-RestartManager)(User: steffen-PC)
Description: 1C:\Windows\explorer.exeWindows-Explorer0411728360
==================== Memory info ===========================
Percentage of memory in use: 46%
Total physical RAM: 3060.45 MB
Available physical RAM: 1644.56 MB
Total Pagefile: 6119.2 MB
Available Pagefile: 4077.04 MB
Total Virtual: 2047.88 MB
Available Virtual: 1897.34 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:141.49 GB) (Free:19.18 GB) NTFS
Drive d: () (Fixed) (Total:141.5 GB) (Free:70.79 GB) NTFS
Drive e: (Disc) (CDROM) (Total:1.51 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 97265681)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=141 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=141 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
19.01.2014, 18:30
| #4 |
| /// TB-Ausbilder | Extended Protection 2.1 ok. Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Starte noch einmal FRST.
__________________ cheers, Leo |
|
20.01.2014, 11:00
| #5 |
| | Extended Protection 2.1 AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.017 - Bericht erstellt am 20/01/2014 um 10:48:40
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : steffen - STEFFEN-PC
# Gestartet von : C:\Users\steffen\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : BackupStack
Dienst Gelöscht : ICQ Service
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Conduit
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Systweak
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Ordner Gelöscht : C:\Program Files\Advanced System Protector
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Program Files\FoxTab
Ordner Gelöscht : C:\Program Files\ICQ6Toolbar
Ordner Gelöscht : C:\Program Files\Mobogenie
Ordner Gelöscht : C:\Program Files\MyPC Backup
Ordner Gelöscht : C:\Program Files\openit
Ordner Gelöscht : C:\Program Files\optimizer pro
Ordner Gelöscht : C:\Program Files\RegClean Pro
Ordner Gelöscht : C:\Program Files\Trymedia
Ordner Gelöscht : C:\Program Files\Plus-HD-5.0
Ordner Gelöscht : C:\windows\system32\Searchprotect
Ordner Gelöscht : C:\Users\steffen\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\steffen\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\steffen\AppData\Local\genienext
Ordner Gelöscht : C:\Users\steffen\AppData\Local\lollipop
Ordner Gelöscht : C:\Users\steffen\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\steffen\AppData\Local\NativeMessaging
Ordner Gelöscht : C:\Users\steffen\AppData\Local\Wajam
Ordner Gelöscht : C:\Users\steffen\AppData\Local\Temp\NativeMessaging
Ordner Gelöscht : C:\Users\steffen\AppData\Local\Temp\CT3322950
Ordner Gelöscht : C:\Users\steffen\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\steffen\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\steffen\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\steffen\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\steffen\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\steffen\AppData\Roaming\FoxTab
Ordner Gelöscht : C:\Users\steffen\AppData\Roaming\newnext.me
Ordner Gelöscht : C:\Users\steffen\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\steffen\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\steffen\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Ordner Gelöscht : C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Ordner Gelöscht : C:\Users\steffen\Documents\Mobogenie
Ordner Gelöscht : C:\Users\steffen\Documents\optimizer pro
Ordner Gelöscht : C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\ConduitEngine
Ordner Gelöscht : C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\ICQToolbarData
Ordner Gelöscht : C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\Smartbar
Ordner Gelöscht : C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\ValueApps
Ordner Gelöscht : C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\CT3322950
Ordner Gelöscht : C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\Extensions\{5EBDCA98-43B3-45BB-87E0-716029FB42AB}
Ordner Gelöscht : C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Ordner Gelöscht : C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\Extensions\8c6c8c15-21d7-4f62-8a57-202aee8f7fb3@6567ba21-e435-4eb0-838d-8395b2265c30.com
Ordner Gelöscht : C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\Extensions\{afa59d4f-18ec-4866-949b-f406270e15cb}
Ordner Gelöscht : C:\Users\steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Ordner Gelöscht : C:\Users\steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Ordner Gelöscht : C:\Users\steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkhjppglbhfdpdameiopkfoopdchkgef
Datei Gelöscht : C:\Users\Public\Desktop\Advanced System Protector.lnk
Datei Gelöscht : C:\Users\Public\Desktop\Open It!.lnk
Datei Gelöscht : C:\Users\Public\Desktop\RegClean Pro.lnk
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lollipop.lnk
Datei Gelöscht : C:\windows\system32\roboot.exe
Datei Gelöscht : C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Datei Gelöscht : C:\Users\steffen\Desktop\Mobogenie.lnk
Datei Gelöscht : C:\Users\steffen\Desktop\MyPC Backup.lnk
Datei Gelöscht : C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\bProtector_extensions.rdf
Datei Gelöscht : C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\invalidprefs.js
Datei Gelöscht : C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\searchplugins\conduit-search.xml
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\nationzoom.xml
Datei Gelöscht : C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\user.js
Datei Gelöscht : C:\Users\steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Datei Gelöscht : C:\windows\Tasks\Plus-HD-5.0-chromeinstaller.job
Datei Gelöscht : C:\windows\Tasks\Plus-HD-5.0-codedownloader.job
Datei Gelöscht : C:\windows\Tasks\Plus-HD-5.0-enabler.job
Datei Gelöscht : C:\windows\Tasks\Plus-HD-5.0-firefoxinstaller.job
Datei Gelöscht : C:\windows\Tasks\Plus-HD-5.0-updater.job
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Finale NotePad 2012\Benutzerhandbuch.lnk
Verknüpfung Desinfiziert : C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\steffen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\steffen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\steffen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\steffen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\steffen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\steffen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\hkhjppglbhfdpdameiopkfoopdchkgef
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\hkhjppglbhfdpdameiopkfoopdchkgef
Schlüssel Gelöscht : HKCU\Software\Classes\Applications\lollipop.exe
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Advanced System Protector_Startup]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0047718.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0047718.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0047718.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0047718.Sandbox.1
Schlüssel Gelöscht : HKCU\Software\5ae888be66aed40
Schlüssel Gelöscht : HKLM\SOFTWARE\5ae888be66aed40
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3214568
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3322950
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_zuma-deluxe_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_zuma-deluxe_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411771118}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422772218}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455775518}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466776618}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444774418}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411771118}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22d36aab-58e2-4972-881b-6b8a475aca49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{604eb3e2-6b4d-4328-aef6-41a15b339be2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92182fb4-ae7e-4dd1-a8d0-b63404bf5b60}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95389704-673c-4716-8fec-3eb5de296e99}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\lyrixeeker
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Plus-HD-5.0
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BabylonToolbar
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\DomaIQ
Schlüssel Gelöscht : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\Software\InstallCore
Schlüssel Gelöscht : HKLM\Software\nationzoomSoftware
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Trymedia Systems
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\Plus-HD-5.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OpenIt Open It!
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-5.0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\prefs.js ]
Zeile gelöscht : user_pref("CT3322950.1000082.isPlayDisplay", "true");
Zeile gelöscht : user_pref("CT3322950.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock - Rock\",\"url\":\"hxxp://www.feedlive.net/california.asx\"}");
Zeile gelöscht : user_pref("CT3322950.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3322950.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3322950.FF19Solved", "true");
Zeile gelöscht : user_pref("CT3322950.FirstTime", "true");
Zeile gelöscht : user_pref("CT3322950.FirstTimeFF3", "true");
Zeile gelöscht : user_pref("CT3322950.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3322950&SearchSource=2&CUI=UN35014252225894811&UM=2&q=");
Zeile gelöscht : user_pref("CT3322950.UserID", "UN35014252225894811");
Zeile gelöscht : user_pref("CT3322950.addressBarTakeOverEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT3322950.appOptions", "{}");
Zeile gelöscht : user_pref("CT3322950.browser.search.defaultthis.engineName", "true");
Zeile gelöscht : user_pref("CT3322950.countryCode", "DE");
Zeile gelöscht : user_pref("CT3322950.defaultSearch", "true");
Zeile gelöscht : user_pref("CT3322950.enableAlerts", "true");
Zeile gelöscht : user_pref("CT3322950.enableSearchFromAddressBar", "true");
Zeile gelöscht : user_pref("CT3322950.firstTimeDialogOpened", "true");
Zeile gelöscht : user_pref("CT3322950.fixPageNotFoundError", "true");
Zeile gelöscht : user_pref("CT3322950.fixPageNotFoundErrorByUser", "true");
Zeile gelöscht : user_pref("CT3322950.fixPageNotFoundErrorInHidden", "true");
Zeile gelöscht : user_pref("CT3322950.fullUserID", "UN35014252225894811.IN.20140118103754");
Zeile gelöscht : user_pref("CT3322950.homepageuserchanged", true);
Zeile gelöscht : user_pref("CT3322950.installDate", "18/01/2014 10:37:56");
Zeile gelöscht : user_pref("CT3322950.installSessionId", "{8A51148E-69C3-4830-9AC6-45B6DAD7DADA}");
Zeile gelöscht : user_pref("CT3322950.installSp", "TRUE");
Zeile gelöscht : user_pref("CT3322950.installType", "conduitnsisintegration");
Zeile gelöscht : user_pref("CT3322950.installUsage", "2014-01-18T13:22:37.3723108+03:00");
Zeile gelöscht : user_pref("CT3322950.installUsageEarly", "2014-01-18T13:22:36.7639108+03:00");
Zeile gelöscht : user_pref("CT3322950.installerVersion", "1.8.1.4");
Zeile gelöscht : user_pref("CT3322950.isCheckedStartAsHidden", true);
Zeile gelöscht : user_pref("CT3322950.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3322950.isFirstTimeToolbarLoading", "false");
Zeile gelöscht : user_pref("CT3322950.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gelöscht : user_pref("CT3322950.keyword", "true");
Zeile gelöscht : user_pref("CT3322950.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3322950&octid=CT3322950&SearchSource=15&CUI=UN35014252225894811&SSPV=&Lay=1&UM=2\"}");
Zeile gelöscht : user_pref("CT3322950.lastVersion", "10.23.0.822");
Zeile gelöscht : user_pref("CT3322950.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://FreemiumA.OurToolbar.com/\",\"EB_TOOLB[...]
Zeile gelöscht : user_pref("CT3322950.openThankYouPage", "false");
Zeile gelöscht : user_pref("CT3322950.openUninstallPage", "true");
Zeile gelöscht : user_pref("CT3322950.originalHomepage", "hxxp://web.de/");
Zeile gelöscht : user_pref("CT3322950.originalSearchAddressUrl", "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d4f7c117-3759-754d-6921-960c021e8dd8&searchtype=ds&fr=linkury-tb&installDate=09/[...]
Zeile gelöscht : user_pref("CT3322950.originalSearchEngine", "Google");
Zeile gelöscht : user_pref("CT3322950.originalSearchEngineName", "Google");
Zeile gelöscht : user_pref("CT3322950.revertSettingsEnabled", "true");
Zeile gelöscht : user_pref("CT3322950.search.searchAppId", "130318455674433900");
Zeile gelöscht : user_pref("CT3322950.search.searchCount", "0");
Zeile gelöscht : user_pref("CT3322950.searchFromAddressBarEnabledByUser", "true");
Zeile gelöscht : user_pref("CT3322950.searchInNewTabEnabledByUser", "true");
Zeile gelöscht : user_pref("CT3322950.searchInNewTabEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT3322950.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gelöscht : user_pref("CT3322950.searchRevert", "true");
Zeile gelöscht : user_pref("CT3322950.searchSuggestEnabledByUser", "true");
Zeile gelöscht : user_pref("CT3322950.searchUninstallUserMode", "2");
Zeile gelöscht : user_pref("CT3322950.searchUserMode", "2");
Zeile gelöscht : user_pref("CT3322950.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3322950\"}");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://FreemiumA.OurToolbar.com//xpi\"}");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"FreemiumA \"}");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_Configuration_lastUpdate", "1390127514068");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1390040575069");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_appsMetadata_lastUpdate", "1390040574373");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1390040574521");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1390040573571");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1390040573988");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_login_10.23.0.722_lastUpdate", "1390056550931");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_login_10.23.0.822_lastUpdate", "1390205309762");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1390040574660");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_searchAPI_lastUpdate", "1390127513431");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_serviceMap_lastUpdate", "1390127513193");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_toolbarContextMenu_lastUpdate", "1390040574632");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_toolbarSettings_lastUpdate", "1390205309335");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_translation_lastUpdate", "1390127513272");
Zeile gelöscht : user_pref("CT3322950.settingsINI", true);
Zeile gelöscht : user_pref("CT3322950.shouldFirstTimeDialog", "false");
Zeile gelöscht : user_pref("CT3322950.showToolbarPermission", "false");
Zeile gelöscht : user_pref("CT3322950.smartbar.CTID", "CT3322950");
Zeile gelöscht : user_pref("CT3322950.smartbar.Uninstall", "0");
Zeile gelöscht : user_pref("CT3322950.smartbar.homepage", "true");
Zeile gelöscht : user_pref("CT3322950.smartbar.toolbarName", "FreemiumA ");
Zeile gelöscht : user_pref("CT3322950.startPage", "true");
Zeile gelöscht : user_pref("CT3322950.toolbarBornServerTime", "18-1-2014");
Zeile gelöscht : user_pref("CT3322950.toolbarCurrentServerTime", "20-1-2014");
Zeile gelöscht : user_pref("CT3322950.toolbarInstallDate", "18-01-2014 10:37:54");
Zeile gelöscht : user_pref("CT3322950.toolbarLoginClientTime", "Sat Jan 18 2014 11:22:55 GMT+0100");
Zeile gelöscht : user_pref("CT3322950.versionFromInstaller", "10.23.0.722");
Zeile gelöscht : user_pref("CT3322950.xpeMode", "0");
Zeile gelöscht : user_pref("CT3322950_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1390210885822,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Zeile gelöscht : user_pref("Smartbar.ConduitHomepagesList", "");
Zeile gelöscht : user_pref("Smartbar.ConduitSearchEngineList", "FreemiumA Customized Web Search");
Zeile gelöscht : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3322950&SearchSource=2&CUI=UN35014252225894811&UM=2&q=");
Zeile gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d4f7c117-3759-754d-6921-960c021e8dd8&searchtype=ds&fr=linkury-tb&installDate=[...]
Zeile gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT3322950");
Zeile gelöscht : user_pref("avg.install.userHPSettings", "hxxp://www.yd.delta-search.com/?affID=119528&tt=030213_yd&babsrc=HP_ss&mntrId=18fbbf110000000000007ee4004debad");
Zeile gelöscht : user_pref("avg.install.userSPSettings", "Delta Search");
Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://www.nationzoom.com/newtab/?type=nt&ts=1390057011&from=tugs&uid=HitachiXHTS545032B9A300_100425PBN3031TKD80YRX");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "FreemiumA Customized Web Search");
Zeile gelöscht : user_pref("browser.search.defaultthis.engineName", "FreemiumA Customized Web Search");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3322950&CUI=UN35014252225894811&UM=2&SearchSource=3&q={searchTerms}");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "FreemiumA Customized Web Search");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.nationzoom.com/?type=hp&ts=1390057011&from=tugs&uid=HitachiXHTS545032B9A300_100425PBN3031TKD80YRX");
Zeile gelöscht : user_pref("extensions.Softonic.admin", false);
Zeile gelöscht : user_pref("extensions.Softonic.aflt", "SD");
Zeile gelöscht : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
Zeile gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.Softonic.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.Softonic.dnsErr", true);
Zeile gelöscht : user_pref("extensions.Softonic.excTlbr", false);
Zeile gelöscht : user_pref("extensions.Softonic.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.Softonic.hmpg", true);
Zeile gelöscht : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=13&cc=&mi=18fbbf110000000000007ee4004debad&toi=16073");
Zeile gelöscht : user_pref("extensions.Softonic.hpOld0", "");
Zeile gelöscht : user_pref("extensions.Softonic.id", "18fbbf110000000000007ee4004debad");
Zeile gelöscht : user_pref("extensions.Softonic.instlDay", "16073");
Zeile gelöscht : user_pref("extensions.Softonic.instlRef", "MOY00009");
Zeile gelöscht : user_pref("extensions.Softonic.kw_url", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=2&cc=&mi=18fbbf110000000000007ee4004debad&toi=16073&q=");
Zeile gelöscht : user_pref("extensions.Softonic.newTab", true);
Zeile gelöscht : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00009/tb_v1/?SearchSource=15&cc=&mi=18fbbf110000000000007ee4004debad&toi=16073");
Zeile gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");
Zeile gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");
Zeile gelöscht : user_pref("extensions.Softonic.rvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrId", "2013desingbrand");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=1&cc=&mi=18fbbf110000000000007ee4004debad&toi=16073&q=");
Zeile gelöscht : user_pref("extensions.Softonic.vrsn", "1.8.29.3");
Zeile gelöscht : user_pref("extensions.Softonic.vrsnTs", "1.8.29.313:11:15");
Zeile gelöscht : user_pref("extensions.Softonic.vrsni", "1.8.29.3");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.InstallationThankYouPage", true);
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.InstallationTime", 1390210700);
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.active", true);
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.addressbar", "NA");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.addressbarenhanced", "");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.asyncdb_dbWasSet", true);
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.asyncdb_dbWasSet_FF25_FIX", true);
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.asyncinternaldb_dbWasSet", true);
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.asyncinternaldb_dbWasSet_FF25_FIX", true);
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.backgroundver", 1);
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.certdomaininstaller", "");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.changeprevious", false);
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.cookie.InstallationTime.value", "%221390210700%22");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22000781%22%2C%22sub_id%22%3A%220%22%2C%22uz[...]
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.cookie.iframe-exists.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.cookie.iframe-exists.value", "true");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.cookie.jw_token.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.cookie.jw_token.value", "%22147eccce-554d-50da-1164-f231453d5e54%22");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.description", "Turn YouTube videos to High Definition by default");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.domain", "");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.enablesearch", false);
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.homepage", "");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.iframe", false);
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%224DC63D1A6B3543749A7F852FA3761[...]
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22000781%22%2C%22sub_id%22%3A%220%22%2C%[...]
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22000781%22%2C%22sub_id%22%3A%220%2[...]
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%224DC63D1A6B3543749A7F[...]
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb.Resources_appVer.value", "21");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb.Resources_lastVersion.value", "1");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb.Resources_meta.value", "%7B%7D");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb.Resources_nextCheck.expiration", "Mon Jan 20 2014 16:41:35 GMT+0100");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb.Resources_nextCheck.value", "true");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb.Resources_queue.value", "%7B%7D");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb._country_code_.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb._country_code_.value", "%22DE%22");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%224DC63D1A[...]
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.lastDailyReport", "1390210891107");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.lastUpdate", "1390210891103");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.manifesturl", "");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.name", "Plus-HD-5.0");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.newtab", "");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.opensearch", "");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/47718/plugins/093/ff/plugins.json");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.pluginsversion", 16);
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.publisher", "Plus HD");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.searchstatus", 0);
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.setnewtab", false);
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.thankyou", "");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.updateinterval", 360);
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.47718.ver", 21);
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.apps", "47718");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.bic", "143a4dfdf09b5e9790bee1f7b64f2f4d");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.cid", 47718);
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.firstrun", false);
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.hadappinstalled", true);
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.installationdate", 1390210885);
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.modetype", "production");
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.reportInstall", true);
Zeile gelöscht : user_pref("extensions.a8c6c8c1521d74f628a57202aee8f7fb36567ba21e4354eb0838d8395b2265c30com47718.statsDailyCounter", 1);
Zeile gelöscht : user_pref("extensions.crossrider.bic", "143a4dfdf09b5e9790bee1f7b64f2f4d");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.bbDpng", "5");
Zeile gelöscht : user_pref("extensions.delta.cntry", "DE");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.hdrMd5", "");
Zeile gelöscht : user_pref("extensions.delta.id", "18fbbf110000000000007ee4004debad");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15950");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.lastVrsnTs", "");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.sg", "er");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.24.6");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.24.622:05:33");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.24.6");
Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=119357&tsp=4993");
Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Zeile gelöscht : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3322950&SearchSource=2&CUI=UN35014252225894811&UM=2&q=");
Zeile gelöscht : user_pref("plugin.state.npconduitfirefoxplugin", 2);
Zeile gelöscht : user_pref("smartbar.addressBarOwnerCTID", "CT3322950");
Zeile gelöscht : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3322950&CUI=UN35014252225894811&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3322950&octid=CT3322950&SearchSource[...]
Zeile gelöscht : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3322950&SearchSource=2&CUI=UN35014252225894811&UM=2&q=");
Zeile gelöscht : user_pref("smartbar.defaultSearchOwnerCTID", "CT3322950");
Zeile gelöscht : user_pref("smartbar.homePageOwnerCTID", "CT3322950");
Zeile gelöscht : user_pref("smartbar.machineId", "HWAV5VPXP452B7DMU8OHETFUKF+KZGXGEJVCM1XGOL7ZJPQM8E5UBSURKQ5IP4JQCAYBJZJP4VB/9WDENQKNDQ");
Zeile gelöscht : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3322950&CUI=UN35014252225894811&UM=2&SearchSource=13");
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E+x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E,x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E-x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E.:2z527.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E.x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E/x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E06CG5EL8:", "6E6D6872737075717277");
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E06CG5EL8:.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E06CG5EL;8I:K", "247E2D2F226A74736E7879767B77787D242F4B49474F42357D5D5C3D");
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E06CG5EL;8I:K.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E0x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E1x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E2x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E3x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E4x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E5x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E6x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E7x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E8x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E9x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E:x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E;x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E<x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E=x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E>x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E?x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7E@x305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7EAx305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7EBE3G=;D9N9=D", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B57");
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7EBE3G=;D9N9=D.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7EBx305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7ECx305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7EDx305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B+7Etx305.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B-0?3G>D", "676B6B6F3E433F407A4575797A204A77204E257E7E7B252A5521212A552D5B5A5D5F2B32");
Zeile gelöscht : user_pref("valueApps.CT3322950./9B-0?3G>D.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B-0?3G@6:5;", "");
Zeile gelöscht : user_pref("valueApps.CT3322950./9B-0?3G@6:5;.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B-0?3GFA7EF", "2B2E2C3D");
Zeile gelöscht : user_pref("valueApps.CT3322950./9B-0?3GFA7EF.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B-3=3ECCJA=F>", "247E333D2C452F4135276F297B7E7D21202F26313E4249357D37382F3A494D5D513F283338435D6554695B65546D57695D5D686365533C70766C66755E");
Zeile gelöscht : user_pref("valueApps.CT3322950./9B-3=3ECCJA=F>.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B/>01=9A6K6<IM;KRIE@PDAWM", "6A696B7273747576");
Zeile gelöscht : user_pref("valueApps.CT3322950./9B/>01=9A6K6<IM;KRIE@PDAWM.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B3=>@44I48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F");
Zeile gelöscht : user_pref("valueApps.CT3322950./9B3=>@44I48?.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B5BA==9CJAG", "3D3A6B6D417240407A73444978797B4B494B7E7C21");
Zeile gelöscht : user_pref("valueApps.CT3322950./9B5BA==9CJAG.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B6B11G4C56B>F;P;ANR@P", "6E6D6872737075716F78767773");
Zeile gelöscht : user_pref("valueApps.CT3322950./9B6B11G4C56B>F;P;ANR@P.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B90E@.3C;7B=?OFB>>RHIQS", "393F352F3E");
Zeile gelöscht : user_pref("valueApps.CT3322950./9B90E@.3C;7B=?OFB>>RHIQS.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B9643G3/9E", "6A");
Zeile gelöscht : user_pref("valueApps.CT3322950./9B9643G3/9E.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B;45>:BI9I7IE", "2B2E2C3D");
Zeile gelöscht : user_pref("valueApps.CT3322950./9B;45>:BI9I7IE.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B<:222H64<", "393F352F3E");
Zeile gelöscht : user_pref("valueApps.CT3322950./9B<:222H64<.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B<:222H64<L8DAJ", "6D70706E7674747976702A797B727B7C757D21");
Zeile gelöscht : user_pref("valueApps.CT3322950./9B<:222H64<L8DAJ.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B=+03EH8H8J?:", "4443");
Zeile gelöscht : user_pref("valueApps.CT3322950./9B=+03EH8H8J?:.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B?+E2A52D8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
Zeile gelöscht : user_pref("valueApps.CT3322950./9B?+E2A52D8.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950./9B?B0D:8AJ62<H", "6D");
Zeile gelöscht : user_pref("valueApps.CT3322950./9B?B0D:8AJ62<H.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950./9BA@0<0BI6A7GN:6@L?", "6C");
Zeile gelöscht : user_pref("valueApps.CT3322950./9BA@0<0BI6A7GN:6@L?.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.PG_ENABLE", "74727565");
Zeile gelöscht : user_pref("valueApps.CT3322950.PG_ENABLE.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.SF_JUST_INSTALLED", "46414C5345");
Zeile gelöscht : user_pref("valueApps.CT3322950.SF_JUST_INSTALLED.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.SF_STATUS", "454E41424C4544");
Zeile gelöscht : user_pref("valueApps.CT3322950.SF_STATUS.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.SF_USER_ID", "6369645F3138313230313431313232353934323738393735");
Zeile gelöscht : user_pref("valueApps.CT3322950.SF_USER_ID.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950._key_cl_active", "36656139663464632D666438372D343466302D383935652D333234363837663839633238");
Zeile gelöscht : user_pref("valueApps.CT3322950._key_cl_active.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.cbfirsttime", "536174204A616E20313820323031342031313A32333A303220474D542B30313030");
Zeile gelöscht : user_pref("valueApps.CT3322950.cbfirsttime.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_appStateReportTime", "31333930303430353738363532");
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_appStateReportTime.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_appState_Clarity_Active", "6F6E");
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_appState_Clarity_Active.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_appState_CouponBuddy", "6F6E");
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_appState_CouponBuddy.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_appState_Easytobook", "6F6E");
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_appState_Easytobook.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_appState_Easytobook_targeted", "6F6E");
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_appState_Easytobook_targeted.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_appState_PriceGong", "6F6E");
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_appState_PriceGong.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_appState_WindowShopper", "6F6E");
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_appState_WindowShopper.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_appsConfig.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_appsDefaultEnabled", "74727565");
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_appsDefaultEnabled.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_calledSetupService", "31");
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_calledSetupService.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_currentVersion", "312E31322E302E35");
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_currentVersion.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_existingUsersRecoveryDone", "31");
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_existingUsersRecoveryDone.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_first_time", "31");
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_first_time.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_lastLoginTime", "31333930303430353739313435");
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_lastLoginTime.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_localization.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_mamEnabled", "74727565");
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_mamEnabled.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_migrated_from_ls", "31");
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_migrated_from_ls.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_new_welcome_experience", "31");
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_new_welcome_experience.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_settings1.12.0.5.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_showWelcomeGadget", "66616C7365");
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_showWelcomeGadget.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_stamp", "313130315F30");
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_stamp.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_userId", "31313036613231322D353338372D343937642D616432632D323864313061373134626366");
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_userId.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_user_approval_interacted", "31");
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_user_approval_interacted.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_welcomeDialogMode", "31");
Zeile gelöscht : user_pref("valueApps.CT3322950.mam_gk_welcomeDialogMode.storedInFile", false);
-\\ Google Chrome v32.0.1700.76
[ Datei : C:\Users\steffen\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [63536 octets] - [20/01/2014 10:45:57]
AdwCleaner[S0].txt - [59142 octets] - [20/01/2014 10:48:40]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [59203 octets] ##########
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-01-2014 03
Ran by steffen (administrator) on STEFFEN-PC on 20-01-2014 10:58:55
Running from C:\Users\steffen\Downloads
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Ellora Assets Corp.) C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
(DoctorSoft) C:\Program Files\AnyPC Client\APLangApp.exe
() C:\Program Files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\Scan2pc.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Facebook Inc.) C:\Users\steffen\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\steffen\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(ClickMeIn Limited) C:\Program Files\VuuPC\Connectivity.exe
(ClickMeIn Limited) C:\Program Files\VuuPC\RemoteEngine.exe
(ClickMeIn Limited) C:\Program Files\VuuPC\RemoteEngineHelper.exe
(ClickMeIn Limited) C:\Program Files\VuuPC\RemoteEngineHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NvCplDaemon] - C:\windows\system32\NvCpl.dll [13834856 2010-02-09] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8129056 2009-12-26] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1578280 2009-10-10] (Synaptics Incorporated)
HKLM\...\Run: [FreeFallProtection] - C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe [2482176 2010-02-22] ()
HKLM\...\Run: [UpdateLBPShortCut] - C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [UpdateP2GoShortCut] - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDRShortCut] - C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM\...\Run: [RemoteControl8] - C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [PDVD8LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [UpdatePPShortCut] - C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] - C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-07-21] (CyberLink Corp.)
HKLM\...\Run: [APLangApp] - C:\Program Files\AnyPC Client\APLangApp.exe [13312 2009-11-20] (DoctorSoft)
HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [Logan_S2P] - C:\Program Files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\Scan2pc.exe [253952 2007-06-11] ()
HKLM\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\SSMMgr.exe [552960 2009-03-09] ()
HKLM\...\Run: [SSBkgdUpdate] - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] - C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM\...\Run: [BrMfcWnd] - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] - C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [PDFPrint] - C:\Program Files\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [msnmsgr] - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [Facebook Update] - C:\Users\steffen\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-24] (Facebook Inc.)
HKCU\...\Run: [GarminExpressTrayApp] - C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1093464 2013-08-15] (Garmin Ltd or its subsidiaries)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
MountPoints2: F - F:\LaunchU3.exe -a
MountPoints2: {6dc14340-db68-11df-9657-00245489d605} - F:\LaunchU3.exe -a
AppInit_DLLs: => File Not Found
Startup: C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\steffen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - (No Name) - {adca5064-9e30-43fe-9856-58b07a3149fe} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {F09C2463-3A11-4976-AF62-CB3D8067B60D} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3322950&CUI=UN12248898314691135&UM=2
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name - {adca5064-9e30-43fe-9856-58b07a3149fe} - No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - C:\windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {ADCA5064-9E30-43FE-9856-58B07A3149FE} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\steffen\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\searchplugins\freemiuma-customized-web-search.xml
FF SearchPlugin: C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Garmin Communicator - C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-25]
FF Extension: WEB.DE MailCheck - C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\Extensions\toolbar@web.de.xpi [2013-09-02]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]
FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-03-16]
Chrome:
=======
CHR Extension: (Google Wallet) - C:\Users\steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-12]
CHR HKLM\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-09-12]
CHR HKLM\...\Chrome\Extension: [dbgalemaidlifaeappogmgmgifhkfkee] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-09-12]
CHR HKLM\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-09-12]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
========================== Services (Whitelisted) =================
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-03-28] (LSI Corporation)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-05-14] (Ellora Assets Corp.)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [220504 2013-08-15] (Garmin Ltd or its subsidiaries)
R2 InstallFilterService; C:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe [60928 2010-02-10] ()
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 RemoteEngineService; C:\Program Files\VuuPC\remoteengine.exe [2967568 2014-01-19] (ClickMeIn Limited)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
R2 VuuPCConnectivity; C:\Program Files\VuuPC\Connectivity.exe [4747280 2014-01-19] (ClickMeIn Limited)
==================== Drivers (Whitelisted) ====================
R3 Acceler; C:\Windows\System32\DRIVERS\Acceler.sys [42416 2010-02-10] (ST Microelectronics)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2010-06-10] (Windows (R) 2003 DDK 3790 provider)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [14808 2009-11-02] ()
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-20 10:58 - 2014-01-20 10:58 - 00001120 _____ C:\Users\steffen\Desktop\My VuuPC.lnk
2014-01-20 10:58 - 2014-01-20 10:58 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VuuPC
2014-01-20 10:58 - 2014-01-20 10:58 - 00000000 ____D C:\Program Files\VuuPC
2014-01-20 10:54 - 2014-01-20 10:54 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-01-20 10:45 - 2014-01-20 10:50 - 00000000 ____D C:\AdwCleaner
2014-01-20 10:45 - 2014-01-20 10:45 - 01236282 _____ C:\Users\steffen\Downloads\adwcleaner.exe
2014-01-20 10:45 - 2014-01-20 10:45 - 01236282 _____ C:\Users\steffen\Downloads\adwcleaner(1).exe
2014-01-20 10:38 - 2012-07-25 12:03 - 00017136 _____ C:\windows\system32\sasnative32.exe
2014-01-20 10:37 - 2014-01-20 10:37 - 00000109 _____ C:\Users\steffen\AppData\Roaming\WB.CFG
2014-01-20 10:37 - 2014-01-20 10:37 - 00000005 _____ C:\Users\steffen\AppData\Roaming\WBPU-TTL.DAT
2014-01-20 10:36 - 2014-01-20 10:36 - 00680584 _____ ( ) C:\Users\steffen\Downloads\ZipExtractorSetup.exe
2014-01-20 10:36 - 2014-01-20 10:36 - 00000000 ____D C:\Users\steffen\AppData\Roaming\DigitalSites
2014-01-19 18:22 - 2014-01-19 18:23 - 00024904 _____ C:\Users\steffen\Downloads\Addition.txt
2014-01-19 18:21 - 2014-01-20 10:58 - 00017843 _____ C:\Users\steffen\Downloads\FRST.txt
2014-01-19 18:21 - 2014-01-19 18:21 - 00000000 ____D C:\FRST
2014-01-19 18:20 - 2014-01-19 18:21 - 01221120 _____ (Farbar) C:\Users\steffen\Downloads\FRST.exe
2014-01-19 18:19 - 2014-01-19 18:20 - 02076672 _____ (Farbar) C:\Users\steffen\Downloads\FRST64.exe
2014-01-19 11:41 - 2014-01-19 22:56 - 00000000 ____D C:\Users\steffen\Desktop\Gruppenarbeit Entfaltung
2014-01-19 11:40 - 2014-01-19 22:29 - 00000000 ____D C:\Users\steffen\Desktop\Musik-referat
2014-01-18 16:14 - 2014-01-18 16:14 - 00000000 ____D C:\Users\steffen\AppData\Roaming\OpenOffice
2014-01-18 16:04 - 2014-01-18 16:04 - 00001070 _____ C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2014-01-18 16:02 - 2014-01-18 16:14 - 00000000 ____D C:\Program Files\OpenOffice 4
2014-01-18 16:01 - 2014-01-18 16:02 - 00000000 ____D C:\Users\steffen\Desktop\OpenOffice 4.0.0 (en-US) Installation Files
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 ____D C:\Users\steffen\AppData\Local\cache
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 ____D C:\Users\steffen\.android
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 _____ C:\Users\steffen\daemonprocess.txt
2014-01-18 10:38 - 2014-01-18 10:38 - 00000000 ____D C:\Users\steffen\AppData\Local\CRE
2014-01-18 10:36 - 2014-01-18 11:25 - 00000000 ____D C:\Program Files\Sweet Home 3D
2014-01-18 10:35 - 2014-01-18 10:36 - 33746304 _____ (eTeks ) C:\Users\steffen\Desktop\SweetHome3D-4-2-windows-oc.exe
2014-01-15 21:53 - 2013-11-27 02:14 - 00258560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00024064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00006016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-01-15 21:53 - 2013-11-26 12:11 - 00240576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-01-15 21:53 - 2013-11-26 11:10 - 02349056 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-01-10 12:00 - 2014-01-11 11:01 - 00000000 ____D C:\Users\steffen\Desktop\LI
2014-01-09 11:52 - 2014-01-20 10:49 - 00001037 _____ C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-01-09 10:49 - 2014-01-09 11:16 - 00000000 ____D C:\ProgramData\TuneUp Software
2014-01-09 10:49 - 2014-01-09 10:49 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-09 10:49 - 2014-01-09 10:49 - 00000000 ____D C:\Users\steffen\AppData\Roaming\TuneUp Software
2014-01-09 10:45 - 2014-01-18 16:55 - 00000000 ____D C:\Users\steffen\AppData\Roaming\DVDVideoSoft
2014-01-03 23:08 - 2014-01-06 11:49 - 00000000 ____D C:\Users\steffen\Documents\Ahnenblatt
2014-01-03 23:08 - 2014-01-06 11:49 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Ahnenblatt
2014-01-03 22:27 - 2014-01-03 22:29 - 00000000 ____D C:\Users\steffen\Documents\MyHeritage
2014-01-03 22:26 - 2004-12-07 11:11 - 00258352 _____ (Microsoft Corporation) C:\windows\system32\unicows.dll
2014-01-03 22:25 - 2014-01-06 11:49 - 00000000 ____D C:\Program Files\MyHeritage
2014-01-03 13:10 - 2014-01-06 11:47 - 00000444 __RSH C:\Users\steffen\ntuser.pol
2014-01-03 13:10 - 2014-01-03 13:10 - 00001072 _____ C:\Users\Public\Desktop\Finale NotePad 2012.lnk
2014-01-03 13:09 - 2014-01-03 13:10 - 00000000 ____D C:\Program Files\Finale NotePad 2012
2014-01-03 13:07 - 2014-01-03 13:09 - 103516232 _____ (MakeMusic) C:\Users\steffen\Desktop\InstallFinaleNotePad2012.exe
2014-01-03 11:46 - 2014-01-03 11:47 - 00000000 ____D C:\Users\steffen\.lilypond-fonts.cache-2
2014-01-03 11:36 - 2014-01-03 11:36 - 00000027 _____ C:\windows\{_ini}
2014-01-03 11:36 - 2014-01-03 11:36 - 00000000 ____D C:\Users\steffen\Documents\schobuk
==================== One Month Modified Files and Folders =======
2014-01-20 10:59 - 2014-01-19 18:21 - 00017843 _____ C:\Users\steffen\Downloads\FRST.txt
2014-01-20 10:58 - 2014-01-20 10:58 - 00001120 _____ C:\Users\steffen\Desktop\My VuuPC.lnk
2014-01-20 10:58 - 2014-01-20 10:58 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VuuPC
2014-01-20 10:58 - 2014-01-20 10:58 - 00000000 ____D C:\Program Files\VuuPC
2014-01-20 10:56 - 2010-03-16 18:54 - 01788365 _____ C:\windows\WindowsUpdate.log
2014-01-20 10:54 - 2014-01-20 10:54 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-01-20 10:54 - 2011-07-18 15:16 - 00000000 ___RD C:\Users\steffen\Dropbox
2014-01-20 10:54 - 2011-07-18 15:14 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Dropbox
2014-01-20 10:52 - 2013-06-10 17:03 - 00015875 _____ C:\windows\setupact.log
2014-01-20 10:52 - 2010-08-04 11:26 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-01-20 10:50 - 2014-01-20 10:45 - 00000000 ____D C:\AdwCleaner
2014-01-20 10:49 - 2014-01-09 11:52 - 00001037 _____ C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-01-20 10:49 - 2013-09-12 08:38 - 00001236 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-20 10:49 - 2010-08-04 17:09 - 00001007 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-20 10:49 - 2010-08-04 11:46 - 00001152 _____ C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-20 10:45 - 2014-01-20 10:45 - 01236282 _____ C:\Users\steffen\Downloads\adwcleaner.exe
2014-01-20 10:45 - 2014-01-20 10:45 - 01236282 _____ C:\Users\steffen\Downloads\adwcleaner(1).exe
2014-01-20 10:37 - 2014-01-20 10:37 - 00000109 _____ C:\Users\steffen\AppData\Roaming\WB.CFG
2014-01-20 10:37 - 2014-01-20 10:37 - 00000005 _____ C:\Users\steffen\AppData\Roaming\WBPU-TTL.DAT
2014-01-20 10:36 - 2014-01-20 10:36 - 00680584 _____ ( ) C:\Users\steffen\Downloads\ZipExtractorSetup.exe
2014-01-20 10:36 - 2014-01-20 10:36 - 00000000 ____D C:\Users\steffen\AppData\Roaming\DigitalSites
2014-01-20 10:21 - 2009-07-26 21:06 - 01498742 _____ C:\windows\system32\PerfStringBackup.INI
2014-01-20 09:13 - 2009-07-14 05:34 - 00014752 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-20 09:13 - 2009-07-14 05:34 - 00014752 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-19 22:56 - 2014-01-19 11:41 - 00000000 ____D C:\Users\steffen\Desktop\Gruppenarbeit Entfaltung
2014-01-19 22:29 - 2014-01-19 11:40 - 00000000 ____D C:\Users\steffen\Desktop\Musik-referat
2014-01-19 22:01 - 2013-09-02 21:06 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Skype
2014-01-19 18:23 - 2014-01-19 18:22 - 00024904 _____ C:\Users\steffen\Downloads\Addition.txt
2014-01-19 18:21 - 2014-01-19 18:21 - 00000000 ____D C:\FRST
2014-01-19 18:21 - 2014-01-19 18:20 - 01221120 _____ (Farbar) C:\Users\steffen\Downloads\FRST.exe
2014-01-19 18:20 - 2014-01-19 18:19 - 02076672 _____ (Farbar) C:\Users\steffen\Downloads\FRST64.exe
2014-01-19 11:41 - 2013-12-12 11:34 - 00119296 ___SH C:\Users\steffen\Desktop\Thumbs.db
2014-01-19 11:24 - 2010-03-16 03:04 - 00787534 _____ C:\windows\PFRO.log
2014-01-19 11:24 - 2009-07-14 05:33 - 00478064 _____ C:\windows\system32\FNTCACHE.DAT
2014-01-18 16:55 - 2014-01-09 10:45 - 00000000 ____D C:\Users\steffen\AppData\Roaming\DVDVideoSoft
2014-01-18 16:14 - 2014-01-18 16:14 - 00000000 ____D C:\Users\steffen\AppData\Roaming\OpenOffice
2014-01-18 16:14 - 2014-01-18 16:02 - 00000000 ____D C:\Program Files\OpenOffice 4
2014-01-18 16:08 - 2010-08-04 11:36 - 00138224 _____ C:\Users\steffen\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-18 16:04 - 2014-01-18 16:04 - 00001070 _____ C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2014-01-18 16:02 - 2014-01-18 16:01 - 00000000 ____D C:\Users\steffen\Desktop\OpenOffice 4.0.0 (en-US) Installation Files
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 ____D C:\Users\steffen\AppData\Local\cache
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 ____D C:\Users\steffen\.android
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 _____ C:\Users\steffen\daemonprocess.txt
2014-01-18 11:25 - 2014-01-18 10:36 - 00000000 ____D C:\Program Files\Sweet Home 3D
2014-01-18 10:38 - 2014-01-18 10:38 - 00000000 ____D C:\Users\steffen\AppData\Local\CRE
2014-01-18 10:36 - 2014-01-18 10:35 - 33746304 _____ (eTeks ) C:\Users\steffen\Desktop\SweetHome3D-4-2-windows-oc.exe
2014-01-17 22:05 - 2013-08-03 20:45 - 00000000 ____D C:\Users\steffen\Desktop\JULE + JENS
2014-01-17 14:23 - 2009-07-14 03:37 - 00000000 ____D C:\windows\system32\NDF
2014-01-17 13:55 - 2013-03-20 20:35 - 00000000 ____D C:\Users\steffen\Meins
2014-01-16 11:17 - 2013-05-13 10:35 - 00000000 ____D C:\Users\steffen\Desktop\Jens
2014-01-16 08:58 - 2011-07-18 15:14 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-15 22:22 - 2013-08-20 16:45 - 00000000 ____D C:\windows\system32\MRT
2014-01-15 22:20 - 2010-10-21 12:35 - 83425928 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-01-11 11:01 - 2014-01-10 12:00 - 00000000 ____D C:\Users\steffen\Desktop\LI
2014-01-09 11:16 - 2014-01-09 10:49 - 00000000 ____D C:\ProgramData\TuneUp Software
2014-01-09 10:49 - 2014-01-09 10:49 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-09 10:49 - 2014-01-09 10:49 - 00000000 ____D C:\Users\steffen\AppData\Roaming\TuneUp Software
2014-01-09 10:47 - 2011-02-04 19:04 - 00000000 ____D C:\Program Files\Freemake
2014-01-09 10:46 - 2011-02-04 18:17 - 00000000 ____D C:\Users\steffen\Documents\DVDVideoSoft
2014-01-06 21:49 - 2010-12-02 09:01 - 00132216 _____ C:\Users\steffen\AppData\Roaming\GDIPFONTCACHEV1.DAT
2014-01-06 11:49 - 2014-01-03 23:08 - 00000000 ____D C:\Users\steffen\Documents\Ahnenblatt
2014-01-06 11:49 - 2014-01-03 23:08 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Ahnenblatt
2014-01-06 11:49 - 2014-01-03 22:25 - 00000000 ____D C:\Program Files\MyHeritage
2014-01-06 11:47 - 2014-01-03 13:10 - 00000444 __RSH C:\Users\steffen\ntuser.pol
2014-01-03 22:29 - 2014-01-03 22:27 - 00000000 ____D C:\Users\steffen\Documents\MyHeritage
2014-01-03 13:10 - 2014-01-03 13:10 - 00001072 _____ C:\Users\Public\Desktop\Finale NotePad 2012.lnk
2014-01-03 13:10 - 2014-01-03 13:09 - 00000000 ____D C:\Program Files\Finale NotePad 2012
2014-01-03 13:10 - 2009-07-14 03:37 - 00000000 ___HD C:\windows\system32\GroupPolicy
2014-01-03 13:09 - 2014-01-03 13:07 - 103516232 _____ (MakeMusic) C:\Users\steffen\Desktop\InstallFinaleNotePad2012.exe
2014-01-03 11:47 - 2014-01-03 11:46 - 00000000 ____D C:\Users\steffen\.lilypond-fonts.cache-2
2014-01-03 11:38 - 2009-07-14 05:52 - 00000000 ____D C:\windows\system32\FxsTmp
2014-01-03 11:36 - 2014-01-03 11:36 - 00000027 _____ C:\windows\{_ini}
2014-01-03 11:36 - 2014-01-03 11:36 - 00000000 ____D C:\Users\steffen\Documents\schobuk
2014-01-03 09:53 - 2012-05-15 10:08 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
Some content of TEMP:
====================
C:\Users\steffen\AppData\Local\Temp\avgnt.exe
C:\Users\steffen\AppData\Local\Temp\BackupSetup.exe
C:\Users\steffen\AppData\Local\Temp\detectionapi_rd.dll
C:\Users\steffen\AppData\Local\Temp\directx9tests_rd.dll
C:\Users\steffen\AppData\Local\Temp\DLG_shopping-toolbar_softonic_de-DE.exe
C:\Users\steffen\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\steffen\AppData\Local\Temp\eauninstall.exe
C:\Users\steffen\AppData\Local\Temp\ICReinstall_Setup.exe
C:\Users\steffen\AppData\Local\Temp\install_reader11_de_mssa_aaa_aih.exe
C:\Users\steffen\AppData\Local\Temp\iobwnedxjvdevl.exe
C:\Users\steffen\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\steffen\AppData\Local\Temp\local.dll
C:\Users\steffen\AppData\Local\Temp\mfc80.dll
C:\Users\steffen\AppData\Local\Temp\mfc80u.dll
C:\Users\steffen\AppData\Local\Temp\mfcm80.dll
C:\Users\steffen\AppData\Local\Temp\mfcm80u.dll
C:\Users\steffen\AppData\Local\Temp\msvcm80.dll
C:\Users\steffen\AppData\Local\Temp\msvcp80.dll
C:\Users\steffen\AppData\Local\Temp\msvcr80.dll
C:\Users\steffen\AppData\Local\Temp\Need for Speed Most Wanted_uninst.exe
C:\Users\steffen\AppData\Local\Temp\nsb634B.exe
C:\Users\steffen\AppData\Local\Temp\nsbBB08.exe
C:\Users\steffen\AppData\Local\Temp\nsdF99F.exe
C:\Users\steffen\AppData\Local\Temp\nsg5563.exe
C:\Users\steffen\AppData\Local\Temp\nsqD693.exe
C:\Users\steffen\AppData\Local\Temp\nsqF33A.exe
C:\Users\steffen\AppData\Local\Temp\nswD3E8.exe
C:\Users\steffen\AppData\Local\Temp\Quarantine.exe
C:\Users\steffen\AppData\Local\Temp\schobuk.exe
C:\Users\steffen\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\steffen\AppData\Local\Temp\Softonic_chr_1-8-29-3_cn.exe
C:\Users\steffen\AppData\Local\Temp\SPStub.exe
C:\Users\steffen\AppData\Local\Temp\tbFree.dll
C:\Users\steffen\AppData\Local\Temp\uninst1.exe
C:\Users\steffen\AppData\Local\Temp\vcredist_x86.exe
C:\Users\steffen\AppData\Local\Temp\VIS_DE-2013-12-13.exe
C:\Users\steffen\AppData\Local\Temp\VIS_DE-2013-12-13[1].exe
C:\Users\steffen\AppData\Local\Temp\_is777F.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-04 12:11
==================== End Of Log ============================
--- --- --- |
|
20.01.2014, 14:00
| #6 |
| /// TB-Ausbilder | Extended Protection 2.1 Bestehen noch Probleme? ESET Online Scanner
__________________ --> Extended Protection 2.1 |
|
20.01.2014, 15:16
| #7 |
| | Extended Protection 2.1 das alt bekannte ist weg nur nun öffnen sich immer der browser mit dieser hxxp://ec2-54-242-41-25.compute-1.amazonaws.com/ oder hxxp://www.vuupc.com/expirednotice/index.html Seite zum beispiel... |
|
20.01.2014, 15:31
| #8 |
| /// TB-Ausbilder | Extended Protection 2.1 Starte noch einmal FRST.
__________________ cheers, Leo |
|
20.01.2014, 15:37
| #9 |
| | Extended Protection 2.1 FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-01-2014 03
Ran by steffen (administrator) on STEFFEN-PC on 20-01-2014 15:33:08
Running from C:\Users\steffen\Downloads
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Ellora Assets Corp.) C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
(DoctorSoft) C:\Program Files\AnyPC Client\APLangApp.exe
() C:\Program Files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\Scan2pc.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Facebook Inc.) C:\Users\steffen\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\steffen\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(ClickMeIn Limited) C:\Program Files\VuuPC\Connectivity.exe
(ClickMeIn Limited) C:\Program Files\VuuPC\RemoteEngine.exe
(ClickMeIn Limited) C:\Program Files\VuuPC\RemoteEngineHelper.exe
(ClickMeIn Limited) C:\Program Files\VuuPC\RemoteEngineHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office10\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NvCplDaemon] - C:\windows\system32\NvCpl.dll [13834856 2010-02-09] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8129056 2009-12-26] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1578280 2009-10-10] (Synaptics Incorporated)
HKLM\...\Run: [FreeFallProtection] - C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe [2482176 2010-02-22] ()
HKLM\...\Run: [UpdateLBPShortCut] - C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [UpdateP2GoShortCut] - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDRShortCut] - C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM\...\Run: [RemoteControl8] - C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [PDVD8LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [UpdatePPShortCut] - C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] - C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-07-21] (CyberLink Corp.)
HKLM\...\Run: [APLangApp] - C:\Program Files\AnyPC Client\APLangApp.exe [13312 2009-11-20] (DoctorSoft)
HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [Logan_S2P] - C:\Program Files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\Scan2pc.exe [253952 2007-06-11] ()
HKLM\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\SSMMgr.exe [552960 2009-03-09] ()
HKLM\...\Run: [SSBkgdUpdate] - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] - C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM\...\Run: [BrMfcWnd] - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] - C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [PDFPrint] - C:\Program Files\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [msnmsgr] - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [Facebook Update] - C:\Users\steffen\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-24] (Facebook Inc.)
HKCU\...\Run: [GarminExpressTrayApp] - C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1093464 2013-08-15] (Garmin Ltd or its subsidiaries)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
MountPoints2: F - F:\LaunchU3.exe -a
MountPoints2: {6dc14340-db68-11df-9657-00245489d605} - F:\LaunchU3.exe -a
AppInit_DLLs: => File Not Found
Startup: C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\steffen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - (No Name) - {adca5064-9e30-43fe-9856-58b07a3149fe} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {F09C2463-3A11-4976-AF62-CB3D8067B60D} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3322950&CUI=UN12248898314691135&UM=2
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name - {adca5064-9e30-43fe-9856-58b07a3149fe} - No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - C:\windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {ADCA5064-9E30-43FE-9856-58B07A3149FE} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\steffen\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\searchplugins\freemiuma-customized-web-search.xml
FF SearchPlugin: C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Garmin Communicator - C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-25]
FF Extension: WEB.DE MailCheck - C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\Extensions\toolbar@web.de.xpi [2013-09-02]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]
FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-03-16]
Chrome:
=======
CHR Extension: (Google Wallet) - C:\Users\steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-12]
CHR HKLM\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-09-12]
CHR HKLM\...\Chrome\Extension: [dbgalemaidlifaeappogmgmgifhkfkee] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-09-12]
CHR HKLM\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-09-12]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
========================== Services (Whitelisted) =================
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-03-28] (LSI Corporation)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-05-14] (Ellora Assets Corp.)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [220504 2013-08-15] (Garmin Ltd or its subsidiaries)
R2 InstallFilterService; C:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe [60928 2010-02-10] ()
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 RemoteEngineService; C:\Program Files\VuuPC\remoteengine.exe [2967568 2014-01-19] (ClickMeIn Limited)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
R2 VuuPCConnectivity; C:\Program Files\VuuPC\Connectivity.exe [4747280 2014-01-19] (ClickMeIn Limited)
==================== Drivers (Whitelisted) ====================
R3 Acceler; C:\Windows\System32\DRIVERS\Acceler.sys [42416 2010-02-10] (ST Microelectronics)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2010-06-10] (Windows (R) 2003 DDK 3790 provider)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [14808 2009-11-02] ()
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-20 10:58 - 2014-01-20 10:58 - 00001120 _____ C:\Users\steffen\Desktop\My VuuPC.lnk
2014-01-20 10:58 - 2014-01-20 10:58 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VuuPC
2014-01-20 10:58 - 2014-01-20 10:58 - 00000000 ____D C:\Program Files\VuuPC
2014-01-20 10:54 - 2014-01-20 10:54 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-01-20 10:45 - 2014-01-20 10:50 - 00000000 ____D C:\AdwCleaner
2014-01-20 10:45 - 2014-01-20 10:45 - 01236282 _____ C:\Users\steffen\Downloads\adwcleaner.exe
2014-01-20 10:45 - 2014-01-20 10:45 - 01236282 _____ C:\Users\steffen\Downloads\adwcleaner(1).exe
2014-01-20 10:38 - 2012-07-25 12:03 - 00017136 _____ C:\windows\system32\sasnative32.exe
2014-01-20 10:37 - 2014-01-20 10:37 - 00000109 _____ C:\Users\steffen\AppData\Roaming\WB.CFG
2014-01-20 10:37 - 2014-01-20 10:37 - 00000005 _____ C:\Users\steffen\AppData\Roaming\WBPU-TTL.DAT
2014-01-20 10:36 - 2014-01-20 10:36 - 00680584 _____ ( ) C:\Users\steffen\Downloads\ZipExtractorSetup.exe
2014-01-20 10:36 - 2014-01-20 10:36 - 00000000 ____D C:\Users\steffen\AppData\Roaming\DigitalSites
2014-01-19 18:22 - 2014-01-19 18:23 - 00024904 _____ C:\Users\steffen\Downloads\Addition.txt
2014-01-19 18:21 - 2014-01-20 15:33 - 00017876 _____ C:\Users\steffen\Downloads\FRST.txt
2014-01-19 18:21 - 2014-01-19 18:21 - 00000000 ____D C:\FRST
2014-01-19 18:20 - 2014-01-19 18:21 - 01221120 _____ (Farbar) C:\Users\steffen\Downloads\FRST.exe
2014-01-19 18:19 - 2014-01-19 18:20 - 02076672 _____ (Farbar) C:\Users\steffen\Downloads\FRST64.exe
2014-01-19 11:41 - 2014-01-19 22:56 - 00000000 ____D C:\Users\steffen\Desktop\Gruppenarbeit Entfaltung
2014-01-19 11:40 - 2014-01-19 22:29 - 00000000 ____D C:\Users\steffen\Desktop\Musik-referat
2014-01-18 16:14 - 2014-01-18 16:14 - 00000000 ____D C:\Users\steffen\AppData\Roaming\OpenOffice
2014-01-18 16:04 - 2014-01-18 16:04 - 00001070 _____ C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2014-01-18 16:02 - 2014-01-18 16:14 - 00000000 ____D C:\Program Files\OpenOffice 4
2014-01-18 16:01 - 2014-01-18 16:02 - 00000000 ____D C:\Users\steffen\Desktop\OpenOffice 4.0.0 (en-US) Installation Files
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 ____D C:\Users\steffen\AppData\Local\cache
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 ____D C:\Users\steffen\.android
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 _____ C:\Users\steffen\daemonprocess.txt
2014-01-18 10:38 - 2014-01-18 10:38 - 00000000 ____D C:\Users\steffen\AppData\Local\CRE
2014-01-18 10:36 - 2014-01-18 11:25 - 00000000 ____D C:\Program Files\Sweet Home 3D
2014-01-18 10:35 - 2014-01-18 10:36 - 33746304 _____ (eTeks ) C:\Users\steffen\Desktop\SweetHome3D-4-2-windows-oc.exe
2014-01-15 21:53 - 2013-11-27 02:14 - 00258560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00024064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00006016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-01-15 21:53 - 2013-11-26 12:11 - 00240576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-01-15 21:53 - 2013-11-26 11:10 - 02349056 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-01-10 12:00 - 2014-01-11 11:01 - 00000000 ____D C:\Users\steffen\Desktop\LI
2014-01-09 11:52 - 2014-01-20 10:49 - 00001037 _____ C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-01-09 10:49 - 2014-01-09 11:16 - 00000000 ____D C:\ProgramData\TuneUp Software
2014-01-09 10:49 - 2014-01-09 10:49 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-09 10:49 - 2014-01-09 10:49 - 00000000 ____D C:\Users\steffen\AppData\Roaming\TuneUp Software
2014-01-09 10:45 - 2014-01-18 16:55 - 00000000 ____D C:\Users\steffen\AppData\Roaming\DVDVideoSoft
2014-01-03 23:08 - 2014-01-06 11:49 - 00000000 ____D C:\Users\steffen\Documents\Ahnenblatt
2014-01-03 23:08 - 2014-01-06 11:49 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Ahnenblatt
2014-01-03 22:27 - 2014-01-03 22:29 - 00000000 ____D C:\Users\steffen\Documents\MyHeritage
2014-01-03 22:26 - 2004-12-07 11:11 - 00258352 _____ (Microsoft Corporation) C:\windows\system32\unicows.dll
2014-01-03 22:25 - 2014-01-06 11:49 - 00000000 ____D C:\Program Files\MyHeritage
2014-01-03 13:10 - 2014-01-06 11:47 - 00000444 __RSH C:\Users\steffen\ntuser.pol
2014-01-03 13:10 - 2014-01-03 13:10 - 00001072 _____ C:\Users\Public\Desktop\Finale NotePad 2012.lnk
2014-01-03 13:09 - 2014-01-03 13:10 - 00000000 ____D C:\Program Files\Finale NotePad 2012
2014-01-03 13:07 - 2014-01-03 13:09 - 103516232 _____ (MakeMusic) C:\Users\steffen\Desktop\InstallFinaleNotePad2012.exe
2014-01-03 11:46 - 2014-01-03 11:47 - 00000000 ____D C:\Users\steffen\.lilypond-fonts.cache-2
2014-01-03 11:36 - 2014-01-03 11:36 - 00000027 _____ C:\windows\{_ini}
2014-01-03 11:36 - 2014-01-03 11:36 - 00000000 ____D C:\Users\steffen\Documents\schobuk
==================== One Month Modified Files and Folders =======
2014-01-20 15:33 - 2014-01-19 18:21 - 00017876 _____ C:\Users\steffen\Downloads\FRST.txt
2014-01-20 15:23 - 2010-03-16 18:54 - 01793798 _____ C:\windows\WindowsUpdate.log
2014-01-20 13:59 - 2013-09-02 21:06 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Skype
2014-01-20 11:43 - 2013-08-03 20:45 - 00000000 ____D C:\Users\steffen\Desktop\JULE + JENS
2014-01-20 11:00 - 2009-07-14 05:34 - 00014752 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-20 11:00 - 2009-07-14 05:34 - 00014752 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-20 10:58 - 2014-01-20 10:58 - 00001120 _____ C:\Users\steffen\Desktop\My VuuPC.lnk
2014-01-20 10:58 - 2014-01-20 10:58 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VuuPC
2014-01-20 10:58 - 2014-01-20 10:58 - 00000000 ____D C:\Program Files\VuuPC
2014-01-20 10:54 - 2014-01-20 10:54 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-01-20 10:54 - 2011-07-18 15:16 - 00000000 ___RD C:\Users\steffen\Dropbox
2014-01-20 10:54 - 2011-07-18 15:14 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Dropbox
2014-01-20 10:52 - 2013-06-10 17:03 - 00015875 _____ C:\windows\setupact.log
2014-01-20 10:52 - 2010-08-04 11:26 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-01-20 10:50 - 2014-01-20 10:45 - 00000000 ____D C:\AdwCleaner
2014-01-20 10:49 - 2014-01-09 11:52 - 00001037 _____ C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-01-20 10:49 - 2013-09-12 08:38 - 00001236 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-20 10:49 - 2010-08-04 17:09 - 00001007 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-20 10:49 - 2010-08-04 11:46 - 00001152 _____ C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-20 10:48 - 2010-08-12 20:32 - 00000000 ____D C:\ProgramData\ICQ
2014-01-20 10:45 - 2014-01-20 10:45 - 01236282 _____ C:\Users\steffen\Downloads\adwcleaner.exe
2014-01-20 10:45 - 2014-01-20 10:45 - 01236282 _____ C:\Users\steffen\Downloads\adwcleaner(1).exe
2014-01-20 10:37 - 2014-01-20 10:37 - 00000109 _____ C:\Users\steffen\AppData\Roaming\WB.CFG
2014-01-20 10:37 - 2014-01-20 10:37 - 00000005 _____ C:\Users\steffen\AppData\Roaming\WBPU-TTL.DAT
2014-01-20 10:36 - 2014-01-20 10:36 - 00680584 _____ ( ) C:\Users\steffen\Downloads\ZipExtractorSetup.exe
2014-01-20 10:36 - 2014-01-20 10:36 - 00000000 ____D C:\Users\steffen\AppData\Roaming\DigitalSites
2014-01-20 10:21 - 2009-07-26 21:06 - 01498742 _____ C:\windows\system32\PerfStringBackup.INI
2014-01-19 22:56 - 2014-01-19 11:41 - 00000000 ____D C:\Users\steffen\Desktop\Gruppenarbeit Entfaltung
2014-01-19 22:29 - 2014-01-19 11:40 - 00000000 ____D C:\Users\steffen\Desktop\Musik-referat
2014-01-19 18:23 - 2014-01-19 18:22 - 00024904 _____ C:\Users\steffen\Downloads\Addition.txt
2014-01-19 18:21 - 2014-01-19 18:21 - 00000000 ____D C:\FRST
2014-01-19 18:21 - 2014-01-19 18:20 - 01221120 _____ (Farbar) C:\Users\steffen\Downloads\FRST.exe
2014-01-19 18:20 - 2014-01-19 18:19 - 02076672 _____ (Farbar) C:\Users\steffen\Downloads\FRST64.exe
2014-01-19 11:41 - 2013-12-12 11:34 - 00119296 ___SH C:\Users\steffen\Desktop\Thumbs.db
2014-01-19 11:24 - 2010-03-16 03:04 - 00787534 _____ C:\windows\PFRO.log
2014-01-19 11:24 - 2009-07-14 05:33 - 00478064 _____ C:\windows\system32\FNTCACHE.DAT
2014-01-18 16:55 - 2014-01-09 10:45 - 00000000 ____D C:\Users\steffen\AppData\Roaming\DVDVideoSoft
2014-01-18 16:14 - 2014-01-18 16:14 - 00000000 ____D C:\Users\steffen\AppData\Roaming\OpenOffice
2014-01-18 16:14 - 2014-01-18 16:02 - 00000000 ____D C:\Program Files\OpenOffice 4
2014-01-18 16:08 - 2010-08-04 11:36 - 00138224 _____ C:\Users\steffen\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-18 16:04 - 2014-01-18 16:04 - 00001070 _____ C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2014-01-18 16:02 - 2014-01-18 16:01 - 00000000 ____D C:\Users\steffen\Desktop\OpenOffice 4.0.0 (en-US) Installation Files
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 ____D C:\Users\steffen\AppData\Local\cache
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 ____D C:\Users\steffen\.android
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 _____ C:\Users\steffen\daemonprocess.txt
2014-01-18 11:25 - 2014-01-18 10:36 - 00000000 ____D C:\Program Files\Sweet Home 3D
2014-01-18 10:38 - 2014-01-18 10:38 - 00000000 ____D C:\Users\steffen\AppData\Local\CRE
2014-01-18 10:36 - 2014-01-18 10:35 - 33746304 _____ (eTeks ) C:\Users\steffen\Desktop\SweetHome3D-4-2-windows-oc.exe
2014-01-17 14:23 - 2009-07-14 03:37 - 00000000 ____D C:\windows\system32\NDF
2014-01-17 13:55 - 2013-03-20 20:35 - 00000000 ____D C:\Users\steffen\Meins
2014-01-16 11:17 - 2013-05-13 10:35 - 00000000 ____D C:\Users\steffen\Desktop\Jens
2014-01-16 08:58 - 2011-07-18 15:14 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-15 22:22 - 2013-08-20 16:45 - 00000000 ____D C:\windows\system32\MRT
2014-01-15 22:20 - 2010-10-21 12:35 - 83425928 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-01-11 11:01 - 2014-01-10 12:00 - 00000000 ____D C:\Users\steffen\Desktop\LI
2014-01-09 11:16 - 2014-01-09 10:49 - 00000000 ____D C:\ProgramData\TuneUp Software
2014-01-09 10:49 - 2014-01-09 10:49 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-09 10:49 - 2014-01-09 10:49 - 00000000 ____D C:\Users\steffen\AppData\Roaming\TuneUp Software
2014-01-09 10:47 - 2011-02-04 19:04 - 00000000 ____D C:\Program Files\Freemake
2014-01-09 10:46 - 2011-02-04 18:17 - 00000000 ____D C:\Users\steffen\Documents\DVDVideoSoft
2014-01-06 21:49 - 2010-12-02 09:01 - 00132216 _____ C:\Users\steffen\AppData\Roaming\GDIPFONTCACHEV1.DAT
2014-01-06 11:49 - 2014-01-03 23:08 - 00000000 ____D C:\Users\steffen\Documents\Ahnenblatt
2014-01-06 11:49 - 2014-01-03 23:08 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Ahnenblatt
2014-01-06 11:49 - 2014-01-03 22:25 - 00000000 ____D C:\Program Files\MyHeritage
2014-01-06 11:47 - 2014-01-03 13:10 - 00000444 __RSH C:\Users\steffen\ntuser.pol
2014-01-03 22:29 - 2014-01-03 22:27 - 00000000 ____D C:\Users\steffen\Documents\MyHeritage
2014-01-03 13:10 - 2014-01-03 13:10 - 00001072 _____ C:\Users\Public\Desktop\Finale NotePad 2012.lnk
2014-01-03 13:10 - 2014-01-03 13:09 - 00000000 ____D C:\Program Files\Finale NotePad 2012
2014-01-03 13:10 - 2009-07-14 03:37 - 00000000 ___HD C:\windows\system32\GroupPolicy
2014-01-03 13:09 - 2014-01-03 13:07 - 103516232 _____ (MakeMusic) C:\Users\steffen\Desktop\InstallFinaleNotePad2012.exe
2014-01-03 11:47 - 2014-01-03 11:46 - 00000000 ____D C:\Users\steffen\.lilypond-fonts.cache-2
2014-01-03 11:38 - 2009-07-14 05:52 - 00000000 ____D C:\windows\system32\FxsTmp
2014-01-03 11:36 - 2014-01-03 11:36 - 00000027 _____ C:\windows\{_ini}
2014-01-03 11:36 - 2014-01-03 11:36 - 00000000 ____D C:\Users\steffen\Documents\schobuk
2014-01-03 09:53 - 2012-05-15 10:08 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
Some content of TEMP:
====================
C:\Users\steffen\AppData\Local\Temp\avgnt.exe
C:\Users\steffen\AppData\Local\Temp\BackupSetup.exe
C:\Users\steffen\AppData\Local\Temp\detectionapi_rd.dll
C:\Users\steffen\AppData\Local\Temp\directx9tests_rd.dll
C:\Users\steffen\AppData\Local\Temp\DLG_shopping-toolbar_softonic_de-DE.exe
C:\Users\steffen\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\steffen\AppData\Local\Temp\eauninstall.exe
C:\Users\steffen\AppData\Local\Temp\ICReinstall_Setup.exe
C:\Users\steffen\AppData\Local\Temp\install_reader11_de_mssa_aaa_aih.exe
C:\Users\steffen\AppData\Local\Temp\iobwnedxjvdevl.exe
C:\Users\steffen\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\steffen\AppData\Local\Temp\local.dll
C:\Users\steffen\AppData\Local\Temp\mfc80.dll
C:\Users\steffen\AppData\Local\Temp\mfc80u.dll
C:\Users\steffen\AppData\Local\Temp\mfcm80.dll
C:\Users\steffen\AppData\Local\Temp\mfcm80u.dll
C:\Users\steffen\AppData\Local\Temp\msvcm80.dll
C:\Users\steffen\AppData\Local\Temp\msvcp80.dll
C:\Users\steffen\AppData\Local\Temp\msvcr80.dll
C:\Users\steffen\AppData\Local\Temp\Need for Speed Most Wanted_uninst.exe
C:\Users\steffen\AppData\Local\Temp\nsb634B.exe
C:\Users\steffen\AppData\Local\Temp\nsbBB08.exe
C:\Users\steffen\AppData\Local\Temp\nsdF99F.exe
C:\Users\steffen\AppData\Local\Temp\nsg5563.exe
C:\Users\steffen\AppData\Local\Temp\nsqD693.exe
C:\Users\steffen\AppData\Local\Temp\nsqF33A.exe
C:\Users\steffen\AppData\Local\Temp\nswD3E8.exe
C:\Users\steffen\AppData\Local\Temp\Quarantine.exe
C:\Users\steffen\AppData\Local\Temp\schobuk.exe
C:\Users\steffen\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\steffen\AppData\Local\Temp\Softonic_chr_1-8-29-3_cn.exe
C:\Users\steffen\AppData\Local\Temp\SPStub.exe
C:\Users\steffen\AppData\Local\Temp\tbFree.dll
C:\Users\steffen\AppData\Local\Temp\uninst1.exe
C:\Users\steffen\AppData\Local\Temp\vcredist_x86.exe
C:\Users\steffen\AppData\Local\Temp\VIS_DE-2013-12-13.exe
C:\Users\steffen\AppData\Local\Temp\VIS_DE-2013-12-13[1].exe
C:\Users\steffen\AppData\Local\Temp\_is777F.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-04 12:11
==================== End Of Log ============================
--- --- --- --- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 19-01-2014 03
Ran by steffen at 2014-01-20 15:34:35
Running from C:\Users\steffen\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Accelerometer (Version: 1.06.08.45 - STMicroelectronics)
Adobe Flash Player 10 ActiveX (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) - Deutsch (Version: 11.0.03 - Adobe Systems Incorporated)
AnyPC Client (Version: 1.0.0.25 - Doctorsoft)
Apple Application Support (Version: 2.3.4 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (Version: 1.0.2.1119 - Atheros)
Avira Free Antivirus (Version: 14.0.2.286 - Avira)
BatteryLifeExtender (Version: 1.0.1 - Samsung)
Brother MFL-Pro Suite MFC-5890CN (Version: 1.0.1.0 - Brother Industries, Ltd.)
ChargeableUSB (Version: 1.0.0.0 - SAMSUNG)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite (Version: 6.0.2806 - CyberLink Corp.)
CyberLink DVD Suite (Version: 6.0.2806 - CyberLink Corp.) Hidden
CyberLink LabelPrint (Version: 2.5.1916 - CyberLink Corp.)
CyberLink LabelPrint (Version: 2.5.1916 - CyberLink Corp.) Hidden
CyberLink Power2Go (Version: 6.0.3108a - CyberLink Corp.)
CyberLink Power2Go (Version: 6.0.3108a - CyberLink Corp.) Hidden
CyberLink PowerDirector (Version: 7.0.3213 - CyberLink Corp.)
CyberLink PowerDirector (Version: 7.0.3213 - CyberLink Corp.) Hidden
CyberLink PowerDVD 8 (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerDVD 8 (Version: 8.0.2815b - CyberLink Corp.) Hidden
CyberLink PowerProducer (Version: 5.0.1.1812 - CyberLink Corp.)
CyberLink PowerProducer (Version: 5.0.1.1812 - CyberLink Corp.) Hidden
CyberLink YouCam (Version: 2.0.3707 - CyberLink Corp.)
CyberLink YouCam (Version: 2.0.3707 - CyberLink Corp.) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
dm-Fotowelt (Version: 5.1.2 - CEWE COLOR AG u Co. OHG)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
Easy Display Manager (Version: 3.1 - Samsung Electronics Co., Ltd.)
Easy Network Manager (Version: 4.2.8 - Samsung)
Easy SpeedUp Manager (Version: 3.0.0.6 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (Version: 4.0.0.3 - Samsung)
Elevated Installer (Version: 2.2.20 - Garmin Ltd or its subsidiaries) Hidden
f4 2012 (Version: - audiotranskription.de)
Facebook Video Calling 2.0.0.447 (Version: 2.0.447 - Skype Limited)
Finale NotePad 2012 (Version: 2012..r1.1 - MakeMusic)
Foxtab (Version: - FoxTab) <==== ATTENTION
FreeMake Toolbar (Version: 6.8.9.0 - FreeMake)
Freemake Video Downloader (Version: 3.5.1 - Ellora Assets Corporation)
Garmin Express (Version: 2.2.20 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 2.2.20 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (Version: 2.2.20 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (Version: 32.0.1700.76 - Google Inc.)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
ICQ7.6 (Version: 7.6 - ICQ)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) PROSet/Wireless WiFi Software (Version: 13.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 9.5.4.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (Version: 01.01.01.1007 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (Version: 1.0.186.6 - Intel)
Java 7 Update 45 (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Korean Fonts Support For Adobe Reader 9 (Version: 9.0.0 - Adobe Systems Incorporated)
LSI HDA Modem (Version: 2.2.97 - LSI Corporation)
Marvell Miniport Driver (Version: 11.22.3.3 - Marvell)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (Version: 2.9 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (Version: 1.10 - NVIDIA Corporation)
OpenOffice 4.0.0 (Version: 4.00.9702 - Apache Software Foundation)
PaperPort Image Printer (Version: 1.00.0000 - Nuance Communications, Inc.)
PDF Architect (Version: 1.0.52.8917 - pdfforge)
PDF24 Creator 5.7.0 (Version: - PDF24.org)
PDFCreator (Version: 1.6.2 - pdfforge)
PerfectTablePlan 5.1.1 (Version: - Oryx Digital Ltd)
QuickTime (Version: 7.74.80.86 - Apple Inc.)
Readiris Pro 10 (Version: - )
Realtek High Definition Audio Driver (Version: 6.0.1.6013 - Realtek Semiconductor Corp.)
Samsung Recovery Solution 4 (Version: 4.0.0.6 - Samsung)
Samsung SCX-4500 Series (Version: - Samsung Electronics CO.,LTD)
Samsung Support Center (Version: 1.1.0 - Samsung)
Samsung Update Plus (Version: 2.0 - Samsung Electronics Co., Ltd.)
ScanSoft PaperPort 11 (Version: 11.2.0000 - Nuance Communications, Inc.)
Skype™ 6.11 (Version: 6.11.102 - Skype Technologies S.A.)
SmarThru 4 (Version: - )
Synaptics Pointing Device Driver (Version: 14.0.10.0 - Synaptics Incorporated)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (Version: 9.00.3042.00 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Zip Extractor (HKCU Version: - Update for Zip Extractor) <==== ATTENTION
User Guide (Version: 1.0 - )
VLC media player 1.1.11 (Version: 1.1.11 - VideoLAN)
VuuPC, You're Always a Click Away! (Version: 1.0.0.265 - VuuPC Limited)
WIDCOMM Bluetooth Software (Version: 6.2.1.800 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) (Version: 09/11/2009 6.2.0.9407 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinPcap 4.1.2 (Version: 4.1.0.2001 - CACE Technologies)
WinRAR (Version: - )
==================== Restore Points =========================
09-01-2014 10:50:08 TuneUp Utilities 2014 wird entfernt
09-01-2014 10:51:49 TuneUp Utilities 2014 (de-DE) wird entfernt
15-01-2014 21:20:02 Windows Update
18-01-2014 14:58:09 Uniblue SpeedUpMyPC installation
18-01-2014 15:02:29 Installed OpenOffice 4.0.0
20-01-2014 09:43:41 RegClean Pro Mo, Jan 20, 14 10:43
==================== Hosts content: ==========================
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {1379FE3F-3A28-471E-A420-4BBEFA912DF4} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-04-20] ()
Task: {1D995AB7-A868-46D6-B50A-F678CD63D5BD} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-10-16] (SAMSUNG Electronics co., LTD.)
Task: {326A118E-3AB9-4E19-A6AB-0A09EA2CDCD3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2096383324-2889373705-592675725-1000Core => C:\Users\steffen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-24] (Facebook Inc.)
Task: {436946A4-8016-4CCF-A9D0-B121190C28F6} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {45A8B007-B1CC-4157-84B1-CA0047D07A90} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2009-12-14] (SAMSUNG Electronics)
Task: {5150384C-4986-4253-AF59-E5ADEBD8A293} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2010-03-05] (Samsung Electronics Co., Ltd.)
Task: {56341EF7-7330-46B6-A1EA-5A1A593630EC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2096383324-2889373705-592675725-1000UA => C:\Users\steffen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-24] (Facebook Inc.)
Task: {5ECEBFCF-DB4E-49FA-B5BE-97C2342E335D} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2009-11-19] (Samsung Electronics. Co. Ltd.)
Task: {80F05905-E34E-47E4-9393-95B8E9626536} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-11-11] (Samsung Electronics Co., Ltd.)
Task: {94F4355D-9C5F-4245-ACB0-7F50F606F001} - System32\Tasks\APSchedulerC => C:\Program Files\AnyPC Client\APLanMgrC.exe [2009-11-20] (DoctorSoft)
Task: {C8488655-83F7-4B5C-87D3-B9AC1CF3C90E} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-13] (Adobe Systems Incorporated)
Task: {D1D7C3E2-BA2F-4B5D-9A71-2521A563B035} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2096383324-2889373705-592675725-1000Core.job => C:\Users\steffen\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2096383324-2889373705-592675725-1000UA.job => C:\Users\steffen\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1cef0f5cccf2e3e.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2009-06-03 12:59 - 2009-06-03 12:59 - 00619816 ____N () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2009-06-03 12:59 - 2009-06-03 12:59 - 00013096 ____N () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2010-08-04 21:17 - 2007-01-09 11:29 - 00184320 _____ () C:\Program Files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\IMFilter.dll
2010-08-04 21:17 - 2007-01-09 11:30 - 01384520 _____ () C:\Program Files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\ssole.dll
2011-01-05 10:57 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\steffen\AppData\Roaming\Dropbox\bin\libcef.dll
2014-01-16 08:27 - 2014-01-11 11:28 - 00715544 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
2014-01-16 08:27 - 2014-01-11 11:28 - 00100120 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\libegl.dll
2014-01-16 08:27 - 2014-01-11 11:29 - 04055320 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-16 08:27 - 2014-01-11 11:29 - 00399640 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-16 08:27 - 2014-01-11 11:28 - 01634584 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
2014-01-16 08:27 - 2014-01-11 11:29 - 13615896 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== Faulty Device Manager Devices =============
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/20/2014 01:39:14 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/01/20 13:39:14.649]: [00002144]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.178.20]
Error: (01/20/2014 10:43:37 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {dc672767-a0f2-4656-b2b7-2344b24b0abb}
Error: (01/19/2014 08:02:57 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/01/19 20:02:57.464]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.178.20]
Error: (01/19/2014 08:01:48 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/01/19 20:01:48.436]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.178.20]
Error: (01/19/2014 06:25:14 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/01/19 18:25:14.460]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.178.20]
Error: (01/19/2014 06:18:07 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/01/19 18:18:07.601]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.178.20]
Error: (01/19/2014 06:15:01 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/01/19 18:15:01.613]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.178.20]
Error: (01/19/2014 05:45:25 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/01/19 17:45:25.160]: [00002160]: GetDeviceIpAddress: GetAddressByName [BRN001BA95A3E1B] Error
Error: (01/18/2014 03:58:01 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {f4a53f49-fec7-4cf0-a3cf-9246e37b604b}
Error: (01/18/2014 03:48:41 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/01/18 15:48:41.676]: [00002184]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.178.20]
System errors:
=============
Error: (01/20/2014 10:55:22 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.
Error: (01/20/2014 10:53:23 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error: (01/20/2014 10:52:45 AM) (Source: Service Control Manager) (User: )
Description: Dienst "SQL Server VSS Writer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/20/2014 10:52:04 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error: (01/20/2014 09:07:13 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Bluetooth-Unterstützungsdienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/20/2014 09:07:13 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bluetooth-Unterstützungsdienst erreicht.
Error: (01/20/2014 09:06:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error: (01/20/2014 09:06:42 AM) (Source: DCOM) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (01/20/2014 09:06:42 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/20/2014 09:06:42 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.
Microsoft Office Sessions:
=========================
Error: (01/20/2014 01:39:14 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2014/01/20 13:39:14.649]: [00002144]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.178.20]
Error: (01/20/2014 10:43:37 AM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {dc672767-a0f2-4656-b2b7-2344b24b0abb}
Error: (01/19/2014 08:02:57 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2014/01/19 20:02:57.464]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.178.20]
Error: (01/19/2014 08:01:48 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2014/01/19 20:01:48.436]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.178.20]
Error: (01/19/2014 06:25:14 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2014/01/19 18:25:14.460]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.178.20]
Error: (01/19/2014 06:18:07 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2014/01/19 18:18:07.601]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.178.20]
Error: (01/19/2014 06:15:01 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2014/01/19 18:15:01.613]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.178.20]
Error: (01/19/2014 05:45:25 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2014/01/19 17:45:25.160]: [00002160]: GetDeviceIpAddress: GetAddressByName [BRN001BA95A3E1B] Error
Error: (01/18/2014 03:58:01 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {f4a53f49-fec7-4cf0-a3cf-9246e37b604b}
Error: (01/18/2014 03:48:41 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2014/01/18 15:48:41.676]: [00002184]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.178.20]
==================== Memory info ===========================
Percentage of memory in use: 66%
Total physical RAM: 3060.45 MB
Available physical RAM: 1029.75 MB
Total Pagefile: 6119.2 MB
Available Pagefile: 3038.51 MB
Total Virtual: 2047.88 MB
Available Virtual: 1911.3 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:141.49 GB) (Free:20.96 GB) NTFS
Drive d: () (Fixed) (Total:141.5 GB) (Free:70.79 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 97265681)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=141 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=141 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 19-01-2014 03
Ran by steffen at 2014-01-20 15:34:35
Running from C:\Users\steffen\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Accelerometer (Version: 1.06.08.45 - STMicroelectronics)
Adobe Flash Player 10 ActiveX (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) - Deutsch (Version: 11.0.03 - Adobe Systems Incorporated)
AnyPC Client (Version: 1.0.0.25 - Doctorsoft)
Apple Application Support (Version: 2.3.4 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (Version: 1.0.2.1119 - Atheros)
Avira Free Antivirus (Version: 14.0.2.286 - Avira)
BatteryLifeExtender (Version: 1.0.1 - Samsung)
Brother MFL-Pro Suite MFC-5890CN (Version: 1.0.1.0 - Brother Industries, Ltd.)
ChargeableUSB (Version: 1.0.0.0 - SAMSUNG)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite (Version: 6.0.2806 - CyberLink Corp.)
CyberLink DVD Suite (Version: 6.0.2806 - CyberLink Corp.) Hidden
CyberLink LabelPrint (Version: 2.5.1916 - CyberLink Corp.)
CyberLink LabelPrint (Version: 2.5.1916 - CyberLink Corp.) Hidden
CyberLink Power2Go (Version: 6.0.3108a - CyberLink Corp.)
CyberLink Power2Go (Version: 6.0.3108a - CyberLink Corp.) Hidden
CyberLink PowerDirector (Version: 7.0.3213 - CyberLink Corp.)
CyberLink PowerDirector (Version: 7.0.3213 - CyberLink Corp.) Hidden
CyberLink PowerDVD 8 (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerDVD 8 (Version: 8.0.2815b - CyberLink Corp.) Hidden
CyberLink PowerProducer (Version: 5.0.1.1812 - CyberLink Corp.)
CyberLink PowerProducer (Version: 5.0.1.1812 - CyberLink Corp.) Hidden
CyberLink YouCam (Version: 2.0.3707 - CyberLink Corp.)
CyberLink YouCam (Version: 2.0.3707 - CyberLink Corp.) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
dm-Fotowelt (Version: 5.1.2 - CEWE COLOR AG u Co. OHG)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
Easy Display Manager (Version: 3.1 - Samsung Electronics Co., Ltd.)
Easy Network Manager (Version: 4.2.8 - Samsung)
Easy SpeedUp Manager (Version: 3.0.0.6 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (Version: 4.0.0.3 - Samsung)
Elevated Installer (Version: 2.2.20 - Garmin Ltd or its subsidiaries) Hidden
f4 2012 (Version: - audiotranskription.de)
Facebook Video Calling 2.0.0.447 (Version: 2.0.447 - Skype Limited)
Finale NotePad 2012 (Version: 2012..r1.1 - MakeMusic)
Foxtab (Version: - FoxTab) <==== ATTENTION
FreeMake Toolbar (Version: 6.8.9.0 - FreeMake)
Freemake Video Downloader (Version: 3.5.1 - Ellora Assets Corporation)
Garmin Express (Version: 2.2.20 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 2.2.20 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (Version: 2.2.20 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (Version: 32.0.1700.76 - Google Inc.)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
ICQ7.6 (Version: 7.6 - ICQ)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) PROSet/Wireless WiFi Software (Version: 13.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 9.5.4.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (Version: 01.01.01.1007 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (Version: 1.0.186.6 - Intel)
Java 7 Update 45 (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Korean Fonts Support For Adobe Reader 9 (Version: 9.0.0 - Adobe Systems Incorporated)
LSI HDA Modem (Version: 2.2.97 - LSI Corporation)
Marvell Miniport Driver (Version: 11.22.3.3 - Marvell)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (Version: 2.9 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (Version: 1.10 - NVIDIA Corporation)
OpenOffice 4.0.0 (Version: 4.00.9702 - Apache Software Foundation)
PaperPort Image Printer (Version: 1.00.0000 - Nuance Communications, Inc.)
PDF Architect (Version: 1.0.52.8917 - pdfforge)
PDF24 Creator 5.7.0 (Version: - PDF24.org)
PDFCreator (Version: 1.6.2 - pdfforge)
PerfectTablePlan 5.1.1 (Version: - Oryx Digital Ltd)
QuickTime (Version: 7.74.80.86 - Apple Inc.)
Readiris Pro 10 (Version: - )
Realtek High Definition Audio Driver (Version: 6.0.1.6013 - Realtek Semiconductor Corp.)
Samsung Recovery Solution 4 (Version: 4.0.0.6 - Samsung)
Samsung SCX-4500 Series (Version: - Samsung Electronics CO.,LTD)
Samsung Support Center (Version: 1.1.0 - Samsung)
Samsung Update Plus (Version: 2.0 - Samsung Electronics Co., Ltd.)
ScanSoft PaperPort 11 (Version: 11.2.0000 - Nuance Communications, Inc.)
Skype™ 6.11 (Version: 6.11.102 - Skype Technologies S.A.)
SmarThru 4 (Version: - )
Synaptics Pointing Device Driver (Version: 14.0.10.0 - Synaptics Incorporated)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (Version: 9.00.3042.00 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Zip Extractor (HKCU Version: - Update for Zip Extractor) <==== ATTENTION
User Guide (Version: 1.0 - )
VLC media player 1.1.11 (Version: 1.1.11 - VideoLAN)
VuuPC, You're Always a Click Away! (Version: 1.0.0.265 - VuuPC Limited)
WIDCOMM Bluetooth Software (Version: 6.2.1.800 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) (Version: 09/11/2009 6.2.0.9407 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinPcap 4.1.2 (Version: 4.1.0.2001 - CACE Technologies)
WinRAR (Version: - )
==================== Restore Points =========================
09-01-2014 10:50:08 TuneUp Utilities 2014 wird entfernt
09-01-2014 10:51:49 TuneUp Utilities 2014 (de-DE) wird entfernt
15-01-2014 21:20:02 Windows Update
18-01-2014 14:58:09 Uniblue SpeedUpMyPC installation
18-01-2014 15:02:29 Installed OpenOffice 4.0.0
20-01-2014 09:43:41 RegClean Pro Mo, Jan 20, 14 10:43
==================== Hosts content: ==========================
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {1379FE3F-3A28-471E-A420-4BBEFA912DF4} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-04-20] ()
Task: {1D995AB7-A868-46D6-B50A-F678CD63D5BD} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-10-16] (SAMSUNG Electronics co., LTD.)
Task: {326A118E-3AB9-4E19-A6AB-0A09EA2CDCD3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2096383324-2889373705-592675725-1000Core => C:\Users\steffen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-24] (Facebook Inc.)
Task: {436946A4-8016-4CCF-A9D0-B121190C28F6} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {45A8B007-B1CC-4157-84B1-CA0047D07A90} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2009-12-14] (SAMSUNG Electronics)
Task: {5150384C-4986-4253-AF59-E5ADEBD8A293} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2010-03-05] (Samsung Electronics Co., Ltd.)
Task: {56341EF7-7330-46B6-A1EA-5A1A593630EC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2096383324-2889373705-592675725-1000UA => C:\Users\steffen\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-24] (Facebook Inc.)
Task: {5ECEBFCF-DB4E-49FA-B5BE-97C2342E335D} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2009-11-19] (Samsung Electronics. Co. Ltd.)
Task: {80F05905-E34E-47E4-9393-95B8E9626536} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-11-11] (Samsung Electronics Co., Ltd.)
Task: {94F4355D-9C5F-4245-ACB0-7F50F606F001} - System32\Tasks\APSchedulerC => C:\Program Files\AnyPC Client\APLanMgrC.exe [2009-11-20] (DoctorSoft)
Task: {C8488655-83F7-4B5C-87D3-B9AC1CF3C90E} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-13] (Adobe Systems Incorporated)
Task: {D1D7C3E2-BA2F-4B5D-9A71-2521A563B035} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2096383324-2889373705-592675725-1000Core.job => C:\Users\steffen\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2096383324-2889373705-592675725-1000UA.job => C:\Users\steffen\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1cef0f5cccf2e3e.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2009-06-03 12:59 - 2009-06-03 12:59 - 00619816 ____N () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2009-06-03 12:59 - 2009-06-03 12:59 - 00013096 ____N () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2010-08-04 21:17 - 2007-01-09 11:29 - 00184320 _____ () C:\Program Files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\IMFilter.dll
2010-08-04 21:17 - 2007-01-09 11:30 - 01384520 _____ () C:\Program Files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\ssole.dll
2011-01-05 10:57 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\steffen\AppData\Roaming\Dropbox\bin\libcef.dll
2014-01-16 08:27 - 2014-01-11 11:28 - 00715544 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
2014-01-16 08:27 - 2014-01-11 11:28 - 00100120 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\libegl.dll
2014-01-16 08:27 - 2014-01-11 11:29 - 04055320 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-16 08:27 - 2014-01-11 11:29 - 00399640 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-16 08:27 - 2014-01-11 11:28 - 01634584 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
2014-01-16 08:27 - 2014-01-11 11:29 - 13615896 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== Faulty Device Manager Devices =============
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/20/2014 01:39:14 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/01/20 13:39:14.649]: [00002144]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.178.20]
Error: (01/20/2014 10:43:37 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {dc672767-a0f2-4656-b2b7-2344b24b0abb}
Error: (01/19/2014 08:02:57 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/01/19 20:02:57.464]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.178.20]
Error: (01/19/2014 08:01:48 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/01/19 20:01:48.436]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.178.20]
Error: (01/19/2014 06:25:14 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/01/19 18:25:14.460]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.178.20]
Error: (01/19/2014 06:18:07 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/01/19 18:18:07.601]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.178.20]
Error: (01/19/2014 06:15:01 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/01/19 18:15:01.613]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.178.20]
Error: (01/19/2014 05:45:25 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/01/19 17:45:25.160]: [00002160]: GetDeviceIpAddress: GetAddressByName [BRN001BA95A3E1B] Error
Error: (01/18/2014 03:58:01 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {f4a53f49-fec7-4cf0-a3cf-9246e37b604b}
Error: (01/18/2014 03:48:41 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/01/18 15:48:41.676]: [00002184]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.178.20]
System errors:
=============
Error: (01/20/2014 10:55:22 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.
Error: (01/20/2014 10:53:23 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error: (01/20/2014 10:52:45 AM) (Source: Service Control Manager) (User: )
Description: Dienst "SQL Server VSS Writer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/20/2014 10:52:04 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error: (01/20/2014 09:07:13 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Bluetooth-Unterstützungsdienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/20/2014 09:07:13 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bluetooth-Unterstützungsdienst erreicht.
Error: (01/20/2014 09:06:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error: (01/20/2014 09:06:42 AM) (Source: DCOM) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (01/20/2014 09:06:42 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/20/2014 09:06:42 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.
Microsoft Office Sessions:
=========================
Error: (01/20/2014 01:39:14 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2014/01/20 13:39:14.649]: [00002144]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.178.20]
Error: (01/20/2014 10:43:37 AM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {dc672767-a0f2-4656-b2b7-2344b24b0abb}
Error: (01/19/2014 08:02:57 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2014/01/19 20:02:57.464]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.178.20]
Error: (01/19/2014 08:01:48 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2014/01/19 20:01:48.436]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.178.20]
Error: (01/19/2014 06:25:14 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2014/01/19 18:25:14.460]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.178.20]
Error: (01/19/2014 06:18:07 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2014/01/19 18:18:07.601]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.178.20]
Error: (01/19/2014 06:15:01 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2014/01/19 18:15:01.613]: [00002160]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.178.20]
Error: (01/19/2014 05:45:25 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2014/01/19 17:45:25.160]: [00002160]: GetDeviceIpAddress: GetAddressByName [BRN001BA95A3E1B] Error
Error: (01/18/2014 03:58:01 PM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {f4a53f49-fec7-4cf0-a3cf-9246e37b604b}
Error: (01/18/2014 03:48:41 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2014/01/18 15:48:41.676]: [00002184]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.178.20]
==================== Memory info ===========================
Percentage of memory in use: 66%
Total physical RAM: 3060.45 MB
Available physical RAM: 1029.75 MB
Total Pagefile: 6119.2 MB
Available Pagefile: 3038.51 MB
Total Virtual: 2047.88 MB
Available Virtual: 1911.3 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:141.49 GB) (Free:20.96 GB) NTFS
Drive d: () (Fixed) (Total:141.5 GB) (Free:70.79 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 97265681)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=141 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=141 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
20.01.2014, 15:51
| #10 |
| /// TB-Ausbilder | Extended Protection 2.1 Schritt 1
Schritt 2 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 3 Starte noch einmal FRST.
Bitte poste in deiner nächsten Antwort:
__________________ cheers, Leo |
|
20.01.2014, 19:34
| #11 |
| | Extended Protection 2.1 AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.017 - Bericht erstellt am 20/01/2014 um 18:40:30
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : steffen - STEFFEN-PC
# Gestartet von : C:\Users\steffen\Downloads\adwcleaner (1).exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\prefs.js ]
-\\ Google Chrome v32.0.1700.76
[ Datei : C:\Users\steffen\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [63536 octets] - [20/01/2014 10:45:57]
AdwCleaner[R1].txt - [1286 octets] - [20/01/2014 18:39:47]
AdwCleaner[S0].txt - [59284 octets] - [20/01/2014 10:48:40]
AdwCleaner[S1].txt - [1207 octets] - [20/01/2014 18:40:30]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1267 octets] ##########
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-01-2014 03
Ran by steffen (administrator) on STEFFEN-PC on 20-01-2014 19:33:04
Running from C:\Users\steffen\Downloads
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Ellora Assets Corp.) C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
() C:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
(DoctorSoft) C:\Program Files\AnyPC Client\APLangApp.exe
() C:\Program Files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\Scan2pc.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Facebook Inc.) C:\Users\steffen\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\steffen\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\Driver\10\Intel 32\IDriver.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NvCplDaemon] - C:\windows\system32\NvCpl.dll [13834856 2010-02-09] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8129056 2009-12-26] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1578280 2009-10-10] (Synaptics Incorporated)
HKLM\...\Run: [FreeFallProtection] - C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe [2482176 2010-02-22] ()
HKLM\...\Run: [UpdateLBPShortCut] - C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [UpdateP2GoShortCut] - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDRShortCut] - C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM\...\Run: [RemoteControl8] - C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [PDVD8LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [UpdatePPShortCut] - C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] - C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-07-21] (CyberLink Corp.)
HKLM\...\Run: [APLangApp] - C:\Program Files\AnyPC Client\APLangApp.exe [13312 2009-11-20] (DoctorSoft)
HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [Logan_S2P] - C:\Program Files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\Scan2pc.exe [253952 2007-06-11] ()
HKLM\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\SSMMgr.exe [552960 2009-03-09] ()
HKLM\...\Run: [SSBkgdUpdate] - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] - C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM\...\Run: [BrMfcWnd] - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] - C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [PDFPrint] - C:\Program Files\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [msnmsgr] - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [Facebook Update] - C:\Users\steffen\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-24] (Facebook Inc.)
HKCU\...\Run: [GarminExpressTrayApp] - C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1093464 2013-08-15] (Garmin Ltd or its subsidiaries)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
MountPoints2: F - F:\LaunchU3.exe -a
MountPoints2: {6dc14340-db68-11df-9657-00245489d605} - F:\LaunchU3.exe -a
AppInit_DLLs: => File Not Found
Startup: C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\steffen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - (No Name) - {adca5064-9e30-43fe-9856-58b07a3149fe} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {F09C2463-3A11-4976-AF62-CB3D8067B60D} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3322950&CUI=UN12248898314691135&UM=2
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name - {adca5064-9e30-43fe-9856-58b07a3149fe} - No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - C:\windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {ADCA5064-9E30-43FE-9856-58B07A3149FE} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\steffen\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\searchplugins\freemiuma-customized-web-search.xml
FF SearchPlugin: C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Garmin Communicator - C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-25]
FF Extension: WEB.DE MailCheck - C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\Extensions\toolbar@web.de.xpi [2013-09-02]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\9aitxy85.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]
FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-03-16]
Chrome:
=======
CHR Extension: (Google Wallet) - C:\Users\steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-12]
CHR HKLM\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-09-12]
CHR HKLM\...\Chrome\Extension: [dbgalemaidlifaeappogmgmgifhkfkee] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-09-12]
CHR HKLM\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-09-12]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
========================== Services (Whitelisted) =================
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-03-28] (LSI Corporation)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-05-14] (Ellora Assets Corp.)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [220504 2013-08-15] (Garmin Ltd or its subsidiaries)
R2 InstallFilterService; C:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe [60928 2010-02-10] ()
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
==================== Drivers (Whitelisted) ====================
R3 Acceler; C:\Windows\System32\DRIVERS\Acceler.sys [42416 2010-02-10] (ST Microelectronics)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2010-06-10] (Windows (R) 2003 DDK 3790 provider)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [14808 2009-11-02] ()
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-20 18:39 - 2014-01-20 18:39 - 01236282 _____ C:\Users\steffen\Downloads\adwcleaner (1).exe
2014-01-20 17:09 - 2014-01-20 17:09 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FORTE
2014-01-20 17:08 - 2014-01-20 17:08 - 00000000 ____D C:\Program Files\FORTE
2014-01-20 17:08 - 2008-12-11 16:15 - 00155648 _____ (Viscom Software www.viscomsoft.com) C:\windows\system32\AudioCapture.ocx
2014-01-20 17:08 - 2008-12-08 00:19 - 00155648 _____ (Viscom Software www.viscomsoft.com) C:\windows\system32\viscomwaveform.dll
2014-01-20 17:08 - 2004-08-04 07:00 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\msxml.DLL
2014-01-20 17:08 - 2004-08-04 07:00 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\msxmlr.DLL
2014-01-20 17:08 - 2004-02-07 23:53 - 00856064 _____ (Essien Research & Development) C:\windows\system32\mpgfiltr.ax
2014-01-20 17:08 - 2003-08-19 19:31 - 00081920 _____ (Viscom Software) C:\windows\system32\viscomwave.dll
2014-01-20 17:08 - 2003-02-21 09:42 - 00348160 _____ (Microsoft Corporation) C:\windows\system32\MSVCR71.DLL
2014-01-20 17:06 - 2014-01-20 17:07 - 32229544 _____ C:\Users\steffen\Downloads\Setup_FORTE5Free_de.exe
2014-01-20 10:54 - 2014-01-20 10:54 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-01-20 10:45 - 2014-01-20 18:40 - 00000000 ____D C:\AdwCleaner
2014-01-20 10:45 - 2014-01-20 10:45 - 01236282 _____ C:\Users\steffen\Downloads\adwcleaner.exe
2014-01-20 10:45 - 2014-01-20 10:45 - 01236282 _____ C:\Users\steffen\Downloads\adwcleaner(1).exe
2014-01-20 10:38 - 2012-07-25 12:03 - 00017136 _____ C:\windows\system32\sasnative32.exe
2014-01-20 10:37 - 2014-01-20 10:37 - 00000109 _____ C:\Users\steffen\AppData\Roaming\WB.CFG
2014-01-20 10:37 - 2014-01-20 10:37 - 00000005 _____ C:\Users\steffen\AppData\Roaming\WBPU-TTL.DAT
2014-01-20 10:36 - 2014-01-20 10:36 - 00680584 _____ ( ) C:\Users\steffen\Downloads\ZipExtractorSetup.exe
2014-01-20 10:36 - 2014-01-20 10:36 - 00000000 ____D C:\Users\steffen\AppData\Roaming\DigitalSites
2014-01-19 18:22 - 2014-01-20 15:35 - 00024855 _____ C:\Users\steffen\Downloads\Addition.txt
2014-01-19 18:21 - 2014-01-20 19:33 - 00017493 _____ C:\Users\steffen\Downloads\FRST.txt
2014-01-19 18:21 - 2014-01-19 18:21 - 00000000 ____D C:\FRST
2014-01-19 18:20 - 2014-01-19 18:21 - 01221120 _____ (Farbar) C:\Users\steffen\Downloads\FRST.exe
2014-01-19 18:19 - 2014-01-19 18:20 - 02076672 _____ (Farbar) C:\Users\steffen\Downloads\FRST64.exe
2014-01-19 11:41 - 2014-01-19 22:56 - 00000000 ____D C:\Users\steffen\Desktop\Gruppenarbeit Entfaltung
2014-01-19 11:40 - 2014-01-19 22:29 - 00000000 ____D C:\Users\steffen\Desktop\Musik-referat
2014-01-18 16:14 - 2014-01-18 16:14 - 00000000 ____D C:\Users\steffen\AppData\Roaming\OpenOffice
2014-01-18 16:04 - 2014-01-18 16:04 - 00001070 _____ C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2014-01-18 16:02 - 2014-01-18 16:14 - 00000000 ____D C:\Program Files\OpenOffice 4
2014-01-18 16:01 - 2014-01-18 16:02 - 00000000 ____D C:\Users\steffen\Desktop\OpenOffice 4.0.0 (en-US) Installation Files
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 ____D C:\Users\steffen\AppData\Local\cache
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 ____D C:\Users\steffen\.android
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 _____ C:\Users\steffen\daemonprocess.txt
2014-01-18 10:38 - 2014-01-18 10:38 - 00000000 ____D C:\Users\steffen\AppData\Local\CRE
2014-01-18 10:36 - 2014-01-18 11:25 - 00000000 ____D C:\Program Files\Sweet Home 3D
2014-01-18 10:35 - 2014-01-18 10:36 - 33746304 _____ (eTeks ) C:\Users\steffen\Desktop\SweetHome3D-4-2-windows-oc.exe
2014-01-15 21:53 - 2013-11-27 02:14 - 00258560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00024064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2014-01-15 21:53 - 2013-11-27 02:13 - 00006016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-01-15 21:53 - 2013-11-26 12:11 - 00240576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-01-15 21:53 - 2013-11-26 11:10 - 02349056 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-01-10 12:00 - 2014-01-11 11:01 - 00000000 ____D C:\Users\steffen\Desktop\LI
2014-01-09 11:52 - 2014-01-20 10:49 - 00001037 _____ C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-01-09 10:49 - 2014-01-09 11:16 - 00000000 ____D C:\ProgramData\TuneUp Software
2014-01-09 10:49 - 2014-01-09 10:49 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-09 10:49 - 2014-01-09 10:49 - 00000000 ____D C:\Users\steffen\AppData\Roaming\TuneUp Software
2014-01-09 10:45 - 2014-01-18 16:55 - 00000000 ____D C:\Users\steffen\AppData\Roaming\DVDVideoSoft
2014-01-03 23:08 - 2014-01-06 11:49 - 00000000 ____D C:\Users\steffen\Documents\Ahnenblatt
2014-01-03 23:08 - 2014-01-06 11:49 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Ahnenblatt
2014-01-03 22:27 - 2014-01-03 22:29 - 00000000 ____D C:\Users\steffen\Documents\MyHeritage
2014-01-03 22:26 - 2004-12-07 11:11 - 00258352 _____ (Microsoft Corporation) C:\windows\system32\unicows.dll
2014-01-03 22:25 - 2014-01-06 11:49 - 00000000 ____D C:\Program Files\MyHeritage
2014-01-03 13:10 - 2014-01-06 11:47 - 00000444 __RSH C:\Users\steffen\ntuser.pol
2014-01-03 13:10 - 2014-01-03 13:10 - 00001072 _____ C:\Users\Public\Desktop\Finale NotePad 2012.lnk
2014-01-03 13:09 - 2014-01-03 13:10 - 00000000 ____D C:\Program Files\Finale NotePad 2012
2014-01-03 13:07 - 2014-01-03 13:09 - 103516232 _____ (MakeMusic) C:\Users\steffen\Desktop\InstallFinaleNotePad2012.exe
2014-01-03 11:46 - 2014-01-03 11:47 - 00000000 ____D C:\Users\steffen\.lilypond-fonts.cache-2
2014-01-03 11:36 - 2014-01-03 11:36 - 00000027 _____ C:\windows\{_ini}
2014-01-03 11:36 - 2014-01-03 11:36 - 00000000 ____D C:\Users\steffen\Documents\schobuk
==================== One Month Modified Files and Folders =======
2014-01-20 19:33 - 2014-01-19 18:21 - 00017493 _____ C:\Users\steffen\Downloads\FRST.txt
2014-01-20 18:49 - 2009-07-14 05:34 - 00014752 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-20 18:49 - 2009-07-14 05:34 - 00014752 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-20 18:45 - 2010-03-16 18:54 - 01822934 _____ C:\windows\WindowsUpdate.log
2014-01-20 18:44 - 2011-07-18 15:14 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Dropbox
2014-01-20 18:43 - 2011-07-18 15:16 - 00000000 ___RD C:\Users\steffen\Dropbox
2014-01-20 18:42 - 2010-08-04 11:26 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-01-20 18:41 - 2013-06-10 17:03 - 00016043 _____ C:\windows\setupact.log
2014-01-20 18:40 - 2014-01-20 10:45 - 00000000 ____D C:\AdwCleaner
2014-01-20 18:39 - 2014-01-20 18:39 - 01236282 _____ C:\Users\steffen\Downloads\adwcleaner (1).exe
2014-01-20 18:38 - 2010-08-04 11:36 - 00139008 _____ C:\Users\steffen\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-20 18:29 - 2013-05-13 10:35 - 00000000 ____D C:\Users\steffen\Desktop\Jens
2014-01-20 17:12 - 2009-07-14 05:33 - 00479552 _____ C:\windows\system32\FNTCACHE.DAT
2014-01-20 17:10 - 2013-08-03 20:45 - 00000000 ____D C:\Users\steffen\Desktop\JULE + JENS
2014-01-20 17:09 - 2014-01-20 17:09 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FORTE
2014-01-20 17:08 - 2014-01-20 17:08 - 00000000 ____D C:\Program Files\FORTE
2014-01-20 17:08 - 2013-08-21 18:39 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-20 17:07 - 2014-01-20 17:06 - 32229544 _____ C:\Users\steffen\Downloads\Setup_FORTE5Free_de.exe
2014-01-20 15:35 - 2014-01-19 18:22 - 00024855 _____ C:\Users\steffen\Downloads\Addition.txt
2014-01-20 13:59 - 2013-09-02 21:06 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Skype
2014-01-20 10:54 - 2014-01-20 10:54 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-01-20 10:49 - 2014-01-09 11:52 - 00001037 _____ C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-01-20 10:49 - 2013-09-12 08:38 - 00001236 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-20 10:49 - 2010-08-04 17:09 - 00001007 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-20 10:49 - 2010-08-04 11:46 - 00001152 _____ C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-20 10:48 - 2010-08-12 20:32 - 00000000 ____D C:\ProgramData\ICQ
2014-01-20 10:45 - 2014-01-20 10:45 - 01236282 _____ C:\Users\steffen\Downloads\adwcleaner.exe
2014-01-20 10:45 - 2014-01-20 10:45 - 01236282 _____ C:\Users\steffen\Downloads\adwcleaner(1).exe
2014-01-20 10:37 - 2014-01-20 10:37 - 00000109 _____ C:\Users\steffen\AppData\Roaming\WB.CFG
2014-01-20 10:37 - 2014-01-20 10:37 - 00000005 _____ C:\Users\steffen\AppData\Roaming\WBPU-TTL.DAT
2014-01-20 10:36 - 2014-01-20 10:36 - 00680584 _____ ( ) C:\Users\steffen\Downloads\ZipExtractorSetup.exe
2014-01-20 10:36 - 2014-01-20 10:36 - 00000000 ____D C:\Users\steffen\AppData\Roaming\DigitalSites
2014-01-20 10:21 - 2009-07-26 21:06 - 01498742 _____ C:\windows\system32\PerfStringBackup.INI
2014-01-19 22:56 - 2014-01-19 11:41 - 00000000 ____D C:\Users\steffen\Desktop\Gruppenarbeit Entfaltung
2014-01-19 22:29 - 2014-01-19 11:40 - 00000000 ____D C:\Users\steffen\Desktop\Musik-referat
2014-01-19 18:21 - 2014-01-19 18:21 - 00000000 ____D C:\FRST
2014-01-19 18:21 - 2014-01-19 18:20 - 01221120 _____ (Farbar) C:\Users\steffen\Downloads\FRST.exe
2014-01-19 18:20 - 2014-01-19 18:19 - 02076672 _____ (Farbar) C:\Users\steffen\Downloads\FRST64.exe
2014-01-19 11:41 - 2013-12-12 11:34 - 00119296 ___SH C:\Users\steffen\Desktop\Thumbs.db
2014-01-19 11:24 - 2010-03-16 03:04 - 00787534 _____ C:\windows\PFRO.log
2014-01-18 16:55 - 2014-01-09 10:45 - 00000000 ____D C:\Users\steffen\AppData\Roaming\DVDVideoSoft
2014-01-18 16:14 - 2014-01-18 16:14 - 00000000 ____D C:\Users\steffen\AppData\Roaming\OpenOffice
2014-01-18 16:14 - 2014-01-18 16:02 - 00000000 ____D C:\Program Files\OpenOffice 4
2014-01-18 16:04 - 2014-01-18 16:04 - 00001070 _____ C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2014-01-18 16:02 - 2014-01-18 16:01 - 00000000 ____D C:\Users\steffen\Desktop\OpenOffice 4.0.0 (en-US) Installation Files
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 ____D C:\Users\steffen\AppData\Local\cache
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 ____D C:\Users\steffen\.android
2014-01-18 15:58 - 2014-01-18 15:58 - 00000000 _____ C:\Users\steffen\daemonprocess.txt
2014-01-18 11:25 - 2014-01-18 10:36 - 00000000 ____D C:\Program Files\Sweet Home 3D
2014-01-18 10:38 - 2014-01-18 10:38 - 00000000 ____D C:\Users\steffen\AppData\Local\CRE
2014-01-18 10:36 - 2014-01-18 10:35 - 33746304 _____ (eTeks ) C:\Users\steffen\Desktop\SweetHome3D-4-2-windows-oc.exe
2014-01-17 14:23 - 2009-07-14 03:37 - 00000000 ____D C:\windows\system32\NDF
2014-01-17 13:55 - 2013-03-20 20:35 - 00000000 ____D C:\Users\steffen\Meins
2014-01-16 08:58 - 2011-07-18 15:14 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-15 22:22 - 2013-08-20 16:45 - 00000000 ____D C:\windows\system32\MRT
2014-01-15 22:20 - 2010-10-21 12:35 - 83425928 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-01-11 11:01 - 2014-01-10 12:00 - 00000000 ____D C:\Users\steffen\Desktop\LI
2014-01-09 11:16 - 2014-01-09 10:49 - 00000000 ____D C:\ProgramData\TuneUp Software
2014-01-09 10:49 - 2014-01-09 10:49 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-09 10:49 - 2014-01-09 10:49 - 00000000 ____D C:\Users\steffen\AppData\Roaming\TuneUp Software
2014-01-09 10:47 - 2011-02-04 19:04 - 00000000 ____D C:\Program Files\Freemake
2014-01-09 10:46 - 2011-02-04 18:17 - 00000000 ____D C:\Users\steffen\Documents\DVDVideoSoft
2014-01-06 21:49 - 2010-12-02 09:01 - 00132216 _____ C:\Users\steffen\AppData\Roaming\GDIPFONTCACHEV1.DAT
2014-01-06 11:49 - 2014-01-03 23:08 - 00000000 ____D C:\Users\steffen\Documents\Ahnenblatt
2014-01-06 11:49 - 2014-01-03 23:08 - 00000000 ____D C:\Users\steffen\AppData\Roaming\Ahnenblatt
2014-01-06 11:49 - 2014-01-03 22:25 - 00000000 ____D C:\Program Files\MyHeritage
2014-01-06 11:47 - 2014-01-03 13:10 - 00000444 __RSH C:\Users\steffen\ntuser.pol
2014-01-03 22:29 - 2014-01-03 22:27 - 00000000 ____D C:\Users\steffen\Documents\MyHeritage
2014-01-03 13:10 - 2014-01-03 13:10 - 00001072 _____ C:\Users\Public\Desktop\Finale NotePad 2012.lnk
2014-01-03 13:10 - 2014-01-03 13:09 - 00000000 ____D C:\Program Files\Finale NotePad 2012
2014-01-03 13:10 - 2009-07-14 03:37 - 00000000 ___HD C:\windows\system32\GroupPolicy
2014-01-03 13:09 - 2014-01-03 13:07 - 103516232 _____ (MakeMusic) C:\Users\steffen\Desktop\InstallFinaleNotePad2012.exe
2014-01-03 11:47 - 2014-01-03 11:46 - 00000000 ____D C:\Users\steffen\.lilypond-fonts.cache-2
2014-01-03 11:38 - 2009-07-14 05:52 - 00000000 ____D C:\windows\system32\FxsTmp
2014-01-03 11:36 - 2014-01-03 11:36 - 00000027 _____ C:\windows\{_ini}
2014-01-03 11:36 - 2014-01-03 11:36 - 00000000 ____D C:\Users\steffen\Documents\schobuk
2014-01-03 09:53 - 2012-05-15 10:08 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
Some content of TEMP:
====================
C:\Users\steffen\AppData\Local\Temp\avgnt.exe
C:\Users\steffen\AppData\Local\Temp\BackupSetup.exe
C:\Users\steffen\AppData\Local\Temp\detectionapi_rd.dll
C:\Users\steffen\AppData\Local\Temp\directx9tests_rd.dll
C:\Users\steffen\AppData\Local\Temp\DLG_shopping-toolbar_softonic_de-DE.exe
C:\Users\steffen\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\steffen\AppData\Local\Temp\eauninstall.exe
C:\Users\steffen\AppData\Local\Temp\ForteDependencies.exe
C:\Users\steffen\AppData\Local\Temp\ICReinstall_Setup.exe
C:\Users\steffen\AppData\Local\Temp\install_reader11_de_mssa_aaa_aih.exe
C:\Users\steffen\AppData\Local\Temp\iobwnedxjvdevl.exe
C:\Users\steffen\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\steffen\AppData\Local\Temp\local.dll
C:\Users\steffen\AppData\Local\Temp\mfc80.dll
C:\Users\steffen\AppData\Local\Temp\mfc80u.dll
C:\Users\steffen\AppData\Local\Temp\mfcm80.dll
C:\Users\steffen\AppData\Local\Temp\mfcm80u.dll
C:\Users\steffen\AppData\Local\Temp\msvcm80.dll
C:\Users\steffen\AppData\Local\Temp\msvcp80.dll
C:\Users\steffen\AppData\Local\Temp\msvcr80.dll
C:\Users\steffen\AppData\Local\Temp\Need for Speed Most Wanted_uninst.exe
C:\Users\steffen\AppData\Local\Temp\nsb634B.exe
C:\Users\steffen\AppData\Local\Temp\nsbBB08.exe
C:\Users\steffen\AppData\Local\Temp\nsdF99F.exe
C:\Users\steffen\AppData\Local\Temp\nsg5563.exe
C:\Users\steffen\AppData\Local\Temp\nsqD693.exe
C:\Users\steffen\AppData\Local\Temp\nsqF33A.exe
C:\Users\steffen\AppData\Local\Temp\nswD3E8.exe
C:\Users\steffen\AppData\Local\Temp\Quarantine.exe
C:\Users\steffen\AppData\Local\Temp\schobuk.exe
C:\Users\steffen\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\steffen\AppData\Local\Temp\Softonic_chr_1-8-29-3_cn.exe
C:\Users\steffen\AppData\Local\Temp\SPStub.exe
C:\Users\steffen\AppData\Local\Temp\tbFree.dll
C:\Users\steffen\AppData\Local\Temp\uninst1.exe
C:\Users\steffen\AppData\Local\Temp\vcredist_x86.exe
C:\Users\steffen\AppData\Local\Temp\VIS_DE-2013-12-13.exe
C:\Users\steffen\AppData\Local\Temp\VIS_DE-2013-12-13[1].exe
C:\Users\steffen\AppData\Local\Temp\_is777F.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-04 12:11
==================== End Of Log ============================
--- --- --- |
|
20.01.2014, 20:23
| #12 |
| /// TB-Ausbilder | Extended Protection 2.1 Ist jetzt alles Störende weg? Dann weiter mit ESET: ESET Online Scanner
__________________ cheers, Leo |
|
21.01.2014, 08:25
| #13 |
| | Extended Protection 2.1 ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=f7b31da943f6b043a6a5a20d5bf3cf40 # engine=16724 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2014-01-20 11:08:21 # local_time=2014-01-21 12:08:21 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1799 16775165 100 97 35889 255682591 28645 0 # compatibility_mode=5893 16776574 100 94 16630892 141890492 0 0 # scanned=188599 # found=1 # cleaned=0 # scan_time=12101 sh=D08869B2A94EFC547C3DA08F50E30C3EA74DF413 ft=1 fh=b69ea6fe25857743 vn="multiple threats" ac=I fn="C:\Users\steffen\AppData\Local\Temp\is1275519350\290958_Setup.EXE |
|
21.01.2014, 14:47
| #14 |
| /// TB-Ausbilder | Extended Protection 2.1 ok. Schritt 1 Lade dir  TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
Schritt 2 Die Version deines Adobe PDF Readers ist veraltet, wir müssen ihn updaten:
Cleanup Zum Schluss werden wir jetzt noch unsere Tools (inklusive der Quarantäne-Ordner) wegräumen, die verseuchten Systemwiederherstellungspunkte löschen und alle Einstellungen wieder herrichten. Auch diese Schritte sind noch wichtig und sollten in der angegebenen Reihenfolge ausgeführt werden.
>> OK << Wir sind durch, deine Logs sehen für mich im Moment sauber aus.  Ich habe dir nachfolgend ein paar Hinweise und Tipps zusammengestellt, die dazu beitragen sollen, dass du in Zukunft unsere Hilfe nicht mehr brauchen wirst. Bitte gib mir danach noch eine kurze Rückmeldung, wenn auch von deiner Seite keine Probleme oder Fragen mehr offen sind, damit ich dieses Thema als erledigt betrachten kann. Epilog: Tipps, Dos & Don'ts  Aktualität von System und SoftwareDas Betriebsystem Windows muss zwingend immer auf dem neusten Stand sein. Stelle sicher, dass die automatischen Updates aktiviert sind:
Auch die installierte Software sollte immer in der aktuellsten Version vorliegen. Speziell gilt das für den Browser, Java, Flash-Player und PDF-Reader, denn bekannte Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim blossen Besuch einer präparierten Website per Drive-by Download Malware zu installieren. Das kann sogar auf normalerweise legitimen Websites geschehen, wenn es einem Angreifer gelungen ist, seinen Code in die Seite einzuschleusen, und ist deshalb relativ unberechenbar.
Sicherheits-SoftwareEine Bemerkung vorneweg: Jede Softwarelösung hat ihre Schwächen. Die gesamte Verantwortung für die Sicherheit auf Software zu übertragen und einen Rundum-Schutz zu erwarten, wäre eine gefährliche Illusion. Bei unbedachtem oder bewusst risikoreichem Verhalten wird auch das beste Programm früher oder später seinen Dienst versagen (z.B. ein Virenscanner, der eine verseuchte Datei nicht erkennt). Trotzdem ist entsprechende Software natürlich wichtig und hilft dir in Kombination mit einem gut gewarteten (up-to-date) System und durchdachtem Verhalten, deinen Rechner sauber zu halten.
Es liegt in der Natur der Sache, dass die am weitesten verbreitete Anwendungs-Software auch am häufigsten von Malware-Autoren attackiert wird. Es kann daher bereits einen kleinen Sicherheitsgewinn darstellen, wenn man alternative Software (z.B. einen alternativen PDF Reader) benutzt. Anstelle des Internet Explorers kann man beispielsweise den Mozilla Firefox einsetzen, für welchen es zwei nützliche Addons zur Empfehlung gibt:
(Un-)Sicheres Verhalten im InternetNebst unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert. Der Besuch zwielichtiger Websites kann bereits Risiken bergen. Und Downloads aus dubiosen Quellen sind immer russisches Roulette. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden dazu zu bringen, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
Allgemeine HinweiseAbschliessend noch ein paar grundsätzliche Bemerkungen:
Wenn du möchtest, kannst du das Forum mit einer kleinen Spende unterstützen. Es bleibt mir nur noch, dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen. 
__________________ cheers, Leo |
|
| Themen zu Extended Protection 2.1 |
| als startseite, andere, angegeben, chrome, erweiterung, extended protection 2.1, immer wieder, kommt immer wieder, mobogenie, mobogenie entfernen, nation zoom, nation zoom entfernen, nationzoom, nationzoom entfernen, protection, seite, server, startseite, woran, öffnet |
Linear-Darstellung
