Trojaner-Board - Windows7: Wie kann ich PC Performer entfernen?

danke für die prompte Antwort und sorry wegen den Anhängen. Ich habe das #-Symbol nicht auf Anhieb gefunden.

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-01-2014 05

Ran by **** (administrator) on ****-HP on 11-01-2014 23:29:53

Running from C:\Users\****\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 10

Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe

(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe

(Samsung) C:\Program Files (x86)\SAMSUNG\PC Auto Backup\WiselinkPro.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe

(Canon Inc.) C:\Program Files (x86)\Canon\CAL\CALMAIN.exe

() C:\Program Files (x86)\SAMSUNG\PC Auto Backup\http_ss_win_pro.exe

() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(PerformerSoft LLC) C:\Program Files (x86)\PC Performer\PCPerformer.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Google Inc.) C:\Users\****\AppData\Local\Google\Update\GoogleUpdate.exe

(Samsung) C:\Program Files (x86)\SAMSUNG\PC Auto Backup\AutoBackup.exe

(Dropbox, Inc.) C:\Users\****\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe

(Microsoft Corporation) C:\Windows\splwow64.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe

(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe

(Google Inc.) C:\Users\****\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\****\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\****\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\****\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\****\AppData\Local\Google\Chrome\Application\chrome.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)

HKLM\...\Run: [BTMTrayAgent] - C:\Program Files\Motorola\Bluetooth\btmshell.dll [21709904 2011-02-15] (Motorola Solutions, Inc.)

HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)

HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2013-05-28] (IDT, Inc.)

HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)

HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-08] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2013-05-28] (Renesas Electronics Corporation)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-03-16] (EasyBits Software AS)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)

HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [HPConnectionManager] - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-06-14] (Hewlett-Packard Development Company L.P.)

HKLM-x32\...\Run: [] - [x]

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-21] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)

HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\CyberLink\Shared files\brs.exe [78352 2012-09-03] (cyberlink)

HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-12] (Hewlett-Packard)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1

HKCU\...\Run: [Google Update] - C:\Users\****\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-03-29] (Google Inc.)

HKCU\...\Policies\system: [LogonHoursAction] 2

HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\fabia****\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59280 2012-11-28] (Apple Inc.)

HKU\fabia****\...\Policies\system: [LogonHoursAction] 2

HKU\fabia****\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\janis****\...\Policies\system: [LogonHoursAction] 2

HKU\janis****\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\martina****\...\Policies\system: [LogonHoursAction] 2

HKU\martina****\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

Startup: C:\Users\fabia****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk

ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)

Startup: C:\Users\janis****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk

ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)

Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk

ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

Startup: C:\Users\martina****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk

ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/12

URLSearchHook: HKLM-x32 - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)

URLSearchHook: HKCU - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)

SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF

SearchScopes: HKLM - {38F5A39C-B565-43A6-B018-AD2184B75FEE} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ch.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}

SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF

SearchScopes: HKLM-x32 - {38F5A39C-B565-43A6-B018-AD2184B75FEE} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ch.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}

SearchScopes: HKCU - {2957A004-C540-440C-8C03-3D2522E73835} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848

SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF

SearchScopes: HKCU - {38F5A39C-B565-43A6-B018-AD2184B75FEE} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ch.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}

BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File

BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)

BHO-x32: DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)

BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)

BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)

BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)

Toolbar: HKLM-x32 - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} -  No File

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-09-03] (EasyBits Software Corp.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 

FireFox:

========

FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\w7h8p1ln.default

FF Homepage: hxxp://www.gmail.com/

FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2625848&SearchSource=2&q=

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\****\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\****\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF SearchPlugin: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\w7h8p1ln.default\searchplugins\dvdvideosofttb-de-customized-web-search.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: Evernote Web Clipper - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\w7h8p1ln.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2014-01-07]

FF Extension: Lightbeam - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\w7h8p1ln.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2013-10-25]

FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\w7h8p1ln.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]

FF Extension: Web Developer - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\w7h8p1ln.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2012-03-30]

FF Extension: SearchStatus - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\w7h8p1ln.default\Extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a}.xpi [2012-10-05]

FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2014-01-07]
 

Chrome: 

=======

CHR HomePage: hxxp://search.conduit.com/?ctid=CT2625848&SearchSource=48

CHR RestoreOnStartup: "hxxp://www.gmail.com/"

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\****\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Users\****\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()

CHR Plugin: (Shockwave Flash) - C:\Users\****\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File

CHR Plugin: (Simple Pass 2011) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0\npwebsitelogon.dll (HP)

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File

CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll No File

CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Google Update) - C:\Users\****\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File

CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File

CHR Extension: (Website Logon) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0 [2012-03-29]

CHR Extension: (DVDVideoSoftTB DE) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm\10.26.0.540_0 [2014-01-10]

CHR Extension: (YouTube) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-04-18]

CHR Extension: (Google Search) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 [2013-04-03]

CHR Extension: (Exfm) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehohhddamheegbbkabfgegbaeminghlb\4.0.0_0 [2013-12-26]

CHR Extension: (DvdVideoSoft Free Youtube Download) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0 [2012-10-05]

CHR Extension: (Google Wallet) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 [2013-12-22]

CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf\1.2.0.0_0 [2013-12-19]

CHR Extension: (Gmail) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 [2012-11-12]

CHR HKCU\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\****\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-09-20]

CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\****\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-09-22]

CHR HKLM-x32\...\Chrome\Extension: [aepeildmfnnehghlknddebgjghlompfe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-02-11]

CHR HKLM-x32\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\****\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-09-20]

CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-12-17]
 

==================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-21] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-30] (Avira Operations GmbH & Co. KG)

R2 CCALib8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [96341 2005-09-30] (Canon Inc.)

S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [245264 2012-09-03] (CyberLink)

R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3128856 2012-02-28] (devolo AG)

S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-17] (WildTangent)

R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2012-12-12] (Nero AG)

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()

R2 WiselinkPro; C:\Program Files (x86)\SAMSUNG\PC Auto Backup\WiselinkPro.exe [7262263 2012-01-18] (Samsung)
 

==================== Drivers (Whitelisted) ====================
 

S3 AVerAF35; C:\Windows\System32\Drivers\HPAF35.sys [511104 2009-10-19] (Hewlett-Packard)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-21] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-21] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-30] (Avira Operations GmbH & Co. KG)

S3 HPIR; C:\Windows\System32\DRIVERS\HPIR.sys [93184 2009-11-16] (Hewlett-Packard)

R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2012-01-31] (CACE Technologies)
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-01-11 23:29 - 2014-01-11 23:30 - 00027073 _____ C:\Users\****\Downloads\FRST.txt

2014-01-11 23:29 - 2014-01-11 23:29 - 00000000 ____D C:\FRST

2014-01-11 23:28 - 2014-01-11 23:29 - 02076672 _____ (Farbar) C:\Users\****\Downloads\FRST64.exe

2014-01-11 23:26 - 2014-01-11 23:27 - 00000470 _____ C:\Users\****\Downloads\defogger_disable.log

2014-01-11 23:26 - 2014-01-11 23:26 - 00050477 _____ C:\Users\****\Downloads\Defogger.exe

2014-01-11 23:26 - 2014-01-11 23:26 - 00000000 _____ C:\Users\****\defogger_reenable

2014-01-11 23:08 - 2014-01-11 23:08 - 00107416 _____ C:\Users\****\Downloads\Extras.Txt

2014-01-11 23:07 - 2014-01-11 23:07 - 00125606 _____ C:\Users\****\Downloads\OTL.Txt

2014-01-11 22:58 - 2014-01-11 22:58 - 00602112 _____ (OldTimer Tools) C:\Users\****\Downloads\OTL.exe

2014-01-11 22:51 - 2014-01-11 22:51 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\****\Downloads\SpyHunter-Installer.exe

2014-01-11 22:23 - 2014-01-11 22:23 - 00003082 _____ C:\Windows\System32\Tasks\{09701B05-0B58-4935-BE01-CA18C46EA3A1}

2014-01-11 15:01 - 2014-01-11 15:04 - 00477433 _____ C:\Users\janis****\Desktop\gutschein-marcel-2014.odt

2014-01-11 11:53 - 2014-01-11 11:53 - 00000000 ____D C:\Users\****\AppData\Local\{3E812BDD-AF60-43C8-B175-C8D4BD918A7B}

2014-01-11 11:36 - 2014-01-11 11:36 - 00003082 _____ C:\Windows\System32\Tasks\{73A8BBED-8B56-4E57-A9B7-D5A03BBDBD52}

2014-01-10 21:10 - 2014-01-10 21:17 - 00000910 _____ C:\Users\****\Desktop\mystop.txt

2014-01-07 21:59 - 2014-01-07 21:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2014-01-07 19:09 - 2014-01-07 19:09 - 00746832 _____ C:\Users\****\Downloads\Bildervorschläge.xlsx

2014-01-06 20:09 - 2014-01-08 20:30 - 00013312 _____ C:\Users\****\Desktop\uebersicht_ferien_2014.xls

2014-01-06 08:48 - 2014-01-06 08:48 - 00003082 _____ C:\Windows\System32\Tasks\{AC7132D2-6F88-46F9-B029-7778437167B0}

2014-01-05 18:36 - 2014-01-05 18:36 - 00000000 ____D C:\Users\fabia****\AppData\Local\Cyberlink

2014-01-05 15:26 - 2014-01-05 15:26 - 00266288 _____ C:\Windows\Minidump\010514-36504-01.dmp

2014-01-05 15:18 - 2014-01-05 15:18 - 00266288 _____ C:\Windows\Minidump\010514-35459-01.dmp

2014-01-05 15:01 - 2014-01-05 15:01 - 00003082 _____ C:\Windows\System32\Tasks\{66081758-1F99-45EC-AA4D-D68CC0B479DC}

2014-01-03 14:10 - 2014-01-03 14:10 - 00000000 ____D C:\Users\fabia****\AppData\Roaming\WebApp

2013-12-29 21:45 - 2013-12-29 21:45 - 00001196 _____ C:\Users\fabia****\Desktop\winterzit.htm

2013-12-29 21:41 - 2013-12-29 21:41 - 00020142 _____ C:\Users\fabia****\Desktop\grüeni banane.htm

2013-12-29 19:29 - 2013-12-29 19:29 - 00000156 _____ C:\Users\fabia****\Downloads\text_0 (1).txt

2013-12-29 19:28 - 2013-12-29 19:28 - 00000045 _____ C:\Users\fabia****\Downloads\text_0.txt

2013-12-23 14:04 - 2013-12-28 18:25 - 00086500 _____ C:\Users\janis****\Documents\zebras Janis.odt

2013-12-23 14:04 - 2013-12-28 18:25 - 00000110 ____H C:\Users\janis****\Documents\.~lock.zebras Janis.odt#

2013-12-22 17:53 - 2013-12-22 17:53 - 00216064 _____ C:\Users\****\Desktop\Weihnachten_Uebergangsphase.ppt

2013-12-21 17:45 - 2013-12-21 17:45 - 00000000 ____D C:\Users\janis****\Documents\Youcam

2013-12-21 17:45 - 2013-12-21 17:45 - 00000000 ____D C:\Users\janis****\AppData\Roaming\CyberLink

2013-12-21 17:45 - 2013-12-21 17:45 - 00000000 ____D C:\Users\janis****\AppData\Local\CyberLink

2013-12-21 17:40 - 2013-12-21 17:40 - 00001281 _____ C:\Users\janis****\Downloads\GoogleEarthPluginSetup - Verknüpfung.lnk

2013-12-21 17:37 - 2013-12-21 17:37 - 00000000 ____D C:\Users\janis****\AppData\Roaming\WildTangent

2013-12-21 15:18 - 2013-12-21 15:18 - 00000000 ____D C:\Users\janis****\Downloads\Neuer Ordner

2013-12-21 12:59 - 2013-12-21 13:00 - 00000000 ____D C:\Users\janis****\Documents\PC_deutsch

2013-12-19 21:40 - 2013-12-19 21:49 - 00077178 _____ C:\Users\****\Documents\gutschein-luca-dez-13.odg

2013-12-19 20:47 - 2013-12-19 20:46 - 00975464 _____ C:\Users\****\Documents\facebook-bruno****ch.zip

2013-12-19 20:46 - 2013-12-19 20:46 - 00975464 _____ C:\Users\****\Downloads\facebook-bruno****ch.zip

2013-12-17 21:32 - 2013-12-17 21:32 - 00000000 ____D C:\Users\****\AppData\Roaming\Logitech

2013-12-17 21:32 - 2013-12-17 21:32 - 00000000 ____D C:\Program Files (x86)\Logitech

2013-12-17 21:08 - 2013-12-17 21:13 - 11863248 _____ (Logitech) C:\Users\****\Downloads\HarmonyBrowserPlug-in.exe

2013-12-12 23:40 - 2013-12-12 23:40 - 00000000 ____D C:\Users\****\Documents\DreamVideoSoft

2013-12-12 23:40 - 2013-12-12 23:40 - 00000000 ____D C:\Users\****\AppData\Roaming\windows-dvd-maker

2013-12-12 23:39 - 2013-12-12 23:39 - 09136040 _____ (Windows DVD Maker,Inc.                                      ) C:\Users\****\Downloads\windows-dvd-maker-binno.exe

2013-12-12 22:47 - 2014-01-11 15:01 - 00000274 _____ C:\Windows\Tasks\PC Performer_DEFAULT.job

2013-12-12 22:47 - 2013-12-13 20:49 - 00000282 _____ C:\Windows\Tasks\PC Performer_UPDATES.job

2013-12-12 22:47 - 2013-12-12 23:30 - 00003020 _____ C:\Windows\System32\Tasks\PC Performer_UPDATES

2013-12-12 22:47 - 2013-12-12 23:30 - 00002864 _____ C:\Windows\System32\Tasks\PC Performer_DEFAULT

2013-12-12 22:47 - 2013-12-12 23:30 - 00000000 ____D C:\Users\****\AppData\Roaming\PerformerSoft

2013-12-12 22:47 - 2013-12-12 23:30 - 00000000 ____D C:\Program Files (x86)\PC Performer

2013-12-12 22:47 - 2013-06-19 14:58 - 00019456 _____ (PerformerSoft LLC) C:\Windows\system32\roboot64.exe

2013-12-12 22:46 - 2013-12-12 22:46 - 00204864 _____ C:\Users\****\Desktop\DataRecovery_EN_2.4.6.zip

2013-12-12 22:45 - 2013-12-12 22:45 - 00401752 _____ (Softonic                                        ) C:\Users\****\Downloads\SoftonicDownloader_fuer_datarecovery.exe

2013-12-12 22:34 - 2013-12-12 22:34 - 00000000 ____D C:\Users\****\AppData\Roaming\SpeedTestAnalysis

2013-12-12 22:31 - 2013-12-12 22:31 - 00401792 _____ (Softonic                                        ) C:\Users\****\Downloads\SoftonicDownloader_fuer_7-data-recovery-suite-free-edition.exe
 

==================== One Month Modified Files and Folders =======
 

2014-01-11 23:30 - 2014-01-11 23:29 - 00027073 _____ C:\Users\****\Downloads\FRST.txt

2014-01-11 23:29 - 2014-01-11 23:29 - 00000000 ____D C:\FRST

2014-01-11 23:29 - 2014-01-11 23:28 - 02076672 _____ (Farbar) C:\Users\****\Downloads\FRST64.exe

2014-01-11 23:27 - 2014-01-11 23:26 - 00000470 _____ C:\Users\****\Downloads\defogger_disable.log

2014-01-11 23:26 - 2014-01-11 23:26 - 00050477 _____ C:\Users\****\Downloads\Defogger.exe

2014-01-11 23:26 - 2014-01-11 23:26 - 00000000 _____ C:\Users\****\defogger_reenable

2014-01-11 23:26 - 2012-03-23 20:36 - 00000000 ____D C:\Users\****

2014-01-11 23:11 - 2013-12-03 20:01 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-01-11 23:08 - 2014-01-11 23:08 - 00107416 _____ C:\Users\****\Downloads\Extras.Txt

2014-01-11 23:07 - 2014-01-11 23:07 - 00125606 _____ C:\Users\****\Downloads\OTL.Txt

2014-01-11 22:58 - 2014-01-11 22:58 - 00602112 _____ (OldTimer Tools) C:\Users\****\Downloads\OTL.exe

2014-01-11 22:51 - 2014-01-11 22:51 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\****\Downloads\SpyHunter-Installer.exe

2014-01-11 22:40 - 2012-03-29 21:11 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2557051524-4033554928-2666080900-1000UA.job

2014-01-11 22:33 - 2013-01-18 20:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-01-11 22:29 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-01-11 22:29 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-01-11 22:25 - 2012-03-23 20:44 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0909E9DD-1DCD-49BB-9B75-273ECAA89F35}

2014-01-11 22:25 - 2011-12-04 21:40 - 01170137 _____ C:\Windows\WindowsUpdate.log

2014-01-11 22:23 - 2014-01-11 22:23 - 00003082 _____ C:\Windows\System32\Tasks\{09701B05-0B58-4935-BE01-CA18C46EA3A1}

2014-01-11 22:22 - 2013-01-30 20:20 - 00000000 ___RD C:\Users\****\Dropbox

2014-01-11 22:22 - 2013-01-30 19:45 - 00000000 ____D C:\Users\****\AppData\Roaming\Dropbox

2014-01-11 22:21 - 2013-12-03 20:01 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-01-11 22:21 - 2013-01-22 21:50 - 00000000 ____D C:\Users\****\AppData\Local\HTC MediaHub

2014-01-11 22:21 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2014-01-11 22:21 - 2009-07-14 05:51 - 00124406 _____ C:\Windows\setupact.log

2014-01-11 15:04 - 2014-01-11 15:01 - 00477433 _____ C:\Users\janis****\Desktop\gutschein-marcel-2014.odt

2014-01-11 15:01 - 2013-12-12 22:47 - 00000274 _____ C:\Windows\Tasks\PC Performer_DEFAULT.job

2014-01-11 13:58 - 2011-09-03 09:29 - 00654400 _____ C:\Windows\system32\perfh007.dat

2014-01-11 13:58 - 2011-09-03 09:29 - 00130240 _____ C:\Windows\system32\perfc007.dat

2014-01-11 13:58 - 2009-07-14 06:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI

2014-01-11 13:56 - 2012-07-20 19:14 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{2546931B-A9E0-4AEE-968B-C70712789AD9}

2014-01-11 13:53 - 2013-02-04 09:38 - 00000000 ____D C:\Users\janis****\AppData\Local\HTC MediaHub

2014-01-11 11:53 - 2014-01-11 11:53 - 00000000 ____D C:\Users\****\AppData\Local\{3E812BDD-AF60-43C8-B175-C8D4BD918A7B}

2014-01-11 11:36 - 2014-01-11 11:36 - 00003082 _____ C:\Windows\System32\Tasks\{73A8BBED-8B56-4E57-A9B7-D5A03BBDBD52}

2014-01-10 21:17 - 2014-01-10 21:10 - 00000910 _____ C:\Users\****\Desktop\mystop.txt

2014-01-09 20:30 - 2013-09-02 19:08 - 00003180 _____ C:\Windows\System32\Tasks\HPCeeScheduleFor****

2014-01-09 20:30 - 2013-09-02 19:08 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleFor****.job

2014-01-08 20:30 - 2014-01-06 20:09 - 00013312 _____ C:\Users\****\Desktop\uebersicht_ferien_2014.xls

2014-01-08 18:51 - 2012-07-20 10:46 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{BEB7F6B2-35AA-40A2-B211-227F1BBD58B6}

2014-01-08 18:48 - 2013-01-23 13:45 - 00000000 ____D C:\Users\fabia****\AppData\Local\HTC MediaHub

2014-01-07 21:59 - 2014-01-07 21:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2014-01-07 19:09 - 2014-01-07 19:09 - 00746832 _____ C:\Users\****\Downloads\Bildervorschläge.xlsx

2014-01-07 07:38 - 2013-01-30 20:20 - 00001013 _____ C:\Users\****\Desktop\Dropbox.lnk

2014-01-07 07:38 - 2013-01-30 20:18 - 00000000 ____D C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-01-07 07:38 - 2012-05-12 10:34 - 00000735 _____ C:\Windows\wininit.ini

2014-01-07 07:38 - 2012-03-23 20:44 - 00000000 ___RD C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-01-06 08:48 - 2014-01-06 08:48 - 00003082 _____ C:\Windows\System32\Tasks\{AC7132D2-6F88-46F9-B029-7778437167B0}

2014-01-05 18:36 - 2014-01-05 18:36 - 00000000 ____D C:\Users\fabia****\AppData\Local\Cyberlink

2014-01-05 15:26 - 2014-01-05 15:26 - 00266288 _____ C:\Windows\Minidump\010514-36504-01.dmp

2014-01-05 15:26 - 2012-05-03 20:01 - 688583803 _____ C:\Windows\MEMORY.DMP

2014-01-05 15:26 - 2012-05-03 20:01 - 00000000 ____D C:\Windows\Minidump

2014-01-05 15:18 - 2014-01-05 15:18 - 00266288 _____ C:\Windows\Minidump\010514-35459-01.dmp

2014-01-05 15:01 - 2014-01-05 15:01 - 00003082 _____ C:\Windows\System32\Tasks\{66081758-1F99-45EC-AA4D-D68CC0B479DC}

2014-01-05 14:08 - 2012-03-25 12:47 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log

2014-01-05 14:07 - 2012-12-17 19:47 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

2014-01-03 14:10 - 2014-01-03 14:10 - 00000000 ____D C:\Users\fabia****\AppData\Roaming\WebApp

2014-01-03 12:40 - 2012-03-29 21:11 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2557051524-4033554928-2666080900-1000Core.job

2013-12-29 21:45 - 2013-12-29 21:45 - 00001196 _____ C:\Users\fabia****\Desktop\winterzit.htm

2013-12-29 21:41 - 2013-12-29 21:41 - 00020142 _____ C:\Users\fabia****\Desktop\grüeni banane.htm

2013-12-29 19:51 - 2012-04-06 11:53 - 00104084 ____H C:\Windows\SysWOW64\mlfcache.dat

2013-12-29 19:29 - 2013-12-29 19:29 - 00000156 _____ C:\Users\fabia****\Downloads\text_0 (1).txt

2013-12-29 19:28 - 2013-12-29 19:28 - 00000045 _____ C:\Users\fabia****\Downloads\text_0.txt

2013-12-28 18:25 - 2013-12-23 14:04 - 00086500 _____ C:\Users\janis****\Documents\zebras Janis.odt

2013-12-28 18:25 - 2013-12-23 14:04 - 00000110 ____H C:\Users\janis****\Documents\.~lock.zebras Janis.odt#

2013-12-22 17:53 - 2013-12-22 17:53 - 00216064 _____ C:\Users\****\Desktop\Weihnachten_Uebergangsphase.ppt

2013-12-21 17:45 - 2013-12-21 17:45 - 00000000 ____D C:\Users\janis****\Documents\Youcam

2013-12-21 17:45 - 2013-12-21 17:45 - 00000000 ____D C:\Users\janis****\AppData\Roaming\CyberLink

2013-12-21 17:45 - 2013-12-21 17:45 - 00000000 ____D C:\Users\janis****\AppData\Local\CyberLink

2013-12-21 17:40 - 2013-12-21 17:40 - 00001281 _____ C:\Users\janis****\Downloads\GoogleEarthPluginSetup - Verknüpfung.lnk

2013-12-21 17:37 - 2013-12-21 17:37 - 00000000 ____D C:\Users\janis****\AppData\Roaming\WildTangent

2013-12-21 17:37 - 2011-09-03 00:18 - 00002336 ____N C:\Users\Public\Desktop\WildTangent Games App - hp.lnk

2013-12-21 17:37 - 2011-09-03 00:18 - 00002336 ____N C:\ProgramData\Desktop\WildTangent Games App - hp.lnk

2013-12-21 17:37 - 2011-09-03 00:18 - 00000000 ____D C:\ProgramData\WildTangent

2013-12-21 17:37 - 2011-09-03 00:18 - 00000000 ____D C:\Program Files (x86)\WildTangent Games

2013-12-21 15:18 - 2013-12-21 15:18 - 00000000 ____D C:\Users\janis****\Downloads\Neuer Ordner

2013-12-21 13:00 - 2013-12-21 12:59 - 00000000 ____D C:\Users\janis****\Documents\PC_deutsch

2013-12-21 12:44 - 2013-05-07 19:57 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2013-12-21 12:44 - 2013-03-30 19:25 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2013-12-21 12:44 - 2013-03-30 19:25 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2013-12-21 12:37 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF

2013-12-19 21:49 - 2013-12-19 21:40 - 00077178 _____ C:\Users\****\Documents\gutschein-luca-dez-13.odg

2013-12-19 20:46 - 2013-12-19 20:47 - 00975464 _____ C:\Users\****\Documents\facebook-bruno****ch.zip

2013-12-19 20:46 - 2013-12-19 20:46 - 00975464 _____ C:\Users\****\Downloads\facebook-bruno****ch.zip

2013-12-17 21:32 - 2013-12-17 21:32 - 00000000 ____D C:\Users\****\AppData\Roaming\Logitech

2013-12-17 21:32 - 2013-12-17 21:32 - 00000000 ____D C:\Program Files (x86)\Logitech

2013-12-17 21:32 - 2011-09-03 00:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2013-12-17 21:13 - 2013-12-17 21:08 - 11863248 _____ (Logitech) C:\Users\****\Downloads\HarmonyBrowserPlug-in.exe

2013-12-13 20:49 - 2013-12-12 22:47 - 00000282 _____ C:\Windows\Tasks\PC Performer_UPDATES.job

2013-12-13 20:49 - 2010-11-21 04:47 - 00368982 _____ C:\Windows\PFRO.log

2013-12-12 23:40 - 2013-12-12 23:40 - 00000000 ____D C:\Users\****\Documents\DreamVideoSoft

2013-12-12 23:40 - 2013-12-12 23:40 - 00000000 ____D C:\Users\****\AppData\Roaming\windows-dvd-maker

2013-12-12 23:39 - 2013-12-12 23:39 - 09136040 _____ (Windows DVD Maker,Inc.                                      ) C:\Users\****\Downloads\windows-dvd-maker-binno.exe

2013-12-12 23:33 - 2013-01-18 20:17 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2013-12-12 23:33 - 2012-04-07 18:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-12-12 23:33 - 2012-03-25 16:05 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-12-12 23:30 - 2013-12-12 22:47 - 00003020 _____ C:\Windows\System32\Tasks\PC Performer_UPDATES

2013-12-12 23:30 - 2013-12-12 22:47 - 00002864 _____ C:\Windows\System32\Tasks\PC Performer_DEFAULT

2013-12-12 23:30 - 2013-12-12 22:47 - 00000000 ____D C:\Users\****\AppData\Roaming\PerformerSoft

2013-12-12 23:30 - 2013-12-12 22:47 - 00000000 ____D C:\Program Files (x86)\PC Performer

2013-12-12 22:46 - 2013-12-12 22:46 - 00204864 _____ C:\Users\****\Desktop\DataRecovery_EN_2.4.6.zip

2013-12-12 22:45 - 2013-12-12 22:45 - 00401752 _____ (Softonic                                        ) C:\Users\****\Downloads\SoftonicDownloader_fuer_datarecovery.exe

2013-12-12 22:43 - 2012-03-23 23:10 - 00000000 ____D C:\Users\****\AppData\Local\CrashDumps

2013-12-12 22:34 - 2013-12-12 22:34 - 00000000 ____D C:\Users\****\AppData\Roaming\SpeedTestAnalysis

2013-12-12 22:31 - 2013-12-12 22:31 - 00401792 _____ (Softonic                                        ) C:\Users\****\Downloads\SoftonicDownloader_fuer_7-data-recovery-suite-free-edition.exe

2013-12-12 22:24 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
 

Some content of TEMP:

====================

C:\Users\fabia****\AppData\Local\Temp\AskSLib.dll

C:\Users\fabia****\AppData\Local\Temp\avgnt.exe

C:\Users\janis****\AppData\Local\Temp\AskSLib.dll

C:\Users\janis****\AppData\Local\Temp\avgnt.exe

C:\Users\****\AppData\Local\Temp\AskSLib.dll

C:\Users\****\AppData\Local\Temp\avgnt.exe

C:\Users\****\AppData\Local\Temp\Extract.exe

C:\Users\****\AppData\Local\Temp\firefoxjre_exe-1.exe

C:\Users\****\AppData\Local\Temp\firefoxjre_exe-2.exe

C:\Users\****\AppData\Local\Temp\firefoxjre_exe.exe

C:\Users\****\AppData\Local\Temp\HPHelpUpdater.exe

C:\Users\****\AppData\Local\Temp\install_helper.exe

C:\Users\****\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe

C:\Users\****\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe

C:\Users\****\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe

C:\Users\****\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe

C:\Users\****\AppData\Local\Temp\mgxoschk.dll

C:\Users\****\AppData\Local\Temp\MgxVistaTools.dll

C:\Users\****\AppData\Local\Temp\MSETUP4.EXE

C:\Users\****\AppData\Local\Temp\Resource.exe

C:\Users\****\AppData\Local\Temp\SHSetup.exe

C:\Users\****\AppData\Local\Temp\sp54620.exe

C:\Users\****\AppData\Local\Temp\SP54630.exe

C:\Users\****\AppData\Local\Temp\SP54714.exe

C:\Users\****\AppData\Local\Temp\SP55101.exe

C:\Users\****\AppData\Local\Temp\SP55102.exe

C:\Users\****\AppData\Local\Temp\SP55104.exe

C:\Users\****\AppData\Local\Temp\SP55109.exe

C:\Users\****\AppData\Local\Temp\SP55152.exe

C:\Users\****\AppData\Local\Temp\SP56878.exe

C:\Users\****\AppData\Local\Temp\SP56889.exe

C:\Users\****\AppData\Local\Temp\SP56904.exe

C:\Users\****\AppData\Local\Temp\SP56929.exe

C:\Users\****\AppData\Local\Temp\SP57232.exe

C:\Users\****\AppData\Local\Temp\sp58915.exe

C:\Users\****\AppData\Local\Temp\SP59542.exe

C:\Users\****\AppData\Local\Temp\SP59755.exe

C:\Users\****\AppData\Local\Temp\SpeedAnalysisSetup.exe

C:\Users\****\AppData\Local\Temp\UninstallHPSA.exe

C:\Users\****\AppData\Local\Temp\UninstallHPTCA.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-01-11 14:40
 

==================== End Of Log ============================

--- --- ---

--- --- ---

[/CODE]

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-01-2014 05

Ran by **** at 2014-01-11 23:30:42

Running from C:\Users\****\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

Adobe AIR (x32 Version: 3.4.0.2540 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.4.0.2540 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)

Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05 - Adobe Systems Incorporated)

Adobe Shockwave Player 11.6 (x32 Version: 11.6.8.638 - Adobe Systems, Inc.)

Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden

Apple Application Support (x32 Version: 2.3.2 - Apple Inc.)

Apple Mobile Device Support (Version: 6.0.0.59 - Apple Inc.)

Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)

ATI Catalyst Install Manager (Version: 3.0.816.0 - ATI Technologies, Inc.)

AuthenTec TrueAPI (Version: 1.2.1.33 - AuthenTec, Inc.) Hidden

Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)

Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Big Rig Europe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Bing Bar (x32 Version: 7.0.610.0 - Microsoft Corporation)

Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Bonjour (Version: 3.0.0.10 - Apple Inc.)

Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden

Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden

Canon Camera Access Library (x32 Version: 8.1.1.17 - )

Canon Camera Support Core Library (x32 Version: 7.3.1.6 - )

Canon Camera Window DC_DV 5 for ZoomBrowser EX (x32 Version: 5.4.5.17 - )

Canon Camera Window DC_DV 6 for ZoomBrowser EX (x32 Version: 6.2.0.8 - )

Canon Camera Window MC 6 for ZoomBrowser EX (x32 Version: 6.1.0.7 - )

Canon Easy-PhotoPrint EX (x32 Version:  - )

Canon Easy-WebPrint EX (x32 Version:  - )

Canon G.726 WMP-Decoder (x32 Version: 1.0.1.3 - )

CANON iMAGE GATEWAY MyCamera Download Plugin (x32 Version: 3.1.0.1 - Canon Inc.)

CANON iMAGE GATEWAY Task for ZoomBrowser EX (x32 Version: 1.8.0.1 - Canon Inc.)

Canon Internet Library for ZoomBrowser EX (x32 Version: 1.7.0.1 - Canon Inc.)

Canon MOV Decoder (x32 Version: 1.7.0.6 - Canon Inc.)

Canon MOV Encoder (x32 Version: 1.5.0.3 - Canon Inc.)

Canon MovieEdit Task for ZoomBrowser EX (x32 Version: 3.6.0.5 - Canon Inc.)

Canon MP Navigator EX 4.0 (x32 Version:  - )

Canon MP495 series Benutzerregistrierung (x32 Version:  - )

Canon MP495 series MP Drivers (Version:  - )

Canon My Printer (x32 Version:  - )

Canon RAW Image Task for ZoomBrowser EX (x32 Version: 2.3.0.11 - )

Canon RemoteCapture Task for ZoomBrowser EX (x32 Version: 1.5.0.5 - )

Canon Solution Menu EX (x32 Version:  - )

Canon Utilities EOS Utility (x32 Version: 1.0.2.16 - )

Canon Utilities ZoomBrowser EX (x32 Version: 5.6.0.27 - )

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden

Catalyst Control Center (x32 Version: 2011.0508.224.2391 - Ihr Firmenname) Hidden

Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0508.224.2391 - ATI) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2011.0508.224.2391 - ATI Technologies, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2011.0508.224.2391 - ATI) Hidden

Catalyst Control Center Profiles Mobile (x32 Version: 2011.0508.224.2391 - ATI) Hidden

CCC Help Chinese Standard (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

CCC Help Chinese Traditional (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

CCC Help Czech (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

CCC Help Danish (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

CCC Help Dutch (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

CCC Help English (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

CCC Help Finnish (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

CCC Help French (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

CCC Help German (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

CCC Help Greek (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

CCC Help Hungarian (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

CCC Help Italian (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

CCC Help Japanese (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

CCC Help Korean (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

CCC Help Norwegian (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

CCC Help Polish (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

CCC Help Portuguese (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

CCC Help Russian (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

CCC Help Spanish (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

CCC Help Swedish (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

CCC Help Thai (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

CCC Help Turkish (x32 Version: 2011.0508.0223.2391 - ATI) Hidden

ccc-utility64 (Version: 2011.0508.224.2391 - ATI) Hidden

Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)

Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)

Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)

Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2 - Microsoft Corporation)

Crazy Chicken Kart 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Creative Movie Maker 1.0.8.0 (x32 Version: 1.0.8.0 - SAMSUNG)

CyberLink BD_3D Advisor 2.0 (x32 Version: 2.0.4919 - CyberLink Corp.)

CyberLink PowerDVD (x32 Version: 10.0.5.4504 - CyberLink Corp.)

CyberLink PowerDVD (x32 Version: 10.0.5.4504 - CyberLink Corp.) Hidden

CyberLink YouCam (x32 Version: 3.5.1.3922 - CyberLink Corp.)

CyberLink YouCam (x32 Version: 3.5.1.3922 - CyberLink Corp.) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

devolo dLAN Cockpit (x32 Version: 3.2.0.0 - devolo AG)

Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden

dLAN Cockpit (x32 Version: 3.2.28 - devolo AG) Hidden

dLAN Cockpit (x32 Version: 3.23.12 - devolo AG) Hidden

Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden

Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)

DVDVideoSoftTB DE Toolbar (x32 Version: 6.9.0.16 - DVDVideoSoftTB DE)

Energy Star Digital Logo (x32 Version: 1.0.1 - Hewlett-Packard)

ESU for Microsoft Windows 7 (x32 Version: 1.0.0 - Hewlett-Packard)

Evernote v. 4.5.10 (x32 Version: 4.5.10.7472 - Evernote Corp.)

Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden

FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden

FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden

Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden

Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.31.0 - MAGIX AG)

Fishdom (x32 Version: 2.2.0.95 - WildTangent) Hidden

Free YouTube to MP3 Converter version 3.12.2.430 (x32 Version: 3.12.2.430 - DVDVideoSoft Ltd.)

Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Google Chrome (HKCU Version: 31.0.1650.63 - Google Inc.)

Google Earth Plug-in (x32 Version: 7.1.2.2041 - Google)

Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden

Harmony Browser Plug-in (x32 Version: 2.0 - Logitech)

Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden

HP 3D DriveGuard (Version: 4.1.16.1 - Hewlett-Packard Company)

HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden

HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden

HP Connection Manager (x32 Version: 4.1.23.1 - Hewlett-Packard Company)

HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden

HP Documentation (x32 Version: 1.1.0.0 - Hewlett-Packard)

HP DVB-T TV Tuner 8.0.64.43 (x32 Version: 8.0.64.43 - )

HP Games (x32 Version: 1.0.2.4 - WildTangent)

HP On Screen Display (x32 Version: 1.3.5 - Hewlett-Packard Company)

HP Power Manager (x32 Version: 1.2.3 - Hewlett-Packard Company)

HP Quick Launch (x32 Version: 2.7.2 - Hewlett-Packard Company)

HP Setup (x32 Version: 8.6.4530.3651 - Hewlett-Packard Company)

HP Setup Manager (x32 Version: 1.1.13253.3682 - Hewlett-Packard Company)

HP SimplePass 2011 (x32 Version: 5.1.0.495 - Hewlett-Packard)

HP Software Framework (x32 Version: 4.5.10.1 - Hewlett-Packard Company)

HP Support Assistant (x32 Version: 7.0.39.15 - Hewlett-Packard Company)

HTC Driver Installer (x32 Version: 4.0.1.002 - HTC Corporation)

HTC Sync Manager (x32 Version: 1.1.83.0 - HTC)

iCloud (Version: 2.1.0.39 - Apple Inc.)

IDT Audio (x32 Version: 1.0.6381.0 - IDT)

Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)

Intel(R) Display Audio Driver (x32 Version: 6.14.00.3074 - Intel Corporation)

Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)

Intel(R) Rapid Storage Technology (x32 Version: 10.6.0.1002 - Intel Corporation)

IPTInstaller (x32 Version: 4.0.8 - HTC)

iTunes (Version: 10.7.0.21 - Apple Inc.)

Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Magic Desktop (x32 Version: 3.0 - EasyBits Software AS)

MAGIX Audio Cleaning Lab MX (x32 Version: 18.0.0.7 - MAGIX AG)

MAGIX Audio Cleaning Lab MX (x32 Version: 18.0.0.7 - MAGIX AG) Hidden

MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG)

MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG)

Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)

Mozilla Firefox 11.0 (x86 de) (x32 Version: 11.0 - Mozilla)

Mozilla Firefox 26.0 (x86 de) (HKCU Version: 26.0 - Mozilla)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)

Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden

Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden

Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden

OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation)

PC Auto Backup (x32 Version: 1.1.1.10 - Samsung Electronics Co,. Ltd.)

PC Auto Backup (x32 Version: 1.1.1.10 - Samsung Electronics Co,. Ltd.) Hidden

Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden

Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden

PlayReady PC Runtime amd64 (Version: 1.3.0 - Microsoft Corporation)

Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden

PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden

Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Ralink Motorola BC8 Bluetooth 3.0+HS Adapter (Version: 3.0.42.298 - Motorola Solutions, Inc.)

Ralink RT5390 802.11b/g/n WiFi Adapter (x32 Version: 3.02.07.0 - Ralink)

Realtek Ethernet Controller Driver (x32 Version: 7.41.216.2011 - Realtek)

Realtek PCIE Card Reader (x32 Version: 6.1.7601.83 - Realtek Semiconductor Corp.)

Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden

Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.19.0 - Renesas Electronics Corporation)

Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.19.0 - Renesas Electronics Corporation) Hidden

SAMSUNG Intelli-studio (x32 Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)

SAMSUNG Map Download Manager 1.0.0.5 (Version: 1.0.0.5 - SAMSUNG Electronics)

Skype™ 5.10 (x32 Version: 5.10.116 - Skype Technologies S.A.)

Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden

smart time 6 (x32 Version: 6.1 - NovaCHRON)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics TouchPad Driver (Version: 15.3.29.0 - Synaptics Incorporated)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)

Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

Validity WBF DDK (Version: 4.3.205.0 - Validity Sensors, Inc.)

Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden

Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden

Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden

WildTangent Games App für HP (x32 Version: 4.0.11.2 - WildTangent) Hidden

Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (x32 Version: 15.4.3508.1109 - Microsoft Corporation)

Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 

==================== Restore Points  =========================
 

16-10-2013 09:11:22 Windows Update

16-10-2013 11:53:38 Windows Update

30-10-2013 20:46:17 Windows Update

31-10-2013 19:56:25 smart time 6 wird installiert

09-11-2013 10:39:44 Geplanter Prüfpunkt

09-11-2013 10:41:13 OpenOffice 4.0.1 wird installiert

23-11-2013 08:11:30 Windows Update

17-12-2013 20:32:38 Installiert Harmony Browser Plug-in
 

==================== Hosts content: ==========================
 

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {00A15D2C-7005-4B60-A747-4961908E5A95} - System32\Tasks\{AC7132D2-6F88-46F9-B029-7778437167B0} => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2013-06-19] (PerformerSoft LLC) <==== ATTENTION

Task: {196BA817-E6D1-426A-B41B-F7C150BBECC7} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-03-22] (CyberLink)

Task: {1F4F3733-0217-432C-BDCA-2FF1F047E045} - System32\Tasks\{09701B05-0B58-4935-BE01-CA18C46EA3A1} => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2013-06-19] (PerformerSoft LLC) <==== ATTENTION

Task: {22C5F8D6-0AE9-41F1-AC8D-1AB6D5F6EEF1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2557051524-4033554928-2666080900-1000Core => C:\Users\****\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-29] (Google Inc.)

Task: {2ADAC734-2728-48BD-9B0A-2931013C0D3C} - System32\Tasks\{66081758-1F99-45EC-AA4D-D68CC0B479DC} => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2013-06-19] (PerformerSoft LLC) <==== ATTENTION

Task: {32C32056-4A94-4351-B558-7BA8ADED14AB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2013-12-12] (Microsoft)

Task: {34D3C04B-FB3A-47CA-ADBC-9596A4A8EAF0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-12] (Adobe Systems Incorporated)

Task: {3E0DE77A-C109-44C7-899F-55F8E1C7C658} - System32\Tasks\{73A8BBED-8B56-4E57-A9B7-D5A03BBDBD52} => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2013-06-19] (PerformerSoft LLC) <==== ATTENTION

Task: {5D6149E0-3F7E-44FC-8AEF-4460660C40B8} - System32\Tasks\{2D65D5A6-6A4D-4FCA-8515-EBC739A171D5} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.104.161/de/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled

Task: {879DB04F-AE3F-4D6D-8B3B-4B1705042CBF} - System32\Tasks\HPCeeScheduleFor**** => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)

Task: {8A008A7B-F639-4D8B-99FC-E5D6032B0CC6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)

Task: {8F0CC057-CD5F-448F-AA94-4E6A9E2C7E6A} - System32\Tasks\PC Performer_UPDATES => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2013-06-19] (PerformerSoft LLC) <==== ATTENTION

Task: {B9217CE5-6231-48C0-9182-249CBFDD195B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-03] (Google Inc.)

Task: {D02C07B3-390E-4E81-9F55-90B7A5BCC1DE} - System32\Tasks\PC Performer_DEFAULT => C:\Program Files (x86)\PC Performer\PCPerformer.exe [2013-06-19] (PerformerSoft LLC) <==== ATTENTION

Task: {DDB2B537-918E-4EC3-A42A-A545C48F1BF6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)

Task: {DE246315-7662-4843-B06D-FA3D7968A138} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2012-11-20] (Hewlett-Packard)

Task: {E4D859E1-F54B-4373-935B-30AC2860B5A7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-03] (Google Inc.)

Task: {F0BCC448-18EC-4FA4-A2EA-742FDC0D5053} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2557051524-4033554928-2666080900-1000UA => C:\Users\****\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-29] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2557051524-4033554928-2666080900-1000Core.job => C:\Users\****\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2557051524-4033554928-2666080900-1000UA.job => C:\Users\****\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\HPCeeScheduleFor****.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Task: C:\Windows\Tasks\PC Performer_DEFAULT.job => C:\Program Files (x86)\PC Performer\PCPerformer.exe <==== ATTENTION

Task: C:\Windows\Tasks\PC Performer_UPDATES.job => C:\Program Files (x86)\PC Performer\PCPerformer.exe <==== ATTENTION
 

==================== Loaded Modules (whitelisted) =============
 

2012-11-28 16:37 - 2012-11-28 16:37 - 00954256 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll

2011-12-04 21:37 - 2011-04-15 04:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2011-05-12 14:13 - 2011-05-12 14:13 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

2011-05-08 02:23 - 2011-05-08 02:23 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2011-04-27 17:05 - 2011-04-27 17:05 - 01102336 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.dll

2013-02-22 21:25 - 2013-02-22 21:07 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll

2012-02-20 20:29 - 2012-02-20 20:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2012-02-20 20:28 - 2012-02-20 20:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-01-21 11:37 - 2013-01-21 11:37 - 00024936 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll

2013-01-21 11:38 - 2013-01-21 11:38 - 00466704 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll

2013-01-21 11:39 - 2013-01-21 11:39 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll

2013-01-21 11:38 - 2013-01-21 11:38 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll

2013-01-21 11:39 - 2013-01-21 11:39 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll

2013-01-21 11:46 - 2013-01-21 11:46 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll

2010-04-30 13:02 - 2010-04-30 13:02 - 00057344 _____ () C:\Program Files (x86)\SAMSUNG\PC Auto Backup\lang.dll

2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\****\AppData\Roaming\Dropbox\bin\libcef.dll

2012-09-08 13:16 - 2012-09-08 13:16 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll

2012-09-08 13:16 - 2012-09-08 13:16 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll

2013-08-14 21:35 - 2013-08-14 21:35 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1beb84c27c2edeb38839916524b9df4d\IsdiInterop.ni.dll

2011-12-04 21:36 - 2011-05-20 09:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

2011-04-27 17:05 - 2011-04-27 17:05 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll

2013-12-06 13:08 - 2013-12-04 03:47 - 00702416 _____ () C:\Users\****\AppData\Local\Google\Chrome\Application\31.0.1650.63\libglesv2.dll

2013-12-06 13:08 - 2013-12-04 03:47 - 00099792 _____ () C:\Users\****\AppData\Local\Google\Chrome\Application\31.0.1650.63\libegl.dll

2013-12-06 13:08 - 2013-12-04 03:48 - 04055504 _____ () C:\Users\****\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll

2013-12-06 13:08 - 2013-12-04 03:48 - 00399312 _____ () C:\Users\****\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll

2013-12-06 13:08 - 2013-12-04 03:47 - 01619408 _____ () C:\Users\****\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (01/11/2014 10:21:29 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/11/2014 03:52:10 PM) (Source: ATIeRecord) (User: )

Description: ATI EEU failed to post message to CCC
 

Error: (01/11/2014 03:52:10 PM) (Source: ATIeRecord) (User: )

Description: ATI EEU failed to post message to CCC
 

Error: (01/11/2014 03:47:06 PM) (Source: Application Error) (User: )

Description: Name der fehlerhaften Anwendung: CALMAIN.exe, Version: 8.1.0.14, Zeitstempel: 0x433d11f9

Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeaf722

Ausnahmecode: 0xc0000005

Fehleroffset: 0x00009966

ID des fehlerhaften Prozesses: 0xc2c

Startzeit der fehlerhaften Anwendung: 0xCALMAIN.exe0

Pfad der fehlerhaften Anwendung: CALMAIN.exe1

Pfad des fehlerhaften Moduls: CALMAIN.exe2

Berichtskennung: CALMAIN.exe3
 

Error: (01/11/2014 03:46:16 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/11/2014 03:39:00 PM) (Source: ATIeRecord) (User: )

Description: ATI EEU failed to post message to CCC
 

Error: (01/11/2014 03:06:14 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 76862
 

Error: (01/11/2014 03:06:14 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 76862
 

Error: (01/11/2014 03:06:14 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (01/11/2014 03:05:32 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 35069
 
 

System errors:

=============

Error: (01/11/2014 03:47:07 PM) (Source: Service Control Manager) (User: )

Description: Dienst "Canon Camera Access Library 8" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (01/11/2014 03:05:29 PM) (Source: Service Control Manager) (User: )

Description: Dienst "Canon Camera Access Library 8" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (01/11/2014 03:05:27 PM) (Source: Service Control Manager) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Apple Mobile Device erreicht.
 

Error: (01/11/2014 03:04:59 PM) (Source: Service Control Manager) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.
 

Error: (01/11/2014 03:04:57 PM) (Source: Service Control Manager) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst CCALib8 erreicht.
 

Error: (01/11/2014 01:53:03 PM) (Source: Service Control Manager) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst HPWMISVC erreicht.
 

Error: (01/10/2014 09:23:31 PM) (Source: Service Control Manager) (User: )

Description: Dienst "Canon Camera Access Library 8" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (01/09/2014 07:32:56 PM) (Source: Service Control Manager) (User: )

Description: Dienst "Canon Camera Access Library 8" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (01/08/2014 07:25:50 PM) (Source: Service Control Manager) (User: )

Description: Dienst "Canon Camera Access Library 8" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (01/07/2014 08:08:14 PM) (Source: Service Control Manager) (User: )

Description: Dienst "Canon Camera Access Library 8" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 
 

Microsoft Office Sessions:

=========================

Error: (01/11/2014 10:21:29 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/11/2014 03:52:10 PM) (Source: ATIeRecord)(User: )

Description: 
 

Error: (01/11/2014 03:52:10 PM) (Source: ATIeRecord)(User: )

Description: 
 

Error: (01/11/2014 03:47:06 PM) (Source: Application Error)(User: )

Description: CALMAIN.exe8.1.0.14433d11f9msvcrt.dll7.0.7601.177444eeaf722c000000500009966c2c01cf0edbdeb75a36C:\Program Files (x86)\Canon\CAL\CALMAIN.exeC:\Windows\syswow64\msvcrt.dll3d34b1f0-7acf-11e3-a173-082e5f8049e8
 

Error: (01/11/2014 03:46:16 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/11/2014 03:39:00 PM) (Source: ATIeRecord)(User: )

Description: 
 

Error: (01/11/2014 03:06:14 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 76862
 

Error: (01/11/2014 03:06:14 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 76862
 

Error: (01/11/2014 03:06:14 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (01/11/2014 03:05:32 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 35069
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 35%

Total physical RAM: 8139.86 MB

Available physical RAM: 5249.46 MB

Total Pagefile: 16277.9 MB

Available Pagefile: 12892.73 MB

Total Virtual: 8192 MB

Available Virtual: 8191.8 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:910.6 GB) (Free:782.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Drive d: (RECOVERY) (Fixed) (Total:20.62 GB) (Free:2.17 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 48B9A036)

Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=911 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=21 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
 

==================== End Of Log ============================

ok, Leo.

hier der Code von adwcleaner:

AdwCleaner Logfile:

Code:

# AdwCleaner v3.016 - Bericht erstellt am 12/01/2014 um 00:27:07

# Aktualisiert 23/12/2013 von Xplode

# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)

# Benutzername : **** - ****-HP

# Gestartet von : C:\Users\****\Desktop\adwcleaner.exe

# Option : Löschen
 

***** [ Dienste ] *****
 
 

***** [ Dateien / Ordner ] *****
 

Ordner Gelöscht : C:\Program Files (x86)\Conduit

Ordner Gelöscht : C:\Program Files (x86)\PC Performer

Ordner Gelöscht : C:\Program Files (x86)\DVDVideoSoftTB_DE

Ordner Gelöscht : C:\Users\****\AppData\Local\Conduit

Ordner Gelöscht : C:\Users\****\AppData\LocalLow\Conduit

Ordner Gelöscht : C:\Users\****\AppData\LocalLow\PriceGong

Ordner Gelöscht : C:\Users\****\AppData\LocalLow\DVDVideoSoftTB_DE

Ordner Gelöscht : C:\Users\****\AppData\Roaming\dvdvideosoftiehelpers

Ordner Gelöscht : C:\Users\****\AppData\Roaming\PerformerSoft

Ordner Gelöscht : C:\Users\fabia****\AppData\LocalLow\DVDVideoSoftTB_DE

Ordner Gelöscht : C:\Users\janis****\AppData\LocalLow\Conduit

Ordner Gelöscht : C:\Users\janis****\AppData\LocalLow\PriceGong

Ordner Gelöscht : C:\Users\janis****\AppData\LocalLow\DVDVideoSoftTB_DE

Ordner Gelöscht : C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\w7h8p1ln.default\Smartbar

Ordner Gelöscht : C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm

[!] Ordner Gelöscht : C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm

Datei Gelöscht : C:\END

Datei Gelöscht : C:\Windows\System32\roboot64.exe

Datei Gelöscht : C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\w7h8p1ln.default\searchplugins\dvdvideosofttb-de-customized-web-search.xml

Datei Gelöscht : C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage

Datei Gelöscht : C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal

Datei Gelöscht : C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage

Datei Gelöscht : C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal

Datei Gelöscht : C:\Windows\Tasks\PC Performer_DEFAULT.job

Datei Gelöscht : C:\Windows\System32\Tasks\PC Performer_DEFAULT

Datei Gelöscht : C:\Windows\Tasks\PC Performer_UPDATES.job

Datei Gelöscht : C:\Windows\System32\Tasks\PC Performer_UPDATES
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\bhphemoobgnikcoofkgackkaimpfmenm

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bhphemoobgnikcoofkgackkaimpfmenm

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2625848

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{457EF9F0-0A7C-4302-B47B-C207A8DE8598}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{457EF9F0-0A7C-4302-B47B-C207A8DE8598}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{310D38FE-EB4C-467C-8781-B7C2AEB7847D}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{457EF9F0-0A7C-4302-B47B-C207A8DE8598}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{147DBA2D-FD90-4776-B000-E2B35C196F1A}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D06F1C8C-A587-498C-B6C4-933984CC87EE}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]

Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Schlüssel Gelöscht : HKCU\Software\Conduit

Schlüssel Gelöscht : HKCU\Software\PerformerSoft

Schlüssel Gelöscht : HKCU\Software\Softonic

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB_DE

Schlüssel Gelöscht : HKLM\Software\Conduit

Schlüssel Gelöscht : HKLM\Software\PerformerSoft

Schlüssel Gelöscht : HKLM\Software\DVDVideoSoftTB_DE

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB_DE Toolbar
 

***** [ Browser ] *****
 

-\\ Internet Explorer v10.0.9200.16736
 
 

-\\ Mozilla Firefox v11.0 (de)
 

[ Datei : C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\w7h8p1ln.default\prefs.js ]
 

Zeile gelöscht : user_pref("CT2625848.1000082.isDisplayHidden", "true");

Zeile gelöscht : user_pref("CT2625848.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock\",\"url\":\"hxxp://feedlive.net/california.asx\"}");

Zeile gelöscht : user_pref("CT2625848.2625848a129894023611240511000000paramsGK1", "eyJ1cGRhdGVSZXFUaW1lIjoxMzQ4NDIyNTk2Mzc1LCJ1cGRhdGVSZXNwVGltZSI6MTM0ODQyMjU5Njg2MSwiZGF0YSI6eyJzZXR0aW5ncyI6eyJpY29uIjoiaHR0cDovL3N0b3[...]

Zeile gelöscht : user_pref("CT2625848.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");

Zeile gelöscht : user_pref("CT2625848.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");

Zeile gelöscht : user_pref("CT2625848.FirstTime", "true");

Zeile gelöscht : user_pref("CT2625848.FirstTimeFF3", "true");

Zeile gelöscht : user_pref("CT2625848.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2625848&SearchSource=2&q=");

Zeile gelöscht : user_pref("CT2625848.UserID", "UN68478802057846465");

Zeile gelöscht : user_pref("CT2625848.addressBarTakeOverEnabledInHidden", "true");

Zeile gelöscht : user_pref("CT2625848.autoDisableScopes", -1);

Zeile gelöscht : user_pref("CT2625848.browser.search.defaultthis.engineName", true);

Zeile gelöscht : user_pref("CT2625848.cbcountry_001", "Q0g=");

Zeile gelöscht : user_pref("CT2625848.cbfirsttime", "U3VuIFNlcCAyMyAyMDEyIDEwOjExOjAyIEdNVCswMjAw");

Zeile gelöscht : user_pref("CT2625848.defaultSearch", "true");

Zeile gelöscht : user_pref("CT2625848.embeddedsData", "[{\"appId\":\"129181467799155027\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]

Zeile gelöscht : user_pref("CT2625848.enableAlerts", "false");

Zeile gelöscht : user_pref("CT2625848.enableSearchFromAddressBar", "true");

Zeile gelöscht : user_pref("CT2625848.firstTimeDialogOpened", "true");

Zeile gelöscht : user_pref("CT2625848.fixPageNotFoundError", "true");

Zeile gelöscht : user_pref("CT2625848.fixPageNotFoundErrorInHidden", "true");

Zeile gelöscht : user_pref("CT2625848.fixUrls", true);

Zeile gelöscht : user_pref("CT2625848.installId", "ConduitNSISIntegration");

Zeile gelöscht : user_pref("CT2625848.installType", "ConduitNSISIntegration");

Zeile gelöscht : user_pref("CT2625848.isCheckedStartAsHidden", true);

Zeile gelöscht : user_pref("CT2625848.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");

Zeile gelöscht : user_pref("CT2625848.isFirstTimeToolbarLoading", "false");

Zeile gelöscht : user_pref("CT2625848.isNewTabEnabled", true);

Zeile gelöscht : user_pref("CT2625848.isPerformedSmartBarTransition", "true");

Zeile gelöscht : user_pref("CT2625848.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");

Zeile gelöscht : user_pref("CT2625848.keyword", true);

Zeile gelöscht : user_pref("CT2625848.migrateAppsAndComponents", true);

Zeile gelöscht : user_pref("CT2625848.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fmaps.google.ch%2F\",\"EB_MAIN_FRAME_TITLE\":\"Schattdorf%20nach%20Eisfeldstrasse%203%2C%206005%20Luzern%20-%20Google[...]

Zeile gelöscht : user_pref("CT2625848.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");

Zeile gelöscht : user_pref("CT2625848.openThankYouPage", "false");

Zeile gelöscht : user_pref("CT2625848.openUninstallPage", "true");

Zeile gelöscht : user_pref("CT2625848.search.searchAppId", "129181467799155027");

Zeile gelöscht : user_pref("CT2625848.search.searchCount", "0");

Zeile gelöscht : user_pref("CT2625848.searchInNewTabEnabledInHidden", "true");

Zeile gelöscht : user_pref("CT2625848.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");

Zeile gelöscht : user_pref("CT2625848.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"false\"}");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2625848\"}");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://DVDVideoSoftTBDE.OurToolbar.com//xpi\"}");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"DVDVideoSoftTB DE\"}");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1348387857108");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_appsMetadata_lastUpdate", "1348422649316");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1348387858846");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.13.1.89_lastUpdate", "1350666348164");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_optimizer_lastUpdate", "1348422649878");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1348387859052");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_searchAPI_lastUpdate", "1348387855999");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_serviceMap_lastUpdate", "1350671481441");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_toolbarContextMenu_lastUpdate", "1348387858792");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_toolbarSettings_lastUpdate", "1350666347957");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_translation_lastUpdate", "1350671481699");

Zeile gelöscht : user_pref("CT2625848.settingsINI", true);

Zeile gelöscht : user_pref("CT2625848.shouldFirstTimeDialog", "false");

Zeile gelöscht : user_pref("CT2625848.smartbar.CTID", "CT2625848");

Zeile gelöscht : user_pref("CT2625848.smartbar.Uninstall", "0");

Zeile gelöscht : user_pref("CT2625848.smartbar.homepage", true);

Zeile gelöscht : user_pref("CT2625848.smartbar.isHidden", true);

Zeile gelöscht : user_pref("CT2625848.smartbar.toolbarName", "DVDVideoSoftTB DE ");

Zeile gelöscht : user_pref("CT2625848.startPage", "userChanged");

Zeile gelöscht : user_pref("CT2625848.toolbarBornServerTime", "23-9-2012");

Zeile gelöscht : user_pref("CT2625848.toolbarCurrentServerTime", "19-10-2012");

Zeile gelöscht : user_pref("CT2625848.url_history0001", "aHR0cDovL3d3dy5pZnYuY2gvZGVza3RvcGRlZmF1bHQuYXNweC90YWJpZC0xMjQ5L3YtMzU5Lzo6OmNsaWNraGFuZGxlcjo6OjEzNDgzOTg5NjI2MDgsLCxodHRwOi8vd3d3Lmlmdi5jaC9kZXNrdG9wZGVmYXVs[...]

Zeile gelöscht : user_pref("CT2625848_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1350666328064,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");

Zeile gelöscht : user_pref("Smartbar.ConduitHomepagesList", "");

Zeile gelöscht : user_pref("Smartbar.ConduitSearchEngineList", "");

Zeile gelöscht : user_pref("Smartbar.ConduitSearchUrlList", "");

Zeile gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT2625848");

Zeile gelöscht : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2625848&SearchSource=2&q=");
 

[ Datei : C:\Users\fabia****\AppData\Roaming\Mozilla\Firefox\Profiles\h1sjzsyu.default\prefs.js ]
 
 

[ Datei : C:\Users\janis****\AppData\Roaming\Mozilla\Firefox\Profiles\c9jcirhc.default\prefs.js ]
 
 

[ Datei : C:\Users\martina****\AppData\Roaming\Mozilla\Firefox\Profiles\rra7w3q8.default\prefs.js ]
 
 

-\\ Google Chrome v
 

[ Datei : C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 

Gelöscht : homepage
 

*************************
 

AdwCleaner[R0].txt - [16155 octets] - [12/01/2014 00:24:13]

AdwCleaner[R1].txt - [16216 octets] - [12/01/2014 00:25:42]

AdwCleaner[S0].txt - [15403 octets] - [12/01/2014 00:27:07]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15464 octets] ##########

--- --- ---

[/CODE]

und hier der Inhalt von FRST:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-01-2014 05

Ran by **** (administrator) on ****-HP on 12-01-2014 00:32:11

Running from C:\Users\****\Desktop

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 10

Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe

(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

(Samsung) C:\Program Files (x86)\SAMSUNG\PC Auto Backup\WiselinkPro.exe

(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe

(Canon Inc.) C:\Program Files (x86)\Canon\CAL\CALMAIN.exe

() C:\Program Files (x86)\SAMSUNG\PC Auto Backup\http_ss_win_pro.exe

() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Samsung) C:\Program Files (x86)\SAMSUNG\PC Auto Backup\AutoBackup.exe

(Dropbox, Inc.) C:\Users\****\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe

(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe

(Microsoft Corporation) C:\Windows\splwow64.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Google Inc.) C:\Users\****\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\****\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\****\AppData\Local\Google\Chrome\Application\chrome.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Google Inc.) C:\Users\****\AppData\Local\Google\Chrome\Application\chrome.exe

(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)

HKLM\...\Run: [BTMTrayAgent] - C:\Program Files\Motorola\Bluetooth\btmshell.dll [21709904 2011-02-15] (Motorola Solutions, Inc.)

HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)

HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2013-05-28] (IDT, Inc.)

HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)

HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-08] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2013-05-28] (Renesas Electronics Corporation)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-03-16] (EasyBits Software AS)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)

HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [HPConnectionManager] - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-06-14] (Hewlett-Packard Development Company L.P.)

HKLM-x32\...\Run: [] - [x]

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-21] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)

HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\CyberLink\Shared files\brs.exe [78352 2012-09-03] (cyberlink)

HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-12] (Hewlett-Packard)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1

HKCU\...\Run: [Google Update] - C:\Users\****\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-03-29] (Google Inc.)

HKCU\...\Policies\system: [LogonHoursAction] 2

HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\fabia****\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59280 2012-11-28] (Apple Inc.)

HKU\fabia****\...\Policies\system: [LogonHoursAction] 2

HKU\fabia****\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\janis****\...\Policies\system: [LogonHoursAction] 2

HKU\janis****\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\martina****\...\Policies\system: [LogonHoursAction] 2

HKU\martina****\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

Startup: C:\Users\fabia****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk

ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)

Startup: C:\Users\janis****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk

ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)

Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk

ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

Startup: C:\Users\martina****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk

ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/12

SearchScopes: HKLM - {38F5A39C-B565-43A6-B018-AD2184B75FEE} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}

SearchScopes: HKLM-x32 - {38F5A39C-B565-43A6-B018-AD2184B75FEE} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}

SearchScopes: HKCU - {2957A004-C540-440C-8C03-3D2522E73835} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848

SearchScopes: HKCU - {38F5A39C-B565-43A6-B018-AD2184B75FEE} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}

BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File

BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)

BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)

BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)

BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-09-03] (EasyBits Software Corp.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 

FireFox:

========

FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\w7h8p1ln.default

FF Homepage: hxxp://www.gmail.com/

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\****\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\****\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: Evernote Web Clipper - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\w7h8p1ln.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2014-01-07]

FF Extension: Lightbeam - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\w7h8p1ln.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2013-10-25]

FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\w7h8p1ln.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]

FF Extension: Web Developer - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\w7h8p1ln.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2012-03-30]

FF Extension: SearchStatus - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\w7h8p1ln.default\Extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a}.xpi [2012-10-05]

FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2014-01-07]
 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com

CHR RestoreOnStartup: "hxxp://www.gmail.com/"

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\****\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Users\****\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()

CHR Plugin: (Shockwave Flash) - C:\Users\****\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File

CHR Plugin: (Simple Pass 2011) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0\npwebsitelogon.dll (HP)

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File

CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll No File

CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Google Update) - C:\Users\****\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File

CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File

CHR Extension: (Website Logon) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0 [2012-03-29]

CHR Extension: (YouTube) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-04-18]

CHR Extension: (Google Search) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 [2013-04-03]

CHR Extension: (Exfm) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehohhddamheegbbkabfgegbaeminghlb\4.0.0_0 [2013-12-26]

CHR Extension: (DvdVideoSoft Free Youtube Download) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0 [2012-10-05]

CHR Extension: (Google Wallet) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 [2013-12-22]

CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf\1.2.0.0_0 [2013-12-19]

CHR Extension: (Gmail) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 [2012-11-12]

CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\****\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-09-22]

CHR HKLM-x32\...\Chrome\Extension: [aepeildmfnnehghlknddebgjghlompfe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-02-11]

CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-12-17]
 

==================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-21] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-30] (Avira Operations GmbH & Co. KG)

R2 CCALib8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [96341 2005-09-30] (Canon Inc.)

S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [245264 2012-09-03] (CyberLink)

R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3128856 2012-02-28] (devolo AG)

S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-17] (WildTangent)

R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2012-12-12] (Nero AG)

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()

R2 WiselinkPro; C:\Program Files (x86)\SAMSUNG\PC Auto Backup\WiselinkPro.exe [7262263 2012-01-18] (Samsung)
 

==================== Drivers (Whitelisted) ====================
 

S3 AVerAF35; C:\Windows\System32\Drivers\HPAF35.sys [511104 2009-10-19] (Hewlett-Packard)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-21] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-21] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-30] (Avira Operations GmbH & Co. KG)

S3 HPIR; C:\Windows\System32\DRIVERS\HPIR.sys [93184 2009-11-16] (Hewlett-Packard)

R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2012-01-31] (CACE Technologies)
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-01-12 00:24 - 2014-01-12 00:27 - 00000000 ____D C:\AdwCleaner

2014-01-12 00:23 - 2014-01-12 00:23 - 01233962 _____ C:\Users\****\Downloads\adwcleaner.exe

2014-01-12 00:23 - 2014-01-12 00:23 - 01233962 _____ C:\Users\****\Desktop\adwcleaner.exe

2014-01-11 23:56 - 2014-01-11 23:56 - 00266288 _____ C:\Windows\Minidump\011114-19266-01.dmp

2014-01-11 23:54 - 2014-01-11 23:59 - 00002045 _____ C:\Users\****\Desktop\Gmer.txt

2014-01-11 23:37 - 2014-01-11 23:37 - 00377856 _____ C:\Users\****\Desktop\gmer_2.1.19163.exe

2014-01-11 23:30 - 2014-01-11 23:53 - 00033959 _____ C:\Users\****\Desktop\Addition.txt

2014-01-11 23:29 - 2014-01-12 00:32 - 00023945 _____ C:\Users\****\Desktop\FRST.txt

2014-01-11 23:29 - 2014-01-11 23:29 - 00000000 ____D C:\FRST

2014-01-11 23:28 - 2014-01-11 23:29 - 02076672 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe

2014-01-11 23:26 - 2014-01-11 23:27 - 00000470 _____ C:\Users\****\Desktop\defogger_disable.log

2014-01-11 23:26 - 2014-01-11 23:26 - 00050477 _____ C:\Users\****\Desktop\Defogger.exe

2014-01-11 23:26 - 2014-01-11 23:26 - 00000000 _____ C:\Users\****\defogger_reenable

2014-01-11 23:08 - 2014-01-11 23:08 - 00107416 _____ C:\Users\****\Downloads\Extras.Txt

2014-01-11 23:07 - 2014-01-11 23:07 - 00125606 _____ C:\Users\****\Downloads\OTL.Txt

2014-01-11 22:58 - 2014-01-11 22:58 - 00602112 _____ (OldTimer Tools) C:\Users\****\Downloads\OTL.exe

2014-01-11 22:51 - 2014-01-11 22:51 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\****\Downloads\SpyHunter-Installer.exe

2014-01-11 22:23 - 2014-01-11 22:23 - 00003082 _____ C:\Windows\System32\Tasks\{09701B05-0B58-4935-BE01-CA18C46EA3A1}

2014-01-11 15:01 - 2014-01-11 15:04 - 00477433 _____ C:\Users\janis****\Desktop\gutschein-marcel-2014.odt

2014-01-11 11:53 - 2014-01-11 11:53 - 00000000 ____D C:\Users\****\AppData\Local\{3E812BDD-AF60-43C8-B175-C8D4BD918A7B}

2014-01-11 11:36 - 2014-01-11 11:36 - 00003082 _____ C:\Windows\System32\Tasks\{73A8BBED-8B56-4E57-A9B7-D5A03BBDBD52}

2014-01-10 21:10 - 2014-01-10 21:17 - 00000910 _____ C:\Users\****\Desktop\mystop.txt

2014-01-07 21:59 - 2014-01-07 21:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2014-01-07 19:09 - 2014-01-07 19:09 - 00746832 _____ C:\Users\****\Downloads\Bildervorschläge.xlsx

2014-01-06 20:09 - 2014-01-08 20:30 - 00013312 _____ C:\Users\****\Desktop\uebersicht_ferien_2014.xls

2014-01-06 08:48 - 2014-01-06 08:48 - 00003082 _____ C:\Windows\System32\Tasks\{AC7132D2-6F88-46F9-B029-7778437167B0}

2014-01-05 18:36 - 2014-01-05 18:36 - 00000000 ____D C:\Users\fabia****\AppData\Local\Cyberlink

2014-01-05 15:26 - 2014-01-05 15:26 - 00266288 _____ C:\Windows\Minidump\010514-36504-01.dmp

2014-01-05 15:18 - 2014-01-05 15:18 - 00266288 _____ C:\Windows\Minidump\010514-35459-01.dmp

2014-01-05 15:01 - 2014-01-05 15:01 - 00003082 _____ C:\Windows\System32\Tasks\{66081758-1F99-45EC-AA4D-D68CC0B479DC}

2014-01-03 14:10 - 2014-01-03 14:10 - 00000000 ____D C:\Users\fabia****\AppData\Roaming\WebApp

2013-12-29 21:45 - 2013-12-29 21:45 - 00001196 _____ C:\Users\fabia****\Desktop\winterzit.htm

2013-12-29 21:41 - 2013-12-29 21:41 - 00020142 _____ C:\Users\fabia****\Desktop\grüeni banane.htm

2013-12-29 19:29 - 2013-12-29 19:29 - 00000156 _____ C:\Users\fabia****\Downloads\text_0 (1).txt

2013-12-29 19:28 - 2013-12-29 19:28 - 00000045 _____ C:\Users\fabia****\Downloads\text_0.txt

2013-12-23 14:04 - 2013-12-28 18:25 - 00086500 _____ C:\Users\janis****\Documents\zebras Janis.odt

2013-12-23 14:04 - 2013-12-28 18:25 - 00000110 ____H C:\Users\janis****\Documents\.~lock.zebras Janis.odt#

2013-12-22 17:53 - 2013-12-22 17:53 - 00216064 _____ C:\Users\****\Desktop\Weihnachten_Uebergangsphase.ppt

2013-12-21 17:45 - 2013-12-21 17:45 - 00000000 ____D C:\Users\janis****\Documents\Youcam

2013-12-21 17:45 - 2013-12-21 17:45 - 00000000 ____D C:\Users\janis****\AppData\Roaming\CyberLink

2013-12-21 17:45 - 2013-12-21 17:45 - 00000000 ____D C:\Users\janis****\AppData\Local\CyberLink

2013-12-21 17:40 - 2013-12-21 17:40 - 00001281 _____ C:\Users\janis****\Downloads\GoogleEarthPluginSetup - Verknüpfung.lnk

2013-12-21 17:37 - 2013-12-21 17:37 - 00000000 ____D C:\Users\janis****\AppData\Roaming\WildTangent

2013-12-21 15:18 - 2013-12-21 15:18 - 00000000 ____D C:\Users\janis****\Downloads\Neuer Ordner

2013-12-21 12:59 - 2013-12-21 13:00 - 00000000 ____D C:\Users\janis****\Documents\PC_deutsch

2013-12-19 21:40 - 2013-12-19 21:49 - 00077178 _____ C:\Users\****\Documents\gutschein-luca-dez-13.odg

2013-12-19 20:47 - 2013-12-19 20:46 - 00975464 _____ C:\Users\****\Documents\facebook-bruno****ch.zip

2013-12-19 20:46 - 2013-12-19 20:46 - 00975464 _____ C:\Users\****\Downloads\facebook-bruno****ch.zip

2013-12-17 21:32 - 2013-12-17 21:32 - 00000000 ____D C:\Users\****\AppData\Roaming\Logitech

2013-12-17 21:32 - 2013-12-17 21:32 - 00000000 ____D C:\Program Files (x86)\Logitech

2013-12-17 21:08 - 2013-12-17 21:13 - 11863248 _____ (Logitech) C:\Users\****\Downloads\HarmonyBrowserPlug-in.exe
 

==================== One Month Modified Files and Folders =======
 

2014-01-12 00:32 - 2014-01-11 23:29 - 00023945 _____ C:\Users\****\Desktop\FRST.txt

2014-01-12 00:30 - 2013-01-30 20:20 - 00000000 ___RD C:\Users\****\Dropbox

2014-01-12 00:30 - 2013-01-30 19:45 - 00000000 ____D C:\Users\****\AppData\Roaming\Dropbox

2014-01-12 00:29 - 2013-12-03 20:01 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-01-12 00:29 - 2013-01-22 21:50 - 00000000 ____D C:\Users\****\AppData\Local\HTC MediaHub

2014-01-12 00:29 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2014-01-12 00:29 - 2009-07-14 05:51 - 00124518 _____ C:\Windows\setupact.log

2014-01-12 00:28 - 2011-12-04 21:40 - 01175832 _____ C:\Windows\WindowsUpdate.log

2014-01-12 00:27 - 2014-01-12 00:24 - 00000000 ____D C:\AdwCleaner

2014-01-12 00:23 - 2014-01-12 00:23 - 01233962 _____ C:\Users\****\Downloads\adwcleaner.exe

2014-01-12 00:23 - 2014-01-12 00:23 - 01233962 _____ C:\Users\****\Desktop\adwcleaner.exe

2014-01-12 00:11 - 2013-12-03 20:01 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-01-12 00:04 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-01-12 00:04 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-01-11 23:59 - 2014-01-11 23:54 - 00002045 _____ C:\Users\****\Desktop\Gmer.txt

2014-01-11 23:56 - 2014-01-11 23:56 - 00266288 _____ C:\Windows\Minidump\011114-19266-01.dmp

2014-01-11 23:56 - 2012-05-03 20:01 - 00000000 ____D C:\Windows\Minidump

2014-01-11 23:55 - 2012-05-03 20:01 - 757970043 _____ C:\Windows\MEMORY.DMP

2014-01-11 23:53 - 2014-01-11 23:30 - 00033959 _____ C:\Users\****\Desktop\Addition.txt

2014-01-11 23:40 - 2012-03-29 21:11 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2557051524-4033554928-2666080900-1000UA.job

2014-01-11 23:37 - 2014-01-11 23:37 - 00377856 _____ C:\Users\****\Desktop\gmer_2.1.19163.exe

2014-01-11 23:33 - 2013-01-18 20:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-01-11 23:29 - 2014-01-11 23:29 - 00000000 ____D C:\FRST

2014-01-11 23:29 - 2014-01-11 23:28 - 02076672 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe

2014-01-11 23:27 - 2014-01-11 23:26 - 00000470 _____ C:\Users\****\Desktop\defogger_disable.log

2014-01-11 23:26 - 2014-01-11 23:26 - 00050477 _____ C:\Users\****\Desktop\Defogger.exe

2014-01-11 23:26 - 2014-01-11 23:26 - 00000000 _____ C:\Users\****\defogger_reenable

2014-01-11 23:26 - 2012-03-23 20:36 - 00000000 ____D C:\Users\****

2014-01-11 23:08 - 2014-01-11 23:08 - 00107416 _____ C:\Users\****\Downloads\Extras.Txt

2014-01-11 23:07 - 2014-01-11 23:07 - 00125606 _____ C:\Users\****\Downloads\OTL.Txt

2014-01-11 22:58 - 2014-01-11 22:58 - 00602112 _____ (OldTimer Tools) C:\Users\****\Downloads\OTL.exe

2014-01-11 22:51 - 2014-01-11 22:51 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\****\Downloads\SpyHunter-Installer.exe

2014-01-11 22:25 - 2012-03-23 20:44 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0909E9DD-1DCD-49BB-9B75-273ECAA89F35}

2014-01-11 22:23 - 2014-01-11 22:23 - 00003082 _____ C:\Windows\System32\Tasks\{09701B05-0B58-4935-BE01-CA18C46EA3A1}

2014-01-11 15:04 - 2014-01-11 15:01 - 00477433 _____ C:\Users\janis****\Desktop\gutschein-marcel-2014.odt

2014-01-11 13:58 - 2011-09-03 09:29 - 00654400 _____ C:\Windows\system32\perfh007.dat

2014-01-11 13:58 - 2011-09-03 09:29 - 00130240 _____ C:\Windows\system32\perfc007.dat

2014-01-11 13:58 - 2009-07-14 06:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI

2014-01-11 13:56 - 2012-07-20 19:14 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{2546931B-A9E0-4AEE-968B-C70712789AD9}

2014-01-11 13:53 - 2013-02-04 09:38 - 00000000 ____D C:\Users\janis****\AppData\Local\HTC MediaHub

2014-01-11 11:53 - 2014-01-11 11:53 - 00000000 ____D C:\Users\****\AppData\Local\{3E812BDD-AF60-43C8-B175-C8D4BD918A7B}

2014-01-11 11:36 - 2014-01-11 11:36 - 00003082 _____ C:\Windows\System32\Tasks\{73A8BBED-8B56-4E57-A9B7-D5A03BBDBD52}

2014-01-10 21:17 - 2014-01-10 21:10 - 00000910 _____ C:\Users\****\Desktop\mystop.txt

2014-01-09 20:30 - 2013-09-02 19:08 - 00003180 _____ C:\Windows\System32\Tasks\HPCeeScheduleFor****

2014-01-09 20:30 - 2013-09-02 19:08 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleFor****.job

2014-01-08 20:30 - 2014-01-06 20:09 - 00013312 _____ C:\Users\****\Desktop\uebersicht_ferien_2014.xls

2014-01-08 18:51 - 2012-07-20 10:46 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{BEB7F6B2-35AA-40A2-B211-227F1BBD58B6}

2014-01-08 18:48 - 2013-01-23 13:45 - 00000000 ____D C:\Users\fabia****\AppData\Local\HTC MediaHub

2014-01-07 21:59 - 2014-01-07 21:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2014-01-07 19:09 - 2014-01-07 19:09 - 00746832 _____ C:\Users\****\Downloads\Bildervorschläge.xlsx

2014-01-07 07:38 - 2013-01-30 20:20 - 00001013 _____ C:\Users\****\Desktop\Dropbox.lnk

2014-01-07 07:38 - 2013-01-30 20:18 - 00000000 ____D C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-01-07 07:38 - 2012-05-12 10:34 - 00000735 _____ C:\Windows\wininit.ini

2014-01-07 07:38 - 2012-03-23 20:44 - 00000000 ___RD C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-01-06 08:48 - 2014-01-06 08:48 - 00003082 _____ C:\Windows\System32\Tasks\{AC7132D2-6F88-46F9-B029-7778437167B0}

2014-01-05 18:36 - 2014-01-05 18:36 - 00000000 ____D C:\Users\fabia****\AppData\Local\Cyberlink

2014-01-05 15:26 - 2014-01-05 15:26 - 00266288 _____ C:\Windows\Minidump\010514-36504-01.dmp

2014-01-05 15:18 - 2014-01-05 15:18 - 00266288 _____ C:\Windows\Minidump\010514-35459-01.dmp

2014-01-05 15:01 - 2014-01-05 15:01 - 00003082 _____ C:\Windows\System32\Tasks\{66081758-1F99-45EC-AA4D-D68CC0B479DC}

2014-01-05 14:08 - 2012-03-25 12:47 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log

2014-01-05 14:07 - 2012-12-17 19:47 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

2014-01-03 14:10 - 2014-01-03 14:10 - 00000000 ____D C:\Users\fabia****\AppData\Roaming\WebApp

2014-01-03 12:40 - 2012-03-29 21:11 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2557051524-4033554928-2666080900-1000Core.job

2013-12-29 21:45 - 2013-12-29 21:45 - 00001196 _____ C:\Users\fabia****\Desktop\winterzit.htm

2013-12-29 21:41 - 2013-12-29 21:41 - 00020142 _____ C:\Users\fabia****\Desktop\grüeni banane.htm

2013-12-29 19:51 - 2012-04-06 11:53 - 00104084 ____H C:\Windows\SysWOW64\mlfcache.dat

2013-12-29 19:29 - 2013-12-29 19:29 - 00000156 _____ C:\Users\fabia****\Downloads\text_0 (1).txt

2013-12-29 19:28 - 2013-12-29 19:28 - 00000045 _____ C:\Users\fabia****\Downloads\text_0.txt

2013-12-28 18:25 - 2013-12-23 14:04 - 00086500 _____ C:\Users\janis****\Documents\zebras Janis.odt

2013-12-28 18:25 - 2013-12-23 14:04 - 00000110 ____H C:\Users\janis****\Documents\.~lock.zebras Janis.odt#

2013-12-22 17:53 - 2013-12-22 17:53 - 00216064 _____ C:\Users\****\Desktop\Weihnachten_Uebergangsphase.ppt

2013-12-21 17:45 - 2013-12-21 17:45 - 00000000 ____D C:\Users\janis****\Documents\Youcam

2013-12-21 17:45 - 2013-12-21 17:45 - 00000000 ____D C:\Users\janis****\AppData\Roaming\CyberLink

2013-12-21 17:45 - 2013-12-21 17:45 - 00000000 ____D C:\Users\janis****\AppData\Local\CyberLink

2013-12-21 17:40 - 2013-12-21 17:40 - 00001281 _____ C:\Users\janis****\Downloads\GoogleEarthPluginSetup - Verknüpfung.lnk

2013-12-21 17:37 - 2013-12-21 17:37 - 00000000 ____D C:\Users\janis****\AppData\Roaming\WildTangent

2013-12-21 17:37 - 2011-09-03 00:18 - 00002336 ____N C:\Users\Public\Desktop\WildTangent Games App - hp.lnk

2013-12-21 17:37 - 2011-09-03 00:18 - 00002336 ____N C:\ProgramData\Desktop\WildTangent Games App - hp.lnk

2013-12-21 17:37 - 2011-09-03 00:18 - 00000000 ____D C:\ProgramData\WildTangent

2013-12-21 17:37 - 2011-09-03 00:18 - 00000000 ____D C:\Program Files (x86)\WildTangent Games

2013-12-21 15:18 - 2013-12-21 15:18 - 00000000 ____D C:\Users\janis****\Downloads\Neuer Ordner

2013-12-21 13:00 - 2013-12-21 12:59 - 00000000 ____D C:\Users\janis****\Documents\PC_deutsch

2013-12-21 12:44 - 2013-05-07 19:57 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2013-12-21 12:44 - 2013-03-30 19:25 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2013-12-21 12:44 - 2013-03-30 19:25 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2013-12-21 12:37 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF

2013-12-19 21:49 - 2013-12-19 21:40 - 00077178 _____ C:\Users\****\Documents\gutschein-luca-dez-13.odg

2013-12-19 20:46 - 2013-12-19 20:47 - 00975464 _____ C:\Users\****\Documents\facebook-bruno****ch.zip

2013-12-19 20:46 - 2013-12-19 20:46 - 00975464 _____ C:\Users\****\Downloads\facebook-bruno****ch.zip

2013-12-17 21:32 - 2013-12-17 21:32 - 00000000 ____D C:\Users\****\AppData\Roaming\Logitech

2013-12-17 21:32 - 2013-12-17 21:32 - 00000000 ____D C:\Program Files (x86)\Logitech

2013-12-17 21:32 - 2011-09-03 00:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2013-12-17 21:13 - 2013-12-17 21:08 - 11863248 _____ (Logitech) C:\Users\****\Downloads\HarmonyBrowserPlug-in.exe

2013-12-13 20:49 - 2010-11-21 04:47 - 00368982 _____ C:\Windows\PFRO.log
 

Some content of TEMP:

====================

C:\Users\fabia****\AppData\Local\Temp\AskSLib.dll

C:\Users\fabia****\AppData\Local\Temp\avgnt.exe

C:\Users\janis****\AppData\Local\Temp\AskSLib.dll

C:\Users\janis****\AppData\Local\Temp\avgnt.exe

C:\Users\****\AppData\Local\Temp\AskSLib.dll

C:\Users\****\AppData\Local\Temp\avgnt.exe

C:\Users\****\AppData\Local\Temp\Extract.exe

C:\Users\****\AppData\Local\Temp\firefoxjre_exe-1.exe

C:\Users\****\AppData\Local\Temp\firefoxjre_exe-2.exe

C:\Users\****\AppData\Local\Temp\firefoxjre_exe.exe

C:\Users\****\AppData\Local\Temp\HPHelpUpdater.exe

C:\Users\****\AppData\Local\Temp\install_helper.exe

C:\Users\****\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe

C:\Users\****\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe

C:\Users\****\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe

C:\Users\****\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe

C:\Users\****\AppData\Local\Temp\mgxoschk.dll

C:\Users\****\AppData\Local\Temp\MgxVistaTools.dll

C:\Users\****\AppData\Local\Temp\MSETUP4.EXE

C:\Users\****\AppData\Local\Temp\Quarantine.exe

C:\Users\****\AppData\Local\Temp\Resource.exe

C:\Users\****\AppData\Local\Temp\SHSetup.exe

C:\Users\****\AppData\Local\Temp\sp54620.exe

C:\Users\****\AppData\Local\Temp\SP54630.exe

C:\Users\****\AppData\Local\Temp\SP54714.exe

C:\Users\****\AppData\Local\Temp\SP55101.exe

C:\Users\****\AppData\Local\Temp\SP55102.exe

C:\Users\****\AppData\Local\Temp\SP55104.exe

C:\Users\****\AppData\Local\Temp\SP55109.exe

C:\Users\****\AppData\Local\Temp\SP55152.exe

C:\Users\****\AppData\Local\Temp\SP56878.exe

C:\Users\****\AppData\Local\Temp\SP56889.exe

C:\Users\****\AppData\Local\Temp\SP56904.exe

C:\Users\****\AppData\Local\Temp\SP56929.exe

C:\Users\****\AppData\Local\Temp\SP57232.exe

C:\Users\****\AppData\Local\Temp\sp58915.exe

C:\Users\****\AppData\Local\Temp\SP59542.exe

C:\Users\****\AppData\Local\Temp\SP59755.exe

C:\Users\****\AppData\Local\Temp\SpeedAnalysisSetup.exe

C:\Users\****\AppData\Local\Temp\UninstallHPSA.exe

C:\Users\****\AppData\Local\Temp\UninstallHPTCA.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-01-11 14:40
 

==================== End Of Log ============================

--- --- ---

Besten Dank zu später Stunde.
Gruss, Bruno