Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Scareware im Firefoxbrowser eingefangen, wie entfernen?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 25.06.2014, 15:01   #1
Ka-Rin
 
Scareware im Firefoxbrowser eingefangen, wie entfernen? - Standard

Scareware im Firefoxbrowser eingefangen, wie entfernen?



Hallo liebe TB-Helfer ,
ich habe mir gestern eine so genannte "Scareware" im Firefox eingefangen. Dies macht sich wie folgt bemerkbar:

1. Beim Öffnen des Firefox erscheinen am unteren Bildrand Popups mit Werbung von Antivirenprogrammen oder Warnmeldungen, dass "der PC infiziert sei"
2. Ab und an öffnen sich recht schnell hintereinander viele Tabs mit verschiedenen Werbebotschaften.

Das Programm nervt schrecklich wurde jedoch nicht durch mein Antivirenprogramm erkannt.
Folgende AV-Programme sind installiert:

Malewarebytes
Avira free antivir


Ich freue mich über jede Hilfe zur Behebung des Problems.
Vielen Dank im Voraus.

Alt 25.06.2014, 15:06   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Scareware im Firefoxbrowser eingefangen, wie entfernen? - Standard

Scareware im Firefoxbrowser eingefangen, wie entfernen?





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab.
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.



Los geht's:

Schritt 1


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 25.06.2014, 18:33   #3
Ka-Rin
 
Scareware im Firefoxbrowser eingefangen, wie entfernen? - Standard

Scareware im Firefoxbrowser eingefangen, wie entfernen?



Hallo Jürgen,
Danke für deine Hilfe, dass Ihr so schnell seid hätte ich nicht erwartet.
Also hier die Posts!

1. FRST - Scan:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2014
Ran by KarinAtWork (ATTENTION: The logged in user is not administrator) on KNOTEBOOK on 25-06-2014 19:20:53
Running from C:\Users\KarinAtWork\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Dropbox, Inc.) C:\Users\KarinAtWork\AppData\Roaming\Dropbox\bin\Dropbox.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\NetCrawl\bin\NetCrawl.BrowserAdapter.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [2703752 2010-03-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NortonOnlineBackup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1112920 2010-03-05] (Symantec Corporation)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [157456 2009-05-14] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
HKU\S-1-5-21-3457901039-3679683318-3372754741-1003\...\MountPoints2: F - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3457901039-3679683318-3372754741-1003\...\MountPoints2: {2452c545-b8e2-11e2-90fb-002454dbf6c9} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3457901039-3679683318-3372754741-1003\...\MountPoints2: {2452c5d9-b8e2-11e2-90fb-002454dbf6c9} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3457901039-3679683318-3372754741-1003\...\MountPoints2: {3635a43e-c082-11e1-b0fd-002454dbf6c9} - F:\autorun.exe
HKU\S-1-5-21-3457901039-3679683318-3372754741-1003\...\MountPoints2: {4add72c9-b9fe-11e1-9978-002454dbf6c9} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3457901039-3679683318-3372754741-1003\...\MountPoints2: {65050b47-b8ef-11e2-8e75-002454dbf6c9} - F:\setup_vmc_lite.exe /checkApplicationPresence
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\KarinAtWork\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\KarinAtWork\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.zeit.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://rocket-find.com/?f=1&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://rocket-find.com/?f=1&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir=
URLSearchHook: HKCU - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir=
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {ACD06C1D-190E-4605-8726-53B743BF793C} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {B3EEF211-55D7-471B-A53C-EC3FAF5EAFDE} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=597d92b1-40ac-4182-b0f6-b1dc0f78c2fb&apn_sauid=CF9B94EA-FFE2-42FE-99A1-605CB254ED79
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{24DB843F-333B-4F22-8094-8E06240D8CCB}: [NameServer]62.134.11.4 195.182.110.132

FireFox:
========
FF ProfilePath: C:\Users\KarinAtWork\AppData\Roaming\Mozilla\Firefox\Profiles\xrxbsjqz.default-1354521547828
FF Homepage: www.ixquick.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\KarinAtWork\AppData\Roaming\Mozilla\Firefox\Profiles\xrxbsjqz.default-1354521547828\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\KarinAtWork\AppData\Roaming\Mozilla\Firefox\Profiles\xrxbsjqz.default-1354521547828\searchplugins\WSE Rocket.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} [2014-06-19]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-05-26]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2782552 2010-03-05] (Symantec Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1335344 2014-01-23] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [856112 2014-01-23] (pdfforge GmbH)
R2 Rezip; C:\Windows\SysWOW64\Rezip.exe [311296 2009-03-05] () [File not signed]
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
S2 Update NetCrawl; C:\Program Files (x86)\NetCrawl\updateNetCrawl.exe [317728 2014-06-16] ()
R2 Util NetCrawl; C:\Program Files (x86)\NetCrawl\bin\utilNetCrawl.exe [317728 2014-06-23] ()
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [304592 2009-06-22] ()
R2 XS Stick Service; C:\Windows\service4g.exe [125200 2009-05-14] (4G Systems GmbH & Co. KG)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-30] (Avira Operations GmbH & Co. KG)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2012-06-27] (Mobile Connector)
S3 cmnsusbser; C:\Windows\SysWOW64\DRIVERS\cmnsusbser.sys [117888 2008-10-31] (Mobile Connector)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-10-13] (Windows (R) 2003 DDK 3790 provider)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
R1 {57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64; C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys [61112 2014-06-13] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-25 19:20 - 2014-06-25 19:22 - 00018722 _____ () C:\Users\KarinAtWork\Desktop\FRST.txt
2014-06-25 19:19 - 2014-06-25 19:21 - 00000000 ____D () C:\FRST
2014-06-25 19:19 - 2014-06-25 19:19 - 02082816 _____ (Farbar) C:\Users\KarinAtWork\Desktop\FRST64.exe
2014-06-24 19:09 - 2014-06-13 13:36 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys
2014-06-23 20:29 - 2014-06-23 20:29 - 00002269 _____ () C:\Users\KarinAtWork\Documents\New Database.odb
2014-06-23 18:47 - 2014-06-23 18:47 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\OpenOffice
2014-06-23 15:26 - 2014-06-23 15:26 - 00001112 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-06-23 15:26 - 2014-06-23 15:26 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-06-23 15:25 - 2014-06-23 15:25 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-23 15:24 - 2014-06-24 19:08 - 00000000 ____D () C:\Program Files (x86)\NetCrawl
2014-06-23 15:22 - 2014-06-25 19:22 - 00000292 _____ () C:\Windows\Tasks\Rocket Updater.job
2014-06-23 15:22 - 2014-06-23 15:22 - 00000000 ____D () C:\Program Files (x86)\WSE Rocket
2014-06-23 15:21 - 2014-06-23 15:21 - 00803368 _____ ( ) C:\Users\KarinAtWork\Downloads\Open OfficeSetup.exe
2014-06-23 15:16 - 2014-06-23 15:16 - 00469576 _____ () C:\Users\KarinAtWork\Downloads\apache-openoffice.exe
2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieUserList
2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieSiteList
2014-06-19 22:38 - 2014-06-23 04:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 13:03 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 13:03 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 13:03 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 13:03 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 13:03 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 13:03 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 13:03 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 13:03 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 13:03 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 13:03 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 13:03 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 13:03 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 13:03 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 13:03 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 13:03 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 13:03 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 13:03 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 13:03 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 13:03 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 13:03 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 13:03 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 13:03 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 13:03 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 13:03 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 13:03 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 13:03 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 13:03 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 13:03 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 13:03 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 13:03 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 13:03 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 13:03 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 13:03 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 13:03 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 13:03 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 13:03 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 13:03 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 13:03 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 13:03 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 13:03 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 13:03 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 13:03 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 13:03 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 13:03 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 13:03 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 13:03 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 13:03 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 13:03 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 13:03 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 13:03 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 13:03 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 13:03 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 13:03 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 13:03 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 13:03 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 13:03 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 13:03 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 13:03 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 13:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 13:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 13:03 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 13:03 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 13:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 13:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-05-27 14:16 - 2014-05-27 14:16 - 00000000 ____D () C:\Users\KarinAtWork\Documents\Benutzerdefinierte Office-Vorlagen
2014-05-26 22:20 - 2014-05-26 22:20 - 00000000 ____D () C:\Users\KarinAtWork\Documents\PDF Architect Files
2014-05-26 22:20 - 2014-05-26 22:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
2014-05-26 22:20 - 2014-05-26 22:20 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-05-26 22:19 - 2014-05-26 22:21 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\PDF Architect
2014-05-26 22:11 - 2014-05-26 22:17 - 52293632 _____ () C:\Users\KarinAtWork\Downloads\PDF_Architect_Setup_1.2.97.14551.msi
2014-05-26 12:40 - 2014-06-25 19:15 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\DropboxMaster

==================== One Month Modified Files and Folders =======

2014-06-25 19:22 - 2014-06-25 19:20 - 00018722 _____ () C:\Users\KarinAtWork\Desktop\FRST.txt
2014-06-25 19:22 - 2014-06-23 15:22 - 00000292 _____ () C:\Windows\Tasks\Rocket Updater.job
2014-06-25 19:22 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-25 19:22 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-25 19:21 - 2014-06-25 19:19 - 00000000 ____D () C:\FRST
2014-06-25 19:19 - 2014-06-25 19:19 - 02082816 _____ (Farbar) C:\Users\KarinAtWork\Desktop\FRST64.exe
2014-06-25 19:18 - 2010-06-01 03:03 - 01447306 _____ () C:\Windows\WindowsUpdate.log
2014-06-25 19:15 - 2014-05-26 12:40 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\DropboxMaster
2014-06-25 19:15 - 2013-05-20 23:11 - 00000000 ___RD () C:\Users\KarinAtWork\Dropbox
2014-06-25 19:15 - 2013-05-20 23:06 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\Dropbox
2014-06-25 19:15 - 2009-07-14 04:34 - 00000612 _____ () C:\Windows\win.ini
2014-06-25 19:13 - 2013-05-20 23:36 - 00020560 _____ () C:\Windows\setupact.log
2014-06-25 19:13 - 2012-06-30 10:04 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-06-25 19:13 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-25 15:40 - 2013-05-05 00:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-25 15:29 - 2011-01-19 03:48 - 00000000 ____D () C:\Users\Karin
2014-06-25 10:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-06-24 19:08 - 2014-06-23 15:24 - 00000000 ____D () C:\Program Files (x86)\NetCrawl
2014-06-23 20:29 - 2014-06-23 20:29 - 00002269 _____ () C:\Users\KarinAtWork\Documents\New Database.odb
2014-06-23 18:51 - 2012-08-19 14:17 - 00000000 ____D () C:\Users\KarinAtWork\Desktop\Bewerbungen
2014-06-23 18:47 - 2014-06-23 18:47 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\OpenOffice
2014-06-23 15:37 - 2012-05-02 10:40 - 00125800 _____ () C:\Users\KarinAtWork\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-23 15:34 - 2013-05-28 07:14 - 00199888 _____ () C:\Windows\PFRO.log
2014-06-23 15:34 - 2009-07-14 06:45 - 00478600 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-23 15:26 - 2014-06-23 15:26 - 00001112 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-06-23 15:26 - 2014-06-23 15:26 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-06-23 15:25 - 2014-06-23 15:25 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-23 15:22 - 2014-06-23 15:22 - 00000000 ____D () C:\Program Files (x86)\WSE Rocket
2014-06-23 15:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-23 15:21 - 2014-06-23 15:21 - 00803368 _____ ( ) C:\Users\KarinAtWork\Downloads\Open OfficeSetup.exe
2014-06-23 15:16 - 2014-06-23 15:16 - 00469576 _____ () C:\Users\KarinAtWork\Downloads\apache-openoffice.exe
2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieUserList
2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieSiteList
2014-06-23 04:53 - 2014-06-19 22:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-22 11:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-20 23:40 - 2012-05-01 00:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-18 08:13 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-16 18:29 - 2014-01-06 23:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-16 18:29 - 2012-11-16 21:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-13 13:36 - 2014-06-24 19:09 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys
2014-06-12 13:37 - 2013-08-14 18:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 13:33 - 2011-01-22 10:02 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 11:04 - 2010-06-01 19:30 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-06-12 11:04 - 2010-06-01 19:30 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-06-12 11:04 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-11 15:53 - 2013-05-04 11:21 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-06-07 14:26 - 2012-05-07 18:32 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\SoftGrid Client
2014-06-02 19:31 - 2013-01-05 17:54 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Local\FreePDF_XP
2014-05-30 12:21 - 2014-06-11 13:03 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-11 13:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-11 13:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-11 13:03 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-11 13:03 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-11 13:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-11 13:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-11 13:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-11 13:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-11 13:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-11 13:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-11 13:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-11 13:03 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 13:03 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-11 13:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-11 13:03 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 13:03 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-11 13:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-11 13:03 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-11 13:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-11 13:03 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 13:03 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-11 13:03 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 13:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-11 13:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 13:03 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 13:03 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-11 13:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 13:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-11 13:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-11 13:03 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-11 13:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-11 13:03 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-11 13:03 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-11 13:03 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 13:03 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 13:03 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 13:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-11 13:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 13:03 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 13:03 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 13:03 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 13:03 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 13:03 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 13:03 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 13:03 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 13:03 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 13:03 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 13:03 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 13:03 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 13:03 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 13:03 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-28 20:10 - 2012-11-10 15:14 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Local\Audible
2014-05-28 20:10 - 2012-07-18 16:51 - 00000000 ____D () C:\Users\KarinAtWork\Desktop\Musikdownload
2014-05-28 13:35 - 2013-05-05 08:21 - 00011069 _____ () C:\Users\KarinAtWork\Desktop\Abgänge.xlsx
2014-05-28 09:59 - 2013-05-20 23:11 - 00001036 _____ () C:\Users\KarinAtWork\Desktop\Dropbox.lnk
2014-05-28 09:59 - 2013-05-20 23:07 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-27 14:16 - 2014-05-27 14:16 - 00000000 ____D () C:\Users\KarinAtWork\Documents\Benutzerdefinierte Office-Vorlagen
2014-05-26 23:53 - 2013-06-04 18:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-26 22:21 - 2014-05-26 22:19 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\PDF Architect
2014-05-26 22:20 - 2014-05-26 22:20 - 00000000 ____D () C:\Users\KarinAtWork\Documents\PDF Architect Files
2014-05-26 22:20 - 2014-05-26 22:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
2014-05-26 22:20 - 2014-05-26 22:20 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-05-26 22:17 - 2014-05-26 22:11 - 52293632 _____ () C:\Users\KarinAtWork\Downloads\PDF_Architect_Setup_1.2.97.14551.msi
2014-05-26 21:46 - 2012-06-30 00:42 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Local\Microsoft Games
2014-05-26 17:11 - 2012-05-02 10:41 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Local\Mozilla
2014-05-26 12:48 - 2013-02-13 09:17 - 00012730 _____ () C:\Users\KarinAtWork\Desktop\GuVnormal2013.xlsx

Some content of TEMP:
====================
C:\Users\KarinAtWork\AppData\Local\Temp\avgnt.exe
C:\Users\KarinAtWork\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpj1lmql.dll
C:\Users\KarinAtWork\AppData\Local\Temp\secuniasi6474681520443312105.dll
C:\Users\KarinAtWork\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
         
--- --- ---



Und das FRST-Scan-Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2014
Ran by KarinAtWork at 2014-06-25 19:22:58
Running from C:\Users\KarinAtWork\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Atheros Client Installation Program (HKLM-x32\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{F8FEEFC0-D7D6-9A40-28E9-1E7A6716E803}) (Version: 3.0.774.0 - ATI Technologies, Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2006397056.48.56.3935466 - Audible, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
BatteryLifeExtender (HKLM-x32\...\{08B67A13-8501-48CB-B747-9D413BDC4594}) (Version: 1.0.3 - Samsung)
Bonbon Quest (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111768557}) (Version:  - Oberon Media)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.44 - Broadcom Corporation)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version:  - Oberon Media)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon MG5100 series Benutzerregistrierung (HKLM-x32\...\Canon MG5100 series Benutzerregistrierung) (Version:  - )
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0504.2152.37420 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help English (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help French (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help German (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
ccc-utility64 (Version: 2010.0504.2152.37420 - ATI) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3717 - CDBurnerXP)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3911 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.3911 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2BC398D2-11C8-43B1-AB84-675D33EB28C2}) (Version:  - Microsoft)
Designer 2.0 (HKLM-x32\...\Designer 2.0_is1) (Version: 7.9.4 - Fomanu AG)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0.0.13 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.1 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{F771F1D4-EDD4-4D68-82DC-811583C099CD}) (Version: 4.3.1 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.0.11 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
EasyFileShare (HKLM-x32\...\{C4582EED-A3FB-4358-8F3F-8C994460DF28}) (Version: 1.0.3 - Samsung)
ETDWare PS/2-x64 7.0.7.0_WHQL (HKLM\...\Elantech) (Version: 7.0.7.0 - ELAN Microelectronics Corp.)
Flip Words (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110109903}) (Version:  - Oberon Media)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Game Pack (HKLM-x32\...\{D1F6FBBB-B204-459A-9BF8-D06FFAB96CCC}_is1) (Version: 6.3.1.1 - Oberon Media, Inc.)
Gem Shop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110521483}) (Version:  - Oberon Media)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Inkscape 0.48.3.1 (HKLM-x32\...\Inkscape) (Version: 0.48.3.1 - )
Insaniquarium Deluxe (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110245793}) (Version:  - Oberon Media)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216045FF}) (Version: 6.0.450 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Mahjong Escape Ancient China (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version:  - Oberon Media)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.6 (x86 de)) (Version: 17.0.6 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
NetCrawl (HKLM\...\NetCrawl) (Version: 2014.06.16.195433 - NetCrawl)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.13580 - Symantec Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Architect (HKLM-x32\...\{86D8A96B-1911-4C3F-AA16-0B47E053E492}) (Version: 1.2.97.14551 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{0F796312-289C-40CA-856C-9FBCF5E83342}) (Version: 0133.09.1202 - REALTEK Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.0.2 - Samsung)
Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Secunia PSI (3.0.0.7009) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7009 - Secunia)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110160733}) (Version:  - Oberon Media)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Two Worlds II (HKLM-x32\...\Two Worlds II) (Version: 1.0.0 - )
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{968E82F6-FAF7-45E0-BCC0-EF8AA31A4EB3}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1FB43AFB-8112-41B9-B9A6-A43474F46123}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{071A9ED9-C72F-4CDA-9A88-F100C5EF9EE1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{3365FE58-896F-45DE-8051-E48F6D8069FD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{A2D4D766-14AE-46CA-BD99-801FB1523626}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUSR_{FE13BE31-2B5B-4D4E-8538-B3BB9B370C66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8093.805 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WSE Rocket (HKLM-x32\...\WSE Rocket) (Version:  - WSE Rocket)
XSManager (HKLM-x32\...\XSManager) (Version: 3.0 - XSManager)

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\Rocket Updater.job => ?

==================== Loaded Modules (whitelisted) =============

2009-02-12 07:32 - 2009-02-12 07:32 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-06-01 03:01 - 2010-06-01 03:01 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-06-23 18:51 - 2014-06-24 23:33 - 00096544 _____ () C:\Program Files (x86)\NetCrawl\bin\NetCrawl.BrowserAdapter.exe

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:268F887D
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:5C270C64
AlternateDataStreams: C:\ProgramData\Temp:5C321E34

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/25/2014 07:15:12 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/25/2014 09:36:39 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/24/2014 08:46:54 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/24/2014 08:23:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/24/2014 08:23:41 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/24/2014 07:08:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1520
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (06/24/2014 06:23:13 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/24/2014 03:07:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/23/2014 06:51:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0xd1c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (06/23/2014 03:36:22 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


System errors:
=============
Error: (06/25/2014 07:14:03 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Rezip erreicht.

Error: (06/25/2014 07:13:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update NetCrawl" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/25/2014 07:13:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Update NetCrawl erreicht.

Error: (06/24/2014 08:51:30 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (06/24/2014 08:46:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Util NetCrawl" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/24/2014 08:46:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Util NetCrawl erreicht.

Error: (06/24/2014 08:45:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update NetCrawl" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/24/2014 08:45:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Update NetCrawl erreicht.

Error: (06/24/2014 08:44:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎24.‎06.‎2014 um 20:30:51 unerwartet heruntergefahren.

Error: (06/24/2014 08:28:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office Sessions:
=========================
Error: (06/25/2014 07:15:12 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (06/25/2014 09:36:39 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (06/24/2014 08:46:54 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (06/24/2014 08:23:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (06/24/2014 08:23:41 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (06/24/2014 07:08:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b152001cf8fbb082b9ed6C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll21a3ebd3-fbc2-11e3-8f07-002454dbf6c9

Error: (06/24/2014 06:23:13 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (06/24/2014 03:07:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (06/23/2014 06:51:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141bd1c01cf8ee8ae54a8e0C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll9b8e845f-faf6-11e3-b1b7-002454dbf6c9

Error: (06/23/2014 03:36:22 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8


==================== Memory info =========================== 

Percentage of memory in use: 54%
Total physical RAM: 3946.16 MB
Available physical RAM: 1805.06 MB
Total Pagefile: 7890.51 MB
Available Pagefile: 5341.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:113 GB) (Free:33.48 GB) NTFS
Drive d: () (Fixed) (Total:164.99 GB) (Free:147.38 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
         
__________________

Alt 25.06.2014, 21:26   #4
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Scareware im Firefoxbrowser eingefangen, wie entfernen? - Standard

Scareware im Firefoxbrowser eingefangen, wie entfernen?



Zitat:
Ran by KarinAtWork (ATTENTION: The logged in user is not administrator)
Bitte führe alle unsere Tools als Administrator aus. Die MBAM-Version bitte ersetzen, daher der Download.

Schritt 1

Bitte deinstalliere folgende Programme:

Java(TM) 6 Update 45
Java 7 Update 21


Versuche es bei Windows 7 zunächst über Systemsteuerung/Programme deinstallieren.

Sollte das nicht gehen, lade Dir bitte Revo Uninstallerhier herunter. Entpacke die zip-Datei auf den Desktop.
  • Starte die Revouninstaller.exe
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den oben angegebenen Programmen und wähle sie einzeln aus.
    Klicke jedesmal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:

Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3

Malwarebytes Antimalware
  • Download-Link
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
  • Unter Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Klicke im Anschluss auf "Suchlauf", wähle den Bedrohungssuchlauf aus, aktualisiere die Datenbanken und klicke auf "Suchlauf jetzt starten".
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. (geht so...)
  • Poste mir den Inhalt der Logdatei (geht so...). Klicke dazu auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Klicke auf "In Zwischenablage kopieren" poste mir den Inhalt in Code-Tags als Antwort in den Thread.

Schritt 4
Downloade Dir HitmanProauf Deinen Desktop:

HitmanPro - 32 Bit
HitmanPro - 64 Bit
  • Starte die HitmanPro.exe
  • Klicke auf Weiter und akzeptiere die Lizenzbedingungen. Klicke auf Weiter.
  • Wähle "Nein, ich möchte nur einen Einmalscan zur Überprüfung dieses Computers ausführen" aus und klicke auf Weiter.
  • Lass am Ende des Suchlaufs alle auftretende Funde in die Quarantäne verschieben und klicke auf Weiter.
  • Wähle unten links auf der Button-Leiste Logdatei speichern und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro.
  • Poste bitte den Inhalt der HitmanPro_<Datum_Uhrzeit>.txt mit Deiner nächsten Antwort.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 26.06.2014, 20:29   #5
Ka-Rin
 
Scareware im Firefoxbrowser eingefangen, wie entfernen? - Standard

Scareware im Firefoxbrowser eingefangen, wie entfernen?



Hallo Jürgen,

so jetzt habe ich fast alle Programme durchlaufen lassen. Hier die Posts für die.

1. ADW-Cleaner Protokoll:
Code:
ATTFilter
# AdwCleaner v3.213 - Bericht erstellt am 26/06/2014 um 13:54:16
# Aktualisiert 23/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Karin - KNOTEBOOK
# Gestartet von : C:\Users\Karin\Desktop\adwcleaner_3.213.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Karin\AppData\Roaming\1H1Q
Ordner Gelöscht : C:\Users\Karin\AppData\Roaming\pdfforge
Datei Gelöscht : C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\searchplugins\bingp.xml
Datei Gelöscht : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\user.js
Datei Gelöscht : C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\user.js
Datei Gelöscht : C:\Users\KarinAtWork\AppData\Roaming\Mozilla\Firefox\Profiles\xrxbsjqz.default-1354521547828\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKLM\Software\InstallCore

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\prefs.js ]

Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://rocket-find.com/?f=1&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1[...]

[ Datei : C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\prefs.js ]

Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://rocket-find.com/?f=1&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1[...]

[ Datei : C:\Users\KarinAtWork\AppData\Roaming\Mozilla\Firefox\Profiles\xrxbsjqz.default-1354521547828\prefs.js ]


*************************

AdwCleaner[R0].txt - [6931 octets] - [26/06/2014 13:49:58]
AdwCleaner[S0].txt - [5538 octets] - [26/06/2014 13:54:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5598 octets] ##########
         


So und hier das Protokoll von mbam:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 26.06.2014
Suchlauf-Zeit: 19:12:19
Logdatei: 
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.26.07
Rootkit Datenbank: v2014.06.23.02
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Karin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 351095
Verstrichene Zeit: 26 Min, 59 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 16
PUP.Optional.NetCrawl.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update NetCrawl, In Quarantäne, [cd1d4437cdaead89b741cfc023de43bd], 
PUP.Optional.NetCrawl.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util NetCrawl, In Quarantäne, [3fab84f7423951e593655e312bd6a65a], 
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [21c9205b99e24aecc10880ffc63cc739], 
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [21c9205b99e24aecc10880ffc63cc739], 
PUP.Optional.NetCrawl.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\NetCrawl, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, HKLM\SOFTWARE\WOW6432NODE\NetCrawl, In Quarantäne, [0fdbd9a2b0cba690afdd7e2e28dade22], 
PUP.Optional.NetCrawl.A, HKU\S-1-5-21-3457901039-3679683318-3372754741-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\NetCrawl, Löschen bei Neustart, [04e6accf8af1d660315d6f3d20e20af6], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-3457901039-3679683318-3372754741-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, Löschen bei Neustart, [07e3bac13348e15505118f422cd6a060], 
PUP.Optional.RocketFind.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WSE Rocket, In Quarantäne, [6b7f2f4c3c3f50e614076149ad55936d], 

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 31
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\plugins, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\TEMP, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\newtab, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\icons, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\resources, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\favorites, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\info, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\_locales, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\_locales\en-US, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketFind.A, C:\Users\Karin\AppData\Roaming\RocketUpdater\UpdateProc, In Quarantäne, [00ea97e46b1079bdc6547634d32f55ab], 
PUP.Optional.RocketFind.A, C:\Program Files (x86)\WSE Rocket, In Quarantäne, [6b7f2f4c3c3f50e614076149ad55936d], 
PUP.Optional.RocketFind.A, C:\Program Files (x86)\WSE Rocket\bh, In Quarantäne, [6b7f2f4c3c3f50e614076149ad55936d], 

Dateien: 171
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\updateNetCrawl.exe, In Quarantäne, [cd1d4437cdaead89b741cfc023de43bd], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\utilNetCrawl.exe, In Quarantäne, [3fab84f7423951e593655e312bd6a65a], 
PUP.Optional.InstallCore, C:\Users\KarinAtWork\Downloads\Open OfficeSetup.exe, In Quarantäne, [6189522981fae056ac624b332ed63ac6], 
Adware.InstallBrain, C:\Users\KarinAtWork\Downloads\RocketPDFSetup.exe, In Quarantäne, [c426ea91e5962e08964fbb51679ae11f], 
PUP.Optional.RocketFind.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\searchplugins\WSE Rocket.xml, In Quarantäne, [c327700b1566f54141851d8eea18966a], 
PUP.Optional.RocketFind.A, C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\searchplugins\WSE Rocket.xml, In Quarantäne, [d614e596c1ba5adc5b6b763540c2ad53], 
PUP.Optional.RocketFind.A, C:\Users\KarinAtWork\AppData\Roaming\Mozilla\Firefox\Profiles\xrxbsjqz.default-1354521547828\searchplugins\WSE Rocket.xml, In Quarantäne, [46a483f8166525112d994764be444eb2], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\NetCrawl.ico, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\0, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\7za.exe, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\NetCrawlBHO.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\NetCrawlUninstall.exe, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\updateNetCrawl.InstallState, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\7za.exe, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\BrowserAdapterS.7z, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\NetCrawl.BrowserAdapter.exe, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\NetCrawl.PurBrowse.zip, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\NetCrawl.PurBrowse64.exe, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\NetCrawl.PurBrowseG.zip, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\NetCrawlBAApp.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\sqlite3.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\utilNetCrawl.InstallState, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\plugins\NetCrawl.Bromon.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\plugins\NetCrawl.BroStats.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\plugins\NetCrawl.BrowserAdapterS.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\plugins\NetCrawl.CompatibilityChecker.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\plugins\NetCrawl.FeSvc.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\plugins\NetCrawl.FFUpdate.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\plugins\NetCrawl.IEUpdate.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\plugins\NetCrawl.PurBrowse.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\plugins\NetCrawl.PurBrowseG.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\bootstrap.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\chrome.manifest, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\install.rdf, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser\background.9.5.5.jsm, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser\background.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser\browser.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser\header.9.5.5.jsm, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser\header.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser\timer.jsm, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_de.json, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_en-gb.json, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_en_us.json, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_fr.json, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_he.json, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_it.json, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_pt-br.json, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_ru.json, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_tr.json, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\crypto-js.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\jquery-2.1.0.min.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\jquery.autocomplete.min.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\jquery.balloon.min.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\jquery.fittext.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\jquery.Jcrop.min.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\jquery.simplecolorpicker.min.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\mustache.min.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\string.min.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\underscore-min.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\newtab\gallery.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\newtab\gallery.min.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\newtab\newtab.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\newtab\newtab.min.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external\foundation.min.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external\indicator.gif, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external\Jcrop.gif, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external\jquery.autocomplete.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external\jquery.Jcrop.min.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external\jquery.simplecolorpicker.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external\normalize.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\arrow-gallery-cat-selected.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\arrow.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\emptyArea.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\gallery.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\gallery_templates.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\icon-gallery-search.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\not_available_32.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\plus.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\X.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\icons\16.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\icons\32.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\icons\64.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\icons\_16.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css\buttons.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css\footer.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css\header.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css\list.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css\newtab.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css\search.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css\themes.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\ajax-loader-2.gif, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\ajax-loader-bar.gif, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\ajax-loader-medium.gif, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\ajax-loader-small.gif, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\ajax-loader.gif, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\arrow-footer.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\arrow-header.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\attachment.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\close.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\edit-button.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\icon-chrome.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\icon-edit.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\icon-layout.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\icon-plus.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\icon-theme.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\menu_v.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\menu_v_white.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\provider.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\x-button.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\arab_tile.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\batthern_@2X.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\bo_play_pattern_@2X.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\dark_wood_@2X.jpg, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\diagonal_striped_brick.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\escheresque_ste_@2X.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\gold_scale.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\purty_wood_@2X.jpg, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\readme.txt, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\starring_@2X.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\tileable_wood_texture_@2X.jpg, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\weave_@2X.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\wild_oliva_@2X.jpg, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\woven.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\resources\list.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\resources\menu.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\activetabs.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\favorites.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\layout.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\modal-fav-add.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\modal-fav-edit.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\modal-fav-group.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\readitlater.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\recentlyclosed.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\theme.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\webapps.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\bookmarks.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\download.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\downloads.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\downloas.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\extensions.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\history.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\settings.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\trash.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\favorites\empty.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\favorites\error.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\favorites\shadow.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\info\contactus.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\info\facebook.ico, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\info\rateus.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\info\twitter.ico, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\activetabs.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\favorites.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\layout.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\modal-fav-add.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\modal-fav-edit.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\modal-fav-group.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\readitlater.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\readitlater_content.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\readitlater_menu.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\recentlyclosed.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\theme.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\webapps.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\webapps_contextmenu.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\_locales\en-US\translations.dtd, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], 
PUP.Optional.RocketFind.A, C:\Users\Karin\AppData\Roaming\RocketUpdater\UpdateProc\config.dat, In Quarantäne, [00ea97e46b1079bdc6547634d32f55ab], 
PUP.Optional.RocketFind.A, C:\Users\Karin\AppData\Roaming\RocketUpdater\UpdateProc\info.dat, In Quarantäne, [00ea97e46b1079bdc6547634d32f55ab], 
PUP.Optional.RocketFind.A, C:\Program Files (x86)\WSE Rocket\FavIcon.ico, In Quarantäne, [6b7f2f4c3c3f50e614076149ad55936d], 
PUP.Optional.RocketFind.A, C:\Program Files (x86)\WSE Rocket\Sqlite3.dll, In Quarantäne, [6b7f2f4c3c3f50e614076149ad55936d], 
PUP.Optional.RocketFind.A, C:\Program Files (x86)\WSE Rocket\uninst.dat, In Quarantäne, [6b7f2f4c3c3f50e614076149ad55936d], 
PUP.Optional.RocketFind.A, C:\Program Files (x86)\WSE Rocket\uninstall.exe, In Quarantäne, [6b7f2f4c3c3f50e614076149ad55936d], 

Physische Sektoren: 0
(No malicious items detected)


(end)
         
Die Datei von Hitman folgt.

Hallo nochmal
So, hier ist das HitmanPro-protokoll.

Code:
ATTFilter
Code:
ATTFilter
HitmanPro 3.7.9.219
www.hitmanpro.com

   Computer name . . . . : KNOTEBOOK
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : KNotebook\Karin
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2014-06-26 20:08:15
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 6m 47s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 2
   Traces  . . . . . . . : 97

   Objects scanned . . . : 1.667.301
   Files scanned . . . . : 39.440
   Remnants scanned  . . : 418.221 files / 1.209.640 keys

Malware _____________________________________________________________________

   C:\Users\KarinAtWork\Downloads\Gus_Gus-Sweetsmoke_mp3_downloader_98975.exe
      Size . . . . . . . : 4.127.152 bytes
      Age  . . . . . . . : 650.1 days (2012-09-14 18:37:28)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : 3D847C3026026E19B31A9DD2A0B0FBD7D6A86478C49459526D608A34E5C1203A
      Product  . . . . . : YourFile Downloader
      Publisher  . . . . : hxxp://yourfiledownloader.com
      Description  . . . : YourFile Downloader
      Version  . . . . . : 1.0.0
      RSA Key Size . . . : 2048
      LanguageID . . . . : 0
      Authenticode . . . : Valid
    > Bitdefender  . . . : Trojan.Generic.10167851
      Fuzzy  . . . . . . : 101.0


Suspicious files ____________________________________________________________

   C:\Users\Karin\Desktop\FRST64.exe
      Size . . . . . . . : 2.082.816 bytes
      Age  . . . . . . . : 0.3 days (2014-06-26 13:38:13)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 38E98591B43399431CF250986E616730F342BE74F82C4B5E872F2B67A4D17290
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\Karin\Downloads\FRST.exe
      Size . . . . . . . : 1.073.152 bytes
      Age  . . . . . . . : 0.3 days (2014-06-26 13:37:42)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : 4719D377C2C6FA3E8D8944E877997E664508FFF75BE40A84A57E221B7D5F832D
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\KarinAtWork\Desktop\FRST64.exe
      Size . . . . . . . : 2.082.816 bytes
      Age  . . . . . . . : 1.0 days (2014-06-25 19:19:20)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 38E98591B43399431CF250986E616730F342BE74F82C4B5E872F2B67A4D17290
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.


Malware remnants ____________________________________________________________

   HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}\ (Jotzey)

Potential Unwanted Programs _________________________________________________

   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026} (Iminent)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} (Iminent)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} (Iminent)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026} (Iminent)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} (Iminent)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} (Iminent)
   HKU\S-1-5-21-3457901039-3679683318-3372754741-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectNewTabPageShow (22Find)
   HKU\S-1-5-21-3457901039-3679683318-3372754741-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectShowTabsWelcome (22Find)
   HKU\S-1-5-21-3457901039-3679683318-3372754741-1001\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectNewTabPageShow (22Find)
   HKU\S-1-5-21-3457901039-3679683318-3372754741-1001\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectShowTabsWelcome (22Find)
   HKU\S-1-5-21-3457901039-3679683318-3372754741-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} (AskBar)
   HKU\S-1-5-21-3457901039-3679683318-3372754741-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Iminent\ (Iminent)
   HKU\S-1-5-21-3457901039-3679683318-3372754741-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} (AskBar)

Cookies _____________________________________________________________________

   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ad.360yield.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ad.ad-srv.net
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ad.adnet.de
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ad.adserver01.de
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ad.auditude.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ad.dyntracker.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ad.dyntracker.de
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ad.movad.net
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ad.yieldmanager.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ad.zanox.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ads.adbooth.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ads.adsrvmedia.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ads.boom.es
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ads.carpooling.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ads.creative-serving.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ads.e-planning.net
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ads.efm.de
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ads.escinteractive.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ads.p161.net
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ads.pubmatic.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ads.smartstream.tv
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ads.stickyadstv.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ads.yahoo.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:adserver.adreactor.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:adtech.de
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:adtechus.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:advertising.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:apmebf.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:at.atwola.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:atdmt.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:beiersdorf.122.2o7.net
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:bs.serving-sys.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:burstnet.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:c.atdmt.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:c1.atdmt.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:casalemedia.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:collective-media.net
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:de.sitestat.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:doubleclick.net
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:eas.apm.emediate.eu
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:emjcd.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ero-advertising.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:exoclick.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:fastclick.net
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:media6degrees.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:mediaplex.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:microsoftsto.112.2o7.net
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:pool-eu-ie.creative-serving.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:questionmarket.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:revsci.net
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ru4.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:serving-sys.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:smartadserver.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:statcounter.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:track.adform.net
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:tradedoubler.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:tribalfusion.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:weborama.fr
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:ww251.smartadserver.com
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:www.etracker.de
   C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\cookies.sqlite:xiti.com
   C:\Users\Karin\AppData\Roaming\Microsoft\Windows\Cookies\5J30U8ZF.txt
   C:\Users\Karin\AppData\Roaming\Microsoft\Windows\Cookies\LYPKJ4YF.txt
   C:\Users\Karin\AppData\Roaming\Microsoft\Windows\Cookies\U4LT2H6K.txt
   C:\Users\Karin\AppData\Roaming\Microsoft\Windows\Cookies\VN5DYND1.txt
   C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\cookies.sqlite:ad.360yield.com
   C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\cookies.sqlite:ad.ad-srv.net
   C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\cookies.sqlite:ad.movad.net
   C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\cookies.sqlite:ad.zanox.com
   C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\cookies.sqlite:ads.yahoo.com
   C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\cookies.sqlite:bs.serving-sys.com
   C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\cookies.sqlite:de.sitestat.com
   C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\cookies.sqlite:media6degrees.com
   C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\cookies.sqlite:oracle.112.2o7.net
   C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\cookies.sqlite:revsci.net
   C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\cookies.sqlite:serving-sys.com
   C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\cookies.sqlite:statcounter.com
   C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\cookies.sqlite:track.adform.net
   C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\cookies.sqlite:xiti.com
         
Leider konnte ich die Funde nicht in die Quarantäne schieben, nur mit einer Registrierung war eine Anwendung möglich.

Grüße,
Karin


Alt 26.06.2014, 20:31   #6
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Scareware im Firefoxbrowser eingefangen, wie entfernen? - Standard

Scareware im Firefoxbrowser eingefangen, wie entfernen?



OK...

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt 2



Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?
__________________
--> Scareware im Firefoxbrowser eingefangen, wie entfernen?

Alt 28.06.2014, 08:19   #7
Ka-Rin
 
Scareware im Firefoxbrowser eingefangen, wie entfernen? - Standard

Scareware im Firefoxbrowser eingefangen, wie entfernen?



So nun bin ich etwas weiter.

Hier die Logfiles.

1. ESET_Logfile
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=f611f905e9194d4993afdb1ea9434bde
# engine=18914
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-06-27 10:00:46
# local_time=2014-06-28 12:00:46 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 58339 148409220 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 58198 155536296 0 0
# scanned=207734
# found=15
# cleaned=0
# scan_time=47158
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Karin\AppData\Roaming\1H1Q\Open Office Packages\uninstaller.exe.vir"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll"
sh=1A3F14C0A66F9AF050D1F34FBACBAADC31751A07 ft=1 fh=2704a03a0f47b728 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe"
sh=4B553651EF610C0614F8393D6C25ABA0A8F09ECA ft=1 fh=92ef1bb072edf568 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\Offercast_AVIRAV7_.exe"
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Karin\AppData\Local\Temp\is1597349865\22458699_stp\uninstaller.exe"
sh=EA91A7B4AB2DE640BBDAE944E5F91E6C479DCDDF ft=1 fh=9996c0ea4bfd5a76 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Users\Karin\Downloads\avira_free_antivirus_de.exe"
sh=0719A92D1474FE02518BADD58AF02FC0078E1D7F ft=1 fh=e4cf1a90b6fab410 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Karin\Downloads\PDFCreator-1_4_0_setup.exe"
sh=FF6BF8FE278AC42A986EBC814CF9077636376408 ft=1 fh=e2e9960512171a5a vn="Variante von Win32/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\KarinAtWork\Downloads\apache-openoffice.exe"
sh=08BF6F871199BCDB95F0361EC920DF406BD3597A ft=1 fh=c0776f02905eb6da vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Users\KarinAtWork\Downloads\avira_free_antivirus_de.exe"
sh=9E662DA1E1D9D2162F6E351FED9DF3485F7F0DAC ft=1 fh=518aa4667562cc92 vn="Variante von Win32/YourFileDownloader evtl. unerwünschte Anwendung" ac=I fn="C:\Users\KarinAtWork\Downloads\Gus_Gus-Sweetsmoke_mp3_downloader_98975.exe"
sh=9434866971DD357600C9F2B1E31B7893C3A070F0 ft=1 fh=4f14aeb246e47811 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\KarinAtWork\Downloads\PDFCreator-1_7_1_setup.exe"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\ApnIC[1].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\ApnIC[1].0"
         
2. FRST_Scan
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 01
Ran by Karin at 2014-06-28 09:09:50
Running from C:\Users\Karin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Atheros Client Installation Program (HKLM-x32\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{F8FEEFC0-D7D6-9A40-28E9-1E7A6716E803}) (Version: 3.0.774.0 - ATI Technologies, Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2006397056.48.56.3935466 - Audible, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
BatteryLifeExtender (HKLM-x32\...\{08B67A13-8501-48CB-B747-9D413BDC4594}) (Version: 1.0.3 - Samsung)
Bonbon Quest (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111768557}) (Version:  - Oberon Media)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.44 - Broadcom Corporation)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version:  - Oberon Media)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon MG5100 series Benutzerregistrierung (HKLM-x32\...\Canon MG5100 series Benutzerregistrierung) (Version:  - )
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0504.2152.37420 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help English (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help French (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help German (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
ccc-utility64 (Version: 2010.0504.2152.37420 - ATI) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3717 - CDBurnerXP)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3911 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.3911 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2BC398D2-11C8-43B1-AB84-675D33EB28C2}) (Version:  - Microsoft)
Designer 2.0 (HKLM-x32\...\Designer 2.0_is1) (Version: 7.9.4 - Fomanu AG)
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0.0.13 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.1 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{F771F1D4-EDD4-4D68-82DC-811583C099CD}) (Version: 4.3.1 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.0.11 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
EasyFileShare (HKLM-x32\...\{C4582EED-A3FB-4358-8F3F-8C994460DF28}) (Version: 1.0.3 - Samsung)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ETDWare PS/2-x64 7.0.7.0_WHQL (HKLM\...\Elantech) (Version: 7.0.7.0 - ELAN Microelectronics Corp.)
Flip Words (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110109903}) (Version:  - Oberon Media)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Game Pack (HKLM-x32\...\{D1F6FBBB-B204-459A-9BF8-D06FFAB96CCC}_is1) (Version: 6.3.1.1 - Oberon Media, Inc.)
Gem Shop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110521483}) (Version:  - Oberon Media)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Inkscape 0.48.3.1 (HKLM-x32\...\Inkscape) (Version: 0.48.3.1 - )
Insaniquarium Deluxe (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110245793}) (Version:  - Oberon Media)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Mahjong Escape Ancient China (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version:  - Oberon Media)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.6 (x86 de)) (Version: 17.0.6 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.13580 - Symantec Corporation)
Open Office Packages (HKCU\...\Open Office Packages) (Version:  - ) <==== ATTENTION
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Architect (HKLM-x32\...\{86D8A96B-1911-4C3F-AA16-0B47E053E492}) (Version: 1.2.97.14551 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{0F796312-289C-40CA-856C-9FBCF5E83342}) (Version: 0133.09.1202 - REALTEK Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Rocket (HKCU\...\Rocket) (Version: 31.0.1650.23 - Rocket)
Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.0.2 - Samsung)
Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Secunia PSI (3.0.0.7009) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7009 - Secunia)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110160733}) (Version:  - Oberon Media)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SuperMailer 8.01 (HKLM-x32\...\Newsletter Software SuperMailer_is1) (Version: 8.01 - Mirko Boeer Softwareentwicklungen)
Two Worlds II (HKLM-x32\...\Two Worlds II) (Version: 1.0.0 - )
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{968E82F6-FAF7-45E0-BCC0-EF8AA31A4EB3}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1FB43AFB-8112-41B9-B9A6-A43474F46123}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{071A9ED9-C72F-4CDA-9A88-F100C5EF9EE1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{3365FE58-896F-45DE-8051-E48F6D8069FD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{A2D4D766-14AE-46CA-BD99-801FB1523626}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUSR_{FE13BE31-2B5B-4D4E-8538-B3BB9B370C66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8093.805 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
XSManager (HKLM-x32\...\XSManager) (Version: 3.0 - XSManager)

==================== Restore Points  =========================

20-06-2014 06:51:31 Windows Update
23-06-2014 13:23:20 Installed OpenOffice 4.0.1
25-06-2014 07:42:08 Windows Update
26-06-2014 11:45:28 Removed Java(TM) 6 Update 45
26-06-2014 11:46:55 Removed Java 7 Update 21
26-06-2014 19:24:57 Prüfpunkt von HitmanPro

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {09BC1C1F-B209-4357-AAE3-7A4805D83BFC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {33358644-D61B-420D-978B-86EEE4CACE31} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {75E1B6AA-7B51-4FAC-8029-38C519695459} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {80B1E869-75CC-4B6E-A76D-54C29A7FB47D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-17] (Adobe Systems Incorporated)
Task: {8813E5D3-87AE-4768-B14F-387BD05ACF8D} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2010-05-06] (SAMSUNG Electronics)
Task: {B3038D87-CE94-422A-9FDC-9D893BB5CEE3} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {B5FFC2F7-CB63-449C-BCA4-615C3BFB12EB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {C0DFC50F-2830-48FF-A5DC-C204BCC9458D} - System32\Tasks\Rocket Updater => C:\Users\Karin\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {CD819A81-4C92-4F0E-9242-D3431D89ACF4} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-05-06] (Samsung Electronics)
Task: {D7124D21-9D3D-430E-9095-5CA5C98AB530} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-04-17] (Samsung Electronics. Co. Ltd.)
Task: {D774F9DD-6A0C-478D-A6E1-DF1734E28C67} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
Task: {E9724AB6-2D4D-4469-8374-1B9051E15A99} - System32\Tasks\{02FB5D97-BB17-41C4-8F09-D60FAA38A572} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.7.0.102/en/abandoninstall?page=tsProgressBar
Task: {F56B76B9-95E0-47F8-8A07-72DDB540B015} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-04-07] (Samsung Electronics Co., Ltd.)
Task: {F9CE13F9-8BA6-4A7A-9512-FC0F318C1BB5} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-03-29] (SAMSUNG Electronics co., LTD.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Rocket Updater.job => C:\Users\Karin\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2012-12-14 09:12 - 2010-06-17 22:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2010-06-01 03:04 - 2009-03-05 11:54 - 00311296 _____ () C:\Windows\SysWOW64\Rezip.exe
2012-06-27 20:28 - 2009-06-22 16:13 - 00304592 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2009-02-12 07:32 - 2009-02-12 07:32 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-06-01 03:01 - 2010-06-01 03:01 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-06-01 03:09 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:268F887D
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:5C270C64
AlternateDataStreams: C:\ProgramData\Temp:5C321E34

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/28/2014 09:05:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2014 10:51:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2014 10:51:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2014 10:51:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2014 10:51:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/26/2014 10:10:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/26/2014 09:25:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Util NetCrawl since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (06/26/2014 09:25:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Update NetCrawl since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (06/26/2014 06:30:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x10e4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (06/25/2014 10:06:28 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


System errors:
=============
Error: (06/27/2014 10:45:52 AM) (Source: DCOM) (EventID: 10016) (User: KNotebook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}KNotebookGastS-1-5-21-3457901039-3679683318-3372754741-501LocalHost (unter Verwendung von LRPC)

Error: (06/27/2014 10:32:35 AM) (Source: DCOM) (EventID: 10016) (User: KNotebook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}KNotebookGastS-1-5-21-3457901039-3679683318-3372754741-501LocalHost (unter Verwendung von LRPC)

Error: (06/27/2014 09:44:05 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Rezip erreicht.

Error: (06/27/2014 09:43:13 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet.

Error: (06/27/2014 07:44:41 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Rezip erreicht.

Error: (06/27/2014 07:43:54 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet.

Error: (06/26/2014 10:09:27 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Rezip erreicht.

Error: (06/26/2014 07:03:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Util NetCrawl" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/26/2014 07:03:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Util NetCrawl erreicht.

Error: (06/26/2014 07:03:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update NetCrawl" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================
Error: (06/28/2014 09:05:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (06/27/2014 10:51:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe

Error: (06/27/2014 10:51:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe

Error: (06/27/2014 10:51:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe

Error: (06/27/2014 10:51:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe

Error: (06/26/2014 10:10:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (06/26/2014 09:25:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Util NetCrawl since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (06/26/2014 09:25:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Update NetCrawl since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (06/26/2014 06:30:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b10e401cf91365482d319C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll28b89367-fd4f-11e3-8e71-002454dbf6c9

Error: (06/25/2014 10:06:28 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8


==================== Memory info =========================== 

Percentage of memory in use: 52%
Total physical RAM: 3946.16 MB
Available physical RAM: 1881.37 MB
Total Pagefile: 7890.51 MB
Available Pagefile: 5132.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:113 GB) (Free:32.99 GB) NTFS
Drive d: () (Fixed) (Total:164.99 GB) (Free:147.38 GB) NTFS
Drive f: (KINGSTON) (Removable) (Total:7.38 GB) (Free:5.56 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 4394EB81)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=113 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=165 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7 GB) - (Type=0B)

==================== End Of Log ============================
         
Addition_Scan:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 01
Ran by Karin at 2014-06-28 09:24:17
Running from C:\Users\Karin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Atheros Client Installation Program (HKLM-x32\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{F8FEEFC0-D7D6-9A40-28E9-1E7A6716E803}) (Version: 3.0.774.0 - ATI Technologies, Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2006397056.48.56.3935466 - Audible, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
BatteryLifeExtender (HKLM-x32\...\{08B67A13-8501-48CB-B747-9D413BDC4594}) (Version: 1.0.3 - Samsung)
Bonbon Quest (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111768557}) (Version:  - Oberon Media)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.44 - Broadcom Corporation)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version:  - Oberon Media)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon MG5100 series Benutzerregistrierung (HKLM-x32\...\Canon MG5100 series Benutzerregistrierung) (Version:  - )
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0504.2152.37420 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help English (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help French (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help German (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
ccc-utility64 (Version: 2010.0504.2152.37420 - ATI) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3717 - CDBurnerXP)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3911 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.3911 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2BC398D2-11C8-43B1-AB84-675D33EB28C2}) (Version:  - Microsoft)
Designer 2.0 (HKLM-x32\...\Designer 2.0_is1) (Version: 7.9.4 - Fomanu AG)
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0.0.13 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.1 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{F771F1D4-EDD4-4D68-82DC-811583C099CD}) (Version: 4.3.1 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.0.11 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
EasyFileShare (HKLM-x32\...\{C4582EED-A3FB-4358-8F3F-8C994460DF28}) (Version: 1.0.3 - Samsung)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ETDWare PS/2-x64 7.0.7.0_WHQL (HKLM\...\Elantech) (Version: 7.0.7.0 - ELAN Microelectronics Corp.)
Flip Words (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110109903}) (Version:  - Oberon Media)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Game Pack (HKLM-x32\...\{D1F6FBBB-B204-459A-9BF8-D06FFAB96CCC}_is1) (Version: 6.3.1.1 - Oberon Media, Inc.)
Gem Shop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110521483}) (Version:  - Oberon Media)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Inkscape 0.48.3.1 (HKLM-x32\...\Inkscape) (Version: 0.48.3.1 - )
Insaniquarium Deluxe (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110245793}) (Version:  - Oberon Media)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Mahjong Escape Ancient China (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version:  - Oberon Media)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.6 (x86 de)) (Version: 17.0.6 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.13580 - Symantec Corporation)
Open Office Packages (HKCU\...\Open Office Packages) (Version:  - ) <==== ATTENTION
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Architect (HKLM-x32\...\{86D8A96B-1911-4C3F-AA16-0B47E053E492}) (Version: 1.2.97.14551 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{0F796312-289C-40CA-856C-9FBCF5E83342}) (Version: 0133.09.1202 - REALTEK Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Rocket (HKCU\...\Rocket) (Version: 31.0.1650.23 - Rocket)
Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.0.2 - Samsung)
Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Secunia PSI (3.0.0.7009) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7009 - Secunia)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110160733}) (Version:  - Oberon Media)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SuperMailer 8.01 (HKLM-x32\...\Newsletter Software SuperMailer_is1) (Version: 8.01 - Mirko Boeer Softwareentwicklungen)
Two Worlds II (HKLM-x32\...\Two Worlds II) (Version: 1.0.0 - )
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{968E82F6-FAF7-45E0-BCC0-EF8AA31A4EB3}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1FB43AFB-8112-41B9-B9A6-A43474F46123}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{071A9ED9-C72F-4CDA-9A88-F100C5EF9EE1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{3365FE58-896F-45DE-8051-E48F6D8069FD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{A2D4D766-14AE-46CA-BD99-801FB1523626}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUSR_{FE13BE31-2B5B-4D4E-8538-B3BB9B370C66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8093.805 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
XSManager (HKLM-x32\...\XSManager) (Version: 3.0 - XSManager)

==================== Restore Points  =========================

20-06-2014 06:51:31 Windows Update
23-06-2014 13:23:20 Installed OpenOffice 4.0.1
25-06-2014 07:42:08 Windows Update
26-06-2014 11:45:28 Removed Java(TM) 6 Update 45
26-06-2014 11:46:55 Removed Java 7 Update 21
26-06-2014 19:24:57 Prüfpunkt von HitmanPro

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {09BC1C1F-B209-4357-AAE3-7A4805D83BFC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {33358644-D61B-420D-978B-86EEE4CACE31} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {75E1B6AA-7B51-4FAC-8029-38C519695459} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {80B1E869-75CC-4B6E-A76D-54C29A7FB47D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-17] (Adobe Systems Incorporated)
Task: {8813E5D3-87AE-4768-B14F-387BD05ACF8D} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2010-05-06] (SAMSUNG Electronics)
Task: {B3038D87-CE94-422A-9FDC-9D893BB5CEE3} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {B5FFC2F7-CB63-449C-BCA4-615C3BFB12EB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {C0DFC50F-2830-48FF-A5DC-C204BCC9458D} - System32\Tasks\Rocket Updater => C:\Users\Karin\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {CD819A81-4C92-4F0E-9242-D3431D89ACF4} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-05-06] (Samsung Electronics)
Task: {D7124D21-9D3D-430E-9095-5CA5C98AB530} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-04-17] (Samsung Electronics. Co. Ltd.)
Task: {D774F9DD-6A0C-478D-A6E1-DF1734E28C67} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
Task: {E9724AB6-2D4D-4469-8374-1B9051E15A99} - System32\Tasks\{02FB5D97-BB17-41C4-8F09-D60FAA38A572} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.7.0.102/en/abandoninstall?page=tsProgressBar
Task: {F56B76B9-95E0-47F8-8A07-72DDB540B015} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-04-07] (Samsung Electronics Co., Ltd.)
Task: {F9CE13F9-8BA6-4A7A-9512-FC0F318C1BB5} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-03-29] (SAMSUNG Electronics co., LTD.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Rocket Updater.job => C:\Users\Karin\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2012-12-14 09:12 - 2010-06-17 22:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2010-06-01 03:04 - 2009-03-05 11:54 - 00311296 _____ () C:\Windows\SysWOW64\Rezip.exe
2012-06-27 20:28 - 2009-06-22 16:13 - 00304592 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2009-02-12 07:32 - 2009-02-12 07:32 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-06-01 03:01 - 2010-06-01 03:01 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-06-01 03:09 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2014-06-27 10:52 - 2014-05-23 10:56 - 00119184 _____ () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:268F887D
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:5C270C64
AlternateDataStreams: C:\ProgramData\Temp:5C321E34

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/28/2014 09:05:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2014 10:51:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2014 10:51:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2014 10:51:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2014 10:51:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/26/2014 10:10:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/26/2014 09:25:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Util NetCrawl since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (06/26/2014 09:25:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Update NetCrawl since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (06/26/2014 06:30:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x10e4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (06/25/2014 10:06:28 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


System errors:
=============
Error: (06/28/2014 09:13:00 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (06/28/2014 09:13:00 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (06/28/2014 09:12:23 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (06/27/2014 10:45:52 AM) (Source: DCOM) (EventID: 10016) (User: KNotebook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}KNotebookGastS-1-5-21-3457901039-3679683318-3372754741-501LocalHost (unter Verwendung von LRPC)

Error: (06/27/2014 10:32:35 AM) (Source: DCOM) (EventID: 10016) (User: KNotebook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}KNotebookGastS-1-5-21-3457901039-3679683318-3372754741-501LocalHost (unter Verwendung von LRPC)

Error: (06/27/2014 09:44:05 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Rezip erreicht.

Error: (06/27/2014 09:43:13 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet.

Error: (06/27/2014 07:44:41 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Rezip erreicht.

Error: (06/27/2014 07:43:54 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet.

Error: (06/26/2014 10:09:27 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Rezip erreicht.


Microsoft Office Sessions:
=========================
Error: (06/28/2014 09:05:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (06/27/2014 10:51:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe

Error: (06/27/2014 10:51:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe

Error: (06/27/2014 10:51:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe

Error: (06/27/2014 10:51:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe

Error: (06/26/2014 10:10:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (06/26/2014 09:25:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Util NetCrawl since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (06/26/2014 09:25:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Update NetCrawl since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (06/26/2014 06:30:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b10e401cf91365482d319C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll28b89367-fd4f-11e3-8e71-002454dbf6c9

Error: (06/25/2014 10:06:28 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8


==================== Memory info =========================== 

Percentage of memory in use: 48%
Total physical RAM: 3946.16 MB
Available physical RAM: 2035.3 MB
Total Pagefile: 7890.51 MB
Available Pagefile: 5267.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:113 GB) (Free:33.14 GB) NTFS
Drive d: () (Fixed) (Total:164.99 GB) (Free:147.38 GB) NTFS
Drive f: (KINGSTON) (Removable) (Total:7.38 GB) (Free:5.56 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 4394EB81)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=113 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=165 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7 GB) - (Type=0B)

==================== End Of Log ============================
         

Geändert von Ka-Rin (28.06.2014 um 08:27 Uhr)

Alt 28.06.2014, 12:25   #8
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Scareware im Firefoxbrowser eingefangen, wie entfernen? - Standard

Scareware im Firefoxbrowser eingefangen, wie entfernen?



Hi,
bitte poste mir die richtigen Logs. Du hast zweimal die Addition.txt gepostet.
Außerdem benötige ich noch eine Antwort auf meine Frage....

Danke
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 28.06.2014, 22:42   #9
Ka-Rin
 
Scareware im Firefoxbrowser eingefangen, wie entfernen? - Standard

Scareware im Firefoxbrowser eingefangen, wie entfernen?



Oops, sorry.
Da ist mir ein Fehler unterlaufen. Hier nochmal die richtigen files.

FRST.txt:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 01
Ran by Karin (administrator) on KNOTEBOOK on 28-06-2014 23:36:35
Running from C:\Users\Karin\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
() C:\Windows\SysWOW64\Rezip.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\XSManager\WTGService.exe
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_13_0_0_214_ActiveX.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [2703752 2010-03-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NortonOnlineBackup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1112920 2010-03-05] (Symantec Corporation)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [157456 2009-05-14] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
HKU\S-1-5-21-3457901039-3679683318-3372754741-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\KarinAtWork\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Karin\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir=
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir=
SearchScopes: HKCU - {67F66D86-F250-40BB-8CAF-38BD065D72D3} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{24DB843F-333B-4F22-8094-8E06240D8CCB}: [NameServer]62.134.11.4 195.182.110.132

FireFox:
========
FF ProfilePath: C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default
FF DefaultSearchEngine: WSE Rocket
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: WSE Rocket
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=061513&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017325.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-05-26]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2782552 2010-03-05] (Symantec Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1335344 2014-01-23] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [856112 2014-01-23] (pdfforge GmbH)
R2 Rezip; C:\Windows\SysWOW64\Rezip.exe [311296 2009-03-05] () [File not signed]
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [304592 2009-06-22] ()
R2 XS Stick Service; C:\Windows\service4g.exe [125200 2009-05-14] (4G Systems GmbH & Co. KG)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-30] (Avira Operations GmbH & Co. KG)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2012-06-27] (Mobile Connector)
S3 cmnsusbser; C:\Windows\SysWOW64\DRIVERS\cmnsusbser.sys [117888 2008-10-31] (Mobile Connector)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-10-13] (Windows (R) 2003 DDK 3790 provider)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
R1 {57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64; C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys [61112 2014-06-13] (StdLib)
R1 {57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64; C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys [61112 2014-06-13] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-28 23:35 - 2014-06-28 23:35 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-28 09:07 - 2014-06-28 09:07 - 00000000 ____D () C:\Users\Karin\Desktop\FRST-OlderVersion
2014-06-27 10:51 - 2014-06-27 10:51 - 02347384 _____ (ESET) C:\Users\Karin\Downloads\esetsmartinstaller_deu.exe
2014-06-26 21:23 - 2014-06-26 21:23 - 00029396 _____ () C:\Users\Karin\Desktop\HitmanPro_20140626_2123.log
2014-06-26 20:07 - 2014-06-26 21:50 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-06-26 19:11 - 2014-06-28 09:02 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-26 19:11 - 2014-06-26 19:11 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-26 19:11 - 2014-06-26 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-26 19:11 - 2014-06-26 19:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-26 19:11 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-26 19:11 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-26 19:11 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-26 17:41 - 2014-06-26 17:41 - 00000000 __SHD () C:\Users\Karin\AppData\Local\EmieUserList
2014-06-26 17:41 - 2014-06-26 17:41 - 00000000 __SHD () C:\Users\Karin\AppData\Local\EmieSiteList
2014-06-26 14:02 - 2014-06-26 14:02 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Karin\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-26 13:58 - 2014-06-26 13:58 - 00005706 _____ () C:\Users\Karin\Desktop\AdwCleaner[S0].txt
2014-06-26 13:57 - 2014-06-13 13:36 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys
2014-06-26 13:49 - 2014-06-26 13:54 - 00000000 ____D () C:\AdwCleaner
2014-06-26 13:48 - 2014-06-26 13:48 - 01342659 _____ () C:\Users\Karin\Desktop\adwcleaner_3.213.exe
2014-06-26 13:40 - 2014-06-28 23:37 - 00017586 _____ () C:\Users\Karin\Desktop\FRST.txt
2014-06-26 13:38 - 2014-06-28 09:07 - 02083328 _____ (Farbar) C:\Users\Karin\Desktop\FRST64.exe
2014-06-26 13:38 - 2014-06-26 13:42 - 00049259 _____ () C:\Users\Karin\Downloads\FRST.txt
2014-06-26 13:37 - 2014-06-26 13:37 - 01073152 _____ (Farbar) C:\Users\Karin\Downloads\FRST.exe
2014-06-26 00:55 - 2014-06-26 00:55 - 00000996 _____ () C:\Users\Karin\Desktop\SuperMailer.lnk
2014-06-26 00:55 - 2014-06-26 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperMailer
2014-06-26 00:55 - 2014-06-26 00:55 - 00000000 ____D () C:\Program Files (x86)\SuperMailer
2014-06-26 00:54 - 2014-06-26 00:54 - 23981547 _____ () C:\Users\Gast\Downloads\smsw(1).zip
2014-06-25 19:19 - 2014-06-28 23:36 - 00000000 ____D () C:\FRST
2014-06-25 19:19 - 2014-06-25 19:19 - 02082816 _____ (Farbar) C:\Users\KarinAtWork\Desktop\FRST64.exe
2014-06-24 19:09 - 2014-06-13 13:36 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys
2014-06-23 20:29 - 2014-06-23 20:29 - 00002269 _____ () C:\Users\KarinAtWork\Documents\New Database.odb
2014-06-23 18:47 - 2014-06-23 18:47 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\OpenOffice
2014-06-23 15:26 - 2014-06-23 15:26 - 00001112 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-06-23 15:26 - 2014-06-23 15:26 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-06-23 15:25 - 2014-06-23 15:25 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-23 15:24 - 2014-06-23 15:24 - 00002230 _____ () C:\Users\Karin\Desktop\Rocket.lnk
2014-06-23 15:24 - 2014-06-23 15:24 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rocket
2014-06-23 15:23 - 2014-06-23 15:24 - 00000000 ____D () C:\Users\Karin\AppData\Local\Rocket
2014-06-23 15:22 - 2014-06-28 16:22 - 00000292 _____ () C:\Windows\Tasks\Rocket Updater.job
2014-06-23 15:22 - 2014-06-26 20:01 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\RocketUpdater
2014-06-23 15:22 - 2014-06-23 15:23 - 00003234 _____ () C:\Windows\System32\Tasks\Rocket Updater
2014-06-23 15:16 - 2014-06-23 15:16 - 00469576 _____ () C:\Users\KarinAtWork\Downloads\apache-openoffice.exe
2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieUserList
2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieSiteList
2014-06-19 22:38 - 2014-06-23 04:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 13:02 - 2014-06-18 13:02 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Malwarebytes
2014-06-11 13:03 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 13:03 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 13:03 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 13:03 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 13:03 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 13:03 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 13:03 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 13:03 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 13:03 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 13:03 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 13:03 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 13:03 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 13:03 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 13:03 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 13:03 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 13:03 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 13:03 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 13:03 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 13:03 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 13:03 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 13:03 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 13:03 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 13:03 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 13:03 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 13:03 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 13:03 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 13:03 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 13:03 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 13:03 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 13:03 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 13:03 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 13:03 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 13:03 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 13:03 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 13:03 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 13:03 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 13:03 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 13:03 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 13:03 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 13:03 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 13:03 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 13:03 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 13:03 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 13:03 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 13:03 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 13:03 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 13:03 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 13:03 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 13:03 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 13:03 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 13:03 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 13:03 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 13:03 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 13:03 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 13:03 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 13:03 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 13:03 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 13:03 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 13:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 13:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 13:03 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 13:03 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 13:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 13:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

==================== One Month Modified Files and Folders =======

2014-06-28 23:37 - 2014-06-26 13:40 - 00017586 _____ () C:\Users\Karin\Desktop\FRST.txt
2014-06-28 23:36 - 2014-06-25 19:19 - 00000000 ____D () C:\FRST
2014-06-28 23:35 - 2014-06-28 23:35 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-28 23:33 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-28 23:33 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-28 23:32 - 2013-07-16 22:49 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\Skype
2014-06-28 23:32 - 2013-05-20 23:11 - 00000000 ___RD () C:\Users\KarinAtWork\Dropbox
2014-06-28 23:29 - 2010-06-01 03:03 - 01567666 _____ () C:\Windows\WindowsUpdate.log
2014-06-28 23:28 - 2013-05-24 19:17 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8882FE08-554D-4D95-8483-6E4F45ADC1B3}
2014-06-28 23:27 - 2014-05-26 12:40 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\DropboxMaster
2014-06-28 23:27 - 2013-05-20 23:06 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\Dropbox
2014-06-28 23:24 - 2013-05-20 23:36 - 00021120 _____ () C:\Windows\setupact.log
2014-06-28 23:24 - 2012-06-30 10:04 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-06-28 23:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-28 16:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-06-28 16:40 - 2013-05-05 00:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-28 16:22 - 2014-06-23 15:22 - 00000292 _____ () C:\Windows\Tasks\Rocket Updater.job
2014-06-28 15:59 - 2013-05-28 07:14 - 00282048 _____ () C:\Windows\PFRO.log
2014-06-28 09:07 - 2014-06-28 09:07 - 00000000 ____D () C:\Users\Karin\Desktop\FRST-OlderVersion
2014-06-28 09:07 - 2014-06-26 13:38 - 02083328 _____ (Farbar) C:\Users\Karin\Desktop\FRST64.exe
2014-06-28 09:02 - 2014-06-26 19:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-27 10:51 - 2014-06-27 10:51 - 02347384 _____ (ESET) C:\Users\Karin\Downloads\esetsmartinstaller_deu.exe
2014-06-27 10:51 - 2010-06-01 19:30 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-06-27 10:51 - 2010-06-01 19:30 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-06-27 10:51 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-26 21:50 - 2014-06-26 20:07 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-06-26 21:23 - 2014-06-26 21:23 - 00029396 _____ () C:\Users\Karin\Desktop\HitmanPro_20140626_2123.log
2014-06-26 20:01 - 2014-06-23 15:22 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\RocketUpdater
2014-06-26 19:11 - 2014-06-26 19:11 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-26 19:11 - 2014-06-26 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-26 19:11 - 2014-06-26 19:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-26 18:46 - 2009-07-14 04:34 - 00000612 _____ () C:\Windows\win.ini
2014-06-26 17:41 - 2014-06-26 17:41 - 00000000 __SHD () C:\Users\Karin\AppData\Local\EmieUserList
2014-06-26 17:41 - 2014-06-26 17:41 - 00000000 __SHD () C:\Users\Karin\AppData\Local\EmieSiteList
2014-06-26 14:03 - 2012-05-01 13:04 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\Malwarebytes
2014-06-26 14:03 - 2012-05-01 13:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-26 14:02 - 2014-06-26 14:02 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Karin\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-26 13:58 - 2014-06-26 13:58 - 00005706 _____ () C:\Users\Karin\Desktop\AdwCleaner[S0].txt
2014-06-26 13:54 - 2014-06-26 13:49 - 00000000 ____D () C:\AdwCleaner
2014-06-26 13:48 - 2014-06-26 13:48 - 01342659 _____ () C:\Users\Karin\Desktop\adwcleaner_3.213.exe
2014-06-26 13:42 - 2014-06-26 13:38 - 00049259 _____ () C:\Users\Karin\Downloads\FRST.txt
2014-06-26 13:37 - 2014-06-26 13:37 - 01073152 _____ (Farbar) C:\Users\Karin\Downloads\FRST.exe
2014-06-26 12:43 - 2014-01-06 23:46 - 00000000 ____D () C:\Users\Gast\Documents\Outlook-Dateien
2014-06-26 12:35 - 2013-12-31 02:40 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\SuperMailer
2014-06-26 00:55 - 2014-06-26 00:55 - 00000996 _____ () C:\Users\Karin\Desktop\SuperMailer.lnk
2014-06-26 00:55 - 2014-06-26 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperMailer
2014-06-26 00:55 - 2014-06-26 00:55 - 00000000 ____D () C:\Program Files (x86)\SuperMailer
2014-06-26 00:54 - 2014-06-26 00:54 - 23981547 _____ () C:\Users\Gast\Downloads\smsw(1).zip
2014-06-25 19:19 - 2014-06-25 19:19 - 02082816 _____ (Farbar) C:\Users\KarinAtWork\Desktop\FRST64.exe
2014-06-25 15:36 - 2011-01-18 21:08 - 00000000 ____D () C:\Users\Karin\AppData\Local\Google
2014-06-25 15:31 - 2011-01-18 20:57 - 00125800 _____ () C:\Users\Karin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-25 15:29 - 2011-01-19 03:48 - 00000000 ____D () C:\Users\Karin
2014-06-24 09:59 - 2011-01-22 09:22 - 00125800 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-23 20:29 - 2014-06-23 20:29 - 00002269 _____ () C:\Users\KarinAtWork\Documents\New Database.odb
2014-06-23 18:51 - 2012-08-19 14:17 - 00000000 ____D () C:\Users\KarinAtWork\Desktop\Bewerbungen
2014-06-23 18:47 - 2014-06-23 18:47 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\OpenOffice
2014-06-23 15:37 - 2012-05-02 10:40 - 00125800 _____ () C:\Users\KarinAtWork\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-23 15:34 - 2009-07-14 06:45 - 00478600 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-23 15:26 - 2014-06-23 15:26 - 00001112 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-06-23 15:26 - 2014-06-23 15:26 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-06-23 15:25 - 2014-06-23 15:25 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-23 15:24 - 2014-06-23 15:24 - 00002230 _____ () C:\Users\Karin\Desktop\Rocket.lnk
2014-06-23 15:24 - 2014-06-23 15:24 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rocket
2014-06-23 15:24 - 2014-06-23 15:23 - 00000000 ____D () C:\Users\Karin\AppData\Local\Rocket
2014-06-23 15:23 - 2014-06-23 15:22 - 00003234 _____ () C:\Windows\System32\Tasks\Rocket Updater
2014-06-23 15:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-23 15:16 - 2014-06-23 15:16 - 00469576 _____ () C:\Users\KarinAtWork\Downloads\apache-openoffice.exe
2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieUserList
2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieSiteList
2014-06-23 04:53 - 2014-06-19 22:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-22 11:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-20 23:40 - 2012-05-01 00:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-20 17:20 - 2012-11-22 17:34 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\SoftGrid Client
2014-06-18 13:02 - 2014-06-18 13:02 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Malwarebytes
2014-06-18 08:13 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-16 18:29 - 2014-01-06 23:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-16 18:29 - 2012-11-16 21:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-13 13:36 - 2014-06-26 13:57 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys
2014-06-13 13:36 - 2014-06-24 19:09 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys
2014-06-12 13:37 - 2013-08-14 18:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 13:33 - 2011-01-22 10:02 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 15:53 - 2013-05-04 11:21 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-06-07 14:26 - 2012-05-07 18:32 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\SoftGrid Client
2014-06-02 19:31 - 2013-01-05 17:54 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Local\FreePDF_XP
2014-05-30 12:21 - 2014-06-11 13:03 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-11 13:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-11 13:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-11 13:03 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-11 13:03 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-11 13:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-11 13:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-11 13:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-11 13:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-11 13:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-11 13:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-11 13:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-11 13:03 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 13:03 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-11 13:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-11 13:03 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 13:03 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-11 13:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-11 13:03 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-11 13:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-11 13:03 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 13:03 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-11 13:03 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 13:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-11 13:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 13:03 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 13:03 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-11 13:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 13:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-11 13:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-11 13:03 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-11 13:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-11 13:03 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-11 13:03 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-11 13:03 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 13:03 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 13:03 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 13:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-11 13:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 13:03 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 13:03 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 13:03 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 13:03 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 13:03 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 13:03 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 13:03 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 13:03 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 13:03 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 13:03 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 13:03 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 13:03 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 13:03 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\avgnt.exe
C:\Users\Karin\AppData\Local\Temp\avgnt.exe
C:\Users\Karin\AppData\Local\Temp\ose00000.exe
C:\Users\Karin\AppData\Local\Temp\Quarantine.exe
C:\Users\KarinAtWork\AppData\Local\Temp\avgnt.exe
C:\Users\KarinAtWork\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpk6zzq5.dll
C:\Users\KarinAtWork\AppData\Local\Temp\secuniasi6474681520443312105.dll
C:\Users\KarinAtWork\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 16:38

==================== End Of Log ============================
         
--- --- ---


UND ADDITION txt :
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 01
Ran by Karin at 2014-06-28 23:38:01
Running from C:\Users\Karin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Atheros Client Installation Program (HKLM-x32\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{F8FEEFC0-D7D6-9A40-28E9-1E7A6716E803}) (Version: 3.0.774.0 - ATI Technologies, Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2006397056.48.56.3935466 - Audible, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
BatteryLifeExtender (HKLM-x32\...\{08B67A13-8501-48CB-B747-9D413BDC4594}) (Version: 1.0.3 - Samsung)
Bonbon Quest (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111768557}) (Version:  - Oberon Media)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.44 - Broadcom Corporation)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version:  - Oberon Media)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon MG5100 series Benutzerregistrierung (HKLM-x32\...\Canon MG5100 series Benutzerregistrierung) (Version:  - )
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0504.2152.37420 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help English (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help French (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help German (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
ccc-utility64 (Version: 2010.0504.2152.37420 - ATI) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3717 - CDBurnerXP)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3911 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.3911 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2BC398D2-11C8-43B1-AB84-675D33EB28C2}) (Version:  - Microsoft)
Designer 2.0 (HKLM-x32\...\Designer 2.0_is1) (Version: 7.9.4 - Fomanu AG)
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0.0.13 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.1 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{F771F1D4-EDD4-4D68-82DC-811583C099CD}) (Version: 4.3.1 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.0.11 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
EasyFileShare (HKLM-x32\...\{C4582EED-A3FB-4358-8F3F-8C994460DF28}) (Version: 1.0.3 - Samsung)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ETDWare PS/2-x64 7.0.7.0_WHQL (HKLM\...\Elantech) (Version: 7.0.7.0 - ELAN Microelectronics Corp.)
Flip Words (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110109903}) (Version:  - Oberon Media)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Game Pack (HKLM-x32\...\{D1F6FBBB-B204-459A-9BF8-D06FFAB96CCC}_is1) (Version: 6.3.1.1 - Oberon Media, Inc.)
Gem Shop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110521483}) (Version:  - Oberon Media)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Inkscape 0.48.3.1 (HKLM-x32\...\Inkscape) (Version: 0.48.3.1 - )
Insaniquarium Deluxe (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110245793}) (Version:  - Oberon Media)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Mahjong Escape Ancient China (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version:  - Oberon Media)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.6 (x86 de)) (Version: 17.0.6 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.13580 - Symantec Corporation)
Open Office Packages (HKCU\...\Open Office Packages) (Version:  - ) <==== ATTENTION
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Architect (HKLM-x32\...\{86D8A96B-1911-4C3F-AA16-0B47E053E492}) (Version: 1.2.97.14551 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{0F796312-289C-40CA-856C-9FBCF5E83342}) (Version: 0133.09.1202 - REALTEK Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Rocket (HKCU\...\Rocket) (Version: 31.0.1650.23 - Rocket)
Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.0.2 - Samsung)
Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Secunia PSI (3.0.0.7009) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7009 - Secunia)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110160733}) (Version:  - Oberon Media)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SuperMailer 8.01 (HKLM-x32\...\Newsletter Software SuperMailer_is1) (Version: 8.01 - Mirko Boeer Softwareentwicklungen)
Two Worlds II (HKLM-x32\...\Two Worlds II) (Version: 1.0.0 - )
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{968E82F6-FAF7-45E0-BCC0-EF8AA31A4EB3}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1FB43AFB-8112-41B9-B9A6-A43474F46123}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{071A9ED9-C72F-4CDA-9A88-F100C5EF9EE1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{3365FE58-896F-45DE-8051-E48F6D8069FD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{A2D4D766-14AE-46CA-BD99-801FB1523626}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUSR_{FE13BE31-2B5B-4D4E-8538-B3BB9B370C66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8093.805 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
XSManager (HKLM-x32\...\XSManager) (Version: 3.0 - XSManager)

==================== Restore Points  =========================

20-06-2014 06:51:31 Windows Update
23-06-2014 13:23:20 Installed OpenOffice 4.0.1
25-06-2014 07:42:08 Windows Update
26-06-2014 11:45:28 Removed Java(TM) 6 Update 45
26-06-2014 11:46:55 Removed Java 7 Update 21
26-06-2014 19:24:57 Prüfpunkt von HitmanPro

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {09BC1C1F-B209-4357-AAE3-7A4805D83BFC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {33358644-D61B-420D-978B-86EEE4CACE31} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {75E1B6AA-7B51-4FAC-8029-38C519695459} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {80B1E869-75CC-4B6E-A76D-54C29A7FB47D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-17] (Adobe Systems Incorporated)
Task: {8813E5D3-87AE-4768-B14F-387BD05ACF8D} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2010-05-06] (SAMSUNG Electronics)
Task: {B3038D87-CE94-422A-9FDC-9D893BB5CEE3} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {B5FFC2F7-CB63-449C-BCA4-615C3BFB12EB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {C0DFC50F-2830-48FF-A5DC-C204BCC9458D} - System32\Tasks\Rocket Updater => C:\Users\Karin\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {CD819A81-4C92-4F0E-9242-D3431D89ACF4} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-05-06] (Samsung Electronics)
Task: {D7124D21-9D3D-430E-9095-5CA5C98AB530} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-04-17] (Samsung Electronics. Co. Ltd.)
Task: {D774F9DD-6A0C-478D-A6E1-DF1734E28C67} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
Task: {E9724AB6-2D4D-4469-8374-1B9051E15A99} - System32\Tasks\{02FB5D97-BB17-41C4-8F09-D60FAA38A572} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.7.0.102/en/abandoninstall?page=tsProgressBar
Task: {F56B76B9-95E0-47F8-8A07-72DDB540B015} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-04-07] (Samsung Electronics Co., Ltd.)
Task: {F9CE13F9-8BA6-4A7A-9512-FC0F318C1BB5} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-03-29] (SAMSUNG Electronics co., LTD.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Rocket Updater.job => C:\Users\Karin\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2012-12-14 09:12 - 2010-06-17 22:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2010-06-01 03:04 - 2009-03-05 11:54 - 00311296 _____ () C:\Windows\SysWOW64\Rezip.exe
2012-06-27 20:28 - 2009-06-22 16:13 - 00304592 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2009-02-12 07:32 - 2009-02-12 07:32 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-06-01 03:01 - 2010-06-01 03:01 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-06-01 03:09 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:268F887D
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:5C270C64
AlternateDataStreams: C:\ProgramData\Temp:5C321E34

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/28/2014 11:34:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/28/2014 11:34:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/28/2014 11:26:53 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/28/2014 09:05:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2014 10:51:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2014 10:51:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2014 10:51:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2014 10:51:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/26/2014 10:10:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/26/2014 09:25:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Util NetCrawl since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.


System errors:
=============
Error: (06/28/2014 11:25:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/28/2014 11:25:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMService erreicht.

Error: (06/28/2014 04:05:39 PM) (Source: DCOM) (EventID: 10016) (User: KNotebook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}KNotebookGastS-1-5-21-3457901039-3679683318-3372754741-501LocalHost (unter Verwendung von LRPC)

Error: (06/28/2014 09:13:00 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (06/28/2014 09:13:00 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (06/28/2014 09:12:23 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (06/27/2014 10:45:52 AM) (Source: DCOM) (EventID: 10016) (User: KNotebook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}KNotebookGastS-1-5-21-3457901039-3679683318-3372754741-501LocalHost (unter Verwendung von LRPC)

Error: (06/27/2014 10:32:35 AM) (Source: DCOM) (EventID: 10016) (User: KNotebook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}KNotebookGastS-1-5-21-3457901039-3679683318-3372754741-501LocalHost (unter Verwendung von LRPC)

Error: (06/27/2014 09:44:05 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Rezip erreicht.

Error: (06/27/2014 09:43:13 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet.


Microsoft Office Sessions:
=========================
Error: (06/28/2014 11:34:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NB7HT3TO\esetsmartinstaller_deu.exe

Error: (06/28/2014 11:34:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NB7HT3TO\esetsmartinstaller_deu.exe

Error: (06/28/2014 11:26:53 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (06/28/2014 09:05:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (06/27/2014 10:51:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe

Error: (06/27/2014 10:51:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe

Error: (06/27/2014 10:51:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe

Error: (06/27/2014 10:51:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe

Error: (06/26/2014 10:10:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (06/26/2014 09:25:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Util NetCrawl since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.


==================== Memory info =========================== 

Percentage of memory in use: 38%
Total physical RAM: 3946.16 MB
Available physical RAM: 2434.6 MB
Total Pagefile: 7890.51 MB
Available Pagefile: 5968.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:113 GB) (Free:33.04 GB) NTFS
Drive d: () (Fixed) (Total:164.99 GB) (Free:147.38 GB) NTFS
Drive f: (KINGSTON) (Removable) (Total:7.38 GB) (Free:5.56 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 4394EB81)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=113 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=165 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7 GB) - (Type=0B)

==================== End Of Log ============================
         

Zu deiner Frage: Nein ich habe keine Probleme mehr .

Alt 29.06.2014, 00:09   #10
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Scareware im Firefoxbrowser eingefangen, wie entfernen? - Standard

Scareware im Firefoxbrowser eingefangen, wie entfernen?



Hi,

das bitte deinstallieren:

Open Office Packages


Schritt 1



Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
ATTFilter
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir=
FF DefaultSearchEngine: WSE Rocket
FF SelectedSearchEngine: WSE Rocket
R1 {57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64; C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys [61112 2014-06-13] (StdLib)
R1 {57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64; C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys [61112 2014-06-13] (StdLib)
C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys
C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys
AlternateDataStreams: C:\ProgramData\Temp:268F887D
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:5C270C64
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
         
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.
  • Starte FRST und drücke auf den Fix-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.

Schritt 2
Lade dir TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
  • Öffne die TFC.exe.
    Vista und Win 7 User mit Rechtsklick "als Administrator starten".
  • Schließe alle anderen Programme.
  • Drücke auf den Button Start.
  • Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.



Hier
die aktuelle Version von Java herunterladen und installieren.

Flash
sowohl mit dem Internet Explorer als auch mit dem Firefox aufrufen und installieren. Optionale Angebote ablehnen.

Schritt 3



Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 02.07.2014, 23:09   #11
Ka-Rin
 
Scareware im Firefoxbrowser eingefangen, wie entfernen? - Standard

Scareware im Firefoxbrowser eingefangen, wie entfernen?



Hallo,
nun geht's weiter. Hier der erste FRST-Scan nach dem Fixen:
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-07-2014
Ran by Karin at 2014-07-02 23:33:11 Run:1
Running from C:\Users\Karin\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir=
FF DefaultSearchEngine: WSE Rocket
FF SelectedSearchEngine: WSE Rocket
R1 {57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64; C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys [61112 2014-06-13] (StdLib)
R1 {57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64; C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys [61112 2014-06-13] (StdLib)
C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys
C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys
AlternateDataStreams: C:\ProgramData\Temp:268F887D
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:5C270C64
AlternateDataStreams: C:\ProgramData\Temp:5C321E34

*****************

'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
Firefox DefaultSearchEngine deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64 => Service stopped successfully.
{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64 => Service deleted successfully.
{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64 => Service stopped successfully.
{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64 => Service deleted successfully.
C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys => Moved successfully.
C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys => Moved successfully.
C:\ProgramData\Temp => ":268F887D" ADS removed successfully.
C:\ProgramData\Temp => ":4CF61E54" ADS removed successfully.
C:\ProgramData\Temp => ":5C270C64" ADS removed successfully.
C:\ProgramData\Temp => ":5C321E34" ADS removed successfully.

==== End of Fixlog ====
         
Und der letzte RST Scan-text:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Karin (administrator) on KNOTEBOOK on 03-07-2014 00:05:31
Running from C:\Users\Karin\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
() C:\Windows\SysWOW64\Rezip.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\XSManager\WTGService.exe
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_13_0_0_214_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [2703752 2010-03-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NortonOnlineBackup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1112920 2010-03-05] (Symantec Corporation)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [157456 2009-05-14] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
HKU\S-1-5-21-3457901039-3679683318-3372754741-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\KarinAtWork\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Karin\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {67F66D86-F250-40BB-8CAF-38BD065D72D3} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{24DB843F-333B-4F22-8094-8E06240D8CCB}: [NameServer]62.134.11.4 195.182.110.132

FireFox:
========
FF ProfilePath: C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default
FF SearchEngineOrder.3: Bing 
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=061513&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017325.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-05-26]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2782552 2010-03-05] (Symantec Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1335344 2014-01-23] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [856112 2014-01-23] (pdfforge GmbH)
R2 Rezip; C:\Windows\SysWOW64\Rezip.exe [311296 2009-03-05] () [File not signed]
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [304592 2009-06-22] ()
R2 XS Stick Service; C:\Windows\service4g.exe [125200 2009-05-14] (4G Systems GmbH & Co. KG)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-30] (Avira Operations GmbH & Co. KG)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2012-06-27] (Mobile Connector)
S3 cmnsusbser; C:\Windows\SysWOW64\DRIVERS\cmnsusbser.sys [117888 2008-10-31] (Mobile Connector)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-10-13] (Windows (R) 2003 DDK 3790 provider)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-03 00:04 - 2014-07-03 00:04 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-03 00:04 - 2014-07-03 00:04 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-03 00:04 - 2014-07-03 00:04 - 00002251 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-03 00:04 - 2014-07-03 00:04 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-03 00:04 - 2014-07-03 00:04 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-03 00:04 - 2014-07-03 00:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-03 00:03 - 2014-07-03 00:04 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-03 00:02 - 2014-07-03 00:02 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-03 00:02 - 2014-07-03 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-03 00:02 - 2014-07-03 00:01 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-03 00:02 - 2014-07-03 00:01 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-03 00:02 - 2014-07-03 00:01 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-03 00:02 - 2014-07-03 00:01 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-03 00:01 - 2014-07-03 00:01 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-02 23:38 - 2014-07-02 23:38 - 00448512 _____ (OldTimer Tools) C:\Users\Karin\Desktop\TFC.exe
2014-06-28 23:38 - 2014-06-28 23:39 - 00048704 _____ () C:\Users\Karin\Desktop\Addition.txt
2014-06-28 09:07 - 2014-07-02 23:30 - 00000000 ____D () C:\Users\Karin\Desktop\FRST-OlderVersion
2014-06-27 10:51 - 2014-06-27 10:51 - 02347384 _____ (ESET) C:\Users\Karin\Downloads\esetsmartinstaller_deu.exe
2014-06-26 21:23 - 2014-06-26 21:23 - 00029396 _____ () C:\Users\Karin\Desktop\HitmanPro_20140626_2123.log
2014-06-26 20:07 - 2014-06-26 21:50 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-06-26 19:11 - 2014-07-02 23:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-26 19:11 - 2014-06-26 19:11 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-26 19:11 - 2014-06-26 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-26 19:11 - 2014-06-26 19:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-26 19:11 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-26 19:11 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-26 19:11 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-26 17:41 - 2014-06-26 17:41 - 00000000 __SHD () C:\Users\Karin\AppData\Local\EmieUserList
2014-06-26 17:41 - 2014-06-26 17:41 - 00000000 __SHD () C:\Users\Karin\AppData\Local\EmieSiteList
2014-06-26 14:02 - 2014-06-26 14:02 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Karin\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-26 13:58 - 2014-06-26 13:58 - 00005706 _____ () C:\Users\Karin\Desktop\AdwCleaner[S0].txt
2014-06-26 13:49 - 2014-06-26 13:54 - 00000000 ____D () C:\AdwCleaner
2014-06-26 13:48 - 2014-06-26 13:48 - 01342659 _____ () C:\Users\Karin\Desktop\adwcleaner_3.213.exe
2014-06-26 13:40 - 2014-07-03 00:05 - 00016015 _____ () C:\Users\Karin\Desktop\FRST.txt
2014-06-26 13:38 - 2014-07-02 23:30 - 02083840 _____ (Farbar) C:\Users\Karin\Desktop\FRST64.exe
2014-06-26 13:38 - 2014-06-26 13:42 - 00049259 _____ () C:\Users\Karin\Downloads\FRST.txt
2014-06-26 13:37 - 2014-06-26 13:37 - 01073152 _____ (Farbar) C:\Users\Karin\Downloads\FRST.exe
2014-06-26 00:55 - 2014-06-26 00:55 - 00000996 _____ () C:\Users\Karin\Desktop\SuperMailer.lnk
2014-06-26 00:55 - 2014-06-26 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperMailer
2014-06-26 00:55 - 2014-06-26 00:55 - 00000000 ____D () C:\Program Files (x86)\SuperMailer
2014-06-26 00:54 - 2014-06-26 00:54 - 23981547 _____ () C:\Users\Gast\Downloads\smsw(1).zip
2014-06-25 19:19 - 2014-07-03 00:05 - 00000000 ____D () C:\FRST
2014-06-25 19:19 - 2014-06-25 19:19 - 02082816 _____ (Farbar) C:\Users\KarinAtWork\Desktop\FRST64.exe
2014-06-23 20:29 - 2014-06-23 20:29 - 00002269 _____ () C:\Users\KarinAtWork\Documents\New Database.odb
2014-06-23 18:47 - 2014-06-23 18:47 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\OpenOffice
2014-06-23 15:26 - 2014-06-23 15:26 - 00001112 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-06-23 15:26 - 2014-06-23 15:26 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-06-23 15:25 - 2014-06-23 15:25 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-23 15:24 - 2014-06-23 15:24 - 00002230 _____ () C:\Users\Karin\Desktop\Rocket.lnk
2014-06-23 15:24 - 2014-06-23 15:24 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rocket
2014-06-23 15:23 - 2014-06-23 15:24 - 00000000 ____D () C:\Users\Karin\AppData\Local\Rocket
2014-06-23 15:22 - 2014-07-02 23:22 - 00000292 _____ () C:\Windows\Tasks\Rocket Updater.job
2014-06-23 15:22 - 2014-06-26 20:01 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\RocketUpdater
2014-06-23 15:22 - 2014-06-23 15:23 - 00003234 _____ () C:\Windows\System32\Tasks\Rocket Updater
2014-06-23 15:16 - 2014-06-23 15:16 - 00469576 _____ () C:\Users\KarinAtWork\Downloads\apache-openoffice.exe
2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieUserList
2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieSiteList
2014-06-19 22:38 - 2014-06-23 04:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 13:02 - 2014-06-18 13:02 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Malwarebytes
2014-06-11 13:03 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 13:03 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 13:03 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 13:03 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 13:03 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 13:03 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 13:03 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 13:03 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 13:03 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 13:03 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 13:03 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 13:03 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 13:03 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 13:03 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 13:03 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 13:03 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 13:03 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 13:03 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 13:03 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 13:03 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 13:03 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 13:03 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 13:03 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 13:03 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 13:03 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 13:03 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 13:03 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 13:03 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 13:03 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 13:03 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 13:03 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 13:03 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 13:03 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 13:03 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 13:03 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 13:03 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 13:03 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 13:03 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 13:03 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 13:03 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 13:03 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 13:03 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 13:03 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 13:03 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 13:03 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 13:03 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 13:03 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 13:03 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 13:03 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 13:03 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 13:03 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 13:03 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 13:03 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 13:03 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 13:03 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 13:03 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 13:03 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 13:03 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 13:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 13:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 13:03 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 13:03 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 13:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 13:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

==================== One Month Modified Files and Folders =======

2014-07-03 00:06 - 2014-06-26 13:40 - 00016015 _____ () C:\Users\Karin\Desktop\FRST.txt
2014-07-03 00:05 - 2014-06-25 19:19 - 00000000 ____D () C:\FRST
2014-07-03 00:04 - 2014-07-03 00:04 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-03 00:04 - 2014-07-03 00:04 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-03 00:04 - 2014-07-03 00:04 - 00002251 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-03 00:04 - 2014-07-03 00:04 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-03 00:04 - 2014-07-03 00:04 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-03 00:04 - 2014-07-03 00:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-03 00:04 - 2014-07-03 00:03 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-03 00:03 - 2013-05-05 00:19 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-03 00:03 - 2013-05-05 00:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-03 00:03 - 2012-05-03 20:36 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-03 00:03 - 2012-05-03 20:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-03 00:02 - 2014-07-03 00:02 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-03 00:02 - 2014-07-03 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-03 00:01 - 2014-07-03 00:02 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-03 00:01 - 2014-07-03 00:02 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-03 00:01 - 2014-07-03 00:02 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-03 00:01 - 2014-07-03 00:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-03 00:01 - 2014-07-03 00:01 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-02 23:38 - 2014-07-02 23:38 - 00448512 _____ (OldTimer Tools) C:\Users\Karin\Desktop\TFC.exe
2014-07-02 23:35 - 2014-06-26 19:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 23:30 - 2014-06-28 09:07 - 00000000 ____D () C:\Users\Karin\Desktop\FRST-OlderVersion
2014-07-02 23:30 - 2014-06-26 13:38 - 02083840 _____ (Farbar) C:\Users\Karin\Desktop\FRST64.exe
2014-07-02 23:22 - 2014-06-23 15:22 - 00000292 _____ () C:\Windows\Tasks\Rocket Updater.job
2014-07-02 23:20 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-02 23:20 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-02 23:19 - 2010-06-01 03:03 - 01682718 _____ () C:\Windows\WindowsUpdate.log
2014-07-02 23:16 - 2013-07-16 22:49 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\Skype
2014-07-02 23:15 - 2011-01-19 03:48 - 00000000 ____D () C:\Users\Karin
2014-07-02 23:14 - 2013-05-20 23:11 - 00000000 ___RD () C:\Users\KarinAtWork\Dropbox
2014-07-02 23:13 - 2014-05-26 12:40 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\DropboxMaster
2014-07-02 23:13 - 2013-05-20 23:06 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\Dropbox
2014-07-02 23:11 - 2013-05-20 23:36 - 00021512 _____ () C:\Windows\setupact.log
2014-07-02 23:11 - 2012-06-30 10:04 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-07-02 23:11 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-01 23:33 - 2013-05-04 11:21 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-07-01 23:26 - 2013-05-24 19:17 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8882FE08-554D-4D95-8483-6E4F45ADC1B3}
2014-07-01 20:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-06-30 21:19 - 2013-06-04 18:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-30 21:19 - 2011-01-19 03:50 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-28 23:39 - 2014-06-28 23:38 - 00048704 _____ () C:\Users\Karin\Desktop\Addition.txt
2014-06-28 15:59 - 2013-05-28 07:14 - 00282048 _____ () C:\Windows\PFRO.log
2014-06-27 10:51 - 2014-06-27 10:51 - 02347384 _____ (ESET) C:\Users\Karin\Downloads\esetsmartinstaller_deu.exe
2014-06-27 10:51 - 2010-06-01 19:30 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-06-27 10:51 - 2010-06-01 19:30 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-06-27 10:51 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-26 21:50 - 2014-06-26 20:07 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-06-26 21:23 - 2014-06-26 21:23 - 00029396 _____ () C:\Users\Karin\Desktop\HitmanPro_20140626_2123.log
2014-06-26 20:01 - 2014-06-23 15:22 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\RocketUpdater
2014-06-26 19:11 - 2014-06-26 19:11 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-26 19:11 - 2014-06-26 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-26 19:11 - 2014-06-26 19:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-26 18:46 - 2009-07-14 04:34 - 00000612 _____ () C:\Windows\win.ini
2014-06-26 17:41 - 2014-06-26 17:41 - 00000000 __SHD () C:\Users\Karin\AppData\Local\EmieUserList
2014-06-26 17:41 - 2014-06-26 17:41 - 00000000 __SHD () C:\Users\Karin\AppData\Local\EmieSiteList
2014-06-26 14:03 - 2012-05-01 13:04 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\Malwarebytes
2014-06-26 14:03 - 2012-05-01 13:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-26 14:02 - 2014-06-26 14:02 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Karin\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-26 13:58 - 2014-06-26 13:58 - 00005706 _____ () C:\Users\Karin\Desktop\AdwCleaner[S0].txt
2014-06-26 13:54 - 2014-06-26 13:49 - 00000000 ____D () C:\AdwCleaner
2014-06-26 13:48 - 2014-06-26 13:48 - 01342659 _____ () C:\Users\Karin\Desktop\adwcleaner_3.213.exe
2014-06-26 13:42 - 2014-06-26 13:38 - 00049259 _____ () C:\Users\Karin\Downloads\FRST.txt
2014-06-26 13:37 - 2014-06-26 13:37 - 01073152 _____ (Farbar) C:\Users\Karin\Downloads\FRST.exe
2014-06-26 12:43 - 2014-01-06 23:46 - 00000000 ____D () C:\Users\Gast\Documents\Outlook-Dateien
2014-06-26 12:35 - 2013-12-31 02:40 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\SuperMailer
2014-06-26 00:55 - 2014-06-26 00:55 - 00000996 _____ () C:\Users\Karin\Desktop\SuperMailer.lnk
2014-06-26 00:55 - 2014-06-26 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperMailer
2014-06-26 00:55 - 2014-06-26 00:55 - 00000000 ____D () C:\Program Files (x86)\SuperMailer
2014-06-26 00:54 - 2014-06-26 00:54 - 23981547 _____ () C:\Users\Gast\Downloads\smsw(1).zip
2014-06-25 19:19 - 2014-06-25 19:19 - 02082816 _____ (Farbar) C:\Users\KarinAtWork\Desktop\FRST64.exe
2014-06-25 15:36 - 2011-01-18 21:08 - 00000000 ____D () C:\Users\Karin\AppData\Local\Google
2014-06-25 15:31 - 2011-01-18 20:57 - 00125800 _____ () C:\Users\Karin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-24 09:59 - 2011-01-22 09:22 - 00125800 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-23 20:29 - 2014-06-23 20:29 - 00002269 _____ () C:\Users\KarinAtWork\Documents\New Database.odb
2014-06-23 18:51 - 2012-08-19 14:17 - 00000000 ____D () C:\Users\KarinAtWork\Desktop\Bewerbungen
2014-06-23 18:47 - 2014-06-23 18:47 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\OpenOffice
2014-06-23 15:37 - 2012-05-02 10:40 - 00125800 _____ () C:\Users\KarinAtWork\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-23 15:34 - 2009-07-14 06:45 - 00478600 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-23 15:26 - 2014-06-23 15:26 - 00001112 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-06-23 15:26 - 2014-06-23 15:26 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-06-23 15:25 - 2014-06-23 15:25 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-23 15:24 - 2014-06-23 15:24 - 00002230 _____ () C:\Users\Karin\Desktop\Rocket.lnk
2014-06-23 15:24 - 2014-06-23 15:24 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rocket
2014-06-23 15:24 - 2014-06-23 15:23 - 00000000 ____D () C:\Users\Karin\AppData\Local\Rocket
2014-06-23 15:23 - 2014-06-23 15:22 - 00003234 _____ () C:\Windows\System32\Tasks\Rocket Updater
2014-06-23 15:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-23 15:16 - 2014-06-23 15:16 - 00469576 _____ () C:\Users\KarinAtWork\Downloads\apache-openoffice.exe
2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieUserList
2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieSiteList
2014-06-23 04:53 - 2014-06-19 22:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-22 11:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-20 23:40 - 2012-05-01 00:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-20 17:20 - 2012-11-22 17:34 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\SoftGrid Client
2014-06-18 13:02 - 2014-06-18 13:02 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Malwarebytes
2014-06-18 08:13 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-16 18:29 - 2014-01-06 23:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-16 18:29 - 2012-11-16 21:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 13:37 - 2013-08-14 18:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 13:33 - 2011-01-22 10:02 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-07 14:26 - 2012-05-07 18:32 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\SoftGrid Client

Some content of TEMP:
====================
C:\Users\Karin\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 16:38

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Erstmal wieder ein dickes DANKE!!!

Alt 02.07.2014, 23:17   #12
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Scareware im Firefoxbrowser eingefangen, wie entfernen? - Standard

Scareware im Firefoxbrowser eingefangen, wie entfernen?



Was fehlt?
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 03.07.2014, 08:32   #13
Ka-Rin
 
Scareware im Firefoxbrowser eingefangen, wie entfernen? - Standard

Scareware im Firefoxbrowser eingefangen, wie entfernen?



Hmmm lass mich kurz überlegen.....

1. der Additioscan? (kam bei diesem Scan nicht trotz Haken...)

ODER

2. Ich habe keine Probleme mehr, scheint bereinigt.

ODER

3. Ich hab vergessen was zu posten etc.?

Wat ist es denn?

Hab die Antwort schon. Mit Profis arbeiten macht Spaß !!!!
Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
Ran by Karin at 2014-07-03 09:27:52
Running from C:\Users\Karin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Atheros Client Installation Program (HKLM-x32\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{F8FEEFC0-D7D6-9A40-28E9-1E7A6716E803}) (Version: 3.0.774.0 - ATI Technologies, Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2006397056.48.56.3935466 - Audible, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
BatteryLifeExtender (HKLM-x32\...\{08B67A13-8501-48CB-B747-9D413BDC4594}) (Version: 1.0.3 - Samsung)
Bonbon Quest (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111768557}) (Version:  - Oberon Media)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.44 - Broadcom Corporation)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version:  - Oberon Media)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon MG5100 series Benutzerregistrierung (HKLM-x32\...\Canon MG5100 series Benutzerregistrierung) (Version:  - )
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0504.2152.37420 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help English (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help French (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help German (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
ccc-utility64 (Version: 2010.0504.2152.37420 - ATI) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3717 - CDBurnerXP)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3911 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.3911 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2BC398D2-11C8-43B1-AB84-675D33EB28C2}) (Version:  - Microsoft)
Designer 2.0 (HKLM-x32\...\Designer 2.0_is1) (Version: 7.9.4 - Fomanu AG)
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0.0.13 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.1 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{F771F1D4-EDD4-4D68-82DC-811583C099CD}) (Version: 4.3.1 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.0.11 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
EasyFileShare (HKLM-x32\...\{C4582EED-A3FB-4358-8F3F-8C994460DF28}) (Version: 1.0.3 - Samsung)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ETDWare PS/2-x64 7.0.7.0_WHQL (HKLM\...\Elantech) (Version: 7.0.7.0 - ELAN Microelectronics Corp.)
Flip Words (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110109903}) (Version:  - Oberon Media)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Game Pack (HKLM-x32\...\{D1F6FBBB-B204-459A-9BF8-D06FFAB96CCC}_is1) (Version: 6.3.1.1 - Oberon Media, Inc.)
Gem Shop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110521483}) (Version:  - Oberon Media)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Inkscape 0.48.3.1 (HKLM-x32\...\Inkscape) (Version: 0.48.3.1 - )
Insaniquarium Deluxe (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110245793}) (Version:  - Oberon Media)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Mahjong Escape Ancient China (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version:  - Oberon Media)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.6 (x86 de)) (Version: 17.0.6 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.13580 - Symantec Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Architect (HKLM-x32\...\{86D8A96B-1911-4C3F-AA16-0B47E053E492}) (Version: 1.2.97.14551 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{0F796312-289C-40CA-856C-9FBCF5E83342}) (Version: 0133.09.1202 - REALTEK Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Rocket (HKCU\...\Rocket) (Version: 31.0.1650.23 - Rocket)
Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.0.2 - Samsung)
Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Secunia PSI (3.0.0.7009) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7009 - Secunia)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110160733}) (Version:  - Oberon Media)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SuperMailer 8.01 (HKLM-x32\...\Newsletter Software SuperMailer_is1) (Version: 8.01 - Mirko Boeer Softwareentwicklungen)
Two Worlds II (HKLM-x32\...\Two Worlds II) (Version: 1.0.0 - )
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{968E82F6-FAF7-45E0-BCC0-EF8AA31A4EB3}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1FB43AFB-8112-41B9-B9A6-A43474F46123}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{071A9ED9-C72F-4CDA-9A88-F100C5EF9EE1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{3365FE58-896F-45DE-8051-E48F6D8069FD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{A2D4D766-14AE-46CA-BD99-801FB1523626}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUSR_{FE13BE31-2B5B-4D4E-8538-B3BB9B370C66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8093.805 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
XSManager (HKLM-x32\...\XSManager) (Version: 3.0 - XSManager)

==================== Restore Points  =========================

23-06-2014 13:23:20 Installed OpenOffice 4.0.1
25-06-2014 07:42:08 Windows Update
26-06-2014 11:45:28 Removed Java(TM) 6 Update 45
26-06-2014 11:46:55 Removed Java 7 Update 21
26-06-2014 19:24:57 Prüfpunkt von HitmanPro
01-07-2014 19:05:11 Windows Update
02-07-2014 22:01:08 Installed Java 7 Update 60

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {09BC1C1F-B209-4357-AAE3-7A4805D83BFC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {33358644-D61B-420D-978B-86EEE4CACE31} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {75E1B6AA-7B51-4FAC-8029-38C519695459} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {80B1E869-75CC-4B6E-A76D-54C29A7FB47D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-03] (Adobe Systems Incorporated)
Task: {8813E5D3-87AE-4768-B14F-387BD05ACF8D} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2010-05-06] (SAMSUNG Electronics)
Task: {B3038D87-CE94-422A-9FDC-9D893BB5CEE3} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {B5FFC2F7-CB63-449C-BCA4-615C3BFB12EB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {C0DFC50F-2830-48FF-A5DC-C204BCC9458D} - System32\Tasks\Rocket Updater => C:\Users\Karin\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {CD819A81-4C92-4F0E-9242-D3431D89ACF4} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-05-06] (Samsung Electronics)
Task: {D7124D21-9D3D-430E-9095-5CA5C98AB530} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-04-17] (Samsung Electronics. Co. Ltd.)
Task: {D774F9DD-6A0C-478D-A6E1-DF1734E28C67} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
Task: {E9724AB6-2D4D-4469-8374-1B9051E15A99} - System32\Tasks\{02FB5D97-BB17-41C4-8F09-D60FAA38A572} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.7.0.102/en/abandoninstall?page=tsProgressBar
Task: {F56B76B9-95E0-47F8-8A07-72DDB540B015} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-04-07] (Samsung Electronics Co., Ltd.)
Task: {F9CE13F9-8BA6-4A7A-9512-FC0F318C1BB5} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-03-29] (SAMSUNG Electronics co., LTD.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Rocket Updater.job => C:\Users\Karin\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2012-12-14 09:12 - 2010-06-17 22:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2010-06-01 03:04 - 2009-03-05 11:54 - 00311296 _____ () C:\Windows\SysWOW64\Rezip.exe
2012-06-27 20:28 - 2009-06-22 16:13 - 00304592 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2009-02-12 07:32 - 2009-02-12 07:32 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-06-01 03:01 - 2010-06-01 03:01 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-06-19 22:38 - 2014-06-19 22:38 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/02/2014 11:39:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atieclxx.exe, Version: 6.14.11.1056, Zeitstempel: 0x4be0d4dc
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000020a7a
ID des fehlerhaften Prozesses: 0x260
Startzeit der fehlerhaften Anwendung: 0xatieclxx.exe0
Pfad der fehlerhaften Anwendung: atieclxx.exe1
Pfad des fehlerhaften Moduls: atieclxx.exe2
Berichtskennung: atieclxx.exe3

Error: (07/02/2014 11:13:02 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/29/2014 09:28:50 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "I:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (06/29/2014 10:04:29 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/28/2014 11:34:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/28/2014 11:34:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/28/2014 11:26:53 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/28/2014 09:05:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2014 10:51:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2014 10:51:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (07/03/2014 07:43:36 AM) (Source: DCOM) (EventID: 10016) (User: KNotebook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}KNotebookGastS-1-5-21-3457901039-3679683318-3372754741-501LocalHost (unter Verwendung von LRPC)

Error: (07/02/2014 11:58:51 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.

Error: (07/02/2014 11:58:51 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.

Error: (07/02/2014 11:58:51 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.

Error: (07/02/2014 11:58:51 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.

Error: (07/02/2014 11:58:47 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.

Error: (07/02/2014 11:58:47 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.

Error: (07/02/2014 11:58:47 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.

Error: (07/02/2014 11:58:47 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.

Error: (07/02/2014 11:58:46 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.


Microsoft Office Sessions:
=========================
Error: (07/02/2014 11:39:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: atieclxx.exe6.14.11.10564be0d4dcntdll.dll6.1.7601.18247521eaf24c00000050000000000020a7a26001cf963ac919d883C:\Windows\system32\atieclxx.exeC:\Windows\SYSTEM32\ntdll.dll4854b478-0231-11e4-90db-002454dbf6c9

Error: (07/02/2014 11:13:02 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (06/29/2014 09:28:50 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: I:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (06/29/2014 10:04:29 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (06/28/2014 11:34:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NB7HT3TO\esetsmartinstaller_deu.exe

Error: (06/28/2014 11:34:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NB7HT3TO\esetsmartinstaller_deu.exe

Error: (06/28/2014 11:26:53 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (06/28/2014 09:05:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (06/27/2014 10:51:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe

Error: (06/27/2014 10:51:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe


==================== Memory info =========================== 

Percentage of memory in use: 44%
Total physical RAM: 3946.16 MB
Available physical RAM: 2179.88 MB
Total Pagefile: 7890.51 MB
Available Pagefile: 5522.22 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:113 GB) (Free:36.06 GB) NTFS
Drive d: () (Fixed) (Total:164.99 GB) (Free:147.38 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 4394EB81)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=113 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=165 GB) - (Type=OF Extended)

==================== End Of Log ============================
         

Alt 03.07.2014, 11:08   #14
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Scareware im Firefoxbrowser eingefangen, wie entfernen? - Standard

Scareware im Firefoxbrowser eingefangen, wie entfernen?



Hi,

Flash-Link mit dem Firefox aufrufen. Flash aktualisieren. Optionale Angebote ablehnen.

Das Zeug im Downloadverzeichnis welches ESET anmeckert manuell löschen. Achte besser darauf, wo Du Dir was runterlädst! Näheres unten bei den Tipps...



Cleanup:

Alle Logs gepostet? Ja! Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.




>>clean<<
Wir haben es geschafft!
Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.
Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.

Wie kann ich mich in Zukunft besser schützen?

Tipps, Dos & Don'ts

Updates & Software
Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.

Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.



Firewall, Antivirus & Co.
  • Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.
  • Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. (Updatefunktion aktivieren!)
    Meine Empfehlungen:
    Kaspersky Antivirus
    Emsisoft Anti-Malware
    avast Free Antivirus
  • Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

    Optional:
  • NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.


Cracks, Downloads & Co.


Neben unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert.
Der Besuch dubioser Websites kann bereits Risiken bergen. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
Illegale Cracks, Keygens und Serials sind ein ausgesprochen einfacher und beliebter Weg um Malware zu verbreiten.
Bei Dateien aus Peer-to-Peer- und Filesharingprogrammen oder von Filehostern kann man nie sicher sein, ob auch wirklich drin ist, was drauf steht. (Trojanisches Pferd^^)
  • Auch virustotal.com ist Dein Freund! Lade dubiose oder unbekannte Dateien hoch, bevor Du diese startest oder installierst.

Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden zu verleiten, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
  • Surfe daher mit Vorsicht und klicke mit Verstand.
  • Sei skeptisch bei unerwarteten E-Mails, insbesondere wenn sie Anhänge enthalten. Auch wenn sie auf den ersten Blick authentisch wirken, persönliche Daten von Dir enthalten oder vermeintlich von einem bekannten Absender stammen: Lieber nochmals in Ruhe überdenken oder nachfragen, anstatt einfach mal Links oder ausführbare Anhänge öffnen oder irgendwo Deine Daten eingeben.
  • Auch in sozialen Netzwerken oder über Instant Messaging Systeme können schädliche Links oder Dateien die Runde machen. Erhältst Du von einem Deiner Freunde eine Nachricht, die merkwürdig ist oder so sensationell interessant, dass man einfach draufklicken muss, dann hat bei ihm/ihr wahrscheinlich Neugier über Verstand gesiegt und Du solltest nicht denselben Fehler machen.

Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
  • Lade Software in erster Priorität immer direkt vom Hersteller herunter. Viele Softwareportale (z.B. Softonic) packen noch unnützes Zeug mit in die Installation. Alternativ dazu wähle ein sauberes Portal wie Filepony oder heise.
  • Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
  • Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
  • Erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
  • Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 06.07.2014, 10:22   #15
Ka-Rin
 
Scareware im Firefoxbrowser eingefangen, wie entfernen? - Standard

Scareware im Firefoxbrowser eingefangen, wie entfernen?



Danke dir für Deine Hilfe!!! Mein Laptop läuft wieder wie gewohnt ohne bemerkbare fiese Nervprogramme. Dickes Lob an euch alle für dieses Forum!!!!


Antwort

Themen zu Scareware im Firefoxbrowser eingefangen, wie entfernen?
adware.installbrain, pc infiziert, pup.optional.browsefox.a, pup.optional.iminent.a, pup.optional.installcore, pup.optional.netcrawl.a, pup.optional.rocketfind.a, pup.optional.rockettab.a, wie entfernen?, win32/bundled.toolbar.ask, win32/bundled.toolbar.ask.d, win32/downloadguide.a, win32/installcore.pc, win32/installmonetizer.aq



Ähnliche Themen: Scareware im Firefoxbrowser eingefangen, wie entfernen?


  1. Regclean.Pro Scareware eingefangen
    Plagegeister aller Art und deren Bekämpfung - 15.12.2013 (18)
  2. Deltasearch maleware aus Firefoxbrowser entfernen
    Log-Analyse und Auswertung - 08.06.2013 (17)
  3. Seth.anzutracking öffnet Werbung im Firefoxbrowser
    Plagegeister aller Art und deren Bekämpfung - 11.03.2013 (9)
  4. Babylon Toolbar,Spyhunter4, Firefoxbrowser claro search
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (3)
  5. GEMA Scareware eingefangen
    Log-Analyse und Auswertung - 29.03.2012 (3)
  6. Bundespolizei Scareware eingefangen
    Log-Analyse und Auswertung - 06.01.2012 (1)
  7. Bundespolizei Scareware
    Plagegeister aller Art und deren Bekämpfung - 18.12.2011 (3)
  8. Scareware BKA, OTL Logfile
    Log-Analyse und Auswertung - 13.09.2011 (24)
  9. BKA Scareware
    Log-Analyse und Auswertung - 04.09.2011 (17)
  10. BKA Scareware
    Log-Analyse und Auswertung - 09.08.2011 (7)
  11. Warnung! Scareware eingefangen: Datei TOKOV.EXE
    Plagegeister aller Art und deren Bekämpfung - 03.09.2010 (0)
  12. Scareware im Browser
    Plagegeister aller Art und deren Bekämpfung - 23.08.2010 (3)
  13. Scareware was tun?
    Plagegeister aller Art und deren Bekämpfung - 01.08.2010 (2)
  14. Plötzliches Pop Up - Scareware im Browser
    Plagegeister aller Art und deren Bekämpfung - 14.05.2010 (10)
  15. Scareware wird handgreiflich
    Nachrichten - 01.03.2010 (0)
  16. Scareware??!!
    Plagegeister aller Art und deren Bekämpfung - 25.07.2009 (21)
  17. problem mit norton 360 und werbefenster im firefoxbrowser
    Log-Analyse und Auswertung - 28.07.2008 (1)

Zum Thema Scareware im Firefoxbrowser eingefangen, wie entfernen? - Hallo liebe TB-Helfer , ich habe mir gestern eine so genannte "Scareware" im Firefox eingefangen. Dies macht sich wie folgt bemerkbar: 1. Beim Öffnen des Firefox erscheinen am unteren Bildrand - Scareware im Firefoxbrowser eingefangen, wie entfernen?...
Archiv
Du betrachtest: Scareware im Firefoxbrowser eingefangen, wie entfernen? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.