| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Scareware im Firefoxbrowser eingefangen, wie entfernen?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
25.06.2014, 15:01
| #1 |
 |  Scareware im Firefoxbrowser eingefangen, wie entfernen? Hallo liebe TB-Helfer  ,ich habe mir gestern eine so genannte "Scareware" im Firefox eingefangen. Dies macht sich wie folgt bemerkbar: 1. Beim Öffnen des Firefox erscheinen am unteren Bildrand Popups mit Werbung von Antivirenprogrammen oder Warnmeldungen, dass "der PC infiziert sei" 2. Ab und an öffnen sich recht schnell hintereinander viele Tabs mit verschiedenen Werbebotschaften. Das Programm nervt schrecklich wurde jedoch nicht durch mein Antivirenprogramm erkannt. Folgende AV-Programme sind installiert: Malewarebytes Avira free antivir Ich freue mich über jede Hilfe zur Behebung des Problems. Vielen Dank im Voraus. |
|
25.06.2014, 15:06
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Scareware im Firefoxbrowser eingefangen, wie entfernen? Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Schritt 1   Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff Posten in CODE-Tags: So gehts... Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
25.06.2014, 18:33
| #3 |
| | Scareware im Firefoxbrowser eingefangen, wie entfernen? Hallo Jürgen,
__________________Danke für deine Hilfe, dass Ihr so schnell seid hätte ich nicht erwartet. Also hier die Posts! 1. FRST - Scan: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2014
Ran by KarinAtWork (ATTENTION: The logged in user is not administrator) on KNOTEBOOK on 25-06-2014 19:20:53
Running from C:\Users\KarinAtWork\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Dropbox, Inc.) C:\Users\KarinAtWork\AppData\Roaming\Dropbox\bin\Dropbox.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\NetCrawl\bin\NetCrawl.BrowserAdapter.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [2703752 2010-03-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NortonOnlineBackup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1112920 2010-03-05] (Symantec Corporation)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [157456 2009-05-14] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
HKU\S-1-5-21-3457901039-3679683318-3372754741-1003\...\MountPoints2: F - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3457901039-3679683318-3372754741-1003\...\MountPoints2: {2452c545-b8e2-11e2-90fb-002454dbf6c9} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3457901039-3679683318-3372754741-1003\...\MountPoints2: {2452c5d9-b8e2-11e2-90fb-002454dbf6c9} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3457901039-3679683318-3372754741-1003\...\MountPoints2: {3635a43e-c082-11e1-b0fd-002454dbf6c9} - F:\autorun.exe
HKU\S-1-5-21-3457901039-3679683318-3372754741-1003\...\MountPoints2: {4add72c9-b9fe-11e1-9978-002454dbf6c9} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3457901039-3679683318-3372754741-1003\...\MountPoints2: {65050b47-b8ef-11e2-8e75-002454dbf6c9} - F:\setup_vmc_lite.exe /checkApplicationPresence
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\KarinAtWork\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\KarinAtWork\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.zeit.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://rocket-find.com/?f=1&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://rocket-find.com/?f=1&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir=
URLSearchHook: HKCU - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir=
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {ACD06C1D-190E-4605-8726-53B743BF793C} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {B3EEF211-55D7-471B-A53C-EC3FAF5EAFDE} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=597d92b1-40ac-4182-b0f6-b1dc0f78c2fb&apn_sauid=CF9B94EA-FFE2-42FE-99A1-605CB254ED79
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{24DB843F-333B-4F22-8094-8E06240D8CCB}: [NameServer]62.134.11.4 195.182.110.132
FireFox:
========
FF ProfilePath: C:\Users\KarinAtWork\AppData\Roaming\Mozilla\Firefox\Profiles\xrxbsjqz.default-1354521547828
FF Homepage: www.ixquick.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\KarinAtWork\AppData\Roaming\Mozilla\Firefox\Profiles\xrxbsjqz.default-1354521547828\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\KarinAtWork\AppData\Roaming\Mozilla\Firefox\Profiles\xrxbsjqz.default-1354521547828\searchplugins\WSE Rocket.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} [2014-06-19]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-05-26]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2782552 2010-03-05] (Symantec Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1335344 2014-01-23] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [856112 2014-01-23] (pdfforge GmbH)
R2 Rezip; C:\Windows\SysWOW64\Rezip.exe [311296 2009-03-05] () [File not signed]
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
S2 Update NetCrawl; C:\Program Files (x86)\NetCrawl\updateNetCrawl.exe [317728 2014-06-16] ()
R2 Util NetCrawl; C:\Program Files (x86)\NetCrawl\bin\utilNetCrawl.exe [317728 2014-06-23] ()
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [304592 2009-06-22] ()
R2 XS Stick Service; C:\Windows\service4g.exe [125200 2009-05-14] (4G Systems GmbH & Co. KG)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-30] (Avira Operations GmbH & Co. KG)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2012-06-27] (Mobile Connector)
S3 cmnsusbser; C:\Windows\SysWOW64\DRIVERS\cmnsusbser.sys [117888 2008-10-31] (Mobile Connector)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-10-13] (Windows (R) 2003 DDK 3790 provider)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
R1 {57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64; C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys [61112 2014-06-13] (StdLib)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-25 19:20 - 2014-06-25 19:22 - 00018722 _____ () C:\Users\KarinAtWork\Desktop\FRST.txt
2014-06-25 19:19 - 2014-06-25 19:21 - 00000000 ____D () C:\FRST
2014-06-25 19:19 - 2014-06-25 19:19 - 02082816 _____ (Farbar) C:\Users\KarinAtWork\Desktop\FRST64.exe
2014-06-24 19:09 - 2014-06-13 13:36 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys
2014-06-23 20:29 - 2014-06-23 20:29 - 00002269 _____ () C:\Users\KarinAtWork\Documents\New Database.odb
2014-06-23 18:47 - 2014-06-23 18:47 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\OpenOffice
2014-06-23 15:26 - 2014-06-23 15:26 - 00001112 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-06-23 15:26 - 2014-06-23 15:26 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-06-23 15:25 - 2014-06-23 15:25 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-23 15:24 - 2014-06-24 19:08 - 00000000 ____D () C:\Program Files (x86)\NetCrawl
2014-06-23 15:22 - 2014-06-25 19:22 - 00000292 _____ () C:\Windows\Tasks\Rocket Updater.job
2014-06-23 15:22 - 2014-06-23 15:22 - 00000000 ____D () C:\Program Files (x86)\WSE Rocket
2014-06-23 15:21 - 2014-06-23 15:21 - 00803368 _____ ( ) C:\Users\KarinAtWork\Downloads\Open OfficeSetup.exe
2014-06-23 15:16 - 2014-06-23 15:16 - 00469576 _____ () C:\Users\KarinAtWork\Downloads\apache-openoffice.exe
2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieUserList
2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieSiteList
2014-06-19 22:38 - 2014-06-23 04:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 13:03 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 13:03 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 13:03 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 13:03 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 13:03 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 13:03 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 13:03 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 13:03 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 13:03 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 13:03 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 13:03 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 13:03 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 13:03 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 13:03 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 13:03 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 13:03 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 13:03 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 13:03 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 13:03 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 13:03 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 13:03 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 13:03 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 13:03 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 13:03 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 13:03 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 13:03 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 13:03 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 13:03 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 13:03 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 13:03 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 13:03 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 13:03 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 13:03 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 13:03 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 13:03 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 13:03 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 13:03 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 13:03 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 13:03 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 13:03 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 13:03 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 13:03 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 13:03 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 13:03 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 13:03 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 13:03 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 13:03 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 13:03 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 13:03 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 13:03 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 13:03 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 13:03 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 13:03 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 13:03 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 13:03 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 13:03 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 13:03 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 13:03 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 13:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 13:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 13:03 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 13:03 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 13:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 13:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-05-27 14:16 - 2014-05-27 14:16 - 00000000 ____D () C:\Users\KarinAtWork\Documents\Benutzerdefinierte Office-Vorlagen
2014-05-26 22:20 - 2014-05-26 22:20 - 00000000 ____D () C:\Users\KarinAtWork\Documents\PDF Architect Files
2014-05-26 22:20 - 2014-05-26 22:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
2014-05-26 22:20 - 2014-05-26 22:20 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-05-26 22:19 - 2014-05-26 22:21 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\PDF Architect
2014-05-26 22:11 - 2014-05-26 22:17 - 52293632 _____ () C:\Users\KarinAtWork\Downloads\PDF_Architect_Setup_1.2.97.14551.msi
2014-05-26 12:40 - 2014-06-25 19:15 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\DropboxMaster
==================== One Month Modified Files and Folders =======
2014-06-25 19:22 - 2014-06-25 19:20 - 00018722 _____ () C:\Users\KarinAtWork\Desktop\FRST.txt
2014-06-25 19:22 - 2014-06-23 15:22 - 00000292 _____ () C:\Windows\Tasks\Rocket Updater.job
2014-06-25 19:22 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-25 19:22 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-25 19:21 - 2014-06-25 19:19 - 00000000 ____D () C:\FRST
2014-06-25 19:19 - 2014-06-25 19:19 - 02082816 _____ (Farbar) C:\Users\KarinAtWork\Desktop\FRST64.exe
2014-06-25 19:18 - 2010-06-01 03:03 - 01447306 _____ () C:\Windows\WindowsUpdate.log
2014-06-25 19:15 - 2014-05-26 12:40 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\DropboxMaster
2014-06-25 19:15 - 2013-05-20 23:11 - 00000000 ___RD () C:\Users\KarinAtWork\Dropbox
2014-06-25 19:15 - 2013-05-20 23:06 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\Dropbox
2014-06-25 19:15 - 2009-07-14 04:34 - 00000612 _____ () C:\Windows\win.ini
2014-06-25 19:13 - 2013-05-20 23:36 - 00020560 _____ () C:\Windows\setupact.log
2014-06-25 19:13 - 2012-06-30 10:04 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-06-25 19:13 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-25 15:40 - 2013-05-05 00:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-25 15:29 - 2011-01-19 03:48 - 00000000 ____D () C:\Users\Karin
2014-06-25 10:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-06-24 19:08 - 2014-06-23 15:24 - 00000000 ____D () C:\Program Files (x86)\NetCrawl
2014-06-23 20:29 - 2014-06-23 20:29 - 00002269 _____ () C:\Users\KarinAtWork\Documents\New Database.odb
2014-06-23 18:51 - 2012-08-19 14:17 - 00000000 ____D () C:\Users\KarinAtWork\Desktop\Bewerbungen
2014-06-23 18:47 - 2014-06-23 18:47 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\OpenOffice
2014-06-23 15:37 - 2012-05-02 10:40 - 00125800 _____ () C:\Users\KarinAtWork\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-23 15:34 - 2013-05-28 07:14 - 00199888 _____ () C:\Windows\PFRO.log
2014-06-23 15:34 - 2009-07-14 06:45 - 00478600 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-23 15:26 - 2014-06-23 15:26 - 00001112 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-06-23 15:26 - 2014-06-23 15:26 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-06-23 15:25 - 2014-06-23 15:25 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-23 15:22 - 2014-06-23 15:22 - 00000000 ____D () C:\Program Files (x86)\WSE Rocket
2014-06-23 15:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-23 15:21 - 2014-06-23 15:21 - 00803368 _____ ( ) C:\Users\KarinAtWork\Downloads\Open OfficeSetup.exe
2014-06-23 15:16 - 2014-06-23 15:16 - 00469576 _____ () C:\Users\KarinAtWork\Downloads\apache-openoffice.exe
2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieUserList
2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieSiteList
2014-06-23 04:53 - 2014-06-19 22:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-22 11:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-20 23:40 - 2012-05-01 00:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-18 08:13 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-16 18:29 - 2014-01-06 23:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-16 18:29 - 2012-11-16 21:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-13 13:36 - 2014-06-24 19:09 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys
2014-06-12 13:37 - 2013-08-14 18:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 13:33 - 2011-01-22 10:02 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 11:04 - 2010-06-01 19:30 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-06-12 11:04 - 2010-06-01 19:30 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-06-12 11:04 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-11 15:53 - 2013-05-04 11:21 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-06-07 14:26 - 2012-05-07 18:32 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\SoftGrid Client
2014-06-02 19:31 - 2013-01-05 17:54 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Local\FreePDF_XP
2014-05-30 12:21 - 2014-06-11 13:03 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-11 13:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-11 13:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-11 13:03 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-11 13:03 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-11 13:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-11 13:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-11 13:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-11 13:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-11 13:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-11 13:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-11 13:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-11 13:03 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 13:03 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-11 13:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-11 13:03 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 13:03 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-11 13:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-11 13:03 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-11 13:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-11 13:03 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 13:03 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-11 13:03 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 13:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-11 13:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 13:03 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 13:03 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-11 13:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 13:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-11 13:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-11 13:03 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-11 13:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-11 13:03 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-11 13:03 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-11 13:03 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 13:03 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 13:03 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 13:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-11 13:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 13:03 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 13:03 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 13:03 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 13:03 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 13:03 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 13:03 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 13:03 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 13:03 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 13:03 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 13:03 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 13:03 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 13:03 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 13:03 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-28 20:10 - 2012-11-10 15:14 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Local\Audible
2014-05-28 20:10 - 2012-07-18 16:51 - 00000000 ____D () C:\Users\KarinAtWork\Desktop\Musikdownload
2014-05-28 13:35 - 2013-05-05 08:21 - 00011069 _____ () C:\Users\KarinAtWork\Desktop\Abgänge.xlsx
2014-05-28 09:59 - 2013-05-20 23:11 - 00001036 _____ () C:\Users\KarinAtWork\Desktop\Dropbox.lnk
2014-05-28 09:59 - 2013-05-20 23:07 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-27 14:16 - 2014-05-27 14:16 - 00000000 ____D () C:\Users\KarinAtWork\Documents\Benutzerdefinierte Office-Vorlagen
2014-05-26 23:53 - 2013-06-04 18:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-26 22:21 - 2014-05-26 22:19 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\PDF Architect
2014-05-26 22:20 - 2014-05-26 22:20 - 00000000 ____D () C:\Users\KarinAtWork\Documents\PDF Architect Files
2014-05-26 22:20 - 2014-05-26 22:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
2014-05-26 22:20 - 2014-05-26 22:20 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-05-26 22:17 - 2014-05-26 22:11 - 52293632 _____ () C:\Users\KarinAtWork\Downloads\PDF_Architect_Setup_1.2.97.14551.msi
2014-05-26 21:46 - 2012-06-30 00:42 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Local\Microsoft Games
2014-05-26 17:11 - 2012-05-02 10:41 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Local\Mozilla
2014-05-26 12:48 - 2013-02-13 09:17 - 00012730 _____ () C:\Users\KarinAtWork\Desktop\GuVnormal2013.xlsx
Some content of TEMP:
====================
C:\Users\KarinAtWork\AppData\Local\Temp\avgnt.exe
C:\Users\KarinAtWork\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpj1lmql.dll
C:\Users\KarinAtWork\AppData\Local\Temp\secuniasi6474681520443312105.dll
C:\Users\KarinAtWork\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Und das FRST-Scan-Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2014
Ran by KarinAtWork at 2014-06-25 19:22:58
Running from C:\Users\KarinAtWork\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Atheros Client Installation Program (HKLM-x32\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{F8FEEFC0-D7D6-9A40-28E9-1E7A6716E803}) (Version: 3.0.774.0 - ATI Technologies, Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2006397056.48.56.3935466 - Audible, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
BatteryLifeExtender (HKLM-x32\...\{08B67A13-8501-48CB-B747-9D413BDC4594}) (Version: 1.0.3 - Samsung)
Bonbon Quest (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111768557}) (Version: - Oberon Media)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.44 - Broadcom Corporation)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon MG5100 series Benutzerregistrierung (HKLM-x32\...\Canon MG5100 series Benutzerregistrierung) (Version: - )
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0504.2152.37420 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help English (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help French (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help German (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
ccc-utility64 (Version: 2010.0504.2152.37420 - ATI) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3717 - CDBurnerXP)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3911 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.3911 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2BC398D2-11C8-43B1-AB84-675D33EB28C2}) (Version: - Microsoft)
Designer 2.0 (HKLM-x32\...\Designer 2.0_is1) (Version: 7.9.4 - Fomanu AG)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0.0.13 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.1 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{F771F1D4-EDD4-4D68-82DC-811583C099CD}) (Version: 4.3.1 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.0.11 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
EasyFileShare (HKLM-x32\...\{C4582EED-A3FB-4358-8F3F-8C994460DF28}) (Version: 1.0.3 - Samsung)
ETDWare PS/2-x64 7.0.7.0_WHQL (HKLM\...\Elantech) (Version: 7.0.7.0 - ELAN Microelectronics Corp.)
Flip Words (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110109903}) (Version: - Oberon Media)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Game Pack (HKLM-x32\...\{D1F6FBBB-B204-459A-9BF8-D06FFAB96CCC}_is1) (Version: 6.3.1.1 - Oberon Media, Inc.)
Gem Shop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110521483}) (Version: - Oberon Media)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Inkscape 0.48.3.1 (HKLM-x32\...\Inkscape) (Version: 0.48.3.1 - )
Insaniquarium Deluxe (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110245793}) (Version: - Oberon Media)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216045FF}) (Version: 6.0.450 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Mahjong Escape Ancient China (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version: - Oberon Media)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.6 (x86 de)) (Version: 17.0.6 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
NetCrawl (HKLM\...\NetCrawl) (Version: 2014.06.16.195433 - NetCrawl)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.13580 - Symantec Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Architect (HKLM-x32\...\{86D8A96B-1911-4C3F-AA16-0B47E053E492}) (Version: 1.2.97.14551 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{0F796312-289C-40CA-856C-9FBCF5E83342}) (Version: 0133.09.1202 - REALTEK Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.0.2 - Samsung)
Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Secunia PSI (3.0.0.7009) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7009 - Secunia)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110160733}) (Version: - Oberon Media)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Two Worlds II (HKLM-x32\...\Two Worlds II) (Version: 1.0.0 - )
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{968E82F6-FAF7-45E0-BCC0-EF8AA31A4EB3}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1FB43AFB-8112-41B9-B9A6-A43474F46123}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{071A9ED9-C72F-4CDA-9A88-F100C5EF9EE1}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{3365FE58-896F-45DE-8051-E48F6D8069FD}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{A2D4D766-14AE-46CA-BD99-801FB1523626}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUSR_{FE13BE31-2B5B-4D4E-8538-B3BB9B370C66}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8093.805 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WSE Rocket (HKLM-x32\...\WSE Rocket) (Version: - WSE Rocket)
XSManager (HKLM-x32\...\XSManager) (Version: 3.0 - XSManager)
==================== Restore Points =========================
Could not list Restore Points. Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\Rocket Updater.job => ?
==================== Loaded Modules (whitelisted) =============
2009-02-12 07:32 - 2009-02-12 07:32 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-06-01 03:01 - 2010-06-01 03:01 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-06-23 18:51 - 2014-06-24 23:33 - 00096544 _____ () C:\Program Files (x86)\NetCrawl\bin\NetCrawl.BrowserAdapter.exe
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:268F887D
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:5C270C64
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/25/2014 07:15:12 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/25/2014 09:36:39 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/24/2014 08:46:54 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/24/2014 08:23:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/24/2014 08:23:41 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/24/2014 07:08:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1520
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (06/24/2014 06:23:13 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/24/2014 03:07:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/23/2014 06:51:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0xd1c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (06/23/2014 03:36:22 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
System errors:
=============
Error: (06/25/2014 07:14:03 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Rezip erreicht.
Error: (06/25/2014 07:13:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update NetCrawl" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/25/2014 07:13:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Update NetCrawl erreicht.
Error: (06/24/2014 08:51:30 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (06/24/2014 08:46:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Util NetCrawl" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/24/2014 08:46:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Util NetCrawl erreicht.
Error: (06/24/2014 08:45:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update NetCrawl" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/24/2014 08:45:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Update NetCrawl erreicht.
Error: (06/24/2014 08:44:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 24.06.2014 um 20:30:51 unerwartet heruntergefahren.
Error: (06/24/2014 08:28:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office Sessions:
=========================
Error: (06/25/2014 07:15:12 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (06/25/2014 09:36:39 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (06/24/2014 08:46:54 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (06/24/2014 08:23:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (06/24/2014 08:23:41 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (06/24/2014 07:08:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b152001cf8fbb082b9ed6C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll21a3ebd3-fbc2-11e3-8f07-002454dbf6c9
Error: (06/24/2014 06:23:13 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8
Error: (06/24/2014 03:07:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (06/23/2014 06:51:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141bd1c01cf8ee8ae54a8e0C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll9b8e845f-faf6-11e3-b1b7-002454dbf6c9
Error: (06/23/2014 03:36:22 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
==================== Memory info ===========================
Percentage of memory in use: 54%
Total physical RAM: 3946.16 MB
Available physical RAM: 1805.06 MB
Total Pagefile: 7890.51 MB
Available Pagefile: 5341.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:113 GB) (Free:33.48 GB) NTFS
Drive d: () (Fixed) (Total:164.99 GB) (Free:147.38 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
|
|
25.06.2014, 21:26
| #4 | |
| /// TB-Ausbilder /// Anleitungs-Guru | Scareware im Firefoxbrowser eingefangen, wie entfernen?Zitat:
Schritt 1 Bitte deinstalliere folgende Programme: Java(TM) 6 Update 45 Java 7 Update 21 Versuche es bei Windows 7  zunächst über Systemsteuerung/Programme deinstallieren. Sollte das nicht gehen, lade Dir bitte Revo Uninstaller  hier herunter. Entpacke die zip-Datei auf den Desktop.
Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter: Schritt 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3  Malwarebytes Antimalware
Schritt 4 Downloade Dir HitmanPro  auf Deinen Desktop:HitmanPro - 32 Bit HitmanPro - 64 Bit
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
26.06.2014, 20:29
| #5 |
| | Scareware im Firefoxbrowser eingefangen, wie entfernen? Hallo Jürgen, so jetzt habe ich fast alle Programme durchlaufen lassen. Hier die Posts für die. 1. ADW-Cleaner Protokoll: Code:
ATTFilter # AdwCleaner v3.213 - Bericht erstellt am 26/06/2014 um 13:54:16
# Aktualisiert 23/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Karin - KNOTEBOOK
# Gestartet von : C:\Users\Karin\Desktop\adwcleaner_3.213.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Karin\AppData\Roaming\1H1Q
Ordner Gelöscht : C:\Users\Karin\AppData\Roaming\pdfforge
Datei Gelöscht : C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\searchplugins\bingp.xml
Datei Gelöscht : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\user.js
Datei Gelöscht : C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\user.js
Datei Gelöscht : C:\Users\KarinAtWork\AppData\Roaming\Mozilla\Firefox\Profiles\xrxbsjqz.default-1354521547828\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKLM\Software\InstallCore
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17126
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\prefs.js ]
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://rocket-find.com/?f=1&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1[...]
[ Datei : C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\prefs.js ]
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://rocket-find.com/?f=1&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1[...]
[ Datei : C:\Users\KarinAtWork\AppData\Roaming\Mozilla\Firefox\Profiles\xrxbsjqz.default-1354521547828\prefs.js ]
*************************
AdwCleaner[R0].txt - [6931 octets] - [26/06/2014 13:49:58]
AdwCleaner[S0].txt - [5538 octets] - [26/06/2014 13:54:16]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5598 octets] ##########
So und hier das Protokoll von mbam: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 26.06.2014 Suchlauf-Zeit: 19:12:19 Logdatei: Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.06.26.07 Rootkit Datenbank: v2014.06.23.02 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Karin Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 351095 Verstrichene Zeit: 26 Min, 59 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristics: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 16 PUP.Optional.NetCrawl.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update NetCrawl, In Quarantäne, [cd1d4437cdaead89b741cfc023de43bd], PUP.Optional.NetCrawl.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util NetCrawl, In Quarantäne, [3fab84f7423951e593655e312bd6a65a], PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [21c9205b99e24aecc10880ffc63cc739], PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [21c9205b99e24aecc10880ffc63cc739], PUP.Optional.NetCrawl.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\NetCrawl, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, HKLM\SOFTWARE\WOW6432NODE\NetCrawl, In Quarantäne, [0fdbd9a2b0cba690afdd7e2e28dade22], PUP.Optional.NetCrawl.A, HKU\S-1-5-21-3457901039-3679683318-3372754741-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\NetCrawl, Löschen bei Neustart, [04e6accf8af1d660315d6f3d20e20af6], PUP.Optional.Iminent.A, HKU\S-1-5-21-3457901039-3679683318-3372754741-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, Löschen bei Neustart, [07e3bac13348e15505118f422cd6a060], PUP.Optional.RocketFind.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WSE Rocket, In Quarantäne, [6b7f2f4c3c3f50e614076149ad55936d], Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 31 PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\plugins, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\TEMP, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\newtab, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\icons, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\resources, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\favorites, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\info, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\_locales, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\_locales\en-US, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketFind.A, C:\Users\Karin\AppData\Roaming\RocketUpdater\UpdateProc, In Quarantäne, [00ea97e46b1079bdc6547634d32f55ab], PUP.Optional.RocketFind.A, C:\Program Files (x86)\WSE Rocket, In Quarantäne, [6b7f2f4c3c3f50e614076149ad55936d], PUP.Optional.RocketFind.A, C:\Program Files (x86)\WSE Rocket\bh, In Quarantäne, [6b7f2f4c3c3f50e614076149ad55936d], Dateien: 171 PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\updateNetCrawl.exe, In Quarantäne, [cd1d4437cdaead89b741cfc023de43bd], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\utilNetCrawl.exe, In Quarantäne, [3fab84f7423951e593655e312bd6a65a], PUP.Optional.InstallCore, C:\Users\KarinAtWork\Downloads\Open OfficeSetup.exe, In Quarantäne, [6189522981fae056ac624b332ed63ac6], Adware.InstallBrain, C:\Users\KarinAtWork\Downloads\RocketPDFSetup.exe, In Quarantäne, [c426ea91e5962e08964fbb51679ae11f], PUP.Optional.RocketFind.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\searchplugins\WSE Rocket.xml, In Quarantäne, [c327700b1566f54141851d8eea18966a], PUP.Optional.RocketFind.A, C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default\searchplugins\WSE Rocket.xml, In Quarantäne, [d614e596c1ba5adc5b6b763540c2ad53], PUP.Optional.RocketFind.A, C:\Users\KarinAtWork\AppData\Roaming\Mozilla\Firefox\Profiles\xrxbsjqz.default-1354521547828\searchplugins\WSE Rocket.xml, In Quarantäne, [46a483f8166525112d994764be444eb2], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\NetCrawl.ico, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\0, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\7za.exe, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\NetCrawlBHO.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\NetCrawlUninstall.exe, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\updateNetCrawl.InstallState, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\7za.exe, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\BrowserAdapterS.7z, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\NetCrawl.BrowserAdapter.exe, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\NetCrawl.PurBrowse.zip, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\NetCrawl.PurBrowse64.exe, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\NetCrawl.PurBrowseG.zip, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\NetCrawlBAApp.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\sqlite3.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\utilNetCrawl.InstallState, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\plugins\NetCrawl.Bromon.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\plugins\NetCrawl.BroStats.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\plugins\NetCrawl.BrowserAdapterS.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\plugins\NetCrawl.CompatibilityChecker.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\plugins\NetCrawl.FeSvc.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\plugins\NetCrawl.FFUpdate.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\plugins\NetCrawl.IEUpdate.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\plugins\NetCrawl.PurBrowse.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.NetCrawl.A, C:\Program Files (x86)\NetCrawl\bin\plugins\NetCrawl.PurBrowseG.dll, In Quarantäne, [7278de9ddc9f330392f9fcb062a038c8], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\bootstrap.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\chrome.manifest, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\install.rdf, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser\background.9.5.5.jsm, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser\background.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser\browser.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser\header.9.5.5.jsm, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser\header.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser\timer.jsm, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_de.json, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_en-gb.json, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_en_us.json, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_fr.json, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_he.json, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_it.json, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_pt-br.json, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_ru.json, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_tr.json, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\crypto-js.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\jquery-2.1.0.min.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\jquery.autocomplete.min.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\jquery.balloon.min.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\jquery.fittext.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\jquery.Jcrop.min.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\jquery.simplecolorpicker.min.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\mustache.min.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\string.min.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\underscore-min.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\newtab\gallery.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\newtab\gallery.min.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\newtab\newtab.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\newtab\newtab.min.js, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external\foundation.min.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external\indicator.gif, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external\Jcrop.gif, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external\jquery.autocomplete.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external\jquery.Jcrop.min.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external\jquery.simplecolorpicker.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external\normalize.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\arrow-gallery-cat-selected.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\arrow.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\emptyArea.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\gallery.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\gallery_templates.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\icon-gallery-search.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\not_available_32.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\plus.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\X.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\icons\16.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\icons\32.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\icons\64.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\icons\_16.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css\buttons.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css\footer.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css\header.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css\list.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css\newtab.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css\search.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css\themes.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\ajax-loader-2.gif, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\ajax-loader-bar.gif, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\ajax-loader-medium.gif, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\ajax-loader-small.gif, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\ajax-loader.gif, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\arrow-footer.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\arrow-header.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\attachment.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\close.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\edit-button.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\icon-chrome.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\icon-edit.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\icon-layout.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\icon-plus.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\icon-theme.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\menu_v.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\menu_v_white.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\provider.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\x-button.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\arab_tile.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\batthern_@2X.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\bo_play_pattern_@2X.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\dark_wood_@2X.jpg, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\diagonal_striped_brick.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\escheresque_ste_@2X.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\gold_scale.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\purty_wood_@2X.jpg, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\readme.txt, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\starring_@2X.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\tileable_wood_texture_@2X.jpg, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\weave_@2X.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\wild_oliva_@2X.jpg, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\woven.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\resources\list.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\resources\menu.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\activetabs.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\favorites.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\layout.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\modal-fav-add.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\modal-fav-edit.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\modal-fav-group.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\readitlater.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\recentlyclosed.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\theme.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\webapps.css, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\bookmarks.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\download.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\downloads.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\downloas.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\extensions.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\history.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\settings.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\trash.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\favorites\empty.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\favorites\error.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\favorites\shadow.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\info\contactus.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\info\facebook.ico, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\info\rateus.png, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\info\twitter.ico, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\activetabs.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\favorites.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\layout.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\modal-fav-add.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\modal-fav-edit.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\modal-fav-group.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\readitlater.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\readitlater_content.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\readitlater_menu.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\recentlyclosed.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\theme.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\webapps.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources\webapps_contextmenu.html, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketTab.A, C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\vj5ztxeh.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\_locales\en-US\translations.dtd, In Quarantäne, [f8f2740745366bcb350f01a8a062f40c], PUP.Optional.RocketFind.A, C:\Users\Karin\AppData\Roaming\RocketUpdater\UpdateProc\config.dat, In Quarantäne, [00ea97e46b1079bdc6547634d32f55ab], PUP.Optional.RocketFind.A, C:\Users\Karin\AppData\Roaming\RocketUpdater\UpdateProc\info.dat, In Quarantäne, [00ea97e46b1079bdc6547634d32f55ab], PUP.Optional.RocketFind.A, C:\Program Files (x86)\WSE Rocket\FavIcon.ico, In Quarantäne, [6b7f2f4c3c3f50e614076149ad55936d], PUP.Optional.RocketFind.A, C:\Program Files (x86)\WSE Rocket\Sqlite3.dll, In Quarantäne, [6b7f2f4c3c3f50e614076149ad55936d], PUP.Optional.RocketFind.A, C:\Program Files (x86)\WSE Rocket\uninst.dat, In Quarantäne, [6b7f2f4c3c3f50e614076149ad55936d], PUP.Optional.RocketFind.A, C:\Program Files (x86)\WSE Rocket\uninstall.exe, In Quarantäne, [6b7f2f4c3c3f50e614076149ad55936d], Physische Sektoren: 0 (No malicious items detected) (end) Hallo nochmal So, hier ist das HitmanPro-protokoll. Code:
ATTFilter
Grüße, Karin |
|
26.06.2014, 20:31
| #6 |
| /// TB-Ausbilder /// Anleitungs-Guru | Scareware im Firefoxbrowser eingefangen, wie entfernen? OK...  Schritt 1 ESET Online Scanner
Schritt 2 Bitte starte FRST erneut, markiere auch die checkbox  und drücke auf Scan. Bitte poste mir den Inhalt der beiden Logs die erstellt werden. Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?
__________________ --> Scareware im Firefoxbrowser eingefangen, wie entfernen? |
|
28.06.2014, 08:19
| #7 |
| | Scareware im Firefoxbrowser eingefangen, wie entfernen? So nun bin ich etwas weiter. Hier die Logfiles. 1. ESET_Logfile Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=f611f905e9194d4993afdb1ea9434bde
# engine=18914
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-06-27 10:00:46
# local_time=2014-06-28 12:00:46 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 58339 148409220 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 58198 155536296 0 0
# scanned=207734
# found=15
# cleaned=0
# scan_time=47158
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Karin\AppData\Roaming\1H1Q\Open Office Packages\uninstaller.exe.vir"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll"
sh=1A3F14C0A66F9AF050D1F34FBACBAADC31751A07 ft=1 fh=2704a03a0f47b728 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe"
sh=4B553651EF610C0614F8393D6C25ABA0A8F09ECA ft=1 fh=92ef1bb072edf568 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\Offercast_AVIRAV7_.exe"
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Karin\AppData\Local\Temp\is1597349865\22458699_stp\uninstaller.exe"
sh=EA91A7B4AB2DE640BBDAE944E5F91E6C479DCDDF ft=1 fh=9996c0ea4bfd5a76 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Users\Karin\Downloads\avira_free_antivirus_de.exe"
sh=0719A92D1474FE02518BADD58AF02FC0078E1D7F ft=1 fh=e4cf1a90b6fab410 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Karin\Downloads\PDFCreator-1_4_0_setup.exe"
sh=FF6BF8FE278AC42A986EBC814CF9077636376408 ft=1 fh=e2e9960512171a5a vn="Variante von Win32/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\KarinAtWork\Downloads\apache-openoffice.exe"
sh=08BF6F871199BCDB95F0361EC920DF406BD3597A ft=1 fh=c0776f02905eb6da vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Users\KarinAtWork\Downloads\avira_free_antivirus_de.exe"
sh=9E662DA1E1D9D2162F6E351FED9DF3485F7F0DAC ft=1 fh=518aa4667562cc92 vn="Variante von Win32/YourFileDownloader evtl. unerwünschte Anwendung" ac=I fn="C:\Users\KarinAtWork\Downloads\Gus_Gus-Sweetsmoke_mp3_downloader_98975.exe"
sh=9434866971DD357600C9F2B1E31B7893C3A070F0 ft=1 fh=4f14aeb246e47811 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\KarinAtWork\Downloads\PDFCreator-1_7_1_setup.exe"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\ApnIC[1].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\ApnIC[1].0"
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 01
Ran by Karin at 2014-06-28 09:09:50
Running from C:\Users\Karin\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Atheros Client Installation Program (HKLM-x32\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{F8FEEFC0-D7D6-9A40-28E9-1E7A6716E803}) (Version: 3.0.774.0 - ATI Technologies, Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2006397056.48.56.3935466 - Audible, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
BatteryLifeExtender (HKLM-x32\...\{08B67A13-8501-48CB-B747-9D413BDC4594}) (Version: 1.0.3 - Samsung)
Bonbon Quest (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111768557}) (Version: - Oberon Media)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.44 - Broadcom Corporation)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon MG5100 series Benutzerregistrierung (HKLM-x32\...\Canon MG5100 series Benutzerregistrierung) (Version: - )
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0504.2152.37420 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help English (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help French (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help German (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
ccc-utility64 (Version: 2010.0504.2152.37420 - ATI) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3717 - CDBurnerXP)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3911 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.3911 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2BC398D2-11C8-43B1-AB84-675D33EB28C2}) (Version: - Microsoft)
Designer 2.0 (HKLM-x32\...\Designer 2.0_is1) (Version: 7.9.4 - Fomanu AG)
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0.0.13 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.1 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{F771F1D4-EDD4-4D68-82DC-811583C099CD}) (Version: 4.3.1 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.0.11 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
EasyFileShare (HKLM-x32\...\{C4582EED-A3FB-4358-8F3F-8C994460DF28}) (Version: 1.0.3 - Samsung)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ETDWare PS/2-x64 7.0.7.0_WHQL (HKLM\...\Elantech) (Version: 7.0.7.0 - ELAN Microelectronics Corp.)
Flip Words (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110109903}) (Version: - Oberon Media)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Game Pack (HKLM-x32\...\{D1F6FBBB-B204-459A-9BF8-D06FFAB96CCC}_is1) (Version: 6.3.1.1 - Oberon Media, Inc.)
Gem Shop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110521483}) (Version: - Oberon Media)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Inkscape 0.48.3.1 (HKLM-x32\...\Inkscape) (Version: 0.48.3.1 - )
Insaniquarium Deluxe (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110245793}) (Version: - Oberon Media)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Mahjong Escape Ancient China (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version: - Oberon Media)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.6 (x86 de)) (Version: 17.0.6 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.13580 - Symantec Corporation)
Open Office Packages (HKCU\...\Open Office Packages) (Version: - ) <==== ATTENTION
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Architect (HKLM-x32\...\{86D8A96B-1911-4C3F-AA16-0B47E053E492}) (Version: 1.2.97.14551 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{0F796312-289C-40CA-856C-9FBCF5E83342}) (Version: 0133.09.1202 - REALTEK Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Rocket (HKCU\...\Rocket) (Version: 31.0.1650.23 - Rocket)
Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.0.2 - Samsung)
Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Secunia PSI (3.0.0.7009) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7009 - Secunia)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110160733}) (Version: - Oberon Media)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SuperMailer 8.01 (HKLM-x32\...\Newsletter Software SuperMailer_is1) (Version: 8.01 - Mirko Boeer Softwareentwicklungen)
Two Worlds II (HKLM-x32\...\Two Worlds II) (Version: 1.0.0 - )
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{968E82F6-FAF7-45E0-BCC0-EF8AA31A4EB3}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1FB43AFB-8112-41B9-B9A6-A43474F46123}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{071A9ED9-C72F-4CDA-9A88-F100C5EF9EE1}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{3365FE58-896F-45DE-8051-E48F6D8069FD}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{A2D4D766-14AE-46CA-BD99-801FB1523626}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUSR_{FE13BE31-2B5B-4D4E-8538-B3BB9B370C66}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8093.805 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
XSManager (HKLM-x32\...\XSManager) (Version: 3.0 - XSManager)
==================== Restore Points =========================
20-06-2014 06:51:31 Windows Update
23-06-2014 13:23:20 Installed OpenOffice 4.0.1
25-06-2014 07:42:08 Windows Update
26-06-2014 11:45:28 Removed Java(TM) 6 Update 45
26-06-2014 11:46:55 Removed Java 7 Update 21
26-06-2014 19:24:57 Prüfpunkt von HitmanPro
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {09BC1C1F-B209-4357-AAE3-7A4805D83BFC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {33358644-D61B-420D-978B-86EEE4CACE31} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {75E1B6AA-7B51-4FAC-8029-38C519695459} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {80B1E869-75CC-4B6E-A76D-54C29A7FB47D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-17] (Adobe Systems Incorporated)
Task: {8813E5D3-87AE-4768-B14F-387BD05ACF8D} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2010-05-06] (SAMSUNG Electronics)
Task: {B3038D87-CE94-422A-9FDC-9D893BB5CEE3} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {B5FFC2F7-CB63-449C-BCA4-615C3BFB12EB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {C0DFC50F-2830-48FF-A5DC-C204BCC9458D} - System32\Tasks\Rocket Updater => C:\Users\Karin\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {CD819A81-4C92-4F0E-9242-D3431D89ACF4} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-05-06] (Samsung Electronics)
Task: {D7124D21-9D3D-430E-9095-5CA5C98AB530} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-04-17] (Samsung Electronics. Co. Ltd.)
Task: {D774F9DD-6A0C-478D-A6E1-DF1734E28C67} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
Task: {E9724AB6-2D4D-4469-8374-1B9051E15A99} - System32\Tasks\{02FB5D97-BB17-41C4-8F09-D60FAA38A572} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.7.0.102/en/abandoninstall?page=tsProgressBar
Task: {F56B76B9-95E0-47F8-8A07-72DDB540B015} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-04-07] (Samsung Electronics Co., Ltd.)
Task: {F9CE13F9-8BA6-4A7A-9512-FC0F318C1BB5} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-03-29] (SAMSUNG Electronics co., LTD.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Rocket Updater.job => C:\Users\Karin\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2012-12-14 09:12 - 2010-06-17 22:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2010-06-01 03:04 - 2009-03-05 11:54 - 00311296 _____ () C:\Windows\SysWOW64\Rezip.exe
2012-06-27 20:28 - 2009-06-22 16:13 - 00304592 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2009-02-12 07:32 - 2009-02-12 07:32 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-06-01 03:01 - 2010-06-01 03:01 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-06-01 03:09 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:268F887D
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:5C270C64
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/28/2014 09:05:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/27/2014 10:51:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/27/2014 10:51:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/27/2014 10:51:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/27/2014 10:51:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/26/2014 10:10:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/26/2014 09:25:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service Util NetCrawl since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (06/26/2014 09:25:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service Update NetCrawl since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (06/26/2014 06:30:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x10e4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (06/25/2014 10:06:28 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
System errors:
=============
Error: (06/27/2014 10:45:52 AM) (Source: DCOM) (EventID: 10016) (User: KNotebook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}KNotebookGastS-1-5-21-3457901039-3679683318-3372754741-501LocalHost (unter Verwendung von LRPC)
Error: (06/27/2014 10:32:35 AM) (Source: DCOM) (EventID: 10016) (User: KNotebook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}KNotebookGastS-1-5-21-3457901039-3679683318-3372754741-501LocalHost (unter Verwendung von LRPC)
Error: (06/27/2014 09:44:05 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Rezip erreicht.
Error: (06/27/2014 09:43:13 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet.
Error: (06/27/2014 07:44:41 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Rezip erreicht.
Error: (06/27/2014 07:43:54 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet.
Error: (06/26/2014 10:09:27 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Rezip erreicht.
Error: (06/26/2014 07:03:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Util NetCrawl" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/26/2014 07:03:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Util NetCrawl erreicht.
Error: (06/26/2014 07:03:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update NetCrawl" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (06/28/2014 09:05:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (06/27/2014 10:51:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe
Error: (06/27/2014 10:51:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe
Error: (06/27/2014 10:51:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe
Error: (06/27/2014 10:51:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe
Error: (06/26/2014 10:10:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (06/26/2014 09:25:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Util NetCrawl since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (06/26/2014 09:25:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Update NetCrawl since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (06/26/2014 06:30:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b10e401cf91365482d319C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll28b89367-fd4f-11e3-8e71-002454dbf6c9
Error: (06/25/2014 10:06:28 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
==================== Memory info ===========================
Percentage of memory in use: 52%
Total physical RAM: 3946.16 MB
Available physical RAM: 1881.37 MB
Total Pagefile: 7890.51 MB
Available Pagefile: 5132.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:113 GB) (Free:32.99 GB) NTFS
Drive d: () (Fixed) (Total:164.99 GB) (Free:147.38 GB) NTFS
Drive f: (KINGSTON) (Removable) (Total:7.38 GB) (Free:5.56 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 4394EB81)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=113 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=165 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7 GB) - (Type=0B)
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 01
Ran by Karin at 2014-06-28 09:24:17
Running from C:\Users\Karin\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Atheros Client Installation Program (HKLM-x32\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{F8FEEFC0-D7D6-9A40-28E9-1E7A6716E803}) (Version: 3.0.774.0 - ATI Technologies, Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2006397056.48.56.3935466 - Audible, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
BatteryLifeExtender (HKLM-x32\...\{08B67A13-8501-48CB-B747-9D413BDC4594}) (Version: 1.0.3 - Samsung)
Bonbon Quest (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111768557}) (Version: - Oberon Media)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.44 - Broadcom Corporation)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon MG5100 series Benutzerregistrierung (HKLM-x32\...\Canon MG5100 series Benutzerregistrierung) (Version: - )
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0504.2152.37420 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help English (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help French (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help German (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
ccc-utility64 (Version: 2010.0504.2152.37420 - ATI) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3717 - CDBurnerXP)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3911 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.3911 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2BC398D2-11C8-43B1-AB84-675D33EB28C2}) (Version: - Microsoft)
Designer 2.0 (HKLM-x32\...\Designer 2.0_is1) (Version: 7.9.4 - Fomanu AG)
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0.0.13 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.1 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{F771F1D4-EDD4-4D68-82DC-811583C099CD}) (Version: 4.3.1 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.0.11 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
EasyFileShare (HKLM-x32\...\{C4582EED-A3FB-4358-8F3F-8C994460DF28}) (Version: 1.0.3 - Samsung)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ETDWare PS/2-x64 7.0.7.0_WHQL (HKLM\...\Elantech) (Version: 7.0.7.0 - ELAN Microelectronics Corp.)
Flip Words (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110109903}) (Version: - Oberon Media)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Game Pack (HKLM-x32\...\{D1F6FBBB-B204-459A-9BF8-D06FFAB96CCC}_is1) (Version: 6.3.1.1 - Oberon Media, Inc.)
Gem Shop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110521483}) (Version: - Oberon Media)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Inkscape 0.48.3.1 (HKLM-x32\...\Inkscape) (Version: 0.48.3.1 - )
Insaniquarium Deluxe (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110245793}) (Version: - Oberon Media)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Mahjong Escape Ancient China (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version: - Oberon Media)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.6 (x86 de)) (Version: 17.0.6 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.13580 - Symantec Corporation)
Open Office Packages (HKCU\...\Open Office Packages) (Version: - ) <==== ATTENTION
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Architect (HKLM-x32\...\{86D8A96B-1911-4C3F-AA16-0B47E053E492}) (Version: 1.2.97.14551 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{0F796312-289C-40CA-856C-9FBCF5E83342}) (Version: 0133.09.1202 - REALTEK Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Rocket (HKCU\...\Rocket) (Version: 31.0.1650.23 - Rocket)
Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.0.2 - Samsung)
Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Secunia PSI (3.0.0.7009) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7009 - Secunia)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110160733}) (Version: - Oberon Media)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SuperMailer 8.01 (HKLM-x32\...\Newsletter Software SuperMailer_is1) (Version: 8.01 - Mirko Boeer Softwareentwicklungen)
Two Worlds II (HKLM-x32\...\Two Worlds II) (Version: 1.0.0 - )
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{968E82F6-FAF7-45E0-BCC0-EF8AA31A4EB3}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1FB43AFB-8112-41B9-B9A6-A43474F46123}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{071A9ED9-C72F-4CDA-9A88-F100C5EF9EE1}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{3365FE58-896F-45DE-8051-E48F6D8069FD}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{A2D4D766-14AE-46CA-BD99-801FB1523626}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUSR_{FE13BE31-2B5B-4D4E-8538-B3BB9B370C66}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8093.805 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
XSManager (HKLM-x32\...\XSManager) (Version: 3.0 - XSManager)
==================== Restore Points =========================
20-06-2014 06:51:31 Windows Update
23-06-2014 13:23:20 Installed OpenOffice 4.0.1
25-06-2014 07:42:08 Windows Update
26-06-2014 11:45:28 Removed Java(TM) 6 Update 45
26-06-2014 11:46:55 Removed Java 7 Update 21
26-06-2014 19:24:57 Prüfpunkt von HitmanPro
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {09BC1C1F-B209-4357-AAE3-7A4805D83BFC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {33358644-D61B-420D-978B-86EEE4CACE31} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {75E1B6AA-7B51-4FAC-8029-38C519695459} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {80B1E869-75CC-4B6E-A76D-54C29A7FB47D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-17] (Adobe Systems Incorporated)
Task: {8813E5D3-87AE-4768-B14F-387BD05ACF8D} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2010-05-06] (SAMSUNG Electronics)
Task: {B3038D87-CE94-422A-9FDC-9D893BB5CEE3} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {B5FFC2F7-CB63-449C-BCA4-615C3BFB12EB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {C0DFC50F-2830-48FF-A5DC-C204BCC9458D} - System32\Tasks\Rocket Updater => C:\Users\Karin\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {CD819A81-4C92-4F0E-9242-D3431D89ACF4} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-05-06] (Samsung Electronics)
Task: {D7124D21-9D3D-430E-9095-5CA5C98AB530} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-04-17] (Samsung Electronics. Co. Ltd.)
Task: {D774F9DD-6A0C-478D-A6E1-DF1734E28C67} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
Task: {E9724AB6-2D4D-4469-8374-1B9051E15A99} - System32\Tasks\{02FB5D97-BB17-41C4-8F09-D60FAA38A572} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.7.0.102/en/abandoninstall?page=tsProgressBar
Task: {F56B76B9-95E0-47F8-8A07-72DDB540B015} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-04-07] (Samsung Electronics Co., Ltd.)
Task: {F9CE13F9-8BA6-4A7A-9512-FC0F318C1BB5} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-03-29] (SAMSUNG Electronics co., LTD.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Rocket Updater.job => C:\Users\Karin\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2012-12-14 09:12 - 2010-06-17 22:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2010-06-01 03:04 - 2009-03-05 11:54 - 00311296 _____ () C:\Windows\SysWOW64\Rezip.exe
2012-06-27 20:28 - 2009-06-22 16:13 - 00304592 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2009-02-12 07:32 - 2009-02-12 07:32 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-06-01 03:01 - 2010-06-01 03:01 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-06-01 03:09 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2014-06-27 10:52 - 2014-05-23 10:56 - 00119184 _____ () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:268F887D
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:5C270C64
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/28/2014 09:05:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/27/2014 10:51:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/27/2014 10:51:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/27/2014 10:51:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/27/2014 10:51:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/26/2014 10:10:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/26/2014 09:25:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service Util NetCrawl since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (06/26/2014 09:25:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service Update NetCrawl since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (06/26/2014 06:30:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x10e4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (06/25/2014 10:06:28 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
System errors:
=============
Error: (06/28/2014 09:13:00 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/28/2014 09:13:00 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/28/2014 09:12:23 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/27/2014 10:45:52 AM) (Source: DCOM) (EventID: 10016) (User: KNotebook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}KNotebookGastS-1-5-21-3457901039-3679683318-3372754741-501LocalHost (unter Verwendung von LRPC)
Error: (06/27/2014 10:32:35 AM) (Source: DCOM) (EventID: 10016) (User: KNotebook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}KNotebookGastS-1-5-21-3457901039-3679683318-3372754741-501LocalHost (unter Verwendung von LRPC)
Error: (06/27/2014 09:44:05 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Rezip erreicht.
Error: (06/27/2014 09:43:13 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet.
Error: (06/27/2014 07:44:41 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Rezip erreicht.
Error: (06/27/2014 07:43:54 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet.
Error: (06/26/2014 10:09:27 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Rezip erreicht.
Microsoft Office Sessions:
=========================
Error: (06/28/2014 09:05:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (06/27/2014 10:51:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe
Error: (06/27/2014 10:51:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe
Error: (06/27/2014 10:51:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe
Error: (06/27/2014 10:51:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe
Error: (06/26/2014 10:10:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (06/26/2014 09:25:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Util NetCrawl since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (06/26/2014 09:25:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Update NetCrawl since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (06/26/2014 06:30:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b10e401cf91365482d319C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll28b89367-fd4f-11e3-8e71-002454dbf6c9
Error: (06/25/2014 10:06:28 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
==================== Memory info ===========================
Percentage of memory in use: 48%
Total physical RAM: 3946.16 MB
Available physical RAM: 2035.3 MB
Total Pagefile: 7890.51 MB
Available Pagefile: 5267.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:113 GB) (Free:33.14 GB) NTFS
Drive d: () (Fixed) (Total:164.99 GB) (Free:147.38 GB) NTFS
Drive f: (KINGSTON) (Removable) (Total:7.38 GB) (Free:5.56 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 4394EB81)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=113 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=165 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7 GB) - (Type=0B)
==================== End Of Log ============================
Geändert von Ka-Rin (28.06.2014 um 08:27 Uhr) |
|
28.06.2014, 12:25
| #8 |
| /// TB-Ausbilder /// Anleitungs-Guru | Scareware im Firefoxbrowser eingefangen, wie entfernen? Hi, bitte poste mir die richtigen Logs. Du hast zweimal die Addition.txt gepostet. Außerdem benötige ich noch eine Antwort auf meine Frage.... Danke
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
28.06.2014, 22:42
| #9 |
| | Scareware im Firefoxbrowser eingefangen, wie entfernen? Oops, sorry. Da ist mir ein Fehler unterlaufen. Hier nochmal die richtigen files. FRST.txt: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 01 Ran by Karin (administrator) on KNOTEBOOK on 28-06-2014 23:36:35 Running from C:\Users\Karin\Desktop Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe () C:\Windows\SysWOW64\Rezip.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe () C:\Program Files (x86)\XSManager\WTGService.exe (4G Systems GmbH & Co. KG) C:\Windows\service4g.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe (AMD) C:\Windows\System32\atieclxx.exe (SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe (SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe (shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corporation) C:\Windows\splwow64.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_13_0_0_214_ActiveX.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-07] (Realtek Semiconductor) HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [2703752 2010-03-25] (ELAN Microelectronics Corp.) HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-05-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [NortonOnlineBackup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1112920 2010-03-05] (Symantec Corporation) HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [157456 2009-05-14] (4G Systems GmbH & Co. KG) HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-22] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation) HKU\S-1-5-21-3457901039-3679683318-3372754741-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia) Startup: C:\Users\KarinAtWork\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Karin\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File) ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir= SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir= SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir= SearchScopes: HKCU - {67F66D86-F250-40BB-8CAF-38BD065D72D3} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms} SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH) BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{24DB843F-333B-4F22-8094-8E06240D8CCB}: [NameServer]62.134.11.4 195.182.110.132 FireFox: ======== FF ProfilePath: C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default FF DefaultSearchEngine: WSE Rocket FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: WSE Rocket FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=061513&q= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017325.dll (Amazon.com, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-05-26] FF StartMenuInternet: FIREFOX.EXE - firefox.exe ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2782552 2010-03-05] (Symantec Corporation) R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1335344 2014-01-23] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [856112 2014-01-23] (pdfforge GmbH) R2 Rezip; C:\Windows\SysWOW64\Rezip.exe [311296 2009-03-05] () [File not signed] R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia) R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia) R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [304592 2009-06-22] () R2 XS Stick Service; C:\Windows\service4g.exe [125200 2009-05-14] (4G Systems GmbH & Co. KG) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-22] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-30] (Avira Operations GmbH & Co. KG) S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2012-06-27] (Mobile Connector) S3 cmnsusbser; C:\Windows\SysWOW64\DRIVERS\cmnsusbser.sys [117888 2008-10-31] (Mobile Connector) S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia) S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-10-13] (Windows (R) 2003 DDK 3790 provider) R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] () R1 {57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64; C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys [61112 2014-06-13] (StdLib) R1 {57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64; C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys [61112 2014-06-13] (StdLib) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-28 23:35 - 2014-06-28 23:35 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-06-28 09:07 - 2014-06-28 09:07 - 00000000 ____D () C:\Users\Karin\Desktop\FRST-OlderVersion 2014-06-27 10:51 - 2014-06-27 10:51 - 02347384 _____ (ESET) C:\Users\Karin\Downloads\esetsmartinstaller_deu.exe 2014-06-26 21:23 - 2014-06-26 21:23 - 00029396 _____ () C:\Users\Karin\Desktop\HitmanPro_20140626_2123.log 2014-06-26 20:07 - 2014-06-26 21:50 - 00000000 ____D () C:\ProgramData\HitmanPro 2014-06-26 19:11 - 2014-06-28 09:02 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-26 19:11 - 2014-06-26 19:11 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-26 19:11 - 2014-06-26 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-26 19:11 - 2014-06-26 19:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-26 19:11 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-06-26 19:11 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-06-26 19:11 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-06-26 17:41 - 2014-06-26 17:41 - 00000000 __SHD () C:\Users\Karin\AppData\Local\EmieUserList 2014-06-26 17:41 - 2014-06-26 17:41 - 00000000 __SHD () C:\Users\Karin\AppData\Local\EmieSiteList 2014-06-26 14:02 - 2014-06-26 14:02 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Karin\Desktop\mbam-setup-2.0.2.1012.exe 2014-06-26 13:58 - 2014-06-26 13:58 - 00005706 _____ () C:\Users\Karin\Desktop\AdwCleaner[S0].txt 2014-06-26 13:57 - 2014-06-13 13:36 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys 2014-06-26 13:49 - 2014-06-26 13:54 - 00000000 ____D () C:\AdwCleaner 2014-06-26 13:48 - 2014-06-26 13:48 - 01342659 _____ () C:\Users\Karin\Desktop\adwcleaner_3.213.exe 2014-06-26 13:40 - 2014-06-28 23:37 - 00017586 _____ () C:\Users\Karin\Desktop\FRST.txt 2014-06-26 13:38 - 2014-06-28 09:07 - 02083328 _____ (Farbar) C:\Users\Karin\Desktop\FRST64.exe 2014-06-26 13:38 - 2014-06-26 13:42 - 00049259 _____ () C:\Users\Karin\Downloads\FRST.txt 2014-06-26 13:37 - 2014-06-26 13:37 - 01073152 _____ (Farbar) C:\Users\Karin\Downloads\FRST.exe 2014-06-26 00:55 - 2014-06-26 00:55 - 00000996 _____ () C:\Users\Karin\Desktop\SuperMailer.lnk 2014-06-26 00:55 - 2014-06-26 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperMailer 2014-06-26 00:55 - 2014-06-26 00:55 - 00000000 ____D () C:\Program Files (x86)\SuperMailer 2014-06-26 00:54 - 2014-06-26 00:54 - 23981547 _____ () C:\Users\Gast\Downloads\smsw(1).zip 2014-06-25 19:19 - 2014-06-28 23:36 - 00000000 ____D () C:\FRST 2014-06-25 19:19 - 2014-06-25 19:19 - 02082816 _____ (Farbar) C:\Users\KarinAtWork\Desktop\FRST64.exe 2014-06-24 19:09 - 2014-06-13 13:36 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys 2014-06-23 20:29 - 2014-06-23 20:29 - 00002269 _____ () C:\Users\KarinAtWork\Documents\New Database.odb 2014-06-23 18:47 - 2014-06-23 18:47 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\OpenOffice 2014-06-23 15:26 - 2014-06-23 15:26 - 00001112 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk 2014-06-23 15:26 - 2014-06-23 15:26 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-06-23 15:25 - 2014-06-23 15:25 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4 2014-06-23 15:24 - 2014-06-23 15:24 - 00002230 _____ () C:\Users\Karin\Desktop\Rocket.lnk 2014-06-23 15:24 - 2014-06-23 15:24 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rocket 2014-06-23 15:23 - 2014-06-23 15:24 - 00000000 ____D () C:\Users\Karin\AppData\Local\Rocket 2014-06-23 15:22 - 2014-06-28 16:22 - 00000292 _____ () C:\Windows\Tasks\Rocket Updater.job 2014-06-23 15:22 - 2014-06-26 20:01 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\RocketUpdater 2014-06-23 15:22 - 2014-06-23 15:23 - 00003234 _____ () C:\Windows\System32\Tasks\Rocket Updater 2014-06-23 15:16 - 2014-06-23 15:16 - 00469576 _____ () C:\Users\KarinAtWork\Downloads\apache-openoffice.exe 2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieUserList 2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieSiteList 2014-06-19 22:38 - 2014-06-23 04:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-18 13:02 - 2014-06-18 13:02 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Malwarebytes 2014-06-11 13:03 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-11 13:03 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-11 13:03 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-11 13:03 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-11 13:03 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-11 13:03 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-11 13:03 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-11 13:03 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-11 13:03 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-11 13:03 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-11 13:03 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-11 13:03 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-11 13:03 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-11 13:03 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-11 13:03 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-11 13:03 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-11 13:03 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-11 13:03 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-11 13:03 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-11 13:03 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-11 13:03 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-11 13:03 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-11 13:03 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-11 13:03 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-11 13:03 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-11 13:03 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-11 13:03 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-11 13:03 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-11 13:03 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-11 13:03 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-11 13:03 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-11 13:03 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-11 13:03 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-11 13:03 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-11 13:03 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-11 13:03 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-11 13:03 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-11 13:03 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-11 13:03 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-11 13:03 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-11 13:03 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-11 13:03 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-11 13:03 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-11 13:03 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-11 13:03 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-11 13:03 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-11 13:03 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-11 13:03 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-11 13:03 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-11 13:03 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-11 13:03 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-11 13:03 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-11 13:03 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-11 13:03 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-11 13:03 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-11 13:03 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-06-11 13:03 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-06-11 13:03 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-11 13:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-06-11 13:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-06-11 13:03 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-11 13:03 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-11 13:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-06-11 13:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll ==================== One Month Modified Files and Folders ======= 2014-06-28 23:37 - 2014-06-26 13:40 - 00017586 _____ () C:\Users\Karin\Desktop\FRST.txt 2014-06-28 23:36 - 2014-06-25 19:19 - 00000000 ____D () C:\FRST 2014-06-28 23:35 - 2014-06-28 23:35 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-06-28 23:33 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-28 23:33 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-28 23:32 - 2013-07-16 22:49 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\Skype 2014-06-28 23:32 - 2013-05-20 23:11 - 00000000 ___RD () C:\Users\KarinAtWork\Dropbox 2014-06-28 23:29 - 2010-06-01 03:03 - 01567666 _____ () C:\Windows\WindowsUpdate.log 2014-06-28 23:28 - 2013-05-24 19:17 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8882FE08-554D-4D95-8483-6E4F45ADC1B3} 2014-06-28 23:27 - 2014-05-26 12:40 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\DropboxMaster 2014-06-28 23:27 - 2013-05-20 23:06 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\Dropbox 2014-06-28 23:24 - 2013-05-20 23:36 - 00021120 _____ () C:\Windows\setupact.log 2014-06-28 23:24 - 2012-06-30 10:04 - 00065536 _____ () C:\Windows\system32\Ikeext.etl 2014-06-28 23:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-28 16:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing 2014-06-28 16:40 - 2013-05-05 00:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-28 16:22 - 2014-06-23 15:22 - 00000292 _____ () C:\Windows\Tasks\Rocket Updater.job 2014-06-28 15:59 - 2013-05-28 07:14 - 00282048 _____ () C:\Windows\PFRO.log 2014-06-28 09:07 - 2014-06-28 09:07 - 00000000 ____D () C:\Users\Karin\Desktop\FRST-OlderVersion 2014-06-28 09:07 - 2014-06-26 13:38 - 02083328 _____ (Farbar) C:\Users\Karin\Desktop\FRST64.exe 2014-06-28 09:02 - 2014-06-26 19:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-27 10:51 - 2014-06-27 10:51 - 02347384 _____ (ESET) C:\Users\Karin\Downloads\esetsmartinstaller_deu.exe 2014-06-27 10:51 - 2010-06-01 19:30 - 00700134 _____ () C:\Windows\system32\perfh007.dat 2014-06-27 10:51 - 2010-06-01 19:30 - 00149984 _____ () C:\Windows\system32\perfc007.dat 2014-06-27 10:51 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-26 21:50 - 2014-06-26 20:07 - 00000000 ____D () C:\ProgramData\HitmanPro 2014-06-26 21:23 - 2014-06-26 21:23 - 00029396 _____ () C:\Users\Karin\Desktop\HitmanPro_20140626_2123.log 2014-06-26 20:01 - 2014-06-23 15:22 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\RocketUpdater 2014-06-26 19:11 - 2014-06-26 19:11 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-26 19:11 - 2014-06-26 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-26 19:11 - 2014-06-26 19:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-26 18:46 - 2009-07-14 04:34 - 00000612 _____ () C:\Windows\win.ini 2014-06-26 17:41 - 2014-06-26 17:41 - 00000000 __SHD () C:\Users\Karin\AppData\Local\EmieUserList 2014-06-26 17:41 - 2014-06-26 17:41 - 00000000 __SHD () C:\Users\Karin\AppData\Local\EmieSiteList 2014-06-26 14:03 - 2012-05-01 13:04 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\Malwarebytes 2014-06-26 14:03 - 2012-05-01 13:04 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-26 14:02 - 2014-06-26 14:02 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Karin\Desktop\mbam-setup-2.0.2.1012.exe 2014-06-26 13:58 - 2014-06-26 13:58 - 00005706 _____ () C:\Users\Karin\Desktop\AdwCleaner[S0].txt 2014-06-26 13:54 - 2014-06-26 13:49 - 00000000 ____D () C:\AdwCleaner 2014-06-26 13:48 - 2014-06-26 13:48 - 01342659 _____ () C:\Users\Karin\Desktop\adwcleaner_3.213.exe 2014-06-26 13:42 - 2014-06-26 13:38 - 00049259 _____ () C:\Users\Karin\Downloads\FRST.txt 2014-06-26 13:37 - 2014-06-26 13:37 - 01073152 _____ (Farbar) C:\Users\Karin\Downloads\FRST.exe 2014-06-26 12:43 - 2014-01-06 23:46 - 00000000 ____D () C:\Users\Gast\Documents\Outlook-Dateien 2014-06-26 12:35 - 2013-12-31 02:40 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\SuperMailer 2014-06-26 00:55 - 2014-06-26 00:55 - 00000996 _____ () C:\Users\Karin\Desktop\SuperMailer.lnk 2014-06-26 00:55 - 2014-06-26 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperMailer 2014-06-26 00:55 - 2014-06-26 00:55 - 00000000 ____D () C:\Program Files (x86)\SuperMailer 2014-06-26 00:54 - 2014-06-26 00:54 - 23981547 _____ () C:\Users\Gast\Downloads\smsw(1).zip 2014-06-25 19:19 - 2014-06-25 19:19 - 02082816 _____ (Farbar) C:\Users\KarinAtWork\Desktop\FRST64.exe 2014-06-25 15:36 - 2011-01-18 21:08 - 00000000 ____D () C:\Users\Karin\AppData\Local\Google 2014-06-25 15:31 - 2011-01-18 20:57 - 00125800 _____ () C:\Users\Karin\AppData\Local\GDIPFONTCACHEV1.DAT 2014-06-25 15:29 - 2011-01-19 03:48 - 00000000 ____D () C:\Users\Karin 2014-06-24 09:59 - 2011-01-22 09:22 - 00125800 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT 2014-06-23 20:29 - 2014-06-23 20:29 - 00002269 _____ () C:\Users\KarinAtWork\Documents\New Database.odb 2014-06-23 18:51 - 2012-08-19 14:17 - 00000000 ____D () C:\Users\KarinAtWork\Desktop\Bewerbungen 2014-06-23 18:47 - 2014-06-23 18:47 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\OpenOffice 2014-06-23 15:37 - 2012-05-02 10:40 - 00125800 _____ () C:\Users\KarinAtWork\AppData\Local\GDIPFONTCACHEV1.DAT 2014-06-23 15:34 - 2009-07-14 06:45 - 00478600 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-06-23 15:26 - 2014-06-23 15:26 - 00001112 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk 2014-06-23 15:26 - 2014-06-23 15:26 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-06-23 15:25 - 2014-06-23 15:25 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4 2014-06-23 15:24 - 2014-06-23 15:24 - 00002230 _____ () C:\Users\Karin\Desktop\Rocket.lnk 2014-06-23 15:24 - 2014-06-23 15:24 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rocket 2014-06-23 15:24 - 2014-06-23 15:23 - 00000000 ____D () C:\Users\Karin\AppData\Local\Rocket 2014-06-23 15:23 - 2014-06-23 15:22 - 00003234 _____ () C:\Windows\System32\Tasks\Rocket Updater 2014-06-23 15:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-06-23 15:16 - 2014-06-23 15:16 - 00469576 _____ () C:\Users\KarinAtWork\Downloads\apache-openoffice.exe 2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieUserList 2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieSiteList 2014-06-23 04:53 - 2014-06-19 22:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-22 11:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-06-20 23:40 - 2012-05-01 00:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-20 17:20 - 2012-11-22 17:34 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\SoftGrid Client 2014-06-18 13:02 - 2014-06-18 13:02 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Malwarebytes 2014-06-18 08:13 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-06-16 18:29 - 2014-01-06 23:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-06-16 18:29 - 2012-11-16 21:34 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-06-13 13:36 - 2014-06-26 13:57 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys 2014-06-13 13:36 - 2014-06-24 19:09 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys 2014-06-12 13:37 - 2013-08-14 18:17 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-12 13:33 - 2011-01-22 10:02 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-11 15:53 - 2013-05-04 11:21 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-06-07 14:26 - 2012-05-07 18:32 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\SoftGrid Client 2014-06-02 19:31 - 2013-01-05 17:54 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Local\FreePDF_XP 2014-05-30 12:21 - 2014-06-11 13:03 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-30 12:02 - 2014-06-11 13:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-30 12:02 - 2014-06-11 13:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-05-30 11:45 - 2014-06-11 13:03 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-05-30 11:39 - 2014-06-11 13:03 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-05-30 11:39 - 2014-06-11 13:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-05-30 11:38 - 2014-06-11 13:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-05-30 11:28 - 2014-06-11 13:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-05-30 11:27 - 2014-06-11 13:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-05-30 11:24 - 2014-06-11 13:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-05-30 11:21 - 2014-06-11 13:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-05-30 11:21 - 2014-06-11 13:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-05-30 11:20 - 2014-06-11 13:03 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-05-30 11:18 - 2014-06-11 13:03 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-30 11:11 - 2014-06-11 13:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-05-30 11:08 - 2014-06-11 13:03 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-05-30 11:06 - 2014-06-11 13:03 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-05-30 11:02 - 2014-06-11 13:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-30 10:55 - 2014-06-11 13:03 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-05-30 10:49 - 2014-06-11 13:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-05-30 10:46 - 2014-06-11 13:03 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-30 10:44 - 2014-06-11 13:03 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-05-30 10:44 - 2014-06-11 13:03 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-05-30 10:43 - 2014-06-11 13:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-05-30 10:42 - 2014-06-11 13:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-05-30 10:38 - 2014-06-11 13:03 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-05-30 10:35 - 2014-06-11 13:03 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-05-30 10:34 - 2014-06-11 13:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-05-30 10:33 - 2014-06-11 13:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-05-30 10:30 - 2014-06-11 13:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-05-30 10:29 - 2014-06-11 13:03 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-05-30 10:28 - 2014-06-11 13:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-05-30 10:27 - 2014-06-11 13:03 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-05-30 10:24 - 2014-06-11 13:03 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-05-30 10:23 - 2014-06-11 13:03 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-05-30 10:16 - 2014-06-11 13:03 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-05-30 10:10 - 2014-06-11 13:03 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-05-30 10:06 - 2014-06-11 13:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-05-30 10:04 - 2014-06-11 13:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-30 10:02 - 2014-06-11 13:03 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-05-30 09:56 - 2014-06-11 13:03 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-05-30 09:56 - 2014-06-11 13:03 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-05-30 09:54 - 2014-06-11 13:03 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-05-30 09:50 - 2014-06-11 13:03 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-05-30 09:49 - 2014-06-11 13:03 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-05-30 09:43 - 2014-06-11 13:03 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-05-30 09:40 - 2014-06-11 13:03 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-05-30 09:30 - 2014-06-11 13:03 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-05-30 09:21 - 2014-06-11 13:03 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-05-30 09:15 - 2014-06-11 13:03 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-05-30 09:13 - 2014-06-11 13:03 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-05-30 09:13 - 2014-06-11 13:03 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll Some content of TEMP: ==================== C:\Users\Gast\AppData\Local\Temp\avgnt.exe C:\Users\Karin\AppData\Local\Temp\avgnt.exe C:\Users\Karin\AppData\Local\Temp\ose00000.exe C:\Users\Karin\AppData\Local\Temp\Quarantine.exe C:\Users\KarinAtWork\AppData\Local\Temp\avgnt.exe C:\Users\KarinAtWork\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpk6zzq5.dll C:\Users\KarinAtWork\AppData\Local\Temp\secuniasi6474681520443312105.dll C:\Users\KarinAtWork\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-28 16:38 ==================== End Of Log ============================ UND ADDITION txt :Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 01
Ran by Karin at 2014-06-28 23:38:01
Running from C:\Users\Karin\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Atheros Client Installation Program (HKLM-x32\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{F8FEEFC0-D7D6-9A40-28E9-1E7A6716E803}) (Version: 3.0.774.0 - ATI Technologies, Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2006397056.48.56.3935466 - Audible, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
BatteryLifeExtender (HKLM-x32\...\{08B67A13-8501-48CB-B747-9D413BDC4594}) (Version: 1.0.3 - Samsung)
Bonbon Quest (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111768557}) (Version: - Oberon Media)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.44 - Broadcom Corporation)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon MG5100 series Benutzerregistrierung (HKLM-x32\...\Canon MG5100 series Benutzerregistrierung) (Version: - )
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0504.2152.37420 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help English (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help French (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help German (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
ccc-utility64 (Version: 2010.0504.2152.37420 - ATI) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3717 - CDBurnerXP)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3911 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.3911 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2BC398D2-11C8-43B1-AB84-675D33EB28C2}) (Version: - Microsoft)
Designer 2.0 (HKLM-x32\...\Designer 2.0_is1) (Version: 7.9.4 - Fomanu AG)
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0.0.13 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.1 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{F771F1D4-EDD4-4D68-82DC-811583C099CD}) (Version: 4.3.1 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.0.11 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
EasyFileShare (HKLM-x32\...\{C4582EED-A3FB-4358-8F3F-8C994460DF28}) (Version: 1.0.3 - Samsung)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ETDWare PS/2-x64 7.0.7.0_WHQL (HKLM\...\Elantech) (Version: 7.0.7.0 - ELAN Microelectronics Corp.)
Flip Words (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110109903}) (Version: - Oberon Media)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Game Pack (HKLM-x32\...\{D1F6FBBB-B204-459A-9BF8-D06FFAB96CCC}_is1) (Version: 6.3.1.1 - Oberon Media, Inc.)
Gem Shop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110521483}) (Version: - Oberon Media)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Inkscape 0.48.3.1 (HKLM-x32\...\Inkscape) (Version: 0.48.3.1 - )
Insaniquarium Deluxe (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110245793}) (Version: - Oberon Media)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Mahjong Escape Ancient China (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version: - Oberon Media)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.6 (x86 de)) (Version: 17.0.6 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.13580 - Symantec Corporation)
Open Office Packages (HKCU\...\Open Office Packages) (Version: - ) <==== ATTENTION
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Architect (HKLM-x32\...\{86D8A96B-1911-4C3F-AA16-0B47E053E492}) (Version: 1.2.97.14551 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{0F796312-289C-40CA-856C-9FBCF5E83342}) (Version: 0133.09.1202 - REALTEK Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Rocket (HKCU\...\Rocket) (Version: 31.0.1650.23 - Rocket)
Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.0.2 - Samsung)
Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Secunia PSI (3.0.0.7009) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7009 - Secunia)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110160733}) (Version: - Oberon Media)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SuperMailer 8.01 (HKLM-x32\...\Newsletter Software SuperMailer_is1) (Version: 8.01 - Mirko Boeer Softwareentwicklungen)
Two Worlds II (HKLM-x32\...\Two Worlds II) (Version: 1.0.0 - )
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{968E82F6-FAF7-45E0-BCC0-EF8AA31A4EB3}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1FB43AFB-8112-41B9-B9A6-A43474F46123}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{071A9ED9-C72F-4CDA-9A88-F100C5EF9EE1}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{3365FE58-896F-45DE-8051-E48F6D8069FD}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{A2D4D766-14AE-46CA-BD99-801FB1523626}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUSR_{FE13BE31-2B5B-4D4E-8538-B3BB9B370C66}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8093.805 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
XSManager (HKLM-x32\...\XSManager) (Version: 3.0 - XSManager)
==================== Restore Points =========================
20-06-2014 06:51:31 Windows Update
23-06-2014 13:23:20 Installed OpenOffice 4.0.1
25-06-2014 07:42:08 Windows Update
26-06-2014 11:45:28 Removed Java(TM) 6 Update 45
26-06-2014 11:46:55 Removed Java 7 Update 21
26-06-2014 19:24:57 Prüfpunkt von HitmanPro
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {09BC1C1F-B209-4357-AAE3-7A4805D83BFC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {33358644-D61B-420D-978B-86EEE4CACE31} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {75E1B6AA-7B51-4FAC-8029-38C519695459} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {80B1E869-75CC-4B6E-A76D-54C29A7FB47D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-17] (Adobe Systems Incorporated)
Task: {8813E5D3-87AE-4768-B14F-387BD05ACF8D} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2010-05-06] (SAMSUNG Electronics)
Task: {B3038D87-CE94-422A-9FDC-9D893BB5CEE3} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {B5FFC2F7-CB63-449C-BCA4-615C3BFB12EB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {C0DFC50F-2830-48FF-A5DC-C204BCC9458D} - System32\Tasks\Rocket Updater => C:\Users\Karin\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {CD819A81-4C92-4F0E-9242-D3431D89ACF4} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-05-06] (Samsung Electronics)
Task: {D7124D21-9D3D-430E-9095-5CA5C98AB530} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-04-17] (Samsung Electronics. Co. Ltd.)
Task: {D774F9DD-6A0C-478D-A6E1-DF1734E28C67} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
Task: {E9724AB6-2D4D-4469-8374-1B9051E15A99} - System32\Tasks\{02FB5D97-BB17-41C4-8F09-D60FAA38A572} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.7.0.102/en/abandoninstall?page=tsProgressBar
Task: {F56B76B9-95E0-47F8-8A07-72DDB540B015} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-04-07] (Samsung Electronics Co., Ltd.)
Task: {F9CE13F9-8BA6-4A7A-9512-FC0F318C1BB5} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-03-29] (SAMSUNG Electronics co., LTD.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Rocket Updater.job => C:\Users\Karin\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2012-12-14 09:12 - 2010-06-17 22:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2010-06-01 03:04 - 2009-03-05 11:54 - 00311296 _____ () C:\Windows\SysWOW64\Rezip.exe
2012-06-27 20:28 - 2009-06-22 16:13 - 00304592 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2009-02-12 07:32 - 2009-02-12 07:32 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-06-01 03:01 - 2010-06-01 03:01 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-06-01 03:09 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:268F887D
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:5C270C64
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/28/2014 11:34:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/28/2014 11:34:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/28/2014 11:26:53 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/28/2014 09:05:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/27/2014 10:51:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/27/2014 10:51:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/27/2014 10:51:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/27/2014 10:51:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/26/2014 10:10:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/26/2014 09:25:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service Util NetCrawl since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
System errors:
=============
Error: (06/28/2014 11:25:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/28/2014 11:25:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMService erreicht.
Error: (06/28/2014 04:05:39 PM) (Source: DCOM) (EventID: 10016) (User: KNotebook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}KNotebookGastS-1-5-21-3457901039-3679683318-3372754741-501LocalHost (unter Verwendung von LRPC)
Error: (06/28/2014 09:13:00 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/28/2014 09:13:00 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/28/2014 09:12:23 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/27/2014 10:45:52 AM) (Source: DCOM) (EventID: 10016) (User: KNotebook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}KNotebookGastS-1-5-21-3457901039-3679683318-3372754741-501LocalHost (unter Verwendung von LRPC)
Error: (06/27/2014 10:32:35 AM) (Source: DCOM) (EventID: 10016) (User: KNotebook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}KNotebookGastS-1-5-21-3457901039-3679683318-3372754741-501LocalHost (unter Verwendung von LRPC)
Error: (06/27/2014 09:44:05 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Rezip erreicht.
Error: (06/27/2014 09:43:13 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet.
Microsoft Office Sessions:
=========================
Error: (06/28/2014 11:34:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NB7HT3TO\esetsmartinstaller_deu.exe
Error: (06/28/2014 11:34:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NB7HT3TO\esetsmartinstaller_deu.exe
Error: (06/28/2014 11:26:53 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (06/28/2014 09:05:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (06/27/2014 10:51:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe
Error: (06/27/2014 10:51:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe
Error: (06/27/2014 10:51:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe
Error: (06/27/2014 10:51:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe
Error: (06/26/2014 10:10:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (06/26/2014 09:25:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Util NetCrawl since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
==================== Memory info ===========================
Percentage of memory in use: 38%
Total physical RAM: 3946.16 MB
Available physical RAM: 2434.6 MB
Total Pagefile: 7890.51 MB
Available Pagefile: 5968.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:113 GB) (Free:33.04 GB) NTFS
Drive d: () (Fixed) (Total:164.99 GB) (Free:147.38 GB) NTFS
Drive f: (KINGSTON) (Removable) (Total:7.38 GB) (Free:5.56 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 4394EB81)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=113 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=165 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7 GB) - (Type=0B)
==================== End Of Log ============================
Zu deiner Frage: Nein ich habe keine Probleme mehr . |
|
29.06.2014, 00:09
| #10 |
| /// TB-Ausbilder /// Anleitungs-Guru | Scareware im Firefoxbrowser eingefangen, wie entfernen? Hi, das bitte deinstallieren: Open Office Packages Schritt 1  Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument: Code:
ATTFilter SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir=
FF DefaultSearchEngine: WSE Rocket
FF SelectedSearchEngine: WSE Rocket
R1 {57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64; C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys [61112 2014-06-13] (StdLib)
R1 {57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64; C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys [61112 2014-06-13] (StdLib)
C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys
C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys
AlternateDataStreams: C:\ProgramData\Temp:268F887D
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:5C270C64
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
Schritt 2 Lade dir  TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
Hier die aktuelle Version von Java herunterladen und installieren. Flash sowohl mit dem Internet Explorer als auch mit dem Firefox aufrufen und installieren. Optionale Angebote ablehnen. Schritt 3 Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Scan. Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
02.07.2014, 23:09
| #11 |
| | Scareware im Firefoxbrowser eingefangen, wie entfernen? Hallo, nun geht's weiter. Hier der erste FRST-Scan nach dem Fixen: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-07-2014
Ran by Karin at 2014-07-02 23:33:11 Run:1
Running from C:\Users\Karin\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites02_14_26_ff&cd=2XzuyEtN2Y1L1QzutC0E0FyEyC0AtAyBtB0AtBzyyC0CyE0DtN0D0Tzu0SzytDyDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StD0F0F0DyC0EtAtDtG0E0CzyyBtGyByE0AtDtGtDyCtCzytGyC0DyCtCtDtC0E0EyD0E0Bzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0AtCyD0C0AyDzytGtBtAtByCtGzz0AzzzytGtD0E0FyCtGtD0B0EyEyDtBtDyBzz0CtDtB2Q&cr=1391083889&ir=
FF DefaultSearchEngine: WSE Rocket
FF SelectedSearchEngine: WSE Rocket
R1 {57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64; C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys [61112 2014-06-13] (StdLib)
R1 {57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64; C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys [61112 2014-06-13] (StdLib)
C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys
C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys
AlternateDataStreams: C:\ProgramData\Temp:268F887D
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:5C270C64
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
*****************
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
Firefox DefaultSearchEngine deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64 => Service stopped successfully.
{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64 => Service deleted successfully.
{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64 => Service stopped successfully.
{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64 => Service deleted successfully.
C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys => Moved successfully.
C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}w64.sys => Moved successfully.
C:\ProgramData\Temp => ":268F887D" ADS removed successfully.
C:\ProgramData\Temp => ":4CF61E54" ADS removed successfully.
C:\ProgramData\Temp => ":5C270C64" ADS removed successfully.
C:\ProgramData\Temp => ":5C321E34" ADS removed successfully.
==== End of Fixlog ====
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014 Ran by Karin (administrator) on KNOTEBOOK on 03-07-2014 00:05:31 Running from C:\Users\Karin\Desktop Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe () C:\Windows\SysWOW64\Rezip.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe () C:\Program Files (x86)\XSManager\WTGService.exe (4G Systems GmbH & Co. KG) C:\Windows\service4g.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_13_0_0_214_ActiveX.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-07] (Realtek Semiconductor) HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [2703752 2010-03-25] (ELAN Microelectronics Corp.) HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-05-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [NortonOnlineBackup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1112920 2010-03-05] (Symantec Corporation) HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [157456 2009-05-14] (4G Systems GmbH & Co. KG) HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-22] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation) HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation) HKU\S-1-5-21-3457901039-3679683318-3372754741-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia) Startup: C:\Users\KarinAtWork\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Karin\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File) ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {67F66D86-F250-40BB-8CAF-38BD065D72D3} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms} SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{24DB843F-333B-4F22-8094-8E06240D8CCB}: [NameServer]62.134.11.4 195.182.110.132 FireFox: ======== FF ProfilePath: C:\Users\Karin\AppData\Roaming\Mozilla\Firefox\Profiles\xmxo99hy.default FF SearchEngineOrder.3: Bing FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=061513&q= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017325.dll (Amazon.com, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-05-26] FF StartMenuInternet: FIREFOX.EXE - firefox.exe ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2782552 2010-03-05] (Symantec Corporation) R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1335344 2014-01-23] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [856112 2014-01-23] (pdfforge GmbH) R2 Rezip; C:\Windows\SysWOW64\Rezip.exe [311296 2009-03-05] () [File not signed] R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia) R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia) R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [304592 2009-06-22] () R2 XS Stick Service; C:\Windows\service4g.exe [125200 2009-05-14] (4G Systems GmbH & Co. KG) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-22] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-30] (Avira Operations GmbH & Co. KG) S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2012-06-27] (Mobile Connector) S3 cmnsusbser; C:\Windows\SysWOW64\DRIVERS\cmnsusbser.sys [117888 2008-10-31] (Mobile Connector) S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-02] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia) S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-10-13] (Windows (R) 2003 DDK 3790 provider) R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-03 00:04 - 2014-07-03 00:04 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-07-03 00:04 - 2014-07-03 00:04 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-07-03 00:04 - 2014-07-03 00:04 - 00002251 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-07-03 00:04 - 2014-07-03 00:04 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-03 00:04 - 2014-07-03 00:04 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-03 00:04 - 2014-07-03 00:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-07-03 00:03 - 2014-07-03 00:04 - 00000000 ____D () C:\Program Files (x86)\Google 2014-07-03 00:02 - 2014-07-03 00:02 - 00000000 ____D () C:\ProgramData\Oracle 2014-07-03 00:02 - 2014-07-03 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-07-03 00:02 - 2014-07-03 00:01 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-07-03 00:02 - 2014-07-03 00:01 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-07-03 00:02 - 2014-07-03 00:01 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-07-03 00:02 - 2014-07-03 00:01 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-07-03 00:01 - 2014-07-03 00:01 - 00000000 ____D () C:\Program Files (x86)\Java 2014-07-02 23:38 - 2014-07-02 23:38 - 00448512 _____ (OldTimer Tools) C:\Users\Karin\Desktop\TFC.exe 2014-06-28 23:38 - 2014-06-28 23:39 - 00048704 _____ () C:\Users\Karin\Desktop\Addition.txt 2014-06-28 09:07 - 2014-07-02 23:30 - 00000000 ____D () C:\Users\Karin\Desktop\FRST-OlderVersion 2014-06-27 10:51 - 2014-06-27 10:51 - 02347384 _____ (ESET) C:\Users\Karin\Downloads\esetsmartinstaller_deu.exe 2014-06-26 21:23 - 2014-06-26 21:23 - 00029396 _____ () C:\Users\Karin\Desktop\HitmanPro_20140626_2123.log 2014-06-26 20:07 - 2014-06-26 21:50 - 00000000 ____D () C:\ProgramData\HitmanPro 2014-06-26 19:11 - 2014-07-02 23:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-26 19:11 - 2014-06-26 19:11 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-26 19:11 - 2014-06-26 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-26 19:11 - 2014-06-26 19:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-26 19:11 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-06-26 19:11 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-06-26 19:11 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-06-26 17:41 - 2014-06-26 17:41 - 00000000 __SHD () C:\Users\Karin\AppData\Local\EmieUserList 2014-06-26 17:41 - 2014-06-26 17:41 - 00000000 __SHD () C:\Users\Karin\AppData\Local\EmieSiteList 2014-06-26 14:02 - 2014-06-26 14:02 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Karin\Desktop\mbam-setup-2.0.2.1012.exe 2014-06-26 13:58 - 2014-06-26 13:58 - 00005706 _____ () C:\Users\Karin\Desktop\AdwCleaner[S0].txt 2014-06-26 13:49 - 2014-06-26 13:54 - 00000000 ____D () C:\AdwCleaner 2014-06-26 13:48 - 2014-06-26 13:48 - 01342659 _____ () C:\Users\Karin\Desktop\adwcleaner_3.213.exe 2014-06-26 13:40 - 2014-07-03 00:05 - 00016015 _____ () C:\Users\Karin\Desktop\FRST.txt 2014-06-26 13:38 - 2014-07-02 23:30 - 02083840 _____ (Farbar) C:\Users\Karin\Desktop\FRST64.exe 2014-06-26 13:38 - 2014-06-26 13:42 - 00049259 _____ () C:\Users\Karin\Downloads\FRST.txt 2014-06-26 13:37 - 2014-06-26 13:37 - 01073152 _____ (Farbar) C:\Users\Karin\Downloads\FRST.exe 2014-06-26 00:55 - 2014-06-26 00:55 - 00000996 _____ () C:\Users\Karin\Desktop\SuperMailer.lnk 2014-06-26 00:55 - 2014-06-26 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperMailer 2014-06-26 00:55 - 2014-06-26 00:55 - 00000000 ____D () C:\Program Files (x86)\SuperMailer 2014-06-26 00:54 - 2014-06-26 00:54 - 23981547 _____ () C:\Users\Gast\Downloads\smsw(1).zip 2014-06-25 19:19 - 2014-07-03 00:05 - 00000000 ____D () C:\FRST 2014-06-25 19:19 - 2014-06-25 19:19 - 02082816 _____ (Farbar) C:\Users\KarinAtWork\Desktop\FRST64.exe 2014-06-23 20:29 - 2014-06-23 20:29 - 00002269 _____ () C:\Users\KarinAtWork\Documents\New Database.odb 2014-06-23 18:47 - 2014-06-23 18:47 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\OpenOffice 2014-06-23 15:26 - 2014-06-23 15:26 - 00001112 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk 2014-06-23 15:26 - 2014-06-23 15:26 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-06-23 15:25 - 2014-06-23 15:25 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4 2014-06-23 15:24 - 2014-06-23 15:24 - 00002230 _____ () C:\Users\Karin\Desktop\Rocket.lnk 2014-06-23 15:24 - 2014-06-23 15:24 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rocket 2014-06-23 15:23 - 2014-06-23 15:24 - 00000000 ____D () C:\Users\Karin\AppData\Local\Rocket 2014-06-23 15:22 - 2014-07-02 23:22 - 00000292 _____ () C:\Windows\Tasks\Rocket Updater.job 2014-06-23 15:22 - 2014-06-26 20:01 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\RocketUpdater 2014-06-23 15:22 - 2014-06-23 15:23 - 00003234 _____ () C:\Windows\System32\Tasks\Rocket Updater 2014-06-23 15:16 - 2014-06-23 15:16 - 00469576 _____ () C:\Users\KarinAtWork\Downloads\apache-openoffice.exe 2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieUserList 2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieSiteList 2014-06-19 22:38 - 2014-06-23 04:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-18 13:02 - 2014-06-18 13:02 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Malwarebytes 2014-06-11 13:03 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-11 13:03 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-11 13:03 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-11 13:03 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-11 13:03 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-11 13:03 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-11 13:03 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-11 13:03 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-11 13:03 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-11 13:03 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-11 13:03 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-11 13:03 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-11 13:03 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-11 13:03 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-11 13:03 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-11 13:03 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-11 13:03 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-11 13:03 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-11 13:03 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-11 13:03 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-11 13:03 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-11 13:03 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-11 13:03 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-11 13:03 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-11 13:03 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-11 13:03 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-11 13:03 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-11 13:03 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-11 13:03 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-11 13:03 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-11 13:03 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-11 13:03 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-11 13:03 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-11 13:03 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-11 13:03 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-11 13:03 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-11 13:03 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-11 13:03 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-11 13:03 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-11 13:03 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-11 13:03 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-11 13:03 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-11 13:03 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-11 13:03 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-11 13:03 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-11 13:03 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-11 13:03 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-11 13:03 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-11 13:03 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-11 13:03 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-11 13:03 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-11 13:03 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-11 13:03 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-11 13:03 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-11 13:03 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-11 13:03 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-06-11 13:03 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-06-11 13:03 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-11 13:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-06-11 13:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-06-11 13:03 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-11 13:03 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-11 13:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-06-11 13:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll ==================== One Month Modified Files and Folders ======= 2014-07-03 00:06 - 2014-06-26 13:40 - 00016015 _____ () C:\Users\Karin\Desktop\FRST.txt 2014-07-03 00:05 - 2014-06-25 19:19 - 00000000 ____D () C:\FRST 2014-07-03 00:04 - 2014-07-03 00:04 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-07-03 00:04 - 2014-07-03 00:04 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-07-03 00:04 - 2014-07-03 00:04 - 00002251 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-07-03 00:04 - 2014-07-03 00:04 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-03 00:04 - 2014-07-03 00:04 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-03 00:04 - 2014-07-03 00:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-07-03 00:04 - 2014-07-03 00:03 - 00000000 ____D () C:\Program Files (x86)\Google 2014-07-03 00:03 - 2013-05-05 00:19 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-03 00:03 - 2013-05-05 00:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-03 00:03 - 2012-05-03 20:36 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-03 00:03 - 2012-05-03 20:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-03 00:02 - 2014-07-03 00:02 - 00000000 ____D () C:\ProgramData\Oracle 2014-07-03 00:02 - 2014-07-03 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-07-03 00:01 - 2014-07-03 00:02 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-07-03 00:01 - 2014-07-03 00:02 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-07-03 00:01 - 2014-07-03 00:02 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-07-03 00:01 - 2014-07-03 00:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-07-03 00:01 - 2014-07-03 00:01 - 00000000 ____D () C:\Program Files (x86)\Java 2014-07-02 23:38 - 2014-07-02 23:38 - 00448512 _____ (OldTimer Tools) C:\Users\Karin\Desktop\TFC.exe 2014-07-02 23:35 - 2014-06-26 19:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-02 23:30 - 2014-06-28 09:07 - 00000000 ____D () C:\Users\Karin\Desktop\FRST-OlderVersion 2014-07-02 23:30 - 2014-06-26 13:38 - 02083840 _____ (Farbar) C:\Users\Karin\Desktop\FRST64.exe 2014-07-02 23:22 - 2014-06-23 15:22 - 00000292 _____ () C:\Windows\Tasks\Rocket Updater.job 2014-07-02 23:20 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-02 23:20 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-02 23:19 - 2010-06-01 03:03 - 01682718 _____ () C:\Windows\WindowsUpdate.log 2014-07-02 23:16 - 2013-07-16 22:49 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\Skype 2014-07-02 23:15 - 2011-01-19 03:48 - 00000000 ____D () C:\Users\Karin 2014-07-02 23:14 - 2013-05-20 23:11 - 00000000 ___RD () C:\Users\KarinAtWork\Dropbox 2014-07-02 23:13 - 2014-05-26 12:40 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\DropboxMaster 2014-07-02 23:13 - 2013-05-20 23:06 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\Dropbox 2014-07-02 23:11 - 2013-05-20 23:36 - 00021512 _____ () C:\Windows\setupact.log 2014-07-02 23:11 - 2012-06-30 10:04 - 00065536 _____ () C:\Windows\system32\Ikeext.etl 2014-07-02 23:11 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-01 23:33 - 2013-05-04 11:21 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-07-01 23:26 - 2013-05-24 19:17 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8882FE08-554D-4D95-8483-6E4F45ADC1B3} 2014-07-01 20:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing 2014-06-30 21:19 - 2013-06-04 18:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-06-30 21:19 - 2011-01-19 03:50 - 00000000 ____D () C:\ProgramData\Adobe 2014-06-28 23:39 - 2014-06-28 23:38 - 00048704 _____ () C:\Users\Karin\Desktop\Addition.txt 2014-06-28 15:59 - 2013-05-28 07:14 - 00282048 _____ () C:\Windows\PFRO.log 2014-06-27 10:51 - 2014-06-27 10:51 - 02347384 _____ (ESET) C:\Users\Karin\Downloads\esetsmartinstaller_deu.exe 2014-06-27 10:51 - 2010-06-01 19:30 - 00700134 _____ () C:\Windows\system32\perfh007.dat 2014-06-27 10:51 - 2010-06-01 19:30 - 00149984 _____ () C:\Windows\system32\perfc007.dat 2014-06-27 10:51 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-26 21:50 - 2014-06-26 20:07 - 00000000 ____D () C:\ProgramData\HitmanPro 2014-06-26 21:23 - 2014-06-26 21:23 - 00029396 _____ () C:\Users\Karin\Desktop\HitmanPro_20140626_2123.log 2014-06-26 20:01 - 2014-06-23 15:22 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\RocketUpdater 2014-06-26 19:11 - 2014-06-26 19:11 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-26 19:11 - 2014-06-26 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-26 19:11 - 2014-06-26 19:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-26 18:46 - 2009-07-14 04:34 - 00000612 _____ () C:\Windows\win.ini 2014-06-26 17:41 - 2014-06-26 17:41 - 00000000 __SHD () C:\Users\Karin\AppData\Local\EmieUserList 2014-06-26 17:41 - 2014-06-26 17:41 - 00000000 __SHD () C:\Users\Karin\AppData\Local\EmieSiteList 2014-06-26 14:03 - 2012-05-01 13:04 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\Malwarebytes 2014-06-26 14:03 - 2012-05-01 13:04 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-26 14:02 - 2014-06-26 14:02 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Karin\Desktop\mbam-setup-2.0.2.1012.exe 2014-06-26 13:58 - 2014-06-26 13:58 - 00005706 _____ () C:\Users\Karin\Desktop\AdwCleaner[S0].txt 2014-06-26 13:54 - 2014-06-26 13:49 - 00000000 ____D () C:\AdwCleaner 2014-06-26 13:48 - 2014-06-26 13:48 - 01342659 _____ () C:\Users\Karin\Desktop\adwcleaner_3.213.exe 2014-06-26 13:42 - 2014-06-26 13:38 - 00049259 _____ () C:\Users\Karin\Downloads\FRST.txt 2014-06-26 13:37 - 2014-06-26 13:37 - 01073152 _____ (Farbar) C:\Users\Karin\Downloads\FRST.exe 2014-06-26 12:43 - 2014-01-06 23:46 - 00000000 ____D () C:\Users\Gast\Documents\Outlook-Dateien 2014-06-26 12:35 - 2013-12-31 02:40 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\SuperMailer 2014-06-26 00:55 - 2014-06-26 00:55 - 00000996 _____ () C:\Users\Karin\Desktop\SuperMailer.lnk 2014-06-26 00:55 - 2014-06-26 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperMailer 2014-06-26 00:55 - 2014-06-26 00:55 - 00000000 ____D () C:\Program Files (x86)\SuperMailer 2014-06-26 00:54 - 2014-06-26 00:54 - 23981547 _____ () C:\Users\Gast\Downloads\smsw(1).zip 2014-06-25 19:19 - 2014-06-25 19:19 - 02082816 _____ (Farbar) C:\Users\KarinAtWork\Desktop\FRST64.exe 2014-06-25 15:36 - 2011-01-18 21:08 - 00000000 ____D () C:\Users\Karin\AppData\Local\Google 2014-06-25 15:31 - 2011-01-18 20:57 - 00125800 _____ () C:\Users\Karin\AppData\Local\GDIPFONTCACHEV1.DAT 2014-06-24 09:59 - 2011-01-22 09:22 - 00125800 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT 2014-06-23 20:29 - 2014-06-23 20:29 - 00002269 _____ () C:\Users\KarinAtWork\Documents\New Database.odb 2014-06-23 18:51 - 2012-08-19 14:17 - 00000000 ____D () C:\Users\KarinAtWork\Desktop\Bewerbungen 2014-06-23 18:47 - 2014-06-23 18:47 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\OpenOffice 2014-06-23 15:37 - 2012-05-02 10:40 - 00125800 _____ () C:\Users\KarinAtWork\AppData\Local\GDIPFONTCACHEV1.DAT 2014-06-23 15:34 - 2009-07-14 06:45 - 00478600 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-06-23 15:26 - 2014-06-23 15:26 - 00001112 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk 2014-06-23 15:26 - 2014-06-23 15:26 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-06-23 15:25 - 2014-06-23 15:25 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4 2014-06-23 15:24 - 2014-06-23 15:24 - 00002230 _____ () C:\Users\Karin\Desktop\Rocket.lnk 2014-06-23 15:24 - 2014-06-23 15:24 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rocket 2014-06-23 15:24 - 2014-06-23 15:23 - 00000000 ____D () C:\Users\Karin\AppData\Local\Rocket 2014-06-23 15:23 - 2014-06-23 15:22 - 00003234 _____ () C:\Windows\System32\Tasks\Rocket Updater 2014-06-23 15:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-06-23 15:16 - 2014-06-23 15:16 - 00469576 _____ () C:\Users\KarinAtWork\Downloads\apache-openoffice.exe 2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieUserList 2014-06-23 15:15 - 2014-06-23 15:15 - 00000000 __SHD () C:\Users\KarinAtWork\AppData\Local\EmieSiteList 2014-06-23 04:53 - 2014-06-19 22:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-22 11:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-06-20 23:40 - 2012-05-01 00:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-20 17:20 - 2012-11-22 17:34 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\SoftGrid Client 2014-06-18 13:02 - 2014-06-18 13:02 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Malwarebytes 2014-06-18 08:13 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-06-16 18:29 - 2014-01-06 23:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-06-16 18:29 - 2012-11-16 21:34 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-06-12 13:37 - 2013-08-14 18:17 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-12 13:33 - 2011-01-22 10:02 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-07 14:26 - 2012-05-07 18:32 - 00000000 ____D () C:\Users\KarinAtWork\AppData\Roaming\SoftGrid Client Some content of TEMP: ==================== C:\Users\Karin\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-28 16:38 ==================== End Of Log ============================ --- --- --- Erstmal wieder ein dickes DANKE!!! |
|
02.07.2014, 23:17
| #12 |
| /// TB-Ausbilder /// Anleitungs-Guru | Scareware im Firefoxbrowser eingefangen, wie entfernen? Was fehlt?
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
03.07.2014, 08:32
| #13 |
| | Scareware im Firefoxbrowser eingefangen, wie entfernen? Hmmm lass mich kurz überlegen..... 1. der Additioscan? (kam bei diesem Scan nicht trotz Haken...) ODER 2. Ich habe keine Probleme mehr, scheint bereinigt. ODER 3. Ich hab vergessen was zu posten etc.? Wat ist es denn?  Hab die Antwort schon. Mit Profis arbeiten macht Spaß !!!!Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
Ran by Karin at 2014-07-03 09:27:52
Running from C:\Users\Karin\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Atheros Client Installation Program (HKLM-x32\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{F8FEEFC0-D7D6-9A40-28E9-1E7A6716E803}) (Version: 3.0.774.0 - ATI Technologies, Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2006397056.48.56.3935466 - Audible, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
BatteryLifeExtender (HKLM-x32\...\{08B67A13-8501-48CB-B747-9D413BDC4594}) (Version: 1.0.3 - Samsung)
Bonbon Quest (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111768557}) (Version: - Oberon Media)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.44 - Broadcom Corporation)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon MG5100 series Benutzerregistrierung (HKLM-x32\...\Canon MG5100 series Benutzerregistrierung) (Version: - )
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0504.2152.37420 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help English (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help French (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help German (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
ccc-utility64 (Version: 2010.0504.2152.37420 - ATI) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3717 - CDBurnerXP)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3911 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.3911 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2BC398D2-11C8-43B1-AB84-675D33EB28C2}) (Version: - Microsoft)
Designer 2.0 (HKLM-x32\...\Designer 2.0_is1) (Version: 7.9.4 - Fomanu AG)
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0.0.13 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.1 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{F771F1D4-EDD4-4D68-82DC-811583C099CD}) (Version: 4.3.1 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.0.11 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
EasyFileShare (HKLM-x32\...\{C4582EED-A3FB-4358-8F3F-8C994460DF28}) (Version: 1.0.3 - Samsung)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ETDWare PS/2-x64 7.0.7.0_WHQL (HKLM\...\Elantech) (Version: 7.0.7.0 - ELAN Microelectronics Corp.)
Flip Words (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110109903}) (Version: - Oberon Media)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Game Pack (HKLM-x32\...\{D1F6FBBB-B204-459A-9BF8-D06FFAB96CCC}_is1) (Version: 6.3.1.1 - Oberon Media, Inc.)
Gem Shop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110521483}) (Version: - Oberon Media)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Inkscape 0.48.3.1 (HKLM-x32\...\Inkscape) (Version: 0.48.3.1 - )
Insaniquarium Deluxe (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110245793}) (Version: - Oberon Media)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Mahjong Escape Ancient China (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version: - Oberon Media)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.6 (x86 de)) (Version: 17.0.6 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.13580 - Symantec Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Architect (HKLM-x32\...\{86D8A96B-1911-4C3F-AA16-0B47E053E492}) (Version: 1.2.97.14551 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{0F796312-289C-40CA-856C-9FBCF5E83342}) (Version: 0133.09.1202 - REALTEK Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Rocket (HKCU\...\Rocket) (Version: 31.0.1650.23 - Rocket)
Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.0.2 - Samsung)
Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Secunia PSI (3.0.0.7009) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7009 - Secunia)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110160733}) (Version: - Oberon Media)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SuperMailer 8.01 (HKLM-x32\...\Newsletter Software SuperMailer_is1) (Version: 8.01 - Mirko Boeer Softwareentwicklungen)
Two Worlds II (HKLM-x32\...\Two Worlds II) (Version: 1.0.0 - )
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{968E82F6-FAF7-45E0-BCC0-EF8AA31A4EB3}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1FB43AFB-8112-41B9-B9A6-A43474F46123}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{071A9ED9-C72F-4CDA-9A88-F100C5EF9EE1}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{3365FE58-896F-45DE-8051-E48F6D8069FD}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{A2D4D766-14AE-46CA-BD99-801FB1523626}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUSR_{FE13BE31-2B5B-4D4E-8538-B3BB9B370C66}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8093.805 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
XSManager (HKLM-x32\...\XSManager) (Version: 3.0 - XSManager)
==================== Restore Points =========================
23-06-2014 13:23:20 Installed OpenOffice 4.0.1
25-06-2014 07:42:08 Windows Update
26-06-2014 11:45:28 Removed Java(TM) 6 Update 45
26-06-2014 11:46:55 Removed Java 7 Update 21
26-06-2014 19:24:57 Prüfpunkt von HitmanPro
01-07-2014 19:05:11 Windows Update
02-07-2014 22:01:08 Installed Java 7 Update 60
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {09BC1C1F-B209-4357-AAE3-7A4805D83BFC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {33358644-D61B-420D-978B-86EEE4CACE31} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {75E1B6AA-7B51-4FAC-8029-38C519695459} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {80B1E869-75CC-4B6E-A76D-54C29A7FB47D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-03] (Adobe Systems Incorporated)
Task: {8813E5D3-87AE-4768-B14F-387BD05ACF8D} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2010-05-06] (SAMSUNG Electronics)
Task: {B3038D87-CE94-422A-9FDC-9D893BB5CEE3} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {B5FFC2F7-CB63-449C-BCA4-615C3BFB12EB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {C0DFC50F-2830-48FF-A5DC-C204BCC9458D} - System32\Tasks\Rocket Updater => C:\Users\Karin\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {CD819A81-4C92-4F0E-9242-D3431D89ACF4} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-05-06] (Samsung Electronics)
Task: {D7124D21-9D3D-430E-9095-5CA5C98AB530} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-04-17] (Samsung Electronics. Co. Ltd.)
Task: {D774F9DD-6A0C-478D-A6E1-DF1734E28C67} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
Task: {E9724AB6-2D4D-4469-8374-1B9051E15A99} - System32\Tasks\{02FB5D97-BB17-41C4-8F09-D60FAA38A572} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.7.0.102/en/abandoninstall?page=tsProgressBar
Task: {F56B76B9-95E0-47F8-8A07-72DDB540B015} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-04-07] (Samsung Electronics Co., Ltd.)
Task: {F9CE13F9-8BA6-4A7A-9512-FC0F318C1BB5} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-03-29] (SAMSUNG Electronics co., LTD.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Rocket Updater.job => C:\Users\Karin\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2012-12-14 09:12 - 2010-06-17 22:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2010-06-01 03:04 - 2009-03-05 11:54 - 00311296 _____ () C:\Windows\SysWOW64\Rezip.exe
2012-06-27 20:28 - 2009-06-22 16:13 - 00304592 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2009-02-12 07:32 - 2009-02-12 07:32 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-06-01 03:01 - 2010-06-01 03:01 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-06-19 22:38 - 2014-06-19 22:38 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/02/2014 11:39:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atieclxx.exe, Version: 6.14.11.1056, Zeitstempel: 0x4be0d4dc
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000020a7a
ID des fehlerhaften Prozesses: 0x260
Startzeit der fehlerhaften Anwendung: 0xatieclxx.exe0
Pfad der fehlerhaften Anwendung: atieclxx.exe1
Pfad des fehlerhaften Moduls: atieclxx.exe2
Berichtskennung: atieclxx.exe3
Error: (07/02/2014 11:13:02 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/29/2014 09:28:50 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "I:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (06/29/2014 10:04:29 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/28/2014 11:34:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/28/2014 11:34:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/28/2014 11:26:53 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/28/2014 09:05:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/27/2014 10:51:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/27/2014 10:51:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (07/03/2014 07:43:36 AM) (Source: DCOM) (EventID: 10016) (User: KNotebook)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}KNotebookGastS-1-5-21-3457901039-3679683318-3372754741-501LocalHost (unter Verwendung von LRPC)
Error: (07/02/2014 11:58:51 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.
Error: (07/02/2014 11:58:51 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
Error: (07/02/2014 11:58:51 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.
Error: (07/02/2014 11:58:51 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
Error: (07/02/2014 11:58:47 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.
Error: (07/02/2014 11:58:47 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
Error: (07/02/2014 11:58:47 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.
Error: (07/02/2014 11:58:47 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
Error: (07/02/2014 11:58:46 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.
Microsoft Office Sessions:
=========================
Error: (07/02/2014 11:39:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: atieclxx.exe6.14.11.10564be0d4dcntdll.dll6.1.7601.18247521eaf24c00000050000000000020a7a26001cf963ac919d883C:\Windows\system32\atieclxx.exeC:\Windows\SYSTEM32\ntdll.dll4854b478-0231-11e4-90db-002454dbf6c9
Error: (07/02/2014 11:13:02 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (06/29/2014 09:28:50 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: I:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (06/29/2014 10:04:29 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (06/28/2014 11:34:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NB7HT3TO\esetsmartinstaller_deu.exe
Error: (06/28/2014 11:34:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NB7HT3TO\esetsmartinstaller_deu.exe
Error: (06/28/2014 11:26:53 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (06/28/2014 09:05:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (06/27/2014 10:51:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe
Error: (06/27/2014 10:51:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Karin\Downloads\esetsmartinstaller_deu.exe
==================== Memory info ===========================
Percentage of memory in use: 44%
Total physical RAM: 3946.16 MB
Available physical RAM: 2179.88 MB
Total Pagefile: 7890.51 MB
Available Pagefile: 5522.22 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:113 GB) (Free:36.06 GB) NTFS
Drive d: () (Fixed) (Total:164.99 GB) (Free:147.38 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 4394EB81)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=113 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=165 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
|
03.07.2014, 11:08
| #14 |
| /// TB-Ausbilder /// Anleitungs-Guru | Scareware im Firefoxbrowser eingefangen, wie entfernen? Hi, Flash-Link mit dem Firefox aufrufen. Flash aktualisieren. Optionale Angebote ablehnen. Das Zeug im Downloadverzeichnis welches ESET anmeckert manuell löschen. Achte besser darauf, wo Du Dir was runterlädst! Näheres unten bei den Tipps...  Cleanup: Alle Logs gepostet? Ja! Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. >>clean<< Wir haben es geschafft! Die Logs sehen für mich im Moment sauber aus. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen. Wie kann ich mich in Zukunft besser schützen?Tipps, Dos & Don'ts  Updates & Software
Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Firewall, Antivirus & Co.
 Cracks, Downloads & Co.Neben unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert. Der Besuch dubioser Websites kann bereits Risiken bergen. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten. Illegale Cracks, Keygens und Serials sind ein ausgesprochen einfacher und beliebter Weg um Malware zu verbreiten. Bei Dateien aus Peer-to-Peer- und Filesharingprogrammen oder von Filehostern kann man nie sicher sein, ob auch wirklich drin ist, was drauf steht. (Trojanisches Pferd^^)
Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden zu verleiten, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
Abschließend noch ein paar grundsätzliche Bemerkungen:
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
06.07.2014, 10:22
| #15 |
| | Scareware im Firefoxbrowser eingefangen, wie entfernen? Danke dir für Deine Hilfe!!! Mein Laptop läuft wieder wie gewohnt ohne bemerkbare fiese Nervprogramme. Dickes Lob an euch alle für dieses Forum!!!! |
|
| Themen zu Scareware im Firefoxbrowser eingefangen, wie entfernen? |
| adware.installbrain, pc infiziert, pup.optional.browsefox.a, pup.optional.iminent.a, pup.optional.installcore, pup.optional.netcrawl.a, pup.optional.rocketfind.a, pup.optional.rockettab.a, wie entfernen?, win32/bundled.toolbar.ask, win32/bundled.toolbar.ask.d, win32/downloadguide.a, win32/installcore.pc, win32/installmonetizer.aq |
dann auf 
und dann auf 
.
Windows die 
automatischen Updates
Firewall. Die in Windows integrierte genügt im Normalfall völlig.
ESET
NoScript
Linear-Darstellung
