ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=4dcc3919a6d0d644ad5c1133466baf76
# engine=18495
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-05-31 11:17:04
# local_time=2014-06-01 01:17:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7600 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 34248 153208074 0 0
# scanned=138946
# found=71
# cleaned=0
# scan_time=3599
sh=6CB695154B74584D4590FB313617F97F70354852 ft=1 fh=0ea7c25ce739bb52 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3707926740-3679492550-952484876-1000\$RE8DYA9.exe"
sh=6CB695154B74584D4590FB313617F97F70354852 ft=1 fh=0ea7c25ce739bb52 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3707926740-3679492550-952484876-1000\$RJVL41U.exe"
sh=5E1F09CFDEA888A1DA1387267BCFB10DF7A0FD0E ft=1 fh=c71c0011b84847bc vn="Variante von Win32/AdWare.AddLyrics.AG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\bettermarkit\150.dll.vir"
sh=26BC9D82123A631A64BA55164FD6337FBF412D54 ft=1 fh=e2b52752c6880532 vn="Variante von Win32/AdWare.AddLyrics.AE Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\bettermarkit\Uninstall.exe.vir"
sh=CF6185A9EDFBA0217C9D36D25CA9F6ADCC9F6BC8 ft=1 fh=f90d49fcbe154eac vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=C58417722C0B741EA8D55D06914E692180900885 ft=1 fh=f4976c33c2ff8570 vn="Win32/Toolbar.Conduit.V evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\DVDvideoSoft_2.0ToolbarHelper.exe.vir"
sh=C58417722C0B741EA8D55D06914E692180900885 ft=1 fh=f4976c33c2ff8570 vn="Win32/Toolbar.Conduit.V evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\DVDvideoSoft_2.0ToolbarHelper1.exe.vir"
sh=BE40C0251D66829CF63FD4341CACA785CAF5CD73 ft=1 fh=afd5085e605741b5 vn="Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\hk64tbDVD0.dll.vir"
sh=068A54F966DB6AC14BCA0E39E2A99E3F0027304D ft=1 fh=39f7a16b0423d981 vn="Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\hk64tbDVD2.dll.vir"
sh=34FF8E2D281CBFECE71100A04C0FF4436818382E ft=1 fh=7b66b1ed06cb1b80 vn="Variante von Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\hk64tbDVDv.dll.vir"
sh=0F7B6B96202643D88E6428C62CA0BADC6D38D140 ft=1 fh=3507b93dfe419462 vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\hktbDVD0.dll.vir"
sh=CC6AF3A384A61C1C621BA5AB43583E82FF281530 ft=1 fh=bbbd034bf7d0bf76 vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\hktbDVD2.dll.vir"
sh=AE7B8F3BB6E040CE20B02DE558471FAA4C58386E ft=1 fh=6a41a8d0046fd7b4 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\hktbDVDv.dll.vir"
sh=547EF42FB35708E8C39FE6D04DBF3DEDD91E73DB ft=1 fh=99fdcb8395eefb1c vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\ldrtbDVD0.dll.vir"
sh=9B3B44428CC80CC43F085AE514E7E16F7963EACC ft=1 fh=4c03fc1250fa29f9 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\ldrtbDVD2.dll.vir"
sh=87BE5F13318AC3BA3F403A73E332E1784304C21D ft=1 fh=3e5cd6b65c184efc vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\ldrtbDVDv.dll.vir"
sh=31819C285AD68587D8DABEC74FD7F447FF439CA5 ft=1 fh=20c4afc2b350ab06 vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\prxtbDVD0.dll.vir"
sh=49F05B2770D4CAE7550D8268FDCF50E3BAEBB7CC ft=1 fh=f6f4f0e4f3b1176c vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\prxtbDVD2.dll.vir"
sh=2647A8D25068D715D97EE42DCB86CF9AA55946BC ft=1 fh=5fd80ae6b91e806a vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\prxtbDVDv.dll.vir"
sh=6C02BC376864DF0440DE70DED3A65938D6295795 ft=1 fh=965e2f365cb21a83 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\tbDVD0.dll.vir"
sh=33457E2F2405727124C107D6DEAF24C94E992463 ft=1 fh=e719e166edfd7994 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\tbDVD2.dll.vir"
sh=1E6279D9317A709616211812CCA5AB8B26EB4AB2 ft=1 fh=dd2582521ac42eea vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\tbDVDv.dll.vir"
sh=2C5AA90350EA9A8FA0391A0EADE7C6C136A58A2C ft=1 fh=c71c00112c474a2d vn="Variante von Win64/SProtector.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\GS-Enabler\Assistant_x64.dll.vir"
sh=0419552551839EC5A166558EB4B69EA8BEBBAEE9 ft=1 fh=f3358791765cb40f vn="Variante von Win32/BrowseFox.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Jump Flip\JumpFlipBHO.dll.vir"
sh=9E602DB0FDBE78BC9C932F5EBBABA8FDDE3B426F ft=1 fh=19d9d5e677b74a7a vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Jump Flip\JumpFlipUninstall.exe.vir"
sh=C886131DF8E90B25F1AF997E3A835C48766ECD20 ft=1 fh=5dba478dd5849238 vn="Win32/BrowseFox.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Jump Flip\updateJumpFlip.exe.vir"
sh=C886131DF8E90B25F1AF997E3A835C48766ECD20 ft=1 fh=5dba478dd5849238 vn="Win32/BrowseFox.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe.vir"
sh=AA92C3DD0E5E28DA5D9E02CB25CE3D802DCE3752 ft=1 fh=c32c7ddbf90c4454 vn="Variante von MSIL/BrowseFox.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Jump Flip\bin\plugins\JumpFlip.FFUpdate.dll.vir"
sh=6BC9561D110F001F4DE9B73FA2A159DF4514433D ft=1 fh=25dbef2b0f6cd9d4 vn="Variante von MSIL/BrowseFox.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Jump Flip\bin\plugins\JumpFlip.GCUpdate.dll.vir"
sh=2D656FFCE76CF70089F540719C2C8E37E8CCCA84 ft=1 fh=f1968de3fe52987f vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Jump Flip\bin\plugins\JumpFlip.IEUpdate.dll.vir"
sh=659E678C5D8CE742CC03A211C59AA57E6018FDC6 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\MUServer.apk.vir"
sh=A2B2D863063AF7010734C31A3D5D7D6B98C1688A ft=1 fh=a4f951e0985114d0 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\CltMngSvc.exe.vir"
sh=126B22D7B2FE0FC571E6D6D0098B0E0D053C0BCC ft=1 fh=89dba07409c55d47 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\SPTool.dll.vir"
sh=FB8A03D4068A1073E5D79D15E476CDB57E84D37A ft=1 fh=69b704a6298a2c3c vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\uninstall.exe.vir"
sh=4BB525AC7501802DCAD3CD6792523F394333DCBA ft=1 fh=01cfd83a591a31e9 vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\cltmng.exe.vir"
sh=9E806FEC80206DEE99C9EB4E8943F7A1A5EB9E39 ft=1 fh=b2e1d0d0782bb287 vn="Variante von Win64/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPTool64.exe.vir"
sh=53174BBB13C3281D80B3A9825D37A56A9F4572A9 ft=1 fh=773c21cad11b960a vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC32.dll.vir"
sh=90463B91F85D2C7670D2DCD1A5C74B6E669B76E3 ft=1 fh=5abef56ff11b1760 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC32Loader.dll.vir"
sh=DF8324DDBA322137977BD85FAE44DB554FBA04B9 ft=1 fh=bf2e78c8c3d65358 vn="Variante von Win64/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC64.dll.vir"
sh=10A6A241F0002F39C000BFACBEBD8898C14740BF ft=1 fh=633c4cc62dc594f0 vn="Variante von Win64/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC64Loader.dll.vir"
sh=C1763564137E3835FE687A97FD7EBE83D112508E ft=1 fh=b3ec58eb0d3d3ff0 vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\UI\bin\cltmngui.exe.vir"
sh=0C9A08B5ADD21D4140312B82FB77DA525540781F ft=1 fh=c85f1c8d2521187b vn="Win32/ELEX.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir"
sh=D86451022DDD8348105C1D52FBFD2ADB1E2DCC30 ft=1 fh=d3e706a6307522ba vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll.vir"
sh=3EFCE8E60D9AEA8666F5A04990DB0451DBB8CCA1 ft=1 fh=9fcd97622c9e2cff vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Conduit\CT3279453\DVDvideoSoft_2.0AutoUpdateHelper.exe.vir"
sh=1BB29099CFE4982EF016A6A560E758B8DF799270 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.1.36.zip.vir"
sh=659E678C5D8CE742CC03A211C59AA57E6018FDC6 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir"
sh=FDD781E72BF40134B86BB8CC83538AB4EE21F888 ft=1 fh=ef62de346e84a46c vn="Win32/Conduit.SearchProtect.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Temp\CT3279453\chLogic.exe.vir"
sh=F852A5E022247E2F424F06AE60125430BC7B2A43 ft=0 fh=0000000000000000 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Temp\CT3279453\CT3279453.xpi.vir"
sh=7FA27BE1CD7CAD7925F4BED8CE56B84DF82E924B ft=1 fh=761fa3faf9d2b1b2 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Temp\CT3279453\ffLogic.exe.vir"
sh=6E83BD02FF6572062DD842F966EC875F85BE677C ft=1 fh=2b9d6bf8c78b8fe7 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Temp\CT3279453\ieLogic.exe.vir"
sh=954C6BC07E97C488D4A1CCB6A810B320E5EDCC64 ft=1 fh=1655e6147d4f45a9 vn="Win32/Conduit.SearchProtect.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Temp\CT3279453\spch.exe.vir"
sh=954C6BC07E97C488D4A1CCB6A810B320E5EDCC64 ft=1 fh=1655e6147d4f45a9 vn="Win32/Conduit.SearchProtect.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Temp\CT3279453\spff.exe.vir"
sh=F89D0D35647789000A23E8BD1E557BEE519A6BAE ft=1 fh=4f81c51847428f3f vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Temp\CT3279453\statisticsStub.exe.vir"
sh=BE40C0251D66829CF63FD4341CACA785CAF5CD73 ft=1 fh=afd5085e605741b5 vn="Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\hk64tbDVD0.dll.vir"
sh=068A54F966DB6AC14BCA0E39E2A99E3F0027304D ft=1 fh=39f7a16b0423d981 vn="Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\hk64tbDVD2.dll.vir"
sh=34FF8E2D281CBFECE71100A04C0FF4436818382E ft=1 fh=7b66b1ed06cb1b80 vn="Variante von Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\hk64tbDVDv.dll.vir"
sh=0F7B6B96202643D88E6428C62CA0BADC6D38D140 ft=1 fh=3507b93dfe419462 vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\hktbDVD0.dll.vir"
sh=CC6AF3A384A61C1C621BA5AB43583E82FF281530 ft=1 fh=bbbd034bf7d0bf76 vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\hktbDVD2.dll.vir"
sh=AE7B8F3BB6E040CE20B02DE558471FAA4C58386E ft=1 fh=6a41a8d0046fd7b4 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\hktbDVDv.dll.vir"
sh=547EF42FB35708E8C39FE6D04DBF3DEDD91E73DB ft=1 fh=99fdcb8395eefb1c vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\ldrtbDVD0.dll.vir"
sh=9B3B44428CC80CC43F085AE514E7E16F7963EACC ft=1 fh=4c03fc1250fa29f9 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\ldrtbDVD2.dll.vir"
sh=87BE5F13318AC3BA3F403A73E332E1784304C21D ft=1 fh=3e5cd6b65c184efc vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\ldrtbDVDv.dll.vir"
sh=6C02BC376864DF0440DE70DED3A65938D6295795 ft=1 fh=965e2f365cb21a83 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\tbDVD0.dll.vir"
sh=81AF7CFB10091601ED1B82B92BDA2A254AA2B82F ft=1 fh=b76578e523b80dbc vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\tbDVD1.dll.vir"
sh=33457E2F2405727124C107D6DEAF24C94E992463 ft=1 fh=e719e166edfd7994 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\tbDVD2.dll.vir"
sh=1E6279D9317A709616211812CCA5AB8B26EB4AB2 ft=1 fh=dd2582521ac42eea vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\tbDVDv.dll.vir"
sh=A011DFD8D93BBA7B75833C0F85FF6E1D25594B84 ft=1 fh=049679d5506e563e vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\3zt8dmq0.default\Extensions\{04a8dd1a-4754-48fe-a703-99846646ef04}\Plugins\npConduitFirefoxPlugin.dll.vir"
sh=B31BF653BC72F2FF09E2D0E4E61A33443D415D18 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\Nathalie\AppData\Local\CRE\oolkekjjhnaeaahibbnfebmogackofpf.crx.xBAD"
sh=B9A96D9AE94C4B42CA5499933F6DF218B3903768 ft=1 fh=966b3592656dc188 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Nathalie\AppData\Local\Temp\RarSFX1\offercast_avirav7_.exe"
sh=B31BF653BC72F2FF09E2D0E4E61A33443D415D18 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nathalie\AppData\Local\Temp\scoped_dir_7636_6095\oolkekjjhnaeaahibbnfebmogackofpf.crx"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=4dcc3919a6d0d644ad5c1133466baf76
# engine=18495
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-06-01 07:35:04
# local_time=2014-06-01 09:35:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7600 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 64128 153237954 0 0
# scanned=14
# found=0
# cleaned=0
# scan_time=8
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=4dcc3919a6d0d644ad5c1133466baf76
# engine=18495
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-06-01 09:48:28
# local_time=2014-06-01 11:48:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7600 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 72132 153245958 0 0
# scanned=258678
# found=75
# cleaned=0
# scan_time=7928
sh=6CB695154B74584D4590FB313617F97F70354852 ft=1 fh=0ea7c25ce739bb52 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3707926740-3679492550-952484876-1000\$RE8DYA9.exe"
sh=6CB695154B74584D4590FB313617F97F70354852 ft=1 fh=0ea7c25ce739bb52 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3707926740-3679492550-952484876-1000\$RJVL41U.exe"
sh=5E1F09CFDEA888A1DA1387267BCFB10DF7A0FD0E ft=1 fh=c71c0011b84847bc vn="Variante von Win32/AdWare.AddLyrics.AG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\bettermarkit\150.dll.vir"
sh=26BC9D82123A631A64BA55164FD6337FBF412D54 ft=1 fh=e2b52752c6880532 vn="Variante von Win32/AdWare.AddLyrics.AE Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\bettermarkit\Uninstall.exe.vir"
sh=CF6185A9EDFBA0217C9D36D25CA9F6ADCC9F6BC8 ft=1 fh=f90d49fcbe154eac vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=C58417722C0B741EA8D55D06914E692180900885 ft=1 fh=f4976c33c2ff8570 vn="Win32/Toolbar.Conduit.V evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\DVDvideoSoft_2.0ToolbarHelper.exe.vir"
sh=C58417722C0B741EA8D55D06914E692180900885 ft=1 fh=f4976c33c2ff8570 vn="Win32/Toolbar.Conduit.V evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\DVDvideoSoft_2.0ToolbarHelper1.exe.vir"
sh=BE40C0251D66829CF63FD4341CACA785CAF5CD73 ft=1 fh=afd5085e605741b5 vn="Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\hk64tbDVD0.dll.vir"
sh=068A54F966DB6AC14BCA0E39E2A99E3F0027304D ft=1 fh=39f7a16b0423d981 vn="Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\hk64tbDVD2.dll.vir"
sh=34FF8E2D281CBFECE71100A04C0FF4436818382E ft=1 fh=7b66b1ed06cb1b80 vn="Variante von Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\hk64tbDVDv.dll.vir"
sh=0F7B6B96202643D88E6428C62CA0BADC6D38D140 ft=1 fh=3507b93dfe419462 vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\hktbDVD0.dll.vir"
sh=CC6AF3A384A61C1C621BA5AB43583E82FF281530 ft=1 fh=bbbd034bf7d0bf76 vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\hktbDVD2.dll.vir"
sh=AE7B8F3BB6E040CE20B02DE558471FAA4C58386E ft=1 fh=6a41a8d0046fd7b4 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\hktbDVDv.dll.vir"
sh=547EF42FB35708E8C39FE6D04DBF3DEDD91E73DB ft=1 fh=99fdcb8395eefb1c vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\ldrtbDVD0.dll.vir"
sh=9B3B44428CC80CC43F085AE514E7E16F7963EACC ft=1 fh=4c03fc1250fa29f9 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\ldrtbDVD2.dll.vir"
sh=87BE5F13318AC3BA3F403A73E332E1784304C21D ft=1 fh=3e5cd6b65c184efc vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\ldrtbDVDv.dll.vir"
sh=31819C285AD68587D8DABEC74FD7F447FF439CA5 ft=1 fh=20c4afc2b350ab06 vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\prxtbDVD0.dll.vir"
sh=49F05B2770D4CAE7550D8268FDCF50E3BAEBB7CC ft=1 fh=f6f4f0e4f3b1176c vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\prxtbDVD2.dll.vir"
sh=2647A8D25068D715D97EE42DCB86CF9AA55946BC ft=1 fh=5fd80ae6b91e806a vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\prxtbDVDv.dll.vir"
sh=6C02BC376864DF0440DE70DED3A65938D6295795 ft=1 fh=965e2f365cb21a83 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\tbDVD0.dll.vir"
sh=33457E2F2405727124C107D6DEAF24C94E992463 ft=1 fh=e719e166edfd7994 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\tbDVD2.dll.vir"
sh=1E6279D9317A709616211812CCA5AB8B26EB4AB2 ft=1 fh=dd2582521ac42eea vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDvideoSoft_2.0\tbDVDv.dll.vir"
sh=2C5AA90350EA9A8FA0391A0EADE7C6C136A58A2C ft=1 fh=c71c00112c474a2d vn="Variante von Win64/SProtector.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\GS-Enabler\Assistant_x64.dll.vir"
sh=0419552551839EC5A166558EB4B69EA8BEBBAEE9 ft=1 fh=f3358791765cb40f vn="Variante von Win32/BrowseFox.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Jump Flip\JumpFlipBHO.dll.vir"
sh=9E602DB0FDBE78BC9C932F5EBBABA8FDDE3B426F ft=1 fh=19d9d5e677b74a7a vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Jump Flip\JumpFlipUninstall.exe.vir"
sh=C886131DF8E90B25F1AF997E3A835C48766ECD20 ft=1 fh=5dba478dd5849238 vn="Win32/BrowseFox.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Jump Flip\updateJumpFlip.exe.vir"
sh=C886131DF8E90B25F1AF997E3A835C48766ECD20 ft=1 fh=5dba478dd5849238 vn="Win32/BrowseFox.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe.vir"
sh=AA92C3DD0E5E28DA5D9E02CB25CE3D802DCE3752 ft=1 fh=c32c7ddbf90c4454 vn="Variante von MSIL/BrowseFox.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Jump Flip\bin\plugins\JumpFlip.FFUpdate.dll.vir"
sh=6BC9561D110F001F4DE9B73FA2A159DF4514433D ft=1 fh=25dbef2b0f6cd9d4 vn="Variante von MSIL/BrowseFox.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Jump Flip\bin\plugins\JumpFlip.GCUpdate.dll.vir"
sh=2D656FFCE76CF70089F540719C2C8E37E8CCCA84 ft=1 fh=f1968de3fe52987f vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Jump Flip\bin\plugins\JumpFlip.IEUpdate.dll.vir"
sh=659E678C5D8CE742CC03A211C59AA57E6018FDC6 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\MUServer.apk.vir"
sh=A2B2D863063AF7010734C31A3D5D7D6B98C1688A ft=1 fh=a4f951e0985114d0 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\CltMngSvc.exe.vir"
sh=126B22D7B2FE0FC571E6D6D0098B0E0D053C0BCC ft=1 fh=89dba07409c55d47 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\SPTool.dll.vir"
sh=FB8A03D4068A1073E5D79D15E476CDB57E84D37A ft=1 fh=69b704a6298a2c3c vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\uninstall.exe.vir"
sh=4BB525AC7501802DCAD3CD6792523F394333DCBA ft=1 fh=01cfd83a591a31e9 vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\cltmng.exe.vir"
sh=9E806FEC80206DEE99C9EB4E8943F7A1A5EB9E39 ft=1 fh=b2e1d0d0782bb287 vn="Variante von Win64/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPTool64.exe.vir"
sh=53174BBB13C3281D80B3A9825D37A56A9F4572A9 ft=1 fh=773c21cad11b960a vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC32.dll.vir"
sh=90463B91F85D2C7670D2DCD1A5C74B6E669B76E3 ft=1 fh=5abef56ff11b1760 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC32Loader.dll.vir"
sh=DF8324DDBA322137977BD85FAE44DB554FBA04B9 ft=1 fh=bf2e78c8c3d65358 vn="Variante von Win64/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC64.dll.vir"
sh=10A6A241F0002F39C000BFACBEBD8898C14740BF ft=1 fh=633c4cc62dc594f0 vn="Variante von Win64/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC64Loader.dll.vir"
sh=C1763564137E3835FE687A97FD7EBE83D112508E ft=1 fh=b3ec58eb0d3d3ff0 vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\UI\bin\cltmngui.exe.vir"
sh=0C9A08B5ADD21D4140312B82FB77DA525540781F ft=1 fh=c85f1c8d2521187b vn="Win32/ELEX.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir"
sh=D86451022DDD8348105C1D52FBFD2ADB1E2DCC30 ft=1 fh=d3e706a6307522ba vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll.vir"
sh=3EFCE8E60D9AEA8666F5A04990DB0451DBB8CCA1 ft=1 fh=9fcd97622c9e2cff vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Conduit\CT3279453\DVDvideoSoft_2.0AutoUpdateHelper.exe.vir"
sh=1BB29099CFE4982EF016A6A560E758B8DF799270 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.1.36.zip.vir"
sh=659E678C5D8CE742CC03A211C59AA57E6018FDC6 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir"
sh=FDD781E72BF40134B86BB8CC83538AB4EE21F888 ft=1 fh=ef62de346e84a46c vn="Win32/Conduit.SearchProtect.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Temp\CT3279453\chLogic.exe.vir"
sh=F852A5E022247E2F424F06AE60125430BC7B2A43 ft=0 fh=0000000000000000 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Temp\CT3279453\CT3279453.xpi.vir"
sh=7FA27BE1CD7CAD7925F4BED8CE56B84DF82E924B ft=1 fh=761fa3faf9d2b1b2 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Temp\CT3279453\ffLogic.exe.vir"
sh=6E83BD02FF6572062DD842F966EC875F85BE677C ft=1 fh=2b9d6bf8c78b8fe7 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Temp\CT3279453\ieLogic.exe.vir"
sh=954C6BC07E97C488D4A1CCB6A810B320E5EDCC64 ft=1 fh=1655e6147d4f45a9 vn="Win32/Conduit.SearchProtect.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Temp\CT3279453\spch.exe.vir"
sh=954C6BC07E97C488D4A1CCB6A810B320E5EDCC64 ft=1 fh=1655e6147d4f45a9 vn="Win32/Conduit.SearchProtect.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Temp\CT3279453\spff.exe.vir"
sh=F89D0D35647789000A23E8BD1E557BEE519A6BAE ft=1 fh=4f81c51847428f3f vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Local\Temp\CT3279453\statisticsStub.exe.vir"
sh=BE40C0251D66829CF63FD4341CACA785CAF5CD73 ft=1 fh=afd5085e605741b5 vn="Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\hk64tbDVD0.dll.vir"
sh=068A54F966DB6AC14BCA0E39E2A99E3F0027304D ft=1 fh=39f7a16b0423d981 vn="Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\hk64tbDVD2.dll.vir"
sh=34FF8E2D281CBFECE71100A04C0FF4436818382E ft=1 fh=7b66b1ed06cb1b80 vn="Variante von Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\hk64tbDVDv.dll.vir"
sh=0F7B6B96202643D88E6428C62CA0BADC6D38D140 ft=1 fh=3507b93dfe419462 vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\hktbDVD0.dll.vir"
sh=CC6AF3A384A61C1C621BA5AB43583E82FF281530 ft=1 fh=bbbd034bf7d0bf76 vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\hktbDVD2.dll.vir"
sh=AE7B8F3BB6E040CE20B02DE558471FAA4C58386E ft=1 fh=6a41a8d0046fd7b4 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\hktbDVDv.dll.vir"
sh=547EF42FB35708E8C39FE6D04DBF3DEDD91E73DB ft=1 fh=99fdcb8395eefb1c vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\ldrtbDVD0.dll.vir"
sh=9B3B44428CC80CC43F085AE514E7E16F7963EACC ft=1 fh=4c03fc1250fa29f9 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\ldrtbDVD2.dll.vir"
sh=87BE5F13318AC3BA3F403A73E332E1784304C21D ft=1 fh=3e5cd6b65c184efc vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\ldrtbDVDv.dll.vir"
sh=6C02BC376864DF0440DE70DED3A65938D6295795 ft=1 fh=965e2f365cb21a83 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\tbDVD0.dll.vir"
sh=81AF7CFB10091601ED1B82B92BDA2A254AA2B82F ft=1 fh=b76578e523b80dbc vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\tbDVD1.dll.vir"
sh=33457E2F2405727124C107D6DEAF24C94E992463 ft=1 fh=e719e166edfd7994 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\tbDVD2.dll.vir"
sh=1E6279D9317A709616211812CCA5AB8B26EB4AB2 ft=1 fh=dd2582521ac42eea vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\LocalLow\DVDvideoSoft_2.0\tbDVDv.dll.vir"
sh=A011DFD8D93BBA7B75833C0F85FF6E1D25594B84 ft=1 fh=049679d5506e563e vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\3zt8dmq0.default\Extensions\{04a8dd1a-4754-48fe-a703-99846646ef04}\Plugins\npConduitFirefoxPlugin.dll.vir"
sh=B31BF653BC72F2FF09E2D0E4E61A33443D415D18 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\Nathalie\AppData\Local\CRE\oolkekjjhnaeaahibbnfebmogackofpf.crx.xBAD"
sh=B9A96D9AE94C4B42CA5499933F6DF218B3903768 ft=1 fh=966b3592656dc188 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Nathalie\AppData\Local\Temp\RarSFX1\offercast_avirav7_.exe"
sh=B31BF653BC72F2FF09E2D0E4E61A33443D415D18 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nathalie\AppData\Local\Temp\scoped_dir_7636_6095\oolkekjjhnaeaahibbnfebmogackofpf.crx"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[2].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[2].0"
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-06-2014
Ran by Nathalie at 2014-06-01 12:01:22
Running from C:\Users\Nathalie\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden
ATI Catalyst Install Manager (HKLM\...\{1795BAA8-65EC-66D0-9DA4-D4B1FBE7700E}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MG5100 series Benutzerregistrierung (HKLM-x32\...\Canon MG5100 series Benutzerregistrierung) (Version: - )
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0621.2137.36973 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0621.2137.36973 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0621.2137.36973 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0621.2137.36973 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help English (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help French (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help German (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0621.2137.36973 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0621.2137.36973 - ATI) Hidden
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.3003 - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.4217 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.1.4217 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2511 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.0.2511 - CyberLink Corp.) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: - )
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Free YouTube Download version 3.2.1.320 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.1.320 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.4 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{B360E24A-BF25-4353-AA79-1B54F509024A}) (Version: 1.0.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
HP Power Manager (HKLM-x32\...\{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}) (Version: 1.0.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{00A42832-B21A-4296-B5F4-D296D0BC4A3E}) (Version: 2.6.3 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{AF6EB833-D48A-49AC-9394-4C57489FDFF2}) (Version: 4.1.13.1 - Hewlett-Packard Company)
HP Wireless Assistant (HKLM\...\{E342EC6B-5F25-47FE-B92C-DE616149B430}) (Version: 4.0.9.0 - Hewlett-Packard)
Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Quest II (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2907 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: - EasyBits Software AS)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 24.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 24.0 (x86 de)) (Version: 24.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Pflanzen gegen Zombies (HKLM-x32\...\Pflanzen gegen Zombies) (Version: - PopCap Games)
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6066 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
RtVOsd (HKLM\...\{F3D7AC17-1FF4-41A8-BB18-3FC39C65AEB9}) (Version: 1.0.3 - Realtek Semiconductor Corp.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.17.0 - Synaptics Incorporated)
Tinypic 3.16 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.16 - E. Fiedler)
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.4000.122 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.4000.122 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.122 - TuneUp Software) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
WEB.DE Internet Explorer Addon (HKLM-x32\...\1&1 Mail & Media GmbH 1und1InternetExplorerAddon) (Version: 1.0.0.3 - 1&1 Mail & Media GmbH)
WEB.DE Softwareaktualisierung (HKLM-x32\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 2.0.0.5 - 1&1 Mail & Media GmbH)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames) (Version: 4.0.5.31 - WildTangent)
WildTangent Games App für HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.7 - WildTangent)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Restore Points =========================
25-04-2014 16:21:08 Geplanter Prüfpunkt
05-05-2014 21:34:23 Geplanter Prüfpunkt
15-05-2014 21:42:09 Windows Update
28-05-2014 18:21:44 Adblock Plus for IE
28-05-2014 18:22:19 Removed Adblock Plus for IE (32-bit and 64-bit)
28-05-2014 18:22:50 Adblock Plus for IE
29-05-2014 17:48:51 avast! antivirus system restore point
31-05-2014 10:43:54 Removed Java(TM) 6 Update 20 (64-bit)
31-05-2014 11:33:23 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {103D5AED-2640-44EB-8024-AB9489F9E5F6} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {2956828F-CFBF-4055-9751-98EBF4ED9DF8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-16] (Google Inc.)
Task: {670B9667-833B-4403-BDAC-C5855F32BACD} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe [2011-03-18] (1&1 Mail & Media GmbH)
Task: {6D06CF41-BC38-40E8-8B9E-A7A08EB97D3E} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2013-10-11] (TuneUp Software)
Task: {6FEE5DD8-A200-488A-B633-9DCAB3F7AA10} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {AEFB4E58-9366-475B-88AD-FF19E1A43E56} - System32\Tasks\1und1 Konfiguration => C:\ProgramData\1und1InternetExplorerAddon\ConfigTask.exe [2011-03-16] (1und1 Mail und Media GmbH)
Task: {AFCC64FE-E155-4C9F-8166-35F410C51ACF} - System32\Tasks\HPCeeScheduleForNathalie => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {B991139A-B78F-4BFF-9708-C001AA924B6C} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {C0114C88-30C3-4734-91D7-09EF420A24B2} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {CF71CF9B-8F4F-46FB-BB51-314EB9C12B55} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-16] (Google Inc.)
Task: {D138410C-D2E9-4177-9F80-44AF4184C168} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {E84ACB98-1C41-4077-8450-D61E88111C18} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {FDDA6379-060B-4BF1-8298-8ABE0451F7AA} - \bettermarkit Update No Task File <==== ATTENTION
Task: {FED6E53F-9D74-4474-B8A2-212A9F4F2BF2} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForNathalie.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2013-10-11 16:02 - 2013-10-11 16:02 - 00753464 _____ () C:\Program Files (x86)\TuneUp Utilities 2013\avgrepliba.dll
2011-02-05 20:25 - 2009-07-20 13:35 - 00018960 _____ () C:\Program Files\Logitech\SetPoint\khalwrapper.dll
2011-02-05 20:25 - 2009-07-20 05:00 - 00077824 _____ () C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
2010-06-10 17:12 - 2010-06-10 17:12 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-06-21 21:36 - 2010-06-21 21:36 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-06-18 16:26 - 2010-06-18 16:26 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-06-18 16:26 - 2010-06-18 16:26 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2010-06-18 16:26 - 2010-06-18 16:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-05-19 10:05 - 2010-05-19 10:05 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2010-05-19 10:05 - 2010-05-19 10:05 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2010-05-19 10:05 - 2010-05-19 10:05 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2010-02-09 18:58 - 2010-02-09 18:58 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-02-09 18:58 - 2010-02-09 18:58 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-02-09 18:58 - 2010-02-09 18:58 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2010-02-09 18:58 - 2010-02-09 18:58 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2010-02-09 18:58 - 2010-02-09 18:58 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2010-02-09 18:58 - 2010-02-09 18:58 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2010-02-09 18:58 - 2010-02-09 18:58 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2013-01-10 20:16 - 2013-01-10 20:16 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9e5dc5d1c75de12100f8c1d8c65de002\IsdiInterop.ni.dll
2010-10-16 09:43 - 2010-04-13 09:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2011-04-05 19:10 - 2014-05-31 14:31 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/01/2014 11:58:32 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error: (06/01/2014 11:52:04 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error: (06/01/2014 09:35:44 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error: (06/01/2014 09:33:26 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error: (06/01/2014 00:12:39 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error: (06/01/2014 00:11:18 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error: (06/01/2014 00:11:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error: (05/31/2014 09:54:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16476, Zeitstempel: 0x5126e7ac
Name des fehlerhaften Moduls: Flash32_13_0_0_214.ocx, Version: 13.0.0.214, Zeitstempel: 0x5359c422
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0020ca1d
ID des fehlerhaften Prozesses: 0x1a80
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (05/31/2014 01:07:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm PowerDVD9.exe, Version 9.0.2812.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: ffc
Startzeit: 01cf7c5bb1a4d6e5
Endzeit: 13
Anwendungspfad: C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.exe
Berichts-ID: 1293af8a-e84f-11e3-9487-bcdca79d7fd8
Error: (05/30/2014 07:24:10 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
System errors:
=============
Error: (06/01/2014 11:36:39 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (06/01/2014 11:10:35 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (05/31/2014 06:16:02 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.
Error: (05/31/2014 06:16:02 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
Error: (05/31/2014 06:16:02 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.
Error: (05/31/2014 06:16:02 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
Error: (05/31/2014 06:16:02 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.
Error: (05/31/2014 06:16:02 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
Error: (05/31/2014 06:16:02 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.
Error: (05/31/2014 06:16:02 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
Microsoft Office Sessions:
=========================
Error: (06/01/2014 11:58:32 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\$Recycle.Bin\S-1-5-21-3707926740-3679492550-952484876-1000\$RH4CZ13.exe
Error: (06/01/2014 11:52:04 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (06/01/2014 09:35:44 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Nathalie\Downloads\esetsmartinstaller_deu.exe
Error: (06/01/2014 09:33:26 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Nathalie\Downloads\esetsmartinstaller_deu.exe
Error: (06/01/2014 00:12:39 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Nathalie\Downloads\esetsmartinstaller_deu.exe
Error: (06/01/2014 00:11:18 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Nathalie\Downloads\esetsmartinstaller_deu.exe
Error: (06/01/2014 00:11:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Nathalie\Downloads\esetsmartinstaller_deu.exe
Error: (05/31/2014 09:54:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.164765126e7acFlash32_13_0_0_214.ocx13.0.0.2145359c422c00000050020ca1d1a8001cf7cf7bc942beaC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Macromed\Flash\Flash32_13_0_0_214.ocx539a6c96-e8fd-11e3-853b-8e96c12588d7
Error: (05/31/2014 01:07:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: PowerDVD9.exe9.0.2812.0ffc01cf7c5bb1a4d6e513C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.exe1293af8a-e84f-11e3-9487-bcdca79d7fd8
Error: (05/30/2014 07:24:10 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
==================== Memory info ===========================
Percentage of memory in use: 51%
Total physical RAM: 3893.86 MB
Available physical RAM: 1905.75 MB
Total Pagefile: 7785.86 MB
Available Pagefile: 5312.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:280.96 GB) (Free:167.76 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.83 GB) (Free:2.43 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (WILLKOMMEN_IM_LEBEN_D04) (CDROM) (Total:7.8 GB) (Free:0 GB) UDF
Drive f: () (Removable) (Total:0.12 GB) (Free:0.12 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: CB9E9924)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=281 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
========================================================
Disk: 1 (Size: 125 MB) (Disk ID: 00180DB7)
Partition 1: (Active) - (Size=125 MB) - (Type=0B)
==================== End Of Log ============================
--- --- ---
FRST Logfile:
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-06-2014
Ran by Nathalie (administrator) on NATHALIES on 01-06-2014 12:00:21
Running from C:\Users\Nathalie\Desktop
Platform: Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
() C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2095400 2010-04-16] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6234144 2010-03-13] (Realtek Semiconductor)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-06-02] (EasyBits Software AS)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504 2013-12-28] (Easybits)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3707926740-3679492550-952484876-1000\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\S-1-5-21-3707926740-3679492550-952484876-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-05-19] (Hewlett-Packard Company)
HKU\S-1-5-21-3707926740-3679492550-952484876-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-03-07] (Google Inc.)
HKU\S-1-5-21-3707926740-3679492550-952484876-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3707926740-3679492550-952484876-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-3707926740-3679492550-952484876-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-3707926740-3679492550-952484876-1000\...\MountPoints2: {0f48ba1a-0a1a-11e2-bbee-f9b9644215dc} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3707926740-3679492550-952484876-1000\...\MountPoints2: {f7e601f7-3778-11e0-93fb-9c1a8b8a6ed5} - F:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = GMX: Email-Adresse, FreeMail, De-Mail & Nachrichten
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {04C7F58F-6F9E-4AE6-9010-B9B48B741781} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {845E842B-78B1-4138-8D32-BB542F0718F8} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {04C7F58F-6F9E-4AE6-9010-B9B48B741781} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {845E842B-78B1-4138-8D32-BB542F0718F8} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - DefaultScope {04C7F58F-6F9E-4AE6-9010-B9B48B741781} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {04C7F58F-6F9E-4AE6-9010-B9B48B741781} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {40064957-18EB-412d-9146-3F57E8D92EEC} URL = hxxp://go.web.de/br/ie9_search_pic/?su={searchTerms}
SearchScopes: HKCU - {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {845E842B-78B1-4138-8D32-BB542F0718F8} URL =
SearchScopes: HKCU - {C8E2EA0E-1B8E-4631-B3BA-81FB1AE0BB2E} URL = hxxp://suche.web.de/search/web/?su={searchTerms}&origin=searchplugin
SearchScopes: HKCU - {DCE59F23-A446-45a5-9459-E68FDC0DE38D} URL = hxxp://go.web.de/br/ie9_search_maps/?su={searchTerms}
SearchScopes: HKCU - {EDB310E0-AAA0-4098-BA60-154357792261} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: WEB.DE Konfiguration - {17166733-40EA-4432-A85C-AE672FF0E236} - C:\ProgramData\1und1InternetExplorerAddon\BHOXML.dll (1&1 Mail & Media GmbH)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-07-20] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\3zt8dmq0.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\9\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\3zt8dmq0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-04]
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-29]
CHR Extension: (Google Drive) - C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-29]
CHR Extension: (YouTube) - C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-09]
CHR Extension: (Google-Suche) - C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-09]
CHR Extension: (avast! Online Security) - C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-29]
CHR Extension: (Google Wallet) - C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-29]
CHR Extension: (DVDvideoSoft 2.0) - C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\oolkekjjhnaeaahibbnfebmogackofpf [2013-04-08]
CHR Extension: (Google Mail) - C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-09]
CHR HKCU\...\Chrome\Extension: [oolkekjjhnaeaahibbnfebmogackofpf] - C:\Users\Nathalie\AppData\Local\CRE\oolkekjjhnaeaahibbnfebmogackofpf.crx [2012-11-09]
==================== Services (Whitelisted) =================
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-03-12] (WildTangent)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2409272 2013-10-11] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
S4 aswSP; No ImagePath
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-23] (Realtek Semiconductor Corp.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-01 11:59 - 2014-06-01 11:59 - 00000000 ____D () C:\Users\Nathalie\Desktop\FRST-OlderVersion
2014-06-01 00:20 - 2014-06-01 00:20 - 00018503 _____ () C:\Users\Nathalie\Desktop\schritt 4.odt
2014-05-31 13:35 - 2014-05-31 13:47 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-31 13:35 - 2014-05-31 13:35 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-31 13:35 - 2014-05-31 13:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-31 13:35 - 2014-05-31 13:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-31 13:35 - 2014-05-31 13:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-31 13:35 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-31 13:35 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-31 13:35 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-31 13:31 - 2014-05-31 13:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Nathalie\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-30 20:22 - 2014-05-30 20:30 - 00037649 _____ () C:\Users\Nathalie\Desktop\Addition.txt
2014-05-30 20:21 - 2014-06-01 12:00 - 00017678 _____ () C:\Users\Nathalie\Desktop\FRST.txt
2014-05-30 20:21 - 2014-06-01 12:00 - 00000000 ____D () C:\FRST
2014-05-30 19:57 - 2014-06-01 11:59 - 02067456 _____ (Farbar) C:\Users\Nathalie\Desktop\FRST64.exe
2014-05-30 18:57 - 2014-05-30 18:57 - 00309613 _____ () C:\Users\Nathalie\AppData\Local\census.cache
2014-05-30 18:57 - 2014-05-30 18:57 - 00121402 _____ () C:\Users\Nathalie\AppData\Local\ars.cache
2014-05-30 18:18 - 2014-05-30 18:18 - 00000036 _____ () C:\Users\Nathalie\AppData\Local\housecall.guid.cache
2014-05-30 08:01 - 2014-05-30 08:01 - 00000000 ____D () C:\ProgramData\Recovery
2014-05-29 19:52 - 2014-05-29 19:52 - 00000000 ____D () C:\Users\Nathalie\AppData\Roaming\AVAST Software
2014-05-29 19:49 - 2014-05-29 19:49 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-29 19:46 - 2014-05-29 19:46 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-05-29 16:09 - 2014-05-29 18:06 - 00000000 ____D () C:\Users\Nathalie\AppData\Roaming\Nico Mak Computing
2014-05-28 20:29 - 2014-05-28 20:29 - 00003136 _____ () C:\Windows\System32\Tasks\{359C1A24-969D-475E-9707-25F58D598C96}
2014-05-28 19:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-25 16:34 - 2014-05-25 16:34 - 00000000 ____D () C:\Intel
2014-05-14 21:10 - 2014-05-14 21:10 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
==================== One Month Modified Files and Folders =======
2014-06-01 12:00 - 2014-05-30 20:21 - 00017678 _____ () C:\Users\Nathalie\Desktop\FRST.txt
2014-06-01 12:00 - 2014-05-30 20:21 - 00000000 ____D () C:\FRST
2014-06-01 12:00 - 2011-02-01 16:21 - 00000000 ____D () C:\Users\Nathalie\AppData\Local\Temp
2014-06-01 11:59 - 2014-06-01 11:59 - 00000000 ____D () C:\Users\Nathalie\Desktop\FRST-OlderVersion
2014-06-01 11:59 - 2014-05-30 19:57 - 02067456 _____ (Farbar) C:\Users\Nathalie\Desktop\FRST64.exe
2014-06-01 11:56 - 2010-10-16 09:40 - 01698939 _____ () C:\Windows\WindowsUpdate.log
2014-06-01 11:34 - 2011-02-16 22:29 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-01 11:11 - 2012-08-14 14:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-01 09:39 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-01 09:39 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-01 09:32 - 2011-02-16 22:29 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-01 09:32 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-01 09:32 - 2009-07-14 06:51 - 00258342 _____ () C:\Windows\setupact.log
2014-06-01 01:19 - 2011-05-16 21:51 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-06-01 00:20 - 2014-06-01 00:20 - 00018503 _____ () C:\Users\Nathalie\Desktop\schritt 4.odt
2014-05-31 23:58 - 2013-10-20 11:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-31 23:58 - 2011-02-01 14:14 - 00804274 _____ () C:\Windows\PFRO.log
2014-05-31 20:53 - 2011-03-02 16:12 - 00003204 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForNathalie
2014-05-31 20:53 - 2011-03-02 16:12 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForNathalie.job
2014-05-31 19:41 - 2013-10-03 19:52 - 00022122 _____ () C:\Users\Nathalie\Desktop\KA 4 Engl 8.odt
2014-05-31 18:16 - 2013-12-27 14:33 - 00000000 ____D () C:\Users\Nathalie\Desktop\Aktuelles
2014-05-31 14:31 - 2011-04-05 19:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-31 14:31 - 2011-02-13 11:46 - 00000000 ____D () C:\Users\Nathalie\AppData\Local\Mozilla
2014-05-31 13:47 - 2014-05-31 13:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-31 13:35 - 2014-05-31 13:35 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-31 13:35 - 2014-05-31 13:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-31 13:35 - 2014-05-31 13:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-31 13:35 - 2014-05-31 13:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-31 13:32 - 2014-05-31 13:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Nathalie\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-31 13:29 - 2011-02-16 22:29 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-31 13:29 - 2011-02-16 22:29 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-31 13:27 - 2014-01-31 20:20 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-05-31 13:25 - 2013-04-08 15:58 - 00000000 ____D () C:\Users\Nathalie\AppData\Local\CRE
2014-05-31 13:25 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-30 23:54 - 2010-07-20 23:46 - 00654852 _____ () C:\Windows\system32\perfh007.dat
2014-05-30 23:54 - 2010-07-20 23:46 - 00130434 _____ () C:\Windows\system32\perfc007.dat
2014-05-30 23:54 - 2009-07-14 07:13 - 01500358 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-30 23:00 - 2011-02-08 22:26 - 00000000 ____D () C:\Users\Nathalie\Desktop\School
2014-05-30 20:30 - 2014-05-30 20:22 - 00037649 _____ () C:\Users\Nathalie\Desktop\Addition.txt
2014-05-30 19:05 - 2010-10-16 09:59 - 00000000 ____D () C:\ProgramData\Norton
2014-05-30 18:57 - 2014-05-30 18:57 - 00309613 _____ () C:\Users\Nathalie\AppData\Local\census.cache
2014-05-30 18:57 - 2014-05-30 18:57 - 00121402 _____ () C:\Users\Nathalie\AppData\Local\ars.cache
2014-05-30 18:18 - 2014-05-30 18:18 - 00000036 _____ () C:\Users\Nathalie\AppData\Local\housecall.guid.cache
2014-05-30 08:07 - 2011-02-01 17:42 - 00000000 ____D () C:\Users\Nathalie\AppData\Roaming\SoftGrid Client
2014-05-30 08:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-05-30 08:06 - 2014-01-04 19:34 - 00000000 ____D () C:\AdwCleaner
2014-05-30 08:06 - 2011-02-16 22:29 - 00000000 ____D () C:\Users\Nathalie\AppData\Local\Google
2014-05-30 08:01 - 2014-05-30 08:01 - 00000000 ____D () C:\ProgramData\Recovery
2014-05-29 22:09 - 2011-02-01 16:21 - 00000000 ____D () C:\Users\Nathalie
2014-05-29 19:52 - 2014-05-29 19:52 - 00000000 ____D () C:\Users\Nathalie\AppData\Roaming\AVAST Software
2014-05-29 19:49 - 2014-05-29 19:49 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-29 19:46 - 2014-05-29 19:46 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-05-29 18:06 - 2014-05-29 16:09 - 00000000 ____D () C:\Users\Nathalie\AppData\Roaming\Nico Mak Computing
2014-05-28 20:29 - 2014-05-28 20:29 - 00003136 _____ () C:\Windows\System32\Tasks\{359C1A24-969D-475E-9707-25F58D598C96}
2014-05-25 16:34 - 2014-05-25 16:34 - 00000000 ____D () C:\Intel
2014-05-24 12:19 - 2011-02-08 19:13 - 00000000 ____D () C:\Users\Nathalie\Desktop\Nathalies Dateien
2014-05-24 12:14 - 2011-02-08 22:33 - 00000000 ____D () C:\Users\Nathalie\Desktop\Nathalies Musik
2014-05-19 17:50 - 2011-02-08 18:51 - 00000000 ___RD () C:\Users\Nathalie\Desktop\Nathalies Fotos
2014-05-15 23:45 - 2013-07-29 12:24 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 23:42 - 2011-02-26 12:35 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 21:10 - 2014-05-14 21:10 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-14 21:10 - 2012-08-14 14:59 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 21:10 - 2012-03-31 10:52 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 21:10 - 2011-05-17 15:09 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-12 07:26 - 2014-05-31 13:35 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-31 13:35 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-31 13:35 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-04 01:24 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
Some content of TEMP:
====================
C:\Users\Nathalie\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-30 12:37
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
Hallo Jürgen! Was fehlt jetzt noch, also was muss ich noch posten? Ich habe den Überblick verloren und weiß nicht mehr, was wie heißt.