totanka_de | 30.11.2014 02:24 | Hallo, alle Programme ausgeführt, hier die vier Logs - ABER: das Problem ist nach wie vor da mit dem aufpoppenden Fenster...
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01
Ran by Volker_2 (ATTENTION: The logged in user is not administrator) on VOLKER-PC on 30-11-2014 02:12:03
Running from C:\Users\Volker_2\Desktop
Loaded Profile: Volker_2 (Available profiles: Volker & Volker_2 & SissaTonaFlippiJakko & vm & temp)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
() C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-11] (Egis Technology Inc.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2009-11-20] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-24] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-10-05] (Acer Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG)
HKLM\...\RunOnce: [MSPCLOCK] => rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\RunOnce: [MSPQM] => rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\RunOnce: [MSKSSRV] => rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\RunOnce: [MSTEE.CxTransform] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters).
HKLM\...\RunOnce: [MSTEE.Splitter] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters).
HKLM\...\RunOnce: [WDM_DRMKAUD] => rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD. (the data entry has 17 more characters).
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-10-01] (Malwarebytes Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files (x86)\g data\totalprotection\avkkid\avkcks.exe,C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe,
HKU\S-1-5-21-2666945804-3796493887-3918410791-1003\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [7564200 2013-11-14] (SlySoft, Inc.)
HKU\S-1-5-21-2666945804-3796493887-3918410791-1003\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2666945804-3796493887-3918410791-1003\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2666945804-3796493887-3918410791-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7736&r=27360113g106l0428z175t54l1a000
HKU\S-1-5-21-2666945804-3796493887-3918410791-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7736&r=27360113g106l0428z175t54l1a000
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-2666945804-3796493887-3918410791-1003 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2666945804-3796493887-3918410791-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Volker_2\AppData\Roaming\Mozilla\Firefox\Profiles\7beyq534.default
FF DefaultSearchEngine: Search
FF SelectedSearchEngine: Search
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Web-to-Save - C:\Users\Volker_2\AppData\Roaming\Mozilla\Firefox\Profiles\7beyq534.default\Extensions\info@webtosave.com.xpi [2014-11-27]
FF Extension: Newtab - C:\Users\Volker_2\AppData\Roaming\Mozilla\Firefox\Profiles\7beyq534.default\Extensions\{a535a12b-d6c2-4f95-aef8-29c60aef0888}.xpi [2014-11-27]
FF Extension: Search Tool - C:\Users\Volker_2\AppData\Roaming\Mozilla\Firefox\Profiles\7beyq534.default\Extensions\{de1be284-67f6-4b2b-90e0-b38fb4af2ae1}.xpi [2014-11-24]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-07-30] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe [2683760 2014-05-20] (G Data Software AG)
R2 GDBackupSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe [3832440 2014-05-28] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe [3227624 2014-08-06] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)
S3 GDTunerSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe [1637496 2014-05-28] (G Data Software AG)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R3 TSNxGService; C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe [255608 2014-07-01] (G DATA Software)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138152 2013-11-09] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138152 2013-11-09] (SlySoft, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-07-30] (G Data Software AG)
R3 gddcd; C:\Windows\system32\drivers\gddcd64.sys [78848 2014-04-13] (G Data Software AG)
R1 gddcv; C:\Windows\system32\drivers\gddcv64.sys [58880 2014-04-13] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2014-07-30] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-09-22] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-07-30] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-09-22] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-08-10] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-07-30] (G Data Software AG)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-29] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [98760 2014-09-22] (G Data Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-30 02:12 - 2014-11-30 02:12 - 00016380 _____ () C:\Users\Volker_2\Desktop\FRST.txt
2014-11-30 02:01 - 2014-11-30 02:01 - 00001407 _____ () C:\Users\Volker\Desktop\JRT.txt
2014-11-30 01:54 - 2014-11-30 01:54 - 00000000 ____D () C:\Windows\ERUNT
2014-11-30 01:35 - 2014-11-30 01:35 - 00036641 _____ () C:\Users\Volker_2\Desktop\mbam141129.txt
2014-11-29 23:41 - 2014-11-29 23:42 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-29 23:41 - 2014-11-29 23:41 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-29 23:41 - 2014-11-29 23:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-29 23:41 - 2014-11-29 23:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-29 23:41 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-29 23:41 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-29 23:41 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-29 23:33 - 2014-11-29 23:33 - 00000744 _____ () C:\Users\Volker\Desktop\Revo Uninstaller.lnk
2014-11-28 22:21 - 2014-11-28 22:22 - 00031565 _____ () C:\Users\Volker_2\Downloads\Addition.txt
2014-11-28 22:19 - 2014-11-28 22:27 - 00033245 _____ () C:\Users\Volker_2\Downloads\FRST.txt
2014-11-28 22:19 - 2014-11-28 22:19 - 02117632 _____ (Farbar) C:\Users\Volker_2\Downloads\FRST64.exe
2014-11-28 17:27 - 2014-11-28 17:27 - 00000000 __SHD () C:\Users\Volker_2\AppData\Local\EmieBrowserModeList
2014-11-20 08:17 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-20 08:17 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-20 08:17 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-20 08:17 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-16 19:23 - 2014-11-16 19:26 - 00000000 ____D () C:\Windows\rescache
2014-11-12 17:29 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 17:29 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 17:29 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 17:29 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 17:28 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 17:28 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 17:28 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 17:28 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 17:28 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 17:28 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 17:28 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 17:28 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 17:28 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 17:28 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 17:28 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 17:28 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 17:28 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 17:28 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 17:28 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 17:28 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 17:28 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 17:28 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 17:28 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 17:28 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 17:28 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 17:28 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 17:28 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 17:28 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 17:28 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 17:28 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 17:28 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 17:28 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 17:28 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 17:28 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 17:28 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 17:28 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 17:28 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 17:28 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 17:28 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 17:28 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 17:28 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 17:28 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 17:28 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 17:28 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 17:28 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 17:28 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 17:28 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 17:28 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 17:28 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 17:28 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 17:28 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 17:28 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 17:28 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 17:28 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 17:28 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 17:28 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 17:28 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 17:28 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 17:28 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 17:28 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 17:28 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 17:28 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 17:28 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 17:28 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 17:28 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 17:28 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 17:28 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 17:28 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 17:28 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 17:27 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 17:27 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 17:27 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 17:27 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 17:27 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 17:27 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 17:27 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 17:27 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 17:27 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 17:27 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 17:27 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 17:27 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 17:27 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 17:27 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 17:27 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 17:27 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 17:27 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 17:27 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 17:27 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 17:27 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 17:27 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 17:27 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 17:27 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 17:27 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 17:27 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 17:25 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 17:25 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-09 11:14 - 2014-11-09 11:14 - 00000000 ____D () C:\Users\Volker_2\AppData\Roaming\Media Player Classic
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-30 02:12 - 2013-08-11 21:31 - 00000000 ____D () C:\FRST
2014-11-30 02:11 - 2013-08-11 21:23 - 02117632 _____ (Farbar) C:\Users\Volker_2\Desktop\FRST64.exe
2014-11-30 02:11 - 2009-07-14 05:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-30 02:11 - 2009-07-14 05:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-30 02:08 - 2013-01-19 15:37 - 01195550 _____ () C:\Windows\WindowsUpdate.log
2014-11-30 02:04 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-30 02:04 - 2009-07-14 05:51 - 00160279 _____ () C:\Windows\setupact.log
2014-11-30 01:57 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-11-30 01:45 - 2009-10-29 06:42 - 01374910 _____ () C:\Windows\PFRO.log
2014-11-30 01:25 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\Performance
2014-11-29 23:41 - 2013-01-20 01:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-29 23:28 - 2013-06-16 21:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-11-28 17:21 - 2014-08-24 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-27 22:42 - 2013-09-29 07:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-27 22:32 - 2013-06-30 14:14 - 00000000 ____D () C:\Users\Volker_2\Desktop\vm
2014-11-27 18:49 - 2014-08-04 10:45 - 00000000 ____D () C:\Users\Volker_2\AppData\Roaming\.minecraft
2014-11-27 14:29 - 2013-01-20 00:24 - 00643866 _____ () C:\Windows\system32\perfh007.dat
2014-11-27 14:29 - 2013-01-20 00:24 - 00126394 _____ () C:\Windows\system32\perfc007.dat
2014-11-27 14:29 - 2009-07-14 06:13 - 01472002 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-24 17:39 - 2013-06-30 14:01 - 00000000 ____D () C:\Users\Volker_2\Desktop\Lego
2014-11-16 22:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-15 02:08 - 2014-10-23 21:21 - 00000000 ____D () C:\Users\Volker_2\Documents\Anno 1404
2014-11-12 18:13 - 2009-07-14 05:45 - 00333872 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-09 19:51 - 2013-01-19 23:40 - 00000000 ____D () C:\Users\Volker_2
2014-11-09 11:14 - 2013-02-17 11:45 - 00000143 _____ () C:\Windows\NeroDigital.ini
2014-11-04 14:30 - 2013-01-19 18:08 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
Some content of TEMP:
====================
C:\Users\Volker_2\AppData\Local\Temp\history.dll
C:\Users\Volker_2\AppData\Local\Temp\NIL32.dll
C:\Users\Volker_2\AppData\Local\Temp\omnipod.dll
C:\Users\Volker_2\AppData\Local\Temp\tmd_34015028.exe
C:\Users\Volker_2\AppData\Local\Temp\ubi1A54.tmp.exe
C:\Users\Volker_2\AppData\Local\Temp\ubiEE35.tmp.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2014 01
Ran by Volker_2 at 2014-11-30 02:13:01
Running from C:\Users\Volker_2\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: G DATA TOTAL PROTECTION (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G DATA TOTAL PROTECTION (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.7006 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7006 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.29 - NewTech Infosystems)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.9.3 - Suyin Optronics Corp)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.7.0715 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3017 - Acer Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.2.152.32 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop 6.0 (HKLM-x32\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe SVG Viewer (HKLM-x32\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
ANNO 1602 (HKLM-x32\...\ANNO1602) (Version: - )
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.3.7.0 - SlySoft)
Backup Manager Basic (x32 Version: 2.0.0.29 - NewTech Infosystems) Hidden
Broadcom Gigabit NetLink Controller (HKLM\...\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}) (Version: 12.26.02 - Broadcom Corporation)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Free M4a to MP3 Converter 7.2 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free Opener (HKLM\...\{A1F2C608-32D6-467D-B035-BBEF509042BA}_is1) (Version: 1.4 - EZ Freeware)
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.6.716 - DVDVideoSoft Ltd.)
Free Video Editor version 1.4.3.716 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.3.716 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.0.128 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.0.128 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.37.1212 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.37.1212 - DVDVideoSoft Ltd.)
G Data InternetSecurity 2013 (HKLM-x32\...\{86107E2D-DFB9-46BC-99ED-07EACAEE0923}) (Version: - )
G DATA TOTAL PROTECTION (HKLM-x32\...\{6715BEB5-01F1-41AC-B44B-0A78CD50C433}) (Version: 25.0.2.1 - G DATA Software AG)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
JDownloader 2 (HKLM-x32\...\0630-0716-3135-7887) (Version: 2 - AppWork GmbH)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.06 - Acer Inc.)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft Office 2000 Premium (HKLM-x32\...\{00000407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 33.1.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 de)) (Version: 33.1.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
mylife DIABASS (HKLM-x32\...\mylife DIABASS) (Version: 0 (Build 13.6.0.2) - mediaspects GmbH)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
Patrizier II Gold (HKLM-x32\...\Patrizier II Gold_is1) (Version: - )
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.5.0 - Prolific Technology INC)
Railroad Tycoon II - Platinum (HKLM-x32\...\{C7E9FB5B-626B-49D9-A99C-7BFA63C222D3}) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
Tropico 2: Die Pirateninsel (HKLM-x32\...\{1A2000AF-79DE-47FB-8411-BA22F981917F}) (Version: - )
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
XMedia Recode Version 3.1.4.9 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.4.9 - XMedia Recode)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
Could not list Restore Points. Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2013-09-01 22:27 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
==================== Loaded Modules (whitelisted) =============
2013-01-19 15:53 - 2009-11-20 15:34 - 00200704 _____ () C:\Windows\PLFSetI.exe
2013-08-04 13:00 - 2013-08-04 13:00 - 00075864 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
2009-02-03 01:33 - 2009-02-03 01:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2013-09-29 07:20 - 2014-11-27 22:42 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-2666945804-3796493887-3918410791-500 - Administrator - Disabled)
Gast (S-1-5-21-2666945804-3796493887-3918410791-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2666945804-3796493887-3918410791-1002 - Limited - Enabled)
SissaTonaFlippiJakko (S-1-5-21-2666945804-3796493887-3918410791-1004 - Limited - Enabled) => C:\Users\SissaTonaFlippiJakko
temp (S-1-5-21-2666945804-3796493887-3918410791-1006 - Limited - Enabled) => C:\Users\temp
vm (S-1-5-21-2666945804-3796493887-3918410791-1005 - Limited - Enabled) => C:\Users\vm
Volker (S-1-5-21-2666945804-3796493887-3918410791-1000 - Administrator - Enabled) => C:\Users\Volker
Volker_2 (S-1-5-21-2666945804-3796493887-3918410791-1003 - Limited - Enabled) => C:\Users\Volker_2
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (11/30/2014 02:03:38 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst G Data Personal Firewall konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-09-01 23:26:51.515
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-01 23:26:51.343
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
Percentage of memory in use: 36%
Total physical RAM: 4090.93 MB
Available physical RAM: 2588.13 MB
Total Pagefile: 8180.03 MB
Available Pagefile: 6172.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:64.65 GB) (Free:4.22 GB) NTFS
Drive d: (Volume) (Fixed) (Total:68.36 GB) (Free:6.82 GB) NTFS
Drive e: (Volume) (Fixed) (Total:68.36 GB) (Free:2.28 GB) NTFS
Drive f: (Volume) (Fixed) (Total:84.9 GB) (Free:6.39 GB) NTFS
Drive g: (Anno 1404 GE) (CDROM) (Total:3.39 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
==================== End Of Log ============================ Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 29.11.2014
Suchlauf-Zeit: 23:43:36
Logdatei: mbam141129.txt
Administrator: Ja
Version: 2.00.3.1025
Malware Datenbank: v2014.11.29.08
Rootkit Datenbank: v2014.11.29.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Volker
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 514034
Verstrichene Zeit: 32 Min, 14 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente erkannt)
Module: 0
(Keine schädliche Elemente erkannt)
Registrierungsschlüssel: 5
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-2666945804-3796493887-3918410791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, In Quarantäne, [99f36dd4522a0333d081a0237191c937],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, In Quarantäne, [99f36dd4522a0333d081a0237191c937],
PUP.Optional.BundleInstaller.A, HKLM\SOFTWARE\WOW6432NODE\VITTALIA\AxtanInstaller, In Quarantäne, [3d4fa89924585ed82c9cbbc2e41f8e72],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2666945804-3796493887-3918410791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [b8d45ee368145adc96a18ef208fb3cc4],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2666945804-3796493887-3918410791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [f696162bee8ed066c6996f276d97b749],
Registrierungswerte: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2666945804-3796493887-3918410791-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0S0TzrtN0V1M1O1H, In Quarantäne, [f696162bee8ed066c6996f276d97b749]
Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)
Ordner: 25
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\newtab, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\icons, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\resources, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\favorites, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\info, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\_locales, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\_locales\en-US, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketFind.A, C:\Users\Volker\AppData\Roaming\RocketUpdater\UpdateProc, In Quarantäne, [eaa270d1f18bf244de4c48df5ea53bc5],
Dateien: 120
PUP.Optional.InstallCore, C:\Users\Volker\AppData\Local\temp\ICReinstall_Firefox_Setup.exe, In Quarantäne, [2c6057ea5b21b97d1e5a8d7b9372fe02],
PUP.Optional.VIT.A, C:\Users\Volker\AppData\Local\temp\instloffer.exe, In Quarantäne, [d5b7f8492359bd79dae01d089d64cf31],
PUP.Optional.Babylon.A, C:\Users\Volker\AppData\Local\temp\is1275519350\62245682_stp\DeltaTB.exe, In Quarantäne, [107c360bc5b769cd650d9889ec151ce4],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\bootstrap.js, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\chrome.manifest, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\install.rdf, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser\background.9.5.5.jsm, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser\background.js, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser\browser.js, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser\header.9.5.5.jsm, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser\header.js, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser\timer.jsm, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_de.json, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_en-gb.json, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_en_us.json, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_fr.json, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_he.json, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_it.json, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_pt-br.json, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_ru.json, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data\favorites_tr.json, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\crypto-js.js, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\jquery-2.1.0.min.js, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\jquery.autocomplete.min.js, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\jquery.balloon.min.js, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\jquery.fittext.js, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\jquery.Jcrop.min.js, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\jquery.simplecolorpicker.min.js, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\mustache.min.js, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\string.min.js, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external\underscore-min.js, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\newtab\gallery.html, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\newtab\gallery.min.js, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\newtab\newtab.html, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\newtab\newtab.min.js, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external\foundation.min.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external\indicator.gif, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external\Jcrop.gif, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external\jquery.autocomplete.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external\jquery.Jcrop.min.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external\jquery.simplecolorpicker.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external\normalize.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\arrow-gallery-cat-selected.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\arrow.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\emptyArea.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\gallery.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\gallery_templates.html, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\icon-gallery-search.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\not_available_32.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\plus.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery\X.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\icons\16.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\icons\32.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\icons\64.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\icons\_16.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css\buttons.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css\footer.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css\header.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css\list.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css\newtab.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css\search.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css\themes.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\ajax-loader-2.gif, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\ajax-loader-bar.gif, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\ajax-loader-medium.gif, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\ajax-loader-small.gif, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\ajax-loader.gif, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\arrow-footer.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\arrow-header.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\attachment.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\close.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\edit-button.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\icon-chrome.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\icon-edit.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\icon-layout.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\icon-plus.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\icon-theme.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\menu_v.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\menu_v_white.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\provider.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\x-button.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\arab_tile.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\batthern_@2X.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\bo_play_pattern_@2X.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\dark_wood_@2X.jpg, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\diagonal_striped_brick.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\escheresque_ste_@2X.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\gold_scale.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\purty_wood_@2X.jpg, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\readme.txt, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\starring_@2X.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\tileable_wood_texture_@2X.jpg, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\weave_@2X.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\wild_oliva_@2X.jpg, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns\woven.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\resources\list.html, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\resources\menu.html, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\activetabs.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\favorites.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\layout.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\modal-fav-add.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\modal-fav-edit.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\modal-fav-group.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\readitlater.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\recentlyclosed.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\theme.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css\webapps.css, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\bookmarks.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\download.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\downloads.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\downloas.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\extensions.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\history.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\settings.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome\trash.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\favorites\empty.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\favorites\error.png, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketTab.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\_locales\en-US\translations.dtd, In Quarantäne, [9bf1360b2a52ea4c83d8c462f80b7a86],
PUP.Optional.RocketFind.A, C:\Users\SissaTonaFlippiJakko\AppData\Roaming\Mozilla\Firefox\Profiles\1lx0g4ht.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://rocket-find.com/?f=1&a=rckt_dvd_14_30_ff&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EyB0EtDyC0FtB0E0C0E0AtN0D0Tzu0SzytAyBtN1L2XzutAtFtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDtC0E0AzyyByDyCtG0EyE0A0AtGtAzy0C0BtGtByB0AyCtGtCyB0FyByDyB0ByE0C0DyC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0EtByCyBzz0AyEtGyEtCtA0BtGyEtAtBzztGzz0D0EtBtG0Czzzz0C0EyDtAyByByE0FyD2Q&cr=2113503933&ir=");), Ersetzt,[fc908db4295336002a9a4051887dbc44]
PUP.Optional.RocketFind.A, C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://rocket-find.com/?f=1&a=rckt_dvd_14_30_ff&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EyB0EtDyC0FtB0E0C0E0AtN0D0Tzu0SzytAyBtN1L2XzutAtFtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDtC0E0AzyyByDyCtG0EyE0A0AtGtAzy0C0BtGtByB0AyCtGtCyB0FyByDyB0ByE0C0DyC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0EtByCyBzz0AyEtGyEtCtA0BtGyEtAtBzztGzz0D0EtBtG0Czzzz0C0EyDtAyByByE0FyD2Q&cr=2113503933&ir=");), Ersetzt,[7913fd444537221405bf3d54d82d1fe1]
Physische Sektoren: 0
(Keine schädliche Elemente erkannt)
(end) Code:
# AdwCleaner v4.102 - Bericht erstellt am 30/11/2014 um 01:43:36
# Aktualisiert 23/11/2014 von Xplode
# Database : 2014-11-27.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Volker - VOLKER-PC
# Gestartet von : D:\Download\AdwCleaner_4.102.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Program Files (x86)\smart pc cleaner
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Users\Volker\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Volker\AppData\Roaming\RocketUpdater
Ordner Gelöscht : C:\Users\Volker\Documents\smart pc cleaner
Datei Gelöscht : C:\Users\Volker_2\AppData\Roaming\Mozilla\Firefox\Profiles\7beyq534.default\searchplugins\search.xml
Datei Gelöscht : C:\Users\SissaTonaFlippiJakko\AppData\Roaming\Mozilla\Firefox\Profiles\1lx0g4ht.default\user.js
Datei Gelöscht : C:\Users\Volker\AppData\Roaming\Mozilla\Firefox\Profiles\whaje83j.default\user.js
Datei Gelöscht : C:\Users\Volker_2\AppData\Roaming\Mozilla\Firefox\Profiles\7beyq534.default\user.js
***** [ Tasks ] *****
Task Gelöscht : Rocket Updater
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\RocketUpdater
Schlüssel Gelöscht : HKCU\Software\WSE Rocket
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\SOFTWARE\Freeze.com
Schlüssel Gelöscht : HKLM\SOFTWARE\InstallCore
Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\Vittalia
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Mozilla Firefox v33.1.1 (x86 de)
*************************
AdwCleaner[R0].txt - [3473 octets] - [30/11/2014 01:39:06]
AdwCleaner[S0].txt - [3118 octets] - [30/11/2014 01:43:36]
########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [3178 octets] ########## G-Data zeigt übrigens immer noch an: Virus: Script.Adware.DealPly.G (Engine B) |