| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Bekomme ständig im IE und Firefox Meldungen über Systemwarnung BedrohungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
05.03.2014, 09:36
| #1 |
| |  Bekomme ständig im IE und Firefox Meldungen über Systemwarnung Bedrohung Hallo, wer kann mir helfen. ich bekomme ständig Meldungen dass mein PC nicht sicher ist, und dass ich irgendeine Software downloaden soll. Das wird immer mehr und nervt ständig. Wenn ich im Internet bin öffnen sich ständig neue Fenster. Ich habe mir schon das Programm Malwarebytes Anti-Malware runtergeladen. Dieses hat auch sehr viele Dateien gefunden. Leider ist mein Problem nicht weg. Zudem habe ich Software auf dem Rechner installiert, die ich nicht deinstallieren kann (SavingsBull, von Linkury irgendwelche Smartbars). Wer kann mir helfen. Bin ein bißchen hilflos, da ich mich nicht so toll am PC auskenne. Viele Grüße tobfe |
|
05.03.2014, 09:51
| #2 |
| /// the machine /// TB-Ausbilder    | Bekomme ständig im IE und Firefox Meldungen über Systemwarnung Bedrohung hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
05.03.2014, 12:47
| #3 |
| | Bekomme ständig im IE und Firefox Meldungen über Systemwarnung Bedrohung Hallo,
__________________hier die FRST.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2014 02
Ran by Andrea Herrmann (administrator) on ANDREAHERRMANN on 05-03-2014 12:41:18
Running from C:\Users\Andrea Herrmann\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(DATEV eG) C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\sqlservr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(DATEV eG) C:\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
(GfK) C:\Program Files (x86)\GfKLSPService\GfKLSPService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Oki Data Corporation) C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe
() C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe
(Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(DATEV eG) C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\fdhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oki Data Corporation) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
() C:\Users\Andrea Herrmann\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
() C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe
(FNet Co., Ltd.) C:\Program Files (x86)\PcCloneEX\PcCloneEX.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe
() C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(sw4you, Siegfried Weckmann) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE
(DATEV eG) C:\DATEV\SYSTEM\NUKO\NKWLOGIN.EXE
(DATEV eG) C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe
(DATEV eG) C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe
(DATEV eG) C:\DATEV\PROGRAMM\D0100000\Datev.Framework.RemoteServiceModel.GenericService2010.exe
(DATEV eG) C:\DATEV\PROGRAMM\K0005002\Datev.Sdd.Ui.EditHost.StartupService.exe
(DATEV e.G.) C:\DATEV\SYSTEM\DvReweDzsMSTR030A.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(Lexware) C:\Program Files (x86)\Lexware\Vereinsverwaltung\RedmarkVerein.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(GfK SE) C:\Program Files (x86)\ScanIT-Client\ScanIT-Client.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Microsoft Corporation) C:\Windows\sysWow64\SearchProtocolHost.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [Network Configuration] - C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [725280 2012-08-27] (Oki Data Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [GfK-WatchDog] - C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe [58856 2013-11-28] ()
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [309688 2012-12-03] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1743648 2013-06-13] (Wondershare)
HKLM-x32\...\Run: [BrowserPlugInHelper] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe [1962896 2013-12-19] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1490160133-2136194661-3017341833-1000\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-02-28] (Google Inc.)
HKU\S-1-5-21-1490160133-2136194661-3017341833-1000\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [967608 2012-12-03] (Samsung)
HKU\S-1-5-21-1490160133-2136194661-3017341833-1000\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [577536 2012-11-28] (Samsung Electronics)
HKU\S-1-5-21-1490160133-2136194661-3017341833-1000\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843704 2012-12-03] (Samsung)
HKU\S-1-5-21-1490160133-2136194661-3017341833-1000\...\Run: [Amazon Cloud Player] - C:\Users\Andrea Herrmann\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] ()
HKU\S-1-5-21-1490160133-2136194661-3017341833-1000\...\Run: [BackgroundContainer] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Andrea Herrmann\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKU\S-1-5-21-1490160133-2136194661-3017341833-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
AppInit_DLLs-x32: c:\progra~2\amazon\amazon~1\\amazon~3.dll => "c:\progra~2\amazon\amazon~1\\amazon~3.dll" File Not Found
Startup: C:\Users\Andrea Herrmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2DB37A62FDC5CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392655000&from=tugs&uid=HitachiXHDS721010CLA330_JP2940N03BY4SV3BY4SVX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1392655000&from=tugs&uid=HitachiXHDS721010CLA330_JP2940N03BY4SV3BY4SVX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1392655000&from=tugs&uid=HitachiXHDS721010CLA330_JP2940N03BY4SV3BY4SVX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1392655000&from=tugs&uid=HitachiXHDS721010CLA330_JP2940N03BY4SV3BY4SVX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1392655000&from=tugs&uid=HitachiXHDS721010CLA330_JP2940N03BY4SV3BY4SVX&q={searchTerms}
URLSearchHook: HKLM-x32 - (No Name) - {b106b661-3e1b-4015-af5c-195e909f35c6} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392655000&from=tugs&uid=HitachiXHDS721010CLA330_JP2940N03BY4SV3BY4SVX&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392655000&from=tugs&uid=HitachiXHDS721010CLA330_JP2940N03BY4SV3BY4SVX&q={searchTerms}
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=81755e92-284f-e754-7b8a-8607cf02e7d4&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=17/12/2013&type=hp1000
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=81755e92-284f-e754-7b8a-8607cf02e7d4&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=17/12/2013&type=hp1000
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=81755e92-284f-e754-7b8a-8607cf02e7d4&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=17/12/2013&type=hp1000
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=81755e92-284f-e754-7b8a-8607cf02e7d4&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=17/12/2013&type=hp1000
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=81755e92-284f-e754-7b8a-8607cf02e7d4&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=17/12/2013&type=hp1000
BHO: HQ-Video-Profession-1.3 - {11111111-1111-1111-1111-110511151178} - C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-bho64.dll No File
BHO: Yahoo Community Smartbar (by Linkury)Engine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SYSTEM32\mscoree.dll (Microsoft Corporation)
BHO: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll (GfK)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: No Name - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - No File
BHO-x32: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2\bh\BabylonToolbar.dll No File
BHO-x32: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll (GfK)
BHO-x32: Wondershare Video Converter Ultimate - {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll (Wondershare Software Co., Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: No Name - {b106b661-3e1b-4015-af5c-195e909f35c6} - No File
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SYSTEM32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - No File
Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No File
Toolbar: HKCU - No Name - {B106B661-3E1B-4015-AF5C-195E909F35C6} - No File
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://webaccess.odr.de/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Winsock: Catalog9 01 C:\Windows\SysWOW64\GfKLSPService.DLL [314344] (GfK)
Winsock: Catalog9 02 C:\Windows\SysWOW64\GfKLSPService.DLL [314344] (GfK)
Winsock: Catalog9 03 C:\Windows\SysWOW64\GfKLSPService.DLL [314344] (GfK)
Winsock: Catalog9 04 C:\Windows\SysWOW64\GfKLSPService.DLL [314344] (GfK)
Winsock: Catalog9 23 C:\Windows\SysWOW64\GfKLSPService.DLL [314344] (GfK)
Winsock: Catalog9-x64 01 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK)
Winsock: Catalog9-x64 02 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK)
Winsock: Catalog9-x64 03 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK)
Winsock: Catalog9-x64 04 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK)
Winsock: Catalog9-x64 23 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Andrea Herrmann\AppData\Roaming\Mozilla\Firefox\Profiles\mxs87hbz.default
FF user.js: detected! => C:\Users\Andrea Herrmann\AppData\Roaming\Mozilla\Firefox\Profiles\mxs87hbz.default\user.js
FF DefaultSearchEngine: Web Search
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrea Herrmann\AppData\Roaming\mozilla\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrea Herrmann\AppData\Roaming\mozilla\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrea Herrmann\AppData\Roaming\mozilla\plugins\confmgr.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Andrea Herrmann\AppData\Roaming\mozilla\plugins\ctxlogging.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Andrea Herrmann\AppData\Roaming\mozilla\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrea Herrmann\AppData\Roaming\mozilla\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrea Herrmann\AppData\Roaming\mozilla\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrea Herrmann\AppData\Roaming\mozilla\plugins\msvcm80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrea Herrmann\AppData\Roaming\mozilla\plugins\msvcp80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrea Herrmann\AppData\Roaming\mozilla\plugins\msvcr80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrea Herrmann\AppData\Roaming\mozilla\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Andrea Herrmann\AppData\Roaming\mozilla\plugins\npPxPlay.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Users\Andrea Herrmann\AppData\Roaming\mozilla\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrea Herrmann\AppData\Roaming\mozilla\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF SearchPlugin: C:\Users\Andrea Herrmann\AppData\Roaming\Mozilla\Firefox\Profiles\mxs87hbz.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Users\Andrea Herrmann\AppData\Roaming\Mozilla\Firefox\Profiles\mxs87hbz.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HQ-Video-Profession-1.3 - C:\Users\Andrea Herrmann\AppData\Roaming\Mozilla\Firefox\Profiles\mxs87hbz.default\Extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com [2014-02-24]
FF Extension: Lightning Speed Dial - C:\Users\Andrea Herrmann\AppData\Roaming\Mozilla\Firefox\Profiles\mxs87hbz.default\Extensions\lightningnewtab@gmail.com [2014-02-23]
FF Extension: SavingsBull - C:\Users\Andrea Herrmann\AppData\Roaming\Mozilla\Firefox\Profiles\mxs87hbz.default\Extensions\SavingsBull@jetpack [2014-02-24]
FF Extension: MySearchDial NewTab - C:\Users\Andrea Herrmann\AppData\Roaming\Mozilla\Firefox\Profiles\mxs87hbz.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} [2014-02-13]
FF Extension: Extension_Protected - C:\Users\Andrea Herrmann\AppData\Roaming\Mozilla\Firefox\Profiles\mxs87hbz.default\Extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack.xpi [2014-02-17]
FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor
FF Extension: GfK Internet-Monitor - C:\Program Files (x86)\GfK Internet-Monitor [2012-12-18]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKLM-x32\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\
FF Extension: Wondershare Video Converter Ultimate - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\ []
FF HKCU\...\Firefox\Extensions: [{58bd07eb-0ee0-4df0-8121-dc9b693373df}] - C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension
FF HKCU\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\
FF Extension: Wondershare Video Converter Ultimate - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\ []
Chrome:
=======
CHR HomePage: hxxp://www.awesomehp.com/?type=hp&ts=1392655000&from=tugs&uid=HitachiXHDS721010CLA330_JP2940N03BY4SV3BY4SVX
CHR DefaultSearchKeyword: awesomehp
CHR DefaultSearchProvider: awesomehp
CHR DefaultSearchURL: hxxp://www.awesomehp.com/web/?type=ds&ts=1392655000&from=tugs&uid=HitachiXHDS721010CLA330_JP2940N03BY4SV3BY4SVX&q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Babylon Toolbar) - C:\Users\Andrea Herrmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb [2013-05-14]
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\Andrea Herrmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-11-24]
CHR Extension: (GfK Internet-Monitor) - C:\Users\Andrea Herrmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkejcihojcegdmifcnlkhmnelneogef [2013-05-18]
CHR Extension: (Google Wallet) - C:\Users\Andrea Herrmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-17]
CHR Extension: (Lightning speedDial) - C:\Users\Andrea Herrmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkndmigholgfjlniaohblojbhgjbkakn [2014-02-17]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-02-17]
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\Andrea Herrmann\AppData\Roaming\BabSolution\CR\BabylonChrome1.crx [2012-12-09]
CHR HKLM-x32\...\Chrome\Extension: [igkejcihojcegdmifcnlkhmnelneogef] - C:\Program Files (x86)\GfK Internet-Monitor\Chrome Extension\extension.crx [2012-12-18]
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx [2012-12-18]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-23] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-23] (Avira Operations GmbH & Co. KG)
S3 DATEV Update-Service; C:\DATEV\PROGRAMM\INSTALL\DvInesASDSvc.Exe [161320 2013-08-02] (DATEV eG)
R3 Datev.Database.Conserve; C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [7208 2013-12-05] (DATEV eG)
R2 Datev.Framework.RemoteServiceModel.EnablerService; C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [7208 2013-12-05] (DATEV eG)
R3 Datev.Framework.RemoteServices; C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [7208 2013-12-05] (DATEV eG)
S3 Datev.Irw.ServiceProvider.HostXcut.Server; C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe [7208 2013-12-05] (DATEV eG)
R2 DatevPrintService; C:\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE [185856 2013-09-02] (DATEV eG)
R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [3089384 2013-11-28] ()
R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1376232 2013-11-28] ()
R2 GfKLSPService; C:\Program Files (x86)\GfKLSPService\GfKLSPService.exe [3300328 2013-11-28] (GfK)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSSQL$DATEV_DBENGINE; C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\sqlservr.exe [62218696 2012-06-29] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R3 MSSQLFDLauncher$DATEV_DBENGINE; C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\fdlauncher.exe [41416 2012-06-29] (Microsoft Corporation)
R2 OpLclSrv; C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe [181760 2012-03-28] (Oki Data Corporation)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe [181312 2011-12-28] ()
S4 SQLAgent$DATEV_DBENGINE; C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATEV_DBENGINE\MSSQL\Binn\SQLAGENT.EXE [441288 2012-06-29] (Microsoft Corporation)
S3 Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn; Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn [X]
S3 Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn; Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn [X]
S2 Util FindRight; "C:\Program Files (x86)\FindRight\bin\utilFindRight.exe" [X]
==================== Drivers (Whitelisted) ====================
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [36448 2011-03-23] (Asmedia Technology)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2011-12-30] (FNet Co., Ltd.)
S3 GigasetGenericUSB_x64; C:\Windows\System32\DRIVERS\GigasetGenericUSB_x64.sys [54272 2009-02-20] (Siemens Home and Office Communication Devices GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [321992 2012-06-29] (Microsoft Corporation)
R3 Ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [90112 2007-06-08] (Prolific Technology Inc.)
U0 dmboot;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-05 12:41 - 2014-03-05 12:41 - 00030173 _____ () C:\Users\Andrea Herrmann\Downloads\FRST.txt
2014-03-05 12:41 - 2014-03-05 12:41 - 00000000 ____D () C:\FRST
2014-03-05 12:39 - 2014-03-05 12:39 - 02156544 _____ (Farbar) C:\Users\Andrea Herrmann\Downloads\FRST64.exe
2014-02-28 12:40 - 2014-02-28 12:40 - 00002099 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2014-02-26 20:21 - 2014-02-26 20:21 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-26 20:21 - 2014-02-26 20:21 - 00000000 ____D () C:\Users\Andrea Herrmann\AppData\Roaming\Malwarebytes
2014-02-26 20:21 - 2014-02-26 20:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-26 20:21 - 2014-02-26 20:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-26 20:21 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-26 20:19 - 2014-02-26 20:19 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Andrea Herrmann\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-26 20:00 - 2014-02-26 20:15 - 00000000 ____D () C:\Users\Andrea Herrmann\AppData\Roaming\Nico Mak Computing
2014-02-24 18:18 - 2014-02-26 20:44 - 04743342 _____ () C:\Windows\system32\SavingsBullFilterService.log
2014-02-24 18:18 - 2014-02-26 18:36 - 00000000 ____D () C:\Users\Andrea Herrmann\AppData\Roaming\Activeris
2014-02-24 18:18 - 2014-02-24 18:18 - 00000000 _____ () C:\Windows\SysWOW64\Service.log
2014-02-24 18:18 - 2014-02-24 18:18 - 00000000 _____ () C:\Windows\system32\Service.log
2014-02-24 18:17 - 2014-02-26 20:45 - 00000000 ____D () C:\Program Files\Level Quality Watcher
2014-02-24 18:16 - 2014-02-26 07:22 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-02-24 18:16 - 2014-02-24 18:16 - 00000000 ____D () C:\Users\Andrea Herrmann\Documents\Optimizer Pro
2014-02-17 17:57 - 2014-02-17 17:57 - 00825216 _____ (AnyProtect.com) C:\Users\Andrea Herrmann\AppData\Local\nsgEBB9.tmp
2014-02-17 17:37 - 2014-02-26 22:02 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-02-17 17:37 - 2014-02-26 20:45 - 00000000 ____D () C:\ProgramData\WPM
2014-02-15 14:35 - 2014-02-15 14:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 18:39 - 2014-02-13 19:24 - 00000426 _____ () C:\AVScanner.ini
2014-02-14 03:02 - 2013-12-21 10:39 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 03:02 - 2013-12-21 08:56 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-14 03:01 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-14 03:01 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 03:01 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 03:01 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 03:01 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 03:01 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 03:01 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 03:01 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-14 03:01 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 03:01 - 2014-02-01 10:18 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 03:01 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-14 03:01 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-14 03:01 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-14 03:01 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 03:01 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-14 03:01 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-14 03:01 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-14 03:01 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-14 03:01 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-14 03:01 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-14 03:01 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-14 03:01 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-14 03:01 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-14 03:01 - 2014-02-01 08:57 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-14 03:01 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-14 03:01 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-14 03:01 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-14 03:01 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-14 03:01 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-14 03:01 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 03:01 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-14 03:01 - 2014-02-01 07:45 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-02-14 03:01 - 2014-02-01 07:38 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-02-13 23:45 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 23:45 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 23:45 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 23:45 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 23:45 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 23:45 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 23:45 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 23:45 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 23:45 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 23:45 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 23:45 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 23:45 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 23:45 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 23:45 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 23:45 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 23:45 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 23:45 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 23:45 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 23:45 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 23:45 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 23:45 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 23:45 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 23:45 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 23:45 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 23:45 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 23:45 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 23:45 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 23:45 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-13 19:36 - 2014-02-13 19:36 - 00000046 _____ () C:\Users\Andrea Herrmann\AppData\Roaming\WB.CFG
2014-02-13 19:34 - 2014-02-13 19:40 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-02-13 19:31 - 2014-02-26 18:34 - 00000000 ____D () C:\Users\Andrea Herrmann\AppData\Roaming\systweak
2014-02-13 19:31 - 2014-02-13 19:33 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-02-13 19:31 - 2014-02-13 19:31 - 00000400 _____ () C:\Users\Andrea Herrmann\Desktop\FREE Games.url
2014-02-13 19:31 - 2013-12-27 18:10 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
==================== One Month Modified Files and Folders =======
2014-03-05 12:41 - 2014-03-05 12:41 - 00030173 _____ () C:\Users\Andrea Herrmann\Downloads\FRST.txt
2014-03-05 12:41 - 2014-03-05 12:41 - 00000000 ____D () C:\FRST
2014-03-05 12:39 - 2014-03-05 12:39 - 02156544 _____ (Farbar) C:\Users\Andrea Herrmann\Downloads\FRST64.exe
2014-03-05 12:38 - 2012-02-28 23:05 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-05 12:33 - 2012-07-15 17:27 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-05 12:16 - 2012-12-18 18:18 - 00000000 ____D () C:\Program Files (x86)\GfKLSPService
2014-03-05 12:16 - 2012-12-18 18:18 - 00000000 ____D () C:\Program Files (x86)\GfK Internet-Monitor
2014-03-05 10:41 - 2011-12-15 22:49 - 01824386 _____ () C:\Windows\WindowsUpdate.log
2014-03-05 07:50 - 2011-12-15 23:03 - 00003994 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{BED83497-7AB8-422F-B29F-09FD31D8B82B}
2014-03-05 07:36 - 2009-07-14 05:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-05 07:36 - 2009-07-14 05:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-04 18:38 - 2012-02-28 23:05 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-04 07:52 - 2013-05-14 16:27 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-03 19:34 - 2011-04-12 08:43 - 00822558 _____ () C:\Windows\system32\perfh007.dat
2014-03-03 19:34 - 2011-04-12 08:43 - 00198784 _____ () C:\Windows\system32\perfc007.dat
2014-03-03 19:34 - 2009-07-14 06:13 - 01955678 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-03 19:30 - 2013-10-21 19:30 - 00003430 _____ () C:\Windows\System32\Tasks\BackgroundContainer Startup Task
2014-03-03 19:30 - 2010-11-21 04:47 - 01158508 _____ () C:\Windows\PFRO.log
2014-03-03 19:30 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-03 19:30 - 2009-07-14 05:51 - 00065035 _____ () C:\Windows\setupact.log
2014-03-03 10:39 - 2013-03-20 21:20 - 00000000 ____D () C:\Users\Andrea Herrmann\Documents\Mein Steuer-Sparbuch Heute
2014-02-28 12:40 - 2014-02-28 12:40 - 00002099 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2014-02-28 12:40 - 2012-02-21 18:59 - 00000814 _____ () C:\Windows\wiso.ini
2014-02-28 12:40 - 2012-02-21 18:59 - 00000000 ____D () C:\Users\Andrea Herrmann\AppData\Local\Buhl
2014-02-28 12:24 - 2012-02-21 18:58 - 00000000 ____D () C:\Program Files (x86)\WISO
2014-02-28 12:24 - 2011-12-15 22:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-28 11:43 - 2013-06-22 15:59 - 00000000 ____D () C:\Users\Andrea Herrmann\Documents\DVDVideoSoft
2014-02-28 03:01 - 2011-12-28 13:12 - 01929022 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-26 22:02 - 2014-02-17 17:37 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-02-26 20:54 - 2013-08-13 19:40 - 00000000 ____D () C:\Users\Andrea Herrmann\Documents\Calibre-Bibliothek
2014-02-26 20:45 - 2014-02-24 18:17 - 00000000 ____D () C:\Program Files\Level Quality Watcher
2014-02-26 20:45 - 2014-02-17 17:37 - 00000000 ____D () C:\ProgramData\WPM
2014-02-26 20:44 - 2014-02-24 18:18 - 04743342 _____ () C:\Windows\system32\SavingsBullFilterService.log
2014-02-26 20:21 - 2014-02-26 20:21 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-26 20:21 - 2014-02-26 20:21 - 00000000 ____D () C:\Users\Andrea Herrmann\AppData\Roaming\Malwarebytes
2014-02-26 20:21 - 2014-02-26 20:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-26 20:21 - 2014-02-26 20:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-26 20:19 - 2014-02-26 20:19 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Andrea Herrmann\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-26 20:15 - 2014-02-26 20:00 - 00000000 ____D () C:\Users\Andrea Herrmann\AppData\Roaming\Nico Mak Computing
2014-02-26 18:39 - 2013-12-30 15:13 - 00000000 ____D () C:\Users\Andrea Herrmann\AppData\Roaming\UseNeXT
2014-02-26 18:36 - 2014-02-24 18:18 - 00000000 ____D () C:\Users\Andrea Herrmann\AppData\Roaming\Activeris
2014-02-26 18:34 - 2014-02-13 19:31 - 00000000 ____D () C:\Users\Andrea Herrmann\AppData\Roaming\systweak
2014-02-26 07:24 - 2011-12-15 22:49 - 00000000 ___RD () C:\Users\Andrea Herrmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-26 07:22 - 2014-02-24 18:16 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-02-24 18:18 - 2014-02-24 18:18 - 00000000 _____ () C:\Windows\SysWOW64\Service.log
2014-02-24 18:18 - 2014-02-24 18:18 - 00000000 _____ () C:\Windows\system32\Service.log
2014-02-24 18:16 - 2014-02-24 18:16 - 00000000 ____D () C:\Users\Andrea Herrmann\Documents\Optimizer Pro
2014-02-24 14:51 - 2013-08-23 12:30 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-02-24 14:51 - 2013-08-23 12:30 - 00000000 ____D () C:\ProgramData\NCH Software
2014-02-24 14:51 - 2013-08-23 12:30 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-02-24 14:43 - 2013-12-17 08:48 - 00002179 _____ () C:\Users\Andrea Herrmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-02-24 14:43 - 2013-12-17 08:48 - 00002019 _____ () C:\Users\Andrea Herrmann\Desktop\Internet Explorer.lnk
2014-02-24 14:43 - 2011-12-15 22:50 - 00001425 _____ () C:\Users\Andrea Herrmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-23 18:57 - 2013-09-09 11:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-21 14:33 - 2013-01-08 23:35 - 17858952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-02-21 14:33 - 2012-07-15 17:27 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 14:33 - 2012-07-15 17:27 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 14:33 - 2011-12-22 20:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-17 17:57 - 2014-02-17 17:57 - 00825216 _____ (AnyProtect.com) C:\Users\Andrea Herrmann\AppData\Local\nsgEBB9.tmp
2014-02-17 03:01 - 2013-08-07 02:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 03:00 - 2011-12-19 21:32 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-15 14:35 - 2014-02-15 14:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 03:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-13 19:40 - 2014-02-13 19:34 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-02-13 19:36 - 2014-02-13 19:36 - 00000046 _____ () C:\Users\Andrea Herrmann\AppData\Roaming\WB.CFG
2014-02-13 19:33 - 2014-02-13 19:31 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-02-13 19:31 - 2014-02-13 19:31 - 00000400 _____ () C:\Users\Andrea Herrmann\Desktop\FREE Games.url
2014-02-13 19:24 - 2014-02-14 18:39 - 00000426 _____ () C:\AVScanner.ini
2014-02-13 18:33 - 2012-02-28 23:05 - 00004124 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-13 18:33 - 2012-02-28 23:05 - 00003872 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-12 20:26 - 2012-08-02 19:22 - 00000000 ____D () C:\Users\Andrea Herrmann\Documents\Brenner Speicher
2014-02-05 18:48 - 2013-12-30 15:56 - 00000000 ____D () C:\Users\Andrea Herrmann\Documents\eBooks
2014-02-04 16:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
Some content of TEMP:
====================
C:\Users\Andrea Herrmann\AppData\Local\Temp\80302uninstall.exe
C:\Users\Andrea Herrmann\AppData\Local\Temp\APNStub.exe
C:\Users\Andrea Herrmann\AppData\Local\Temp\AskSLib.dll
C:\Users\Andrea Herrmann\AppData\Local\Temp\avgnt.exe
C:\Users\Andrea Herrmann\AppData\Local\Temp\A~NSISu_.exe
C:\Users\Andrea Herrmann\AppData\Local\Temp\BackupSetup.exe
C:\Users\Andrea Herrmann\AppData\Local\Temp\dsHostCheckerSetup.exe
C:\Users\Andrea Herrmann\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe
C:\Users\Andrea Herrmann\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Andrea Herrmann\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Andrea Herrmann\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Andrea Herrmann\AppData\Local\Temp\JuniperSetupClientInstaller.exe
C:\Users\Andrea Herrmann\AppData\Local\Temp\pn601B.exe
C:\Users\Andrea Herrmann\AppData\Local\Temp\setup.exe
C:\Users\Andrea Herrmann\AppData\Local\Temp\Sqlite3.dll
C:\Users\Andrea Herrmann\AppData\Local\Temp\tbDVD0.dll
C:\Users\Andrea Herrmann\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Andrea Herrmann\AppData\Local\Temp\wpsetup.exe
C:\Users\Andrea Herrmann\AppData\Local\Temp\ydetect.exe
C:\Users\Andrea Herrmann\AppData\Local\Temp\zipsetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-28 00:00
==================== End Of Log ============================
und hier die Addition.txtFRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2014 02
Ran by Andrea Herrmann at 2014-03-05 12:42:06
Running from C:\Users\Andrea Herrmann\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
ActKey (x32 Version: 1.5.0.0 - Oki Data Corporation) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC)
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.6.36191 - Ask.com) <==== ATTENTION
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.2.2.000 - Asmedia Technology)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2005548270.48.56.36965610 - Audible, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.338 - Avira)
B1315AppGuid (x32 Version: 1.0.0 - DATEV eG) Hidden
Babylon Chrome Toolbar (HKLM-x32\...\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}) (Version: 2.0.0.7 - Babylon Ltd) <==== ATTENTION
Babylon toolbar (HKLM-x32\...\BabylonToolbar) (Version: 1.8.7.2 - BabylonToolbar) <==== ATTENTION
calibre (HKLM-x32\...\{1BFDD064-4C67-4156-A6C6-6E8D63563B3B}) (Version: 1.20.0 - Kovid Goyal)
Citrix XenApp Web Plugin (HKLM-x32\...\{C0B165DC-F037-483F-B1C9-D89D91529CEB}) (Version: 11.0.150.5357 - Citrix Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Crystal Reports Runtime XI (x32 Version: 1.0.9 - DATEV eG) Hidden
DATEV Infragistics Runtime V.3.2 (x32 Version: 3.2.0 - Infragistics, Inc.) Hidden
DATEV Installation V.3.2 (HKLM-x32\...\DATEVB00000482.0) (Version: - )
DDBAC (HKLM-x32\...\{E3B6D3FB-A593-41BA-9AB1-FFE46F608565}) (Version: 5.3.21 - DataDesign)
DFL2010 ConfigDB (HKLM-x32\...\{46B1F595-EFB2-4463-B302-312A2C7B70A6}) (Version: 4.35.4339.0 - DATEV eG)
DFL2010 Microkernel (HKLM-x32\...\{063DF19F-5FE9-43D3-A961-944ABD050A4C}) (Version: 4.35.4339.0 - DATEV eG)
EPubsoft DRM Removal 7.2.3 (HKLM-x32\...\{57727D0E-9848-499E-BE07-9F956800F319}) (Version: 7.2.3 - EPUBSOFT)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.19.1219 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.19.1219 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.17.1127 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.17.1127 - DVDVideoSoft Ltd.)
GfK Internet-Monitor (HKLM-x32\...\39992AD7-103F-4308-8BB7-3F65F543604D) (Version: 12.6.186 - GfK)
Gigaset QuickSync (HKLM\...\{31a52f2e-32e8-4c8f-9d99-6fd0c37c99ef}) (Version: 7.2.0844.6 - Gigaset Communications GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Hardcopy (HKLM-x32\...\Hardcopy) (Version: 2013.03.20 - www.hardcopy.de)
HP Officejet Pro 8500 A910 - Grundlegende Software für das Gerät (HKLM\...\{E0FE1E14-3A7A-4DB0-9FFA-0DD945AE84DB}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet Pro 8500 A910 Hilfe (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2361 - Intel Corporation)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Juniper Citrix Services Client (HKCU\...\Juniper_Citrix_Services) (Version: 7.3.0.24309 - Juniper Networks)
Juniper Networks Host Checker (HKCU\...\Neoteris_Host_Checker) (Version: 7.3.0.24309 - Juniper Networks)
Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.3.4.32787 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Lexware vereinsverwaltung (HKLM-x32\...\{60489316-974E-431B-BB83-EAA11D1FBC9D}) (Version: 11.0 - Lexware)
LexwareVereinsverwaltung 12 Update (HKLM-x32\...\{B91E216D-425B-4016-BD26-57D6BBF8B768}) (Version: 12.0 - Haufe-Lexware GmbH & Co KG)
LexwareVereinsverwaltung 13 Update (HKLM-x32\...\{6EE806F2-B855-48EC-B6B1-87D183D8D9CF}) (Version: 6.0 - Haufe-Lexware GmbH & Co KG)
LexwareVereinsverwaltungUpdate14 (HKLM-x32\...\{719D1EDB-3C4D-469E-B2A4-E803F36694DF}) (Version: 14.0 - Haufe-Lexware GmbH & Co KG)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Marketsplash Schnellzugriffe (HKLM-x32\...\{7A108EBC-C9DF-4E14-93A8-42CF316F1ECF}) (Version: 1.0.1.7 - Hewlett-Packard)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2003 Primary Interop Assemblies (HKLM-x32\...\{91490409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6553.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Outlook-Sicherung für Persönliche Ordner (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{79A2C6E8-C727-4D12-B4B3-19790C181DEA}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{C3525BF7-3698-4CD3-A8C3-69BD6F57BA3B}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7C39E0D1-E138-42B1-B083-213EC2CF7692}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XML Parser (x32 Version: 8.70.1104.04 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.4 - F.J. Wechselberger)
NCH DE Toolbar (HKLM-x32\...\NCH_DE Toolbar) (Version: 6.15.0.27 - NCH DE)
Nero 10 Movie ThemePack Basic (x32 Version: 10.0.10600.6.0 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11300.14.100 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 1.0.10900 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.0.12900.2.6 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 1.0.10900 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.16800.7.15 - Nero AG) Hidden
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.11200.16.100 - Nero AG)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 1.0.10900 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.11400.18.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 1.0.10900 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.12300.23.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 1.0.10900 - Nero AG) Hidden
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.11400.15.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (x32 Version: 1.0.10900 - Nero AG) Hidden
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.14800.28.100 - Nero AG)
Nero MediaHub 10 Help (CHM) (x32 Version: 1.0.10900 - Nero AG) Hidden
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{7D0A13FA-56BC-4755-8BAF-45A69BA6A5C8}) (Version: 10.0.10300 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.12600.30.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 1.0.10900 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
OKI ActKey (HKLM-x32\...\InstallShield_{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.5.0.0 - Oki Data Corporation)
OKI Alert Info (HKLM-x32\...\{9427081E-AC7E-49D4-964F-E2E27C7175BF}) (Version: 1.3.1 - Okidata)
OKI Color Correct Utility (HKLM-x32\...\{5D729200-F340-4A74-A1E9-32387CDC63EF}) (Version: 2.17.2 - Okidata)
OKI Color Swatch-Dienstprogramm (HKLM-x32\...\{A344F95E-E51A-450C-8F84-C940BF61903E}) (Version: 2.1.12 - Okidata)
OKI Configuration Tool (HKLM-x32\...\{0F55DD09-15EC-4F5D-B517-94852884AEF5}) (Version: 1.6.5 - Okidata)
OKI Device Setting (HKLM-x32\...\{D4E9C626-14A8-4AEB-92F3-BE65EC4CFAEF}) (Version: 1.6.6 - Okidata)
OKI LPR-Dienstprogramm (HKLM-x32\...\{465914BD-324C-4442-A9F6-E9347AB38EB8}) (Version: 5.1.0 - Okidata)
OKI MC5(3)x2/ES5(3)4x2 Scanner (HKLM-x32\...\InstallShield_{14915907-DB64-49DC-BB9D-1935D38CD250}) (Version: 1.0.1.0 - Oki Data Corporation)
OKI Network Setting (HKLM-x32\...\{099DE9EF-2781-4A72-BD0F-53AAC78A93B2}) (Version: 1.0.3 - Okidata)
OKI PDF Print Direct (HKLM-x32\...\{2CA86624-3491-4B2D-B64E-01D2D25AA732}) (Version: 3.4.8 - Okidata)
OKI Print Job Accounting Client (HKLM-x32\...\{1264AAF6-BE5D-4909-9238-2F3D2DC36808}) (Version: 1.00.000 - Okidata)
OKI PS Gamma Adjuster (HKLM-x32\...\{8F93941C-2ECF-40C6-A0AC-D0BE40E7911E}) (Version: 1.1.13 - Okidata)
OKI Storage Manager (HKLM-x32\...\{C7BCF2EA-4AE1-4AF0-9EAB-2252015C4DF2}) (Version: 1.0.5 - Okidata)
OKI User Setting (HKLM-x32\...\{C8244493-32A4-4275-8145-D16FFE1D8E36}) (Version: 1.4.3 - Okidata)
Opticon USB Drivers Installer (HKLM-x32\...\Opticon USB Installer) (Version: - )
PcCloneEX (HKLM-x32\...\PcCloneEX) (Version: - )
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - )
Pinnacle Studio 14 (HKLM-x32\...\{AADD1C8F-D59F-4D55-A726-768C71A205A8}) (Version: 14.0.0.7255 - Pinnacle Systems)
Pinnacle Video Treiber (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
ProShow Gold (HKLM-x32\...\ProShow Gold) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12114_1 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.0.12114_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
SavingsBull (HKLM\...\Level Quality Watcher) (Version: SavingsBull - SavingsBull) <==== ATTENTION
SavingsBull (x32 Version: 1.0.0.0 - SavingsBull) Hidden
SavingsbullFilter (Version: 1.0.0.0 - SavingsBull Filter) Hidden <==== ATTENTION
ScanIT-Client 3.2 (HKLM-x32\...\ScanIT-Client_is1) (Version: - GfK Panel Services Deutschland GmbH)
ScannerDriver (Version: 1.0.1.0 - Oki Data Corporation) Hidden
ScoreFitter Volume 1 (HKLM-x32\...\{9DCBDF08-F1C0-4935-A958-9501384FC528}) (Version: 1.00.0000 - Pinnacle Systems)
Service Pack 2 für SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Full text search (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQLXML4 (HKLM\...\{BFBF33B5-AEFE-454B-A189-DF5013028535}) (Version: 9.00.5000.00 - Microsoft Corporation)
SureThing Express Labeler (HKLM-x32\...\stax-Pinnacle_is1) (Version: - MicroVision Development, Inc.)
Switch Audiodatei-Konverter (HKLM-x32\...\Switch) (Version: 4.48 - NCH Software)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM-x32\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.5000.00 - Microsoft Corporation)
WavePad Audio-Editor (HKLM-x32\...\WavePad) (Version: 5.49 - NCH Software)
WISO Steuer-Sparbuch 2012 (HKLM-x32\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{8CACB6E5-FCBF-44D7-881E-C6F756328434}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Wondershare Video Converter Ultimate(Build 6.7.1.0) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 6.7.1.0 - Wondershare Software)
Yahoo Community Smartbar (HKLM-x32\...\{D7403121-68C2-48BC-874D-048015E60DF0}) (Version: 10.179.66.13636 - Linkury Inc.) <==== ATTENTION
Yahoo Community Smartbar Engine (HKCU\...\{88ef56eb-3205-4298-bb8a-555d7054ed7d}) (Version: 10.179.66.13636 - Linkury Inc.) <==== ATTENTION
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )
==================== Restore Points =========================
04-03-2014 07:00:35 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {03DF8E57-9623-4EB3-B2F6-0308A615936B} - System32\Tasks\hcdll2_ex_x64 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe [2012-11-08] ()
Task: {1775B117-5A48-4F9D-B5D9-D2230E0BEECD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-28] (Google Inc.)
Task: {23D1C6C3-DDFA-4B31-BC41-973C85369C7A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-28] (Google Inc.)
Task: {426F47B0-A88D-4FD7-B732-7D22C443D5B0} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\Andrea Herrmann\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTION
Task: {646F8DC7-958A-4B71-A3CF-7071100E7A46} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe [2012-11-08] ()
Task: {77F73D87-F966-494A-A792-FDC5F388A730} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {AD4763F2-0E66-4AE1-911E-6984D95BCD54} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION
Task: {BDA14FDA-5497-4197-BCF3-F33D0F7800AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {D041E026-9133-4087-916A-98DB7268D8E1} - System32\Tasks\DATEV eG\DATEV Update-Monitor => C:\DATEV\PROGRAMM\Install\DvInesASDMon.Exe [2013-08-02] (DATEV eG)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-04-10 15:00 - 2012-07-30 09:28 - 00125504 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_38_x64.dll
2014-01-26 16:21 - 2013-08-23 13:36 - 00721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2013-04-10 15:00 - 2012-11-08 07:38 - 00044608 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
2013-04-10 15:00 - 2012-11-08 07:39 - 00037440 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
2013-12-11 15:56 - 2013-11-28 19:21 - 03089384 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
2013-12-11 15:56 - 2013-11-28 19:21 - 01376232 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
2011-12-28 13:19 - 2011-12-28 13:19 - 00181312 _____ () C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe
2011-12-15 22:56 - 2011-04-10 03:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-02 19:08 - 2014-01-14 20:46 - 03140608 _____ () C:\Users\Andrea Herrmann\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2013-10-07 16:35 - 2011-10-18 16:12 - 00252928 _____ () C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe
2014-02-28 12:26 - 2013-10-30 17:45 - 01427024 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe
2013-12-11 15:56 - 2013-11-28 19:14 - 00058856 _____ () C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe
2013-08-10 14:12 - 2013-08-10 12:44 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-04-10 15:00 - 2012-07-30 09:27 - 00116800 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_38_Win32.dll
2013-04-10 15:00 - 2012-07-05 14:56 - 00052800 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_05.dll
2012-12-18 18:18 - 2012-11-08 12:19 - 00474360 _____ () C:\Program Files (x86)\GfK Internet-Monitor\UpdateHelper.dll
2013-12-11 15:56 - 2013-11-28 19:14 - 02180584 _____ () C:\Program Files (x86)\gfklspservice\pcproxydll.dll
2014-02-28 12:24 - 2013-10-30 17:45 - 09572944 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\wgui14.dll
2014-02-28 12:24 - 2013-10-30 17:45 - 00034896 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsdcom48.dll
2014-02-28 12:24 - 2013-10-30 17:45 - 00308816 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\rscorewinapi48.dll
2014-02-28 12:24 - 2013-10-30 17:45 - 00321616 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsguiwinapi48.dll
2014-02-28 12:24 - 2013-10-30 17:46 - 03674192 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\wcore14.dll
2014-02-28 12:24 - 2013-10-30 17:45 - 00136272 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsodbc48.dll
2014-02-28 12:24 - 2013-10-30 17:45 - 02467408 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\wfvie14.dll
2014-02-28 12:24 - 2013-10-30 17:45 - 01855568 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\wsteu14.dll
2014-02-28 12:24 - 2013-10-30 17:45 - 01904208 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\wreli14.dll
2014-02-28 12:24 - 2013-10-30 17:45 - 04277840 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\wauff14.dll
2014-02-28 12:24 - 2013-10-30 17:37 - 01043456 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-core.dll
2014-02-28 12:24 - 2013-10-30 17:37 - 00094720 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-shared.dll
2014-02-28 12:24 - 2013-10-30 17:37 - 00250368 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-contribs-lib.dll
2014-02-28 12:24 - 2013-10-30 17:45 - 01396816 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\wmain14.dll
2014-02-28 12:24 - 2013-10-30 17:45 - 05019728 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae114.dll
2014-02-28 12:24 - 2013-10-30 17:45 - 01666128 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae214.dll
2014-02-28 12:24 - 2013-10-30 17:45 - 01786448 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae314.dll
2014-02-28 12:24 - 2013-10-30 17:45 - 01624144 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae414.dll
2014-02-28 12:24 - 2013-10-30 17:45 - 01125456 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\whau114.dll
2014-02-28 12:24 - 2013-10-30 17:45 - 01316944 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\whau214.dll
2014-02-28 12:24 - 2013-10-30 17:45 - 01278544 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\wwerb14.dll
2014-02-28 12:24 - 2013-10-30 17:45 - 06818384 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\wkont14.dll
2014-02-28 12:24 - 2013-10-30 17:45 - 01266768 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\wimp14.dll
2014-02-28 12:24 - 2013-10-30 17:45 - 01322064 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\wfabu14.dll
2013-04-10 15:00 - 2013-03-16 13:39 - 02921976 _____ () C:\Program Files (x86)\Hardcopy\HcDllS.dll
2014-02-15 14:35 - 2014-02-15 14:35 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2003-07-11 02:09 - 2003-07-11 02:09 - 00048192 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\1031\nsextint.dll
2014-02-21 14:33 - 2014-02-21 14:33 - 16265096 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/04/2014 08:34:36 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 27.0.1.5156, Zeitstempel: 0x52fc0fcf
Name des fehlerhaften Moduls: NPSWF32_12_0_0_70.dll, Version: 12.0.0.70, Zeitstempel: 0x530164e1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x003500bc
ID des fehlerhaften Prozesses: 0x2aa4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (03/03/2014 07:32:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/03/2014 06:27:27 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16798, Zeitstempel: 0x52ec7da1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038e19
ID des fehlerhaften Prozesses: 0x2e20
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Error: (03/03/2014 10:48:38 AM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (03/03/2014 10:40:22 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/28/2014 00:37:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16798, Zeitstempel: 0x52ec7dc3
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000053290
ID des fehlerhaften Prozesses: 0x12a8
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Error: (02/28/2014 03:20:26 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/27/2014 03:20:33 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/26/2014 10:05:52 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/26/2014 08:47:14 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (03/04/2014 08:15:06 PM) (Source: DCOM) (User: AndreaHerrmann)
Description: AnwendungsspezifischLokalAktivierung{D3DCB472-7261-43CE-924B-0704BD730D5F}{D3DCB472-7261-43CE-924B-0704BD730D5F}AndreaHerrmannAndrea HerrmannS-1-5-21-1490160133-2136194661-3017341833-1000LocalHost (unter Verwendung von LRPC)
Error: (03/04/2014 08:15:06 PM) (Source: DCOM) (User: AndreaHerrmann)
Description: AnwendungsspezifischLokalAktivierung{145B4335-FE2A-4927-A040-7C35AD3180EF}{145B4335-FE2A-4927-A040-7C35AD3180EF}AndreaHerrmannAndrea HerrmannS-1-5-21-1490160133-2136194661-3017341833-1000LocalHost (unter Verwendung von LRPC)
Error: (03/04/2014 08:15:06 PM) (Source: DCOM) (User: AndreaHerrmann)
Description: AnwendungsspezifischLokalAktivierung{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}AndreaHerrmannAndrea HerrmannS-1-5-21-1490160133-2136194661-3017341833-1000LocalHost (unter Verwendung von LRPC)
Error: (03/04/2014 01:49:38 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort4 gefunden.
Error: (03/04/2014 01:49:38 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort4 gefunden.
Error: (03/04/2014 01:49:38 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort4 gefunden.
Error: (03/04/2014 01:49:38 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort4 gefunden.
Error: (03/04/2014 01:49:38 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort4 gefunden.
Error: (03/04/2014 01:49:38 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort4 gefunden.
Error: (03/04/2014 01:49:38 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort4 gefunden.
Microsoft Office Sessions:
=========================
Error: (03/04/2014 08:34:36 PM) (Source: Application Error)(User: )
Description: plugin-container.exe27.0.1.515652fc0fcfNPSWF32_12_0_0_70.dll12.0.0.70530164e1c0000005003500bc2aa401cf37e0c6b6a84aC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll0489b723-a3d4-11e3-b1f5-14dae9e18036
Error: (03/03/2014 07:32:02 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/03/2014 06:27:27 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1679852ec7da1ntdll.dll6.1.7601.18247521ea8e7c000000500038e192e2001cf37056301d7eeC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\ntdll.dll171c6f6d-a2f9-11e3-a890-14dae9e18036
Error: (03/03/2014 10:48:38 AM) (Source: Windows Backup)(User: )
Description: E:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (03/03/2014 10:40:22 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/28/2014 00:37:46 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1679852ec7dc3ntdll.dll6.1.7601.18247521eaf24c0000005000000000005329012a801cf3477fbacc23eC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\ntdll.dllbddc666f-a06c-11e3-8817-14dae9e18036
Error: (02/28/2014 03:20:26 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/27/2014 03:20:33 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/26/2014 10:05:52 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/26/2014 08:47:14 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 35%
Total physical RAM: 8039.24 MB
Available physical RAM: 5209.88 MB
Total Pagefile: 16076.66 MB
Available Pagefile: 12178.22 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:9.35 GB) NTFS
Drive e: (Daten sicher) (Fixed) (Total:931.51 GB) (Free:805.1 GB) NTFS
Drive f: (ADATA NH03) (Fixed) (Total:931.28 GB) (Free:517.18 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 520F2613)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: DF391432)
Partition: GPT Partition Type.
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: B875A4FD)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
06.03.2014, 10:35
| #4 |
| /// the machine /// TB-Ausbilder | Bekomme ständig im IE und Firefox Meldungen über Systemwarnung Bedrohung hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
WARNUNG an die MITLESER: 
Linear-Darstellung
