| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Unterstrichene Wörter und nervige Werbung überall beim IEWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.04.2014, 08:48
| #1 |
| |  Unterstrichene Wörter und nervige Werbung überall beim IE Hallo, ich bin neu hier und mittlerweile echt genervt von diesem ganzen Werbegedöns und lustig bunt unterlegten Wörtern mit Verlinkung auf irgendwelche Seiten. Ich habe hier mal quergelesen und mir schonmal die Farbar runtergeladen und gescannt. Jetzt habe ich zwei Dateien, die Addition und FRST. Nur leider bin ich zu laienhaft, um mir daraus auch nur die kleinsten Schlüsse ziehen zu können. Ist hier jemand, der mir helfen könnte? Trotz allem einen schönen Sonntag  Liebe Grüße, Michaela |
|
27.04.2014, 10:26
| #2 |
| Ruhe in Frieden † 2019     | Unterstrichene Wörter und nervige Werbung überall beim IE Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist. Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke. Dazu:
Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
27.04.2014, 10:32
| #3 |
| | Unterstrichene Wörter und nervige Werbung überall beim IE Hallo,
__________________hier die FRST FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2014 03
Ran by fam. puups (administrator) on BUUBSER-PC on 27-04-2014 09:31:10
Running from C:\Users\fam. puups\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S4A3YLER
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Realtek) C:\Program Files (x86)\SITECOM\300N USB Wireless LAN Utility\RtlService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\SITECOM\300N USB Wireless LAN Utility\RtWlan.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Users\fam. puups\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Dropbox, Inc.) C:\Users\fam. puups\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe
() C:\Program Files (x86)\BrowseMark\updateBrowseMark.exe
() C:\Program Files (x86)\BrowseMark\bin\utilBrowseMark.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_13_0_0_182_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Photoshop.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11580520 2010-11-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [1535112 2012-09-12] (McAfee, Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [627304 2011-08-11] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2190563362-1364298270-2338808092-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2190563362-1364298270-2338808092-1000\...\Run: [Facebook Update] => C:\Users\fam. puups\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-23] (Facebook Inc.)
HKU\S-1-5-21-2190563362-1364298270-2338808092-1000\...\Run: [AppsHat] => C:\Users\fam. puups\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [202752 2012-10-26] ()
HKU\S-1-5-21-2190563362-1364298270-2338808092-1000\...\MountPoints2: {97ce9d52-f36d-11e0-852e-806e6f6e6963} - E:\start.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\fam. puups\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\fam. puups\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\fam. puups\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=wld&from=wld&uid=ST31000524AS_6VPDBKWLXXXX6VPDBKWL&ts=1367960740
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dsites05_14_16_ie&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0CyC0CtCtBzzyEyCyEyE0AtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDzzyE0DzztA0EzytGtCzy0AyBtG0BtB0AtAtGtAtAtD0CtGyEzyyEyEyBtCyD0EyB0Fzz0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0EtCyB0CtDyDyCtG0Bzz0A0DtGyB0DtDyBtG0D0FyCzztGyEtAzzyBzzyByB0B0AyC0C0B2Q&cr=581505721&ir=
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=wld&from=wld&uid=ST31000524AS_6VPDBKWLXXXX6VPDBKWL&ts=1367960740
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_16_ie&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0CyC0CtCtBzzyEyCyEyE0AtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDzzyE0DzztA0EzytGtCzy0AyBtG0BtB0AtAtGtAtAtD0CtGyEzyyEyEyBtCyD0EyB0Fzz0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0EtCyB0CtDyDyCtG0Bzz0A0DtGyB0DtDyBtG0D0FyCzztGyEtAzzyBzzyByB0B0AyC0C0B2Q&cr=581505721&ir=
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_16_ie&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0CyC0CtCtBzzyEyCyEyE0AtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDzzyE0DzztA0EzytGtCzy0AyBtG0BtB0AtAtGtAtAtD0CtGyEzyyEyEyBtCyD0EyB0Fzz0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0EtCyB0CtDyDyCtG0Bzz0A0DtGyB0DtDyBtG0D0FyCzztGyEtAzzyBzzyByB0B0AyC0C0B2Q&cr=581505721&ir=
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=wld&from=wld&uid=ST31000524AS_6VPDBKWLXXXX6VPDBKWL&ts=6029426
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=0ef12fe3-d76b-5f04-da79-258f9e65bea6&searchtype=ds&q={searchTerms}&installDate=24/10/2013
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=0ef12fe3-d76b-5f04-da79-258f9e65bea6&searchtype=ds&q={searchTerms}&installDate=24/10/2013
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
BHO: ElectroLyrics-1 - {11111111-1111-1111-1111-110411181144} - C:\Program Files (x86)\ElectroLyrics-1\ElectroLyrics-1-bho64.dll No File
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120718001046.dll (McAfee, Inc.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120718001046.dll (McAfee, Inc.)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: af0.Adblock.BHO - {90EFF544-3981-4d46-85C9-C0361D0931D6} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: BrowseMark - {aeac172e-2e4b-4b92-9af6-b0cdb1acecdb} - C:\Program Files (x86)\BrowseMark\BrowseMarkbho.dll (BrowseMark)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\fam. puups\AppData\Roaming\Mozilla\Firefox\Profiles\r7ydkjzd.default
FF user.js: detected! => C:\Users\fam. puups\AppData\Roaming\Mozilla\Firefox\Profiles\r7ydkjzd.default\user.js
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Mysearchdial
FF SelectedSearchEngine: Mysearchdial
FF Homepage: hxxp://start.mysearchdial.com/?f=1&a=dsites05_14_16_ie&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0CyC0CtCtBzzyEyCyEyE0AtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDzzyE0DzztA0EzytGtCzy0AyBtG0BtB0AtAtGtAtAtD0CtGyEzyyEyEyBtCyD0EyB0Fzz0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0EtCyB0CtDyDyCtG0Bzz0A0DtGyB0DtDyBtG0D0FyCzztGyEtAzzyBzzyByB0B0AyC0C0B2Q&cr=581505721&ir=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\fam. puups\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\fam. puups\AppData\Roaming\Mozilla\Firefox\Profiles\r7ydkjzd.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\fam. puups\AppData\Roaming\Mozilla\Firefox\Profiles\r7ydkjzd.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\fam. puups\AppData\Roaming\Mozilla\Firefox\Profiles\r7ydkjzd.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\fam. puups\AppData\Roaming\Mozilla\Firefox\Profiles\r7ydkjzd.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\fam. puups\AppData\Roaming\Mozilla\Firefox\Profiles\r7ydkjzd.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Users\fam. puups\AppData\Roaming\Mozilla\Firefox\Profiles\r7ydkjzd.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Users\fam. puups\AppData\Roaming\Mozilla\Firefox\Profiles\r7ydkjzd.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Amazon-Icon - C:\Users\fam. puups\AppData\Roaming\Mozilla\Firefox\Profiles\r7ydkjzd.default\Extensions\amazon-icon@winload.de [2013-05-07]
FF Extension: ElectroLyrics-1 - C:\Users\fam. puups\AppData\Roaming\Mozilla\Firefox\Profiles\r7ydkjzd.default\Extensions\bbf8c9b4-8e92-4864-a738-39b4d9d297ba@c61f16d8-dec3-4ab4-a153-723bd1d0f742.com [2014-03-08]
FF Extension: loadtbs - C:\Users\fam. puups\AppData\Roaming\Mozilla\Firefox\Profiles\r7ydkjzd.default\Extensions\software@loadtubes.com [2012-10-05]
FF Extension: Spartipps von SparPilot.com - C:\Users\fam. puups\AppData\Roaming\Mozilla\Firefox\Profiles\r7ydkjzd.default\Extensions\sparpilot@sparpilot.com [2013-05-07]
FF Extension: No Name - C:\Users\fam. puups\AppData\Roaming\Mozilla\Firefox\Profiles\r7ydkjzd.default\Extensions\staged [2014-04-16]
FF Extension: Apps Hat - C:\Users\fam. puups\AppData\Roaming\Mozilla\Firefox\Profiles\r7ydkjzd.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF} [2013-10-24]
FF Extension: MySearchDial NewTab - C:\Users\fam. puups\AppData\Roaming\Mozilla\Firefox\Profiles\r7ydkjzd.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} [2014-04-16]
FF Extension: WEB.DE MailCheck - C:\Users\fam. puups\AppData\Roaming\Mozilla\Firefox\Profiles\r7ydkjzd.default\Extensions\toolbar@web.de.xpi [2013-10-24]
FF Extension: BrowseMark - C:\Users\fam. puups\AppData\Roaming\Mozilla\Firefox\Profiles\r7ydkjzd.default\Extensions\{b99c8534-7800-48fa-bd71-519a46cdc7e1}.xpi [2014-04-14]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: No Name - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012-07-18]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-07-11]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2011-07-11]
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-04-12] (Adobe Systems)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2211000 2014-03-30] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [224704 2011-03-09] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241016 2012-11-09] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-11-09] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182312 2012-12-26] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 Realtek11nSU; C:\Program Files (x86)\SITECOM\300N USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek)
R2 Update BrowseMark; C:\Program Files (x86)\BrowseMark\updateBrowseMark.exe [351008 2014-04-27] ()
R2 Util BrowseMark; C:\Program Files (x86)\BrowseMark\bin\utilBrowseMark.exe [351008 2014-04-27] ()
==================== Drivers (Whitelisted) ====================
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [69672 2012-11-09] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [178840 2012-12-26] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309400 2012-11-09] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515528 2012-11-09] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771096 2012-12-26] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-11-09] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [339776 2012-11-09] (McAfee, Inc.)
R1 {b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw64; C:\Windows\System32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw64.sys [61120 2014-04-24] (StdLib)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
R4 wStLibG64; system32\drivers\wStLibG64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-27 09:30 - 2014-04-27 09:31 - 00000000 ____D () C:\FRST
2014-04-27 09:11 - 2014-04-27 09:11 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-27 09:11 - 2014-04-27 09:11 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-04-27 09:09 - 2014-04-27 09:09 - 04741136 _____ () C:\Users\fam. puups\Downloads\adblockplusie-1.1.exe
2014-04-27 08:50 - 2014-04-27 08:50 - 00000000 ____D () C:\Program Files (x86)\af0.net
2014-04-27 08:49 - 2014-04-27 08:49 - 02378752 _____ () C:\Users\fam. puups\Downloads\Adblock_Installer (1).msi
2014-04-27 08:48 - 2014-04-27 08:49 - 02378752 _____ () C:\Users\fam. puups\Downloads\Adblock_Installer.msi
2014-04-26 20:02 - 2014-04-26 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-04-25 08:54 - 2014-04-25 08:54 - 00000947 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaalDesignSoftware.lnk
2014-04-25 08:54 - 2014-04-25 08:54 - 00000935 _____ () C:\Users\Public\Desktop\SaalDesignSoftware.lnk
2014-04-25 08:54 - 2014-04-25 08:54 - 00000000 ____D () C:\Program Files (x86)\SaalDesignSoftware
2014-04-25 08:02 - 2014-04-24 12:34 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw64.sys
2014-04-18 13:32 - 2014-04-18 13:32 - 00000000 ____D () C:\Users\fam. puups\Documents\Daten für WinSchafkopf XP
2014-04-18 13:31 - 2014-04-18 13:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Classics
2014-04-18 13:31 - 2014-04-18 13:31 - 00000000 ____D () C:\Program Files (x86)\Red Classics
2014-04-15 10:48 - 2014-04-16 13:08 - 00000000 ____D () C:\Program Files (x86)\BrowseMark
2014-04-15 10:47 - 2014-04-15 10:47 - 00000000 ____D () C:\Program Files (x86)\OpenIt
2014-04-15 10:46 - 2014-04-15 10:46 - 00675608 _____ ( ) C:\Users\fam. puups\Downloads\ZipExtractorSetup (2).exe
2014-04-15 10:43 - 2014-04-15 10:43 - 00053347 _____ () C:\Users\fam. puups\Downloads\nuevos.abr.rar
2014-04-15 10:42 - 2014-04-15 10:50 - 00000000 ____D () C:\Users\fam. puups\Downloads\nuevos.abr
2014-04-15 10:40 - 2014-04-15 10:40 - 00053269 _____ () C:\Users\fam. puups\Downloads\nuevos.abr.zip
2014-04-15 10:39 - 2014-04-15 10:39 - 00675608 _____ ( ) C:\Users\fam. puups\Downloads\ZipExtractorSetup (1).exe
2014-04-12 13:25 - 2014-04-12 13:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-11 09:44 - 2014-04-11 09:44 - 00000000 __SHD () C:\Users\fam. puups\AppData\Local\EmieUserList
2014-04-11 09:44 - 2014-04-11 09:44 - 00000000 __SHD () C:\Users\fam. puups\AppData\Local\EmieSiteList
2014-04-11 00:27 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-11 00:27 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-11 00:27 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-11 00:27 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-11 00:27 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-11 00:27 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-11 00:27 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-11 00:27 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-11 00:27 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-11 00:27 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-11 00:27 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-11 00:27 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-11 00:27 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-11 00:27 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-11 00:27 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-11 00:27 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-11 00:27 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-11 00:27 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-11 00:27 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-11 00:27 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-11 00:27 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-11 00:27 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-11 00:27 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-11 00:27 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-11 00:27 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-11 00:27 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-11 00:27 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-11 00:27 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-11 00:27 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-11 00:27 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-11 00:27 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-11 00:27 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-11 00:27 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-11 00:27 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-11 00:27 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-11 00:27 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-11 00:27 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-11 00:27 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-11 00:27 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-11 00:27 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-11 00:27 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-11 00:27 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-11 00:27 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-11 00:27 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-11 00:27 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-11 00:27 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-11 00:27 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-11 00:27 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-10 09:20 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 09:20 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 09:20 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 09:20 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 09:20 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 09:20 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 09:20 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 09:20 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 09:20 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 09:20 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 09:20 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 09:20 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-10 09:19 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 09:19 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 09:19 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 09:19 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 09:19 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-03-31 21:07 - 2014-03-31 21:07 - 00000000 ____D () C:\Users\fam. puups\Downloads\Freebie
2014-03-31 21:06 - 2014-03-31 21:06 - 00000983 _____ () C:\Users\fam. puups\Downloads\Freebie.zip
2014-03-31 21:03 - 2014-03-31 21:04 - 00000000 ____D () C:\Users\fam. puups\Downloads\DarkDramaBW
2014-03-31 20:57 - 2014-03-31 20:57 - 00004132 _____ () C:\Users\fam. puups\Downloads\DarkDramaBW.zip
==================== One Month Modified Files and Folders =======
2014-04-27 09:31 - 2014-04-27 09:30 - 00000000 ____D () C:\FRST
2014-04-27 09:29 - 2012-10-23 16:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-27 09:23 - 2011-10-10 20:19 - 02074379 _____ () C:\Windows\WindowsUpdate.log
2014-04-27 09:11 - 2014-04-27 09:11 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-27 09:11 - 2014-04-27 09:11 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-04-27 09:09 - 2014-04-27 09:09 - 04741136 _____ () C:\Users\fam. puups\Downloads\adblockplusie-1.1.exe
2014-04-27 08:50 - 2014-04-27 08:50 - 00000000 ____D () C:\Program Files (x86)\af0.net
2014-04-27 08:49 - 2014-04-27 08:49 - 02378752 _____ () C:\Users\fam. puups\Downloads\Adblock_Installer (1).msi
2014-04-27 08:49 - 2014-04-27 08:48 - 02378752 _____ () C:\Users\fam. puups\Downloads\Adblock_Installer.msi
2014-04-27 08:37 - 2012-07-16 17:14 - 00000000 ____D () C:\Users\fam. puups\AppData\Local\VirtualStore
2014-04-27 08:12 - 2013-10-07 12:07 - 00034642 _____ () C:\Windows\setupact.log
2014-04-27 07:52 - 2012-09-23 13:47 - 00000948 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2190563362-1364298270-2338808092-1000UA.job
2014-04-26 20:02 - 2014-04-26 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-04-26 16:22 - 2012-09-23 13:47 - 00000926 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2190563362-1364298270-2338808092-1000Core.job
2014-04-25 08:54 - 2014-04-25 08:54 - 00000947 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaalDesignSoftware.lnk
2014-04-25 08:54 - 2014-04-25 08:54 - 00000935 _____ () C:\Users\Public\Desktop\SaalDesignSoftware.lnk
2014-04-25 08:54 - 2014-04-25 08:54 - 00000000 ____D () C:\Program Files (x86)\SaalDesignSoftware
2014-04-25 07:31 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-25 07:31 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-25 07:29 - 2011-09-29 13:06 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-04-25 07:29 - 2011-09-29 13:06 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-04-25 07:29 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-25 07:23 - 2012-08-08 11:13 - 00000000 ____D () C:\Users\fam. puups\AppData\Roaming\Dropbox
2014-04-25 07:23 - 2012-07-16 18:31 - 00000000 ____D () C:\ProgramData\clear.fi
2014-04-25 07:23 - 2011-10-10 20:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-25 07:23 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-24 12:34 - 2014-04-25 08:02 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw64.sys
2014-04-23 20:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-23 10:12 - 2009-07-14 06:45 - 05134272 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-19 11:48 - 2012-07-16 17:15 - 00140160 _____ () C:\Users\fam. puups\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-18 13:32 - 2014-04-18 13:32 - 00000000 ____D () C:\Users\fam. puups\Documents\Daten für WinSchafkopf XP
2014-04-18 13:31 - 2014-04-18 13:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Classics
2014-04-18 13:31 - 2014-04-18 13:31 - 00000000 ____D () C:\Program Files (x86)\Red Classics
2014-04-18 10:26 - 2013-10-07 20:25 - 00225108 _____ () C:\Windows\PFRO.log
2014-04-16 22:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-16 13:08 - 2014-04-15 10:48 - 00000000 ____D () C:\Program Files (x86)\BrowseMark
2014-04-15 10:51 - 2012-10-22 23:15 - 00000000 ____D () C:\Users\fam. puups\Adobe Photoshop CS6
2014-04-15 10:50 - 2014-04-15 10:42 - 00000000 ____D () C:\Users\fam. puups\Downloads\nuevos.abr
2014-04-15 10:48 - 2014-03-18 22:19 - 00001158 _____ () C:\Users\fam. puups\Desktop\Continue Zip Extractor Installation.lnk
2014-04-15 10:47 - 2014-04-15 10:47 - 00000000 ____D () C:\Program Files (x86)\OpenIt
2014-04-15 10:46 - 2014-04-15 10:46 - 00675608 _____ ( ) C:\Users\fam. puups\Downloads\ZipExtractorSetup (2).exe
2014-04-15 10:43 - 2014-04-15 10:43 - 00053347 _____ () C:\Users\fam. puups\Downloads\nuevos.abr.rar
2014-04-15 10:40 - 2014-04-15 10:40 - 00053269 _____ () C:\Users\fam. puups\Downloads\nuevos.abr.zip
2014-04-15 10:39 - 2014-04-15 10:39 - 00675608 _____ ( ) C:\Users\fam. puups\Downloads\ZipExtractorSetup (1).exe
2014-04-14 19:50 - 2012-07-17 12:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-12 13:25 - 2014-04-12 13:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-12 12:57 - 2013-10-11 10:42 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-04-11 09:44 - 2014-04-11 09:44 - 00000000 __SHD () C:\Users\fam. puups\AppData\Local\EmieUserList
2014-04-11 09:44 - 2014-04-11 09:44 - 00000000 __SHD () C:\Users\fam. puups\AppData\Local\EmieSiteList
2014-04-11 08:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-10 21:59 - 2011-07-11 12:27 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-10 21:56 - 2012-10-23 16:38 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-10 21:56 - 2012-10-23 16:38 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-10 21:56 - 2012-10-23 16:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-10 21:56 - 2012-07-21 16:08 - 00000000 ____D () C:\Users\fam. puups\AppData\Local\Adobe
2014-03-31 21:07 - 2014-03-31 21:07 - 00000000 ____D () C:\Users\fam. puups\Downloads\Freebie
2014-03-31 21:06 - 2014-03-31 21:06 - 00000983 _____ () C:\Users\fam. puups\Downloads\Freebie.zip
2014-03-31 21:04 - 2014-03-31 21:03 - 00000000 ____D () C:\Users\fam. puups\Downloads\DarkDramaBW
2014-03-31 20:57 - 2014-03-31 20:57 - 00004132 _____ () C:\Users\fam. puups\Downloads\DarkDramaBW.zip
2014-03-31 09:35 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
Some content of TEMP:
====================
C:\Users\fam. puups\AppData\Local\Temp\1_Offer_7.exe
C:\Users\fam. puups\AppData\Local\Temp\htmlayout.dll
C:\Users\fam. puups\AppData\Local\Temp\ICReinstall_ZipExtractorSetup (1).exe
C:\Users\fam. puups\AppData\Local\Temp\ICReinstall_ZipExtractorSetup.exe
C:\Users\fam. puups\AppData\Local\Temp\Installer.exe
C:\Users\fam. puups\AppData\Local\Temp\install_flashplayer12x32ax_chra_awf_aih.exe
C:\Users\fam. puups\AppData\Local\Temp\instract.exe
C:\Users\fam. puups\AppData\Local\Temp\OfficeSetup.exe
C:\Users\fam. puups\AppData\Local\Temp\SHSetup.exe
C:\Users\fam. puups\AppData\Local\Temp\uninst1.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-21 20:14
==================== End Of Log ============================
--- --- --- Und hier Addition. Das mit der # verstehe ich nicht?FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2014 03
Ran by fam. puups at 2014-04-27 09:31:42
Running from C:\Users\fam. puups\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S4A3YLER
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0609.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
AdblockIE (HKLM-x32\...\{5508128A-2C7B-46B5-81F9-58E8E8115F0B}) (Version: 1.2 - af0.net)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.83 - Adobe Systems Incorporated) Hidden
Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.3 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe Illustrator CS2 (HKLM-x32\...\Adobe Illustrator CS2) (Version: 12.000.000 - Adobe Systems Inc.)
Adobe Illustrator CS2 (x32 Version: 12.000.000 - Adobe Systems Inc.) Hidden
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Photoshop Lightroom 4.4 64-bit (HKLM\...\{11A955CD-4398-405A-886D-E464C3618FBF}) (Version: 4.4.1 - Adobe)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
BrowseMark (HKLM\...\BrowseMark) (Version: 2014.04.14.210033 - BrowseMark) <==== ATTENTION
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1720.15 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.1720.15 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.7713 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Free YouTube to MP3 Converter version 3.12.1.320 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.1.320 - DVDVideoSoft Ltd.)
GC (HKLM-x32\...\GC) (Version: - ) <==== ATTENTION
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3505 - Acer Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Java 7 Update 10 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.100 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 11.6.443 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4605.1003 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.25 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.25 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.15 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.15 - Egis Technology Inc.) Hidden
Nero Control Center 10 (x32 Version: 10.2.11100.1.1 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.18100.8.8 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 10.5.10200 - Nero AG) Hidden
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
NVIDIA Grafiktreiber 280.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 280.19 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.23.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.23.3 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1000.25.170 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.8019 - NVIDIA Corporation)
NVIDIA Systemsteuerung 280.19 (Version: 280.19 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6242 - Realtek Semiconductor Corp.)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 3.2.30 - Saal Digital Fotoservice GmbH)
Saal Design Software (x32 Version: 3.2.30 - Saal Digital Fotoservice GmbH) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Sitecom 300N USB Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0175 - Sitecom Corp.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3502 - Acer Incorporated)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinSchafkopf XP (HKLM-x32\...\{80D1E356-11D4-4C24-8309-9E4D8FA6725B}) (Version: 1.00.0000 - Purple Hills)
WinZip 16.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D3}) (Version: 16.5.10095 - WinZip Computing, S.L. )
==================== Restore Points =========================
15-04-2014 07:54:00 Windows Update
18-04-2014 11:31:27 WinSchafkopf XP wird installiert
19-04-2014 10:19:55 Windows Update
23-04-2014 08:25:51 Windows Update
27-04-2014 06:49:36 Installed AdblockIE
27-04-2014 07:10:43 Adblock Plus for IE
==================== Hosts content: ==========================
2013-08-31 10:55 - 2013-08-31 10:55 - 00000000 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0FE833D6-1CC1-4D33-AD84-2DA4D5B307D0} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
Task: {307ED0DA-CA36-481F-9D72-C5F52AE8B15E} - System32\Tasks\DealPlyUpdate => C:\Program <==== ATTENTION
Task: {5989DA76-5B50-4BE3-972F-E27AE35D360E} - System32\Tasks\Escolade => C:\Users\fam. puups\AppData\Roaming\iPumper\Updater.exe <==== ATTENTION
Task: {5C5FE30A-AAA1-4C2E-AD79-30544C05DA33} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {681BE0B6-AA6B-4E74-9F2F-5FBF6F1AC74F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-10] (Adobe Systems Incorporated)
Task: {710AFE65-BD48-4AC0-969C-FEE600BC2DCF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2190563362-1364298270-2338808092-1000Core => C:\Users\fam. puups\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-23] (Facebook Inc.)
Task: {83D239A3-9A1E-4F7D-8DFF-550A5B497BD1} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-05-20] (CyberLink Corp.)
Task: {9BC7316A-2D06-4259-8E18-F6056B37C91B} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-05-20] (Acer Incorporated)
Task: {9EC6A385-739C-425B-AC9A-4ED672471636} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-05-20] (CyberLink)
Task: {B0BF8AF5-725A-47B1-8FB4-24B931CCC18D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-04-12] (Microsoft Corporation)
Task: {BE6F89B8-DF4D-4368-8CA0-DD308E0EAA3E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2190563362-1364298270-2338808092-1000UA => C:\Users\fam. puups\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-23] (Facebook Inc.)
Task: {DDFB7AB5-E23F-4155-8432-3D9B0004F366} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {F6F79D88-3056-4D32-8A7E-12A658288996} - System32\Tasks\DealPly => C:\Users\FAM~1.PUU\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {FFC8B43A-CA86-42BF-9373-C1EA1C038A57} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-03-30] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2190563362-1364298270-2338808092-1000Core.job => C:\Users\fam. puups\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2190563362-1364298270-2338808092-1000UA.job => C:\Users\fam. puups\AppData\Local\Facebook\Update\FacebookUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-03-21 09:31 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-10-11 10:42 - 2014-03-25 13:21 - 00629928 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2012-10-26 08:49 - 2012-10-26 08:49 - 00202752 _____ () C:\Users\fam. puups\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
2011-08-11 05:58 - 2011-08-11 05:58 - 00627304 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2014-04-14 23:00 - 2014-04-27 07:41 - 00351008 _____ () C:\Program Files (x86)\BrowseMark\updateBrowseMark.exe
2014-04-16 13:08 - 2014-04-27 07:44 - 00351008 _____ () C:\Program Files (x86)\BrowseMark\bin\utilBrowseMark.exe
2012-07-16 18:27 - 2009-12-09 21:20 - 00126976 _____ () C:\Program Files (x86)\SITECOM\300N USB Wireless LAN Utility\EnumDevLib.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\fam. puups\AppData\Roaming\Dropbox\bin\libcef.dll
2011-08-11 05:57 - 2011-08-11 05:57 - 00151656 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2011-05-20 11:13 - 2011-05-20 11:13 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2014-02-16 04:32 - 2014-02-16 04:32 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll
2011-10-10 20:23 - 2010-11-05 23:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2005-04-06 07:52 - 2005-04-06 07:52 - 01327104 _____ () C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Photoshop.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/27/2014 08:36:29 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17041, Zeitstempel: 0x531807e4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0a294600
ID des fehlerhaften Prozesses: 0x3910
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Error: (04/27/2014 07:25:33 AM) (Source: Google Update) (User: buubser-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (04/27/2014 03:41:18 AM) (Source: Google Update) (User: buubser-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (04/27/2014 03:41:09 AM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Error: Failed to make the SOAP Call HResult: 0x800c0005. Exception caught while trying to report the Update Event
Error: (04/27/2014 03:41:08 AM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error: (04/26/2014 04:22:19 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161
Error: (04/25/2014 07:33:28 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161
Error: (04/25/2014 07:25:10 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/23/2014 08:43:34 PM) (Source: Google Update) (User: buubser-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (04/23/2014 01:34:29 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DMREngine.exe, Version: 1.1.0.3904, Zeitstempel: 0x4d709ab4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0150011
Fehleroffset: 0x000846e9
ID des fehlerhaften Prozesses: 0x14f0
Startzeit der fehlerhaften Anwendung: 0xDMREngine.exe0
Pfad der fehlerhaften Anwendung: DMREngine.exe1
Pfad des fehlerhaften Moduls: DMREngine.exe2
Berichtskennung: DMREngine.exe3
System errors:
=============
Error: (04/27/2014 08:39:00 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (04/27/2014 07:49:01 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (04/27/2014 07:49:01 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (04/27/2014 07:27:51 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (04/27/2014 07:27:51 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (04/26/2014 06:50:56 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (04/26/2014 06:50:56 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (04/26/2014 06:30:24 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (04/23/2014 10:54:44 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (04/19/2014 02:31:33 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Microsoft Office Sessions:
=========================
Error: (04/27/2014 08:36:29 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.17041531807e4unknown0.0.0.000000000c00000050a294600391001cf61dc9b91e4d1C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEunknown43013408-cdd6-11e3-8156-c89cdc6c1284
Error: (04/27/2014 07:25:33 AM) (Source: Google Update)(User: buubser-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (04/27/2014 03:41:18 AM) (Source: Google Update)(User: buubser-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (04/27/2014 03:41:09 AM) (Source: CVHSVC)(User: )
Description: Error: Failed to make the SOAP Call HResult: 0x800c0005. Exception caught while trying to report the Update Event
Error: (04/27/2014 03:41:08 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error: (04/26/2014 04:22:19 PM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073415161
Error: (04/25/2014 07:33:28 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073415161
Error: (04/25/2014 07:25:10 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/23/2014 08:43:34 PM) (Source: Google Update)(User: buubser-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (04/23/2014 01:34:29 PM) (Source: Application Error)(User: )
Description: DMREngine.exe1.1.0.39044d709ab4ntdll.dll6.1.7601.18247521ea8e7c0150011000846e914f001cf5ecbd5a181d8C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exeC:\Windows\SysWOW64\ntdll.dll3aefaae3-cadb-11e3-9cd9-c89cdc6c1284
CodeIntegrity Errors:
===================================
Date: 2013-10-28 10:41:48.074
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-28 10:41:48.074
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-28 10:41:48.074
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-27 17:50:46.364
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-27 17:50:46.364
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-27 17:50:46.354
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-31 14:38:41.741
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-31 14:38:41.741
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-31 14:38:41.741
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-31 13:45:09.063
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 75%
Total physical RAM: 4078.01 MB
Available physical RAM: 1012.88 MB
Total Pagefile: 8394.2 MB
Available Pagefile: 2445.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:456.45 GB) (Free:310.43 GB) NTFS
Drive d: (DATA) (Fixed) (Total:456.96 GB) (Free:456.86 GB) NTFS
Drive e: (WinSchafkopf) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS
Drive j: (EOS_DIGITAL) (Removable) (Total:1.91 GB) (Free:1.37 GB) FAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 29C4E45E)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=456 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=457 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
27.04.2014, 21:10
| #4 | ||
| Ruhe in Frieden † 2019 | Unterstrichene Wörter und nervige Werbung überall beim IE Hallo Michaela, Zitat:
Zitat:
Schritt 1 Bitte deinstalliere folgende Programme (falls vorhanden) : BrowseMark GC Java 7 Update 10 Dazu gehe auf: den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen Schritt 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 4 Starte noch einmal FRST.
|
Linear-Darstellung
