| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Keine Downloads Internet möglich, Office 2013 funktioniert nichtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
26.05.2014, 18:13
| #31 |
 |  Keine Downloads Internet möglich, Office 2013 funktioniert nicht Hallo schrauber, die die Ergebnisse: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by Natasa und Armin at 2014-05-26 19:08:54
Running from C:\Users\Natasa und Armin\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader 9.2 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A92000000001}) (Version: 9.2.0 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (HKLM-x32\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
BatteryLifeExtender (HKLM-x32\...\{74A579FB-EB06-497D-B194-01590D6FE51A}) (Version: 1.0.5 - Samsung)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 6.0.2806 - CyberLink Corp.) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1916 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3108a - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.0.3108a - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3213 - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 7.0.3213 - CyberLink Corp.) Hidden
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerDVD 8 (x32 Version: 8.0.2815b - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1812 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.1.1812 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3625 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.3625 - CyberLink Corp.) Hidden
Driver Genius Professional Edition (HKLM-x32\...\Driver Genius Professional Edition_is1) (Version: 11.0 - Driver-Soft Inc.)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{34B76DCB-BF7C-440F-B058-C84172C1E338}) (Version: 4.2.8 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.5 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.3 - Samsung)
ElsterFormular 2008/2009 (HKLM-x32\...\{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}) (Version: 10.2.1.0 - Steuerverwaltung des Bundes und der Länder)
ElsterFormular-Upgrade (HKLM-x32\...\ElsterFormular 11.5.1.4843) (Version: 15.0.13587 - Landesfinanzdirektion Thüringen)
FileOpen Client (x64) (HKLM\...\{ABC082A6-A587-493C-83C1-5F2C60A8BAA8}) (Version: 3.0.47.900 - FileOpen Systems, Inc.)
Flip Words (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110109903}) (Version: - Oberon Media)
Free 3GP Video Converter version 5.0.6.221 (HKLM-x32\...\Free 3GP Video Converter_is1) (Version: 5.0.6.221 - DVDVideoSoft Ltd.)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Game Pack (HKLM-x32\...\{D1F6FBBB-B204-459A-9BF8-D06FFAB96CCC}_is1) (Version: 6.3.1.1 - Oberon Media, Inc.)
Gem Shop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110521483}) (Version: - Oberon Media)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Insaniquarium Deluxe (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110245793}) (Version: - Oberon Media)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2202 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 7 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217005F0}) (Version: 7.0.50 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Mahjong Escape Ancient China (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version: - Oberon Media)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4615.1002 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
PDF reDirect (remove only) (HKLM-x32\...\PDF reDirect) (Version: v2.5.2 - EXP Systems LLC)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
Productivity 3.1 Toolbar (HKLM-x32\...\Productivity_3.1 Toolbar) (Version: 6.8.2.0 - Productivity 3.1)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6003 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.0.2 - Samsung)
Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.8.8855 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110160733}) (Version: - Oberon Media)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.10.0 - Synaptics Incorporated)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8093.805 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
==================== Restore Points =========================
17-05-2014 04:36:27 Windows Update
18-05-2014 05:33:58 Windows Update
19-05-2014 04:23:59 Windows Update
20-05-2014 05:38:23 Windows Update
21-05-2014 04:16:56 Windows Update
22-05-2014 04:34:36 Windows Update
22-05-2014 19:17:44 Removed iTunes
23-05-2014 16:49:14 Windows Update
25-05-2014 09:12:57 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0669378D-94AC-4A47-9B8A-6E47507F3F66} - System32\Tasks\{64319BAB-851D-4AAB-ACC4-E812E3DE8323} => C:\Users\Natasa und Armin\Desktop\adwcleaner_3.210.exe [2014-05-20] ()
Task: {09629CDC-2707-4A14-97D1-D32D5C3564D8} - System32\Tasks\{A64B4597-A3A8-4370-99C4-340D84A5F9D1} => C:\Users\Natasa und Armin\Desktop\adwcleaner_3.210.exe [2014-05-20] ()
Task: {0AB4BD1F-558A-49BA-8452-080C73BA67A2} - System32\Tasks\{6AECF2BA-377E-440A-902E-81708899513C} => C:\Users\Natasa und Armin\Desktop\adwcleaner_3.210.exe [2014-05-20] ()
Task: {0D361E5F-4B07-41F2-B54C-4B77A8BA245B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-04-15] (Microsoft Corporation)
Task: {0D67FB2C-AC4F-4260-9085-C0CCEE9C6DF6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-05-23] (Microsoft Corporation)
Task: {0E770F45-7A8B-4EF9-835C-D58A42D868A8} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
Task: {15C1B4F0-73D1-40C4-A315-5F7532A74279} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01] (Google Inc.)
Task: {1685421F-BE19-48AD-BAEC-14E90FAF39F8} - System32\Tasks\{BCE4E927-7BEA-4B7C-AA7F-971D0225DD3D} => C:\Program Files\Windows Repair\Tweaking.com - Windows Repair\Repair_Windows.exe [2014-04-16] (Tweaking.com)
Task: {274734B8-FE57-40B2-BEEC-5259D7536269} - System32\Tasks\{4B1046B0-DE81-435D-8551-053CB4E64791} => C:\Program Files\Windows Repair\Tweaking.com - Windows Repair\Repair_Windows.exe [2014-04-16] (Tweaking.com)
Task: {27AFDB44-EEC8-42F2-B4A8-326D51F47EB1} - System32\Tasks\{12E715F7-E5F2-4653-A9B4-224E9E1B26E5} => C:\Users\Natasa und Armin\Desktop\adwcleaner_3.210.exe [2014-05-20] ()
Task: {2AEF1649-DC66-45B5-80A5-F3EAE3B4FEED} - System32\Tasks\{F8C4B024-311F-485F-BD32-451FCAB94929} => C:\Program Files\Windows Repair\Tweaking.com - Windows Repair\Repair_Windows.exe [2014-04-16] (Tweaking.com)
Task: {2B4A87DF-A524-4911-8762-45811ABCAF7D} - System32\Tasks\{7FD7DAF0-373E-432D-ACEB-82141534FBD5} => C:\Users\Natasa und Armin\Desktop\adwcleaner_3.210.exe [2014-05-20] ()
Task: {32E9F075-250A-4FCC-8222-57C0293AA532} - System32\Tasks\{712CC67B-5E03-4302-BE12-3BD9212E30F1} => C:\Users\Natasa und Armin\Desktop\adwcleaner_3.210.exe [2014-05-20] ()
Task: {33A1E29B-1A57-4EED-9079-B77A951935A5} - System32\Tasks\{CB31438F-68BD-4CC1-9691-9C158531AF7A} => C:\Users\Natasa und Armin\Desktop\adwcleaner_3.210.exe [2014-05-20] ()
Task: {3F5032B5-1ACA-40ED-8E8C-85E2E91F503E} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2009-12-17] (Samsung Electronics Co., Ltd.)
Task: {44A8A210-B5C1-4B10-8821-0EFFB7ED3FB2} - System32\Tasks\{1FC6F5E2-CB02-4493-B40B-5F392180348C} => C:\Users\Natasa und Armin\Desktop\adwcleaner_3.210.exe [2014-05-20] ()
Task: {452259E0-3563-4448-B8E5-93821FECFE10} - System32\Tasks\DTChk => C:\Users\Public\Util\DTChk.exe [2014-04-23] (Search Results, LLC)
Task: {57C6817E-665B-4E89-8E01-F6EE7247FB02} - System32\Tasks\{0255DF94-D006-44B1-AD3F-0E0EB16A94EE} => C:\Program Files\Windows Repair\Tweaking.com - Windows Repair\Repair_Windows.exe [2014-04-16] (Tweaking.com)
Task: {71BF75CB-A622-4225-B685-B4CDDFB9CB4A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-05-23] (Microsoft Corporation)
Task: {74FC7394-AF00-4927-A35D-0AB7558ED453} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {8C486767-AED4-465E-A7E4-4C5C97BD3CD1} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {8D0BFD9A-4430-4BDC-876A-FD8E19B1BE9C} - System32\Tasks\{088C32C4-4A56-4180-B3FF-DAAADB90666C} => C:\Users\Natasa und Armin\Desktop\adwcleaner_3.210.exe [2014-05-20] ()
Task: {932A1D65-DE29-473F-8498-4431D1EAA72D} - System32\Tasks\{DE1EA9E1-65A2-459A-A99F-8F893C15DC4F} => C:\Users\Natasa und Armin\Desktop\adwcleaner_3.210.exe [2014-05-20] ()
Task: {9C4C3911-9E15-438F-9EC7-93D502D9BDCB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01] (Google Inc.)
Task: {A16FE5B0-0B6A-4D96-9CFE-F132C800A855} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B555A4F3-8D04-4DFE-89BF-9EB7DC71C782} - System32\Tasks\{A76075EB-21C0-4A94-88DE-92EBA756C5F4} => C:\Program Files\Windows Repair\Tweaking.com - Windows Repair\Repair_Windows.exe [2014-04-16] (Tweaking.com)
Task: {C4F7CA60-F41B-4DFA-87D2-BB4E955248C6} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-10-16] (SAMSUNG Electronics co., LTD.)
Task: {D1633233-AD77-479B-BD77-7E40B0A12CF2} - \DTReg No Task File <==== ATTENTION
Task: {D5F3117C-6EA6-45D1-B3CA-6FB138FA81EC} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-10-13] (Samsung Electronics Co., Ltd.)
Task: {DD742FD1-D09A-4E3F-95D9-28D4B15112E0} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2010-05-06] (SAMSUNG Electronics)
Task: {EEA2A079-7FCE-4ABB-BDD3-F8D69CC2F2C0} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-06-01] (Samsung Electronics. Co. Ltd.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2010-06-06 16:20 - 2010-06-06 16:20 - 00065344 _____ () C:\Windows\System32\PDFreDirectMon64.dll
2012-01-29 13:55 - 2005-03-12 02:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2010-06-14 12:58 - 2009-07-07 20:23 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-04-23 12:35 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-09-26 21:32 - 2014-04-15 03:39 - 00630952 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-04-02 20:23 - 2013-04-01 10:25 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2010-06-14 13:02 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-09 19:20 - 2014-04-02 03:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2014-04-09 19:20 - 2014-04-02 03:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-09 19:20 - 2014-04-02 03:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
2014-04-09 19:20 - 2014-04-02 03:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-04-09 19:20 - 2014-04-02 03:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-04-09 19:20 - 2014-04-02 03:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:2430E4FC
AlternateDataStreams: C:\ProgramData\Temp:268F887D
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: TSSTcorp CDDVDW TS-L633J
Description: CD-ROM-Laufwerk
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard-CD-ROM-Laufwerke)
Service: cdrom
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/26/2014 06:56:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ipmGui.exe, Version: 14.0.2.292, Zeitstempel: 0x52a6d152
Name des fehlerhaften Moduls: mfc100u.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2e0e6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001ebd89
ID des fehlerhaften Prozesses: 0xd84
Startzeit der fehlerhaften Anwendung: 0xipmGui.exe0
Pfad der fehlerhaften Anwendung: ipmGui.exe1
Pfad des fehlerhaften Moduls: ipmGui.exe2
Berichtskennung: ipmGui.exe3
Error: (05/26/2014 06:56:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 88084654
Error: (05/26/2014 06:56:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 88084654
Error: (05/26/2014 06:56:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/25/2014 06:28:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4165
Error: (05/25/2014 06:28:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4165
Error: (05/25/2014 06:28:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/25/2014 06:28:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3120
Error: (05/25/2014 06:28:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3120
Error: (05/25/2014 06:28:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (05/25/2014 11:17:01 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update für Microsoft Filter Pack 2.0 (KB2878281) 32-Bit-Edition
Error: (05/25/2014 11:17:01 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Office 2010 (KB2880971) 32-Bit-Edition
Error: (05/25/2014 11:17:01 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4.5 und 4.5.1 unter Windows 7, Vista, Server 2008, Server 2008 R2 x64 (KB2931368)
Error: (05/23/2014 06:51:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update für Microsoft Filter Pack 2.0 (KB2878281) 32-Bit-Edition
Error: (05/23/2014 06:50:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Office 2010 (KB2880971) 32-Bit-Edition
Error: (05/23/2014 06:50:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4.5 und 4.5.1 unter Windows 7, Vista, Server 2008, Server 2008 R2 x64 (KB2931368)
Error: (05/22/2014 09:14:40 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (05/22/2014 08:35:01 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {4991D34B-80A1-4291-83B6-3328366B9097}
Error: (05/22/2014 08:32:58 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (05/22/2014 08:31:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (05/26/2014 06:56:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ipmGui.exe14.0.2.29252a6d152mfc100u.dll10.0.40219.3254df2e0e6c0000005001ebd89d8401cf790378ceb858C:\program files (x86)\avira\antivir desktop\ipmGui.exeC:\Windows\system32\mfc100u.dllb9a0937c-e4f6-11e3-af69-002454e7e3c7
Error: (05/26/2014 06:56:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 88084654
Error: (05/26/2014 06:56:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 88084654
Error: (05/26/2014 06:56:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/25/2014 06:28:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4165
Error: (05/25/2014 06:28:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4165
Error: (05/25/2014 06:28:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/25/2014 06:28:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3120
Error: (05/25/2014 06:28:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3120
Error: (05/25/2014 06:28:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
==================== Memory info ===========================
Percentage of memory in use: 59%
Total physical RAM: 3032.61 MB
Available physical RAM: 1241.8 MB
Total Pagefile: 6063.4 MB
Available Pagefile: 3732.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:106.39 GB) (Free:18.71 GB) NTFS
Drive d: () (Fixed) (Total:106.39 GB) (Free:106.22 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 233 GB) (Disk ID: EA9CBF94)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=106 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=106 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Natasa und Armin (administrator on 26-05-2014) 19:07:39
Running from C:\Users\Natasa und Armin\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
(FileOpen Systems Inc.) C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9644576 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2074408 2010-02-26] (Synaptics Incorporated)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDRShortCut] => C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl8] => C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD8LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-07-21] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [935288 2009-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-868785299-726797094-2297327714-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3883840 2009-07-26] (Microsoft Corporation)
HKU\S-1-5-21-868785299-726797094-2297327714-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-06-14] (Google Inc.)
HKU\S-1-5-21-868785299-726797094-2297327714-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-868785299-726797094-2297327714-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-868785299-726797094-2297327714-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3883840 2009-07-26] (Microsoft Corporation)
HKU\S-1-5-21-868785299-726797094-2297327714-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-06-14] (Google Inc.)
HKU\S-1-5-21-868785299-726797094-2297327714-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-868785299-726797094-2297327714-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
URLSearchHook: HKLM-x32 - (No Name) - {9427041a-a8dc-4d06-9a68-93873486e957} - No File
URLSearchHook: HKCU - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\9.1\pdfforgeToolbarIE64.dll No File
URLSearchHook: HKCU - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
URLSearchHook: HKCU - (No Name) - {9427041a-a8dc-4d06-9a68-93873486e957} - No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM-x32 - {777A245C-D638-4D06-98C2-D124300EBEFC} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0EF84A43-2013-493D-BBBF-9276B06E1C8C} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
SearchScopes: HKCU - {0EF84A43-2013-493D-BBBF-9276B06E1C8C} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
SearchScopes: HKCU - {777A245C-D638-4D06-98C2-D124300EBEFC} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_de___DE425
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKCU - {BFE4BC16-D4E3-4556-890A-E03DD7EB0E7C} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {C3777C87-018C-470A-BAA4-84AD3FCAA7E7} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport_x64.dll (APN LLC.)
BHO-x32: No Name - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No File
BHO-x32: No Name - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - No File
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO-x32: No Name - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No File
BHO-x32: No Name - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No File
BHO-x32: No Name - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No File
BHO-x32: No Name - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - No File
BHO-x32: No Name - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - No File
BHO-x32: No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
BHO-x32: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - No File
Toolbar: HKLM - No Name - !{B922D405-6D13-4A2B-AE89-08A030DA4402} - No File
Toolbar: HKLM - No Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKLM-x32 - No Name - {9427041a-a8dc-4d06-9a68-93873486e957} - No File
Toolbar: HKLM-x32 - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKLM-x32 - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKLM-x32 - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - No File
Toolbar: HKLM-x32 - No Name - !{B922D405-6D13-4A2B-AE89-08A030DA4402} - No File
Toolbar: HKLM-x32 - No Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport_x64.dll (APN LLC.)
Toolbar: HKCU - No Name - {9427041A-A8DC-4D06-9A68-93873486E957} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - No File
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - No File
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - No File
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - No File
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - No File
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - No File
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - No File
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - No File
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - No File
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - No File
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF HKCU\...\Firefox\Extensions: [{58bd07eb-0ee0-4df0-8121-dc9b693373df}] - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension
FF HKCU\...\Firefox\Extensions: [SpecialSavings@SpecialSavings.com] - C:\Users\Natasa und Armin\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com
FF Extension: SpecialSavings - C:\Users\Natasa und Armin\AppData\Roaming\Mozilla\Extensions\SpecialSavings@SpecialSavings.com [2013-03-05]
Chrome:
=======
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Extension: (Allin1Convert) - C:\Users\Natasa und Armin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcncagkkhfoombgbihckkccmkjemhohl [2014-04-23]
CHR Extension: (Google Wallet) - C:\Users\Natasa und Armin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR HKLM-x32\...\Chrome\Extension: [bfcpnihmbfoaeoakalclfalkdepgiaje] - C:\Users\Natasa und Armin\AppData\Roaming\SpecialSavings\SpecialSavings.crx [2013-08-28]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-04-11] (APN LLC.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2266296 2014-05-16] (Microsoft Corporation)
R2 FileOpenManagerSvc; C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe [331648 2011-03-09] (FileOpen Systems Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-29] (Avira Operations GmbH & Co. KG)
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-11-03] (Windows (R) 2003 DDK 3790 provider)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S1 hfucpqnp; \??\C:\Windows\system32\drivers\hfucpqnp.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-25 11:23 - 2014-05-25 11:46 - 00000000 ____D () C:\AdwCleaner
2014-05-22 21:44 - 2014-05-22 21:44 - 00002998 _____ () C:\Windows\System32\Tasks\{7FD7DAF0-373E-432D-ACEB-82141534FBD5}
2014-05-22 21:42 - 2014-05-22 21:42 - 00002998 _____ () C:\Windows\System32\Tasks\{6AECF2BA-377E-440A-902E-81708899513C}
2014-05-22 21:40 - 2014-05-22 21:40 - 00002998 _____ () C:\Windows\System32\Tasks\{64319BAB-851D-4AAB-ACC4-E812E3DE8323}
2014-05-22 21:33 - 2014-05-22 21:33 - 00002998 _____ () C:\Windows\System32\Tasks\{088C32C4-4A56-4180-B3FF-DAAADB90666C}
2014-05-22 21:32 - 2014-05-22 21:32 - 00002998 _____ () C:\Windows\System32\Tasks\{12E715F7-E5F2-4653-A9B4-224E9E1B26E5}
2014-05-22 21:30 - 2014-05-22 21:30 - 00002998 _____ () C:\Windows\System32\Tasks\{DE1EA9E1-65A2-459A-A99F-8F893C15DC4F}
2014-05-22 21:30 - 2014-05-22 21:30 - 00002998 _____ () C:\Windows\System32\Tasks\{1FC6F5E2-CB02-4493-B40B-5F392180348C}
2014-05-22 21:05 - 2014-05-22 21:05 - 00002998 _____ () C:\Windows\System32\Tasks\{A64B4597-A3A8-4370-99C4-340D84A5F9D1}
2014-05-22 21:02 - 2014-05-22 21:02 - 00002998 _____ () C:\Windows\System32\Tasks\{712CC67B-5E03-4302-BE12-3BD9212E30F1}
2014-05-22 20:57 - 2014-05-22 20:57 - 00002998 _____ () C:\Windows\System32\Tasks\{CB31438F-68BD-4CC1-9691-9C158531AF7A}
2014-05-22 20:29 - 2014-05-22 20:29 - 00000000 _____ () C:\Windows\SysWOW64\sho85F.tmp
2014-05-20 21:18 - 2014-05-20 21:17 - 01326389 _____ () C:\Users\Natasa und Armin\Desktop\adwcleaner_3.210.exe
2014-05-20 21:17 - 2014-05-20 21:16 - 00448512 _____ (OldTimer Tools) C:\Users\Natasa und Armin\Desktop\TFC.exe
2014-05-17 06:42 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-17 06:42 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-17 06:42 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-17 06:42 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-17 06:42 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-17 06:42 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 22:02 - 2014-05-16 22:02 - 00003050 _____ () C:\Windows\System32\Tasks\{4B1046B0-DE81-435D-8551-053CB4E64791}
2014-05-16 21:58 - 2014-05-16 21:58 - 00003050 _____ () C:\Windows\System32\Tasks\{F8C4B024-311F-485F-BD32-451FCAB94929}
2014-05-16 21:58 - 2014-05-16 21:58 - 00003050 _____ () C:\Windows\System32\Tasks\{BCE4E927-7BEA-4B7C-AA7F-971D0225DD3D}
2014-05-16 21:58 - 2014-05-16 21:58 - 00003050 _____ () C:\Windows\System32\Tasks\{A76075EB-21C0-4A94-88DE-92EBA756C5F4}
2014-05-16 21:58 - 2014-05-16 21:58 - 00003050 _____ () C:\Windows\System32\Tasks\{0255DF94-D006-44B1-AD3F-0E0EB16A94EE}
2014-05-16 09:44 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-16 09:44 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-16 09:43 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-16 09:43 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-16 09:43 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-16 09:43 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-16 09:43 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-16 09:43 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-16 09:43 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-16 09:43 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-16 09:43 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-16 09:43 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-16 09:43 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-16 09:43 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-16 09:43 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-16 09:43 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-16 09:43 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-16 09:43 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-16 09:43 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-16 09:43 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-16 09:43 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-16 09:43 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-16 09:43 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-16 09:43 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-16 09:43 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-16 09:43 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-16 09:43 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-16 09:43 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-16 09:43 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-16 09:43 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-16 09:43 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-16 09:43 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-16 09:43 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-16 09:43 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-16 09:43 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-16 09:43 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-16 09:43 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-16 09:43 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-16 09:43 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-16 09:43 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-16 09:43 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-16 09:43 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-16 09:43 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-16 09:43 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-16 09:43 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 20:45 - 2014-05-14 20:47 - 00000000 ____D () C:\Program Files\Windows Repair
2014-05-14 20:45 - 2014-05-14 20:45 - 00000000 ____D () C:\Program Files\Neuer Ordner
2014-05-11 23:38 - 2014-05-11 23:38 - 00855379 _____ () C:\Users\Natasa und Armin\Desktop\SecurityCheck.exe
2014-05-10 21:59 - 2014-05-10 21:59 - 00006844 _____ () C:\Users\Natasa und Armin\Desktop\JRT.txt
2014-05-10 21:46 - 2014-05-10 21:46 - 00000000 ____D () C:\Windows\ERUNT
2014-05-10 21:40 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-10 20:26 - 2014-05-25 11:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-10 20:26 - 2014-05-23 23:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-05-10 20:26 - 2014-05-10 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-10 20:26 - 2014-05-10 20:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-10 20:26 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-10 20:26 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-10 20:26 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-10 10:28 - 2014-05-10 10:28 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Natasa und Armin\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-09 21:53 - 2014-05-26 19:07 - 00000000 ____D () C:\Users\Natasa und Armin\Desktop\FRST-OlderVersion
2014-05-09 20:41 - 2014-05-09 21:48 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-09 20:36 - 2014-05-08 17:51 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Natasa und Armin\Desktop\revosetup95.exe
2014-05-07 19:46 - 2014-05-23 23:35 - 00034644 _____ () C:\Users\Natasa und Armin\Desktop\Addition.txt
2014-05-07 19:44 - 2014-05-26 19:08 - 00019666 _____ () C:\Users\Natasa und Armin\Desktop\FRST.txt
2014-05-07 19:44 - 2014-05-26 19:07 - 00000000 ____D () C:\FRST
2014-05-07 19:42 - 2014-05-26 19:07 - 02066944 _____ (Farbar) C:\Users\Natasa und Armin\Desktop\FRST64.exe
2014-05-01 16:50 - 2014-05-17 07:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
==================== One Month Modified Files and Folders =======
2014-05-26 19:08 - 2014-05-07 19:44 - 00019666 _____ () C:\Users\Natasa und Armin\Desktop\FRST.txt
2014-05-26 19:07 - 2014-05-09 21:53 - 00000000 ____D () C:\Users\Natasa und Armin\Desktop\FRST-OlderVersion
2014-05-26 19:07 - 2014-05-07 19:44 - 00000000 ____D () C:\FRST
2014-05-26 19:07 - 2014-05-07 19:42 - 02066944 _____ (Farbar) C:\Users\Natasa und Armin\Desktop\FRST64.exe
2014-05-26 19:07 - 2010-06-14 12:51 - 01387655 _____ () C:\Windows\WindowsUpdate.log
2014-05-26 19:04 - 2012-04-08 11:16 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-26 18:57 - 2011-04-01 21:53 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-26 18:56 - 2011-04-01 21:53 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-25 11:46 - 2014-05-25 11:23 - 00000000 ____D () C:\AdwCleaner
2014-05-25 11:22 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-25 11:22 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-25 11:13 - 2014-05-10 20:26 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-23 23:35 - 2014-05-07 19:46 - 00034644 _____ () C:\Users\Natasa und Armin\Desktop\Addition.txt
2014-05-23 23:10 - 2014-05-10 20:26 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-05-23 22:51 - 2013-09-26 21:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-05-23 22:51 - 2013-09-26 21:32 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-05-22 21:44 - 2014-05-22 21:44 - 00002998 _____ () C:\Windows\System32\Tasks\{7FD7DAF0-373E-432D-ACEB-82141534FBD5}
2014-05-22 21:42 - 2014-05-22 21:42 - 00002998 _____ () C:\Windows\System32\Tasks\{6AECF2BA-377E-440A-902E-81708899513C}
2014-05-22 21:40 - 2014-05-22 21:40 - 00002998 _____ () C:\Windows\System32\Tasks\{64319BAB-851D-4AAB-ACC4-E812E3DE8323}
2014-05-22 21:33 - 2014-05-22 21:33 - 00002998 _____ () C:\Windows\System32\Tasks\{088C32C4-4A56-4180-B3FF-DAAADB90666C}
2014-05-22 21:32 - 2014-05-22 21:32 - 00002998 _____ () C:\Windows\System32\Tasks\{12E715F7-E5F2-4653-A9B4-224E9E1B26E5}
2014-05-22 21:30 - 2014-05-22 21:30 - 00002998 _____ () C:\Windows\System32\Tasks\{DE1EA9E1-65A2-459A-A99F-8F893C15DC4F}
2014-05-22 21:30 - 2014-05-22 21:30 - 00002998 _____ () C:\Windows\System32\Tasks\{1FC6F5E2-CB02-4493-B40B-5F392180348C}
2014-05-22 21:13 - 2011-04-01 18:26 - 00000000 ____D () C:\Users\Natasa und Armin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-05-22 21:13 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-22 21:13 - 2009-07-14 06:51 - 00094902 _____ () C:\Windows\setupact.log
2014-05-22 21:05 - 2014-05-22 21:05 - 00002998 _____ () C:\Windows\System32\Tasks\{A64B4597-A3A8-4370-99C4-340D84A5F9D1}
2014-05-22 21:02 - 2014-05-22 21:02 - 00002998 _____ () C:\Windows\System32\Tasks\{712CC67B-5E03-4302-BE12-3BD9212E30F1}
2014-05-22 20:57 - 2014-05-22 20:57 - 00002998 _____ () C:\Windows\System32\Tasks\{CB31438F-68BD-4CC1-9691-9C158531AF7A}
2014-05-22 20:30 - 2010-06-14 13:34 - 01154366 _____ () C:\Windows\PFRO.log
2014-05-22 20:29 - 2014-05-22 20:29 - 00000000 _____ () C:\Windows\SysWOW64\sho85F.tmp
2014-05-21 20:31 - 2010-06-15 05:23 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-05-21 20:31 - 2010-06-15 05:23 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-05-21 20:31 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-21 06:51 - 2011-04-01 18:32 - 00000000 ____D () C:\ProgramData\OberonGameConsole
2014-05-20 21:17 - 2014-05-20 21:18 - 01326389 _____ () C:\Users\Natasa und Armin\Desktop\adwcleaner_3.210.exe
2014-05-20 21:16 - 2014-05-20 21:17 - 00448512 _____ (OldTimer Tools) C:\Users\Natasa und Armin\Desktop\TFC.exe
2014-05-17 08:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-17 07:05 - 2013-08-14 20:43 - 00000306 __RSH () C:\Users\Natasa und Armin\ntuser.pol
2014-05-17 07:05 - 2011-04-01 18:38 - 00000000 ___RD () C:\Users\Natasa und Armin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-17 07:05 - 2011-04-01 18:38 - 00000000 ___RD () C:\Users\Natasa und Armin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 07:05 - 2011-04-01 18:26 - 00000000 ____D () C:\Users\Natasa und Armin
2014-05-17 07:00 - 2014-05-01 16:50 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-17 06:41 - 2013-08-19 08:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-17 06:39 - 2011-04-06 21:40 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-16 22:02 - 2014-05-16 22:02 - 00003050 _____ () C:\Windows\System32\Tasks\{4B1046B0-DE81-435D-8551-053CB4E64791}
2014-05-16 21:58 - 2014-05-16 21:58 - 00003050 _____ () C:\Windows\System32\Tasks\{F8C4B024-311F-485F-BD32-451FCAB94929}
2014-05-16 21:58 - 2014-05-16 21:58 - 00003050 _____ () C:\Windows\System32\Tasks\{BCE4E927-7BEA-4B7C-AA7F-971D0225DD3D}
2014-05-16 21:58 - 2014-05-16 21:58 - 00003050 _____ () C:\Windows\System32\Tasks\{A76075EB-21C0-4A94-88DE-92EBA756C5F4}
2014-05-16 21:58 - 2014-05-16 21:58 - 00003050 _____ () C:\Windows\System32\Tasks\{0255DF94-D006-44B1-AD3F-0E0EB16A94EE}
2014-05-14 20:47 - 2014-05-14 20:45 - 00000000 ____D () C:\Program Files\Windows Repair
2014-05-14 20:45 - 2014-05-14 20:45 - 00000000 ____D () C:\Program Files\Neuer Ordner
2014-05-14 20:43 - 2012-04-08 11:16 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 20:43 - 2012-02-22 21:40 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-11 23:38 - 2014-05-11 23:38 - 00855379 _____ () C:\Users\Natasa und Armin\Desktop\SecurityCheck.exe
2014-05-10 21:59 - 2014-05-10 21:59 - 00006844 _____ () C:\Users\Natasa und Armin\Desktop\JRT.txt
2014-05-10 21:46 - 2014-05-10 21:46 - 00000000 ____D () C:\Windows\ERUNT
2014-05-10 21:07 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Performance
2014-05-10 20:26 - 2014-05-10 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-10 20:26 - 2014-05-10 20:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-10 10:28 - 2014-05-10 10:28 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Natasa und Armin\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-09 21:48 - 2014-05-09 20:41 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-09 21:24 - 2011-09-27 20:23 - 00001692 _____ () C:\prefs.js
2014-05-09 08:14 - 2014-05-16 09:44 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-16 09:44 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 17:51 - 2014-05-09 20:36 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Natasa und Armin\Desktop\revosetup95.exe
2014-05-06 06:40 - 2014-05-17 06:42 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-17 06:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-17 06:42 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-17 06:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-17 06:42 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-17 06:42 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-03 21:52 - 2011-12-14 22:05 - 00000000 ____D () C:\Users\Natasa und Armin\Tracing
2014-05-03 08:18 - 2009-07-14 06:45 - 00445752 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-01 20:30 - 2010-06-14 13:03 - 00000000 ____D () C:\ProgramData\WinClon
2014-05-01 20:30 - 2010-06-14 12:47 - 00000000 ____D () C:\Windows\SysWOW64\x64
2014-05-01 20:30 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-01 20:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\schemas
2014-05-01 20:29 - 2010-06-15 05:08 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-01 20:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-05-01 20:28 - 2011-04-01 22:26 - 00000000 ____D () C:\Users\Natasa und Armin\AppData\Roaming\SoftGrid Client
2014-05-01 20:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-29 20:59 - 2012-04-08 11:16 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-26 23:20 - 2014-03-30 20:32 - 00000000 ____D () C:\Users\Natasa und Armin\Documents\Kabel Deutschland
Files to move or delete:
====================
C:\Users\Natasa und Armin\chromeinstall-7u5.exe
Some content of TEMP:
====================
C:\Users\Natasa und Armin\AppData\Local\Temp\avgnt.exe
C:\Users\Natasa und Armin\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Natasa und Armin\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-19 06:45
==================== End Of Log ============================
|
|
27.05.2014, 12:48
| #32 |
| /// the machine /// TB-Ausbilder    | Keine Downloads Internet möglich, Office 2013 funktioniert nicht Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.
__________________Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Task: {D1633233-AD77-479B-BD77-7E40B0A12CF2} - \DTReg No Task File <==== ATTENTION
URLSearchHook: HKLM-x32 - (No Name) - {9427041a-a8dc-4d06-9a68-93873486e957} - No File
URLSearchHook: HKCU - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
URLSearchHook: HKCU - (No Name) - {9427041a-a8dc-4d06-9a68-93873486e957} - No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM-x32 - {777A245C-D638-4D06-98C2-D124300EBEFC} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKCU - {BFE4BC16-D4E3-4556-890A-E03DD7EB0E7C} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {C3777C87-018C-470A-BAA4-84AD3FCAA7E7} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
BHO: Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport_x64.dll (APN LLC.)
BHO-x32: No Name - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No File
BHO-x32: No Name - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - No File
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO-x32: No Name - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No File
BHO-x32: No Name - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No File
BHO-x32: No Name - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No File
BHO-x32: No Name - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - No File
BHO-x32: No Name - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - No File
BHO-x32: No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
BHO-x32: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - No File
Toolbar: HKLM - No Name - !{B922D405-6D13-4A2B-AE89-08A030DA4402} - No File
Toolbar: HKLM - No Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKLM-x32 - No Name - {9427041a-a8dc-4d06-9a68-93873486e957} - No File
Toolbar: HKLM-x32 - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKLM-x32 - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKLM-x32 - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - No File
Toolbar: HKLM-x32 - No Name - !{B922D405-6D13-4A2B-AE89-08A030DA4402} - No File
Toolbar: HKLM-x32 - No Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport_x64.dll (APN LLC.)
Toolbar: HKCU - No Name - {9427041A-A8DC-4D06-9A68-93873486E957} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - No File
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - No File
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - No File
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - No File
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - No File
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - No File
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - No File
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - No File
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - No File
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - No File
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No File
2014-05-22 21:44 - 2014-05-22 21:44 - 00002998 _____ () C:\Windows\System32\Tasks\{7FD7DAF0-373E-432D-ACEB-82141534FBD5}
2014-05-22 21:42 - 2014-05-22 21:42 - 00002998 _____ () C:\Windows\System32\Tasks\{6AECF2BA-377E-440A-902E-81708899513C}
2014-05-22 21:40 - 2014-05-22 21:40 - 00002998 _____ () C:\Windows\System32\Tasks\{64319BAB-851D-4AAB-ACC4-E812E3DE8323}
2014-05-22 21:33 - 2014-05-22 21:33 - 00002998 _____ () C:\Windows\System32\Tasks\{088C32C4-4A56-4180-B3FF-DAAADB90666C}
2014-05-22 21:32 - 2014-05-22 21:32 - 00002998 _____ () C:\Windows\System32\Tasks\{12E715F7-E5F2-4653-A9B4-224E9E1B26E5}
2014-05-22 21:30 - 2014-05-22 21:30 - 00002998 _____ () C:\Windows\System32\Tasks\{DE1EA9E1-65A2-459A-A99F-8F893C15DC4F}
2014-05-22 21:30 - 2014-05-22 21:30 - 00002998 _____ () C:\Windows\System32\Tasks\{1FC6F5E2-CB02-4493-B40B-5F392180348C}
2014-05-22 21:05 - 2014-05-22 21:05 - 00002998 _____ () C:\Windows\System32\Tasks\{A64B4597-A3A8-4370-99C4-340D84A5F9D1}
2014-05-22 21:02 - 2014-05-22 21:02 - 00002998 _____ () C:\Windows\System32\Tasks\{712CC67B-5E03-4302-BE12-3BD9212E30F1}
2014-05-22 20:57 - 2014-05-22 20:57 - 00002998 _____ () C:\Windows\System32\Tasks\{CB31438F-68BD-4CC1-9691-9C158531AF7A}
2014-05-22 20:29 - 2014-05-22 20:29 - 00000000 _____ () C:\Windows\SysWOW64\sho85F.tmp
2014-05-16 22:02 - 2014-05-16 22:02 - 00003050 _____ () C:\Windows\System32\Tasks\{4B1046B0-DE81-435D-8551-053CB4E64791}
2014-05-16 21:58 - 2014-05-16 21:58 - 00003050 _____ () C:\Windows\System32\Tasks\{F8C4B024-311F-485F-BD32-451FCAB94929}
2014-05-16 21:58 - 2014-05-16 21:58 - 00003050 _____ () C:\Windows\System32\Tasks\{BCE4E927-7BEA-4B7C-AA7F-971D0225DD3D}
2014-05-16 21:58 - 2014-05-16 21:58 - 00003050 _____ () C:\Windows\System32\Tasks\{A76075EB-21C0-4A94-88DE-92EBA756C5F4}
2014-05-16 21:58 - 2014-05-16 21:58 - 00003050 _____ () C:\Windows\System32\Tasks\{0255DF94-D006-44B1-AD3F-0E0EB16A94EE}
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ |
|
27.05.2014, 19:50
| #33 |
| | Keine Downloads Internet möglich, Office 2013 funktioniert nicht Hallo schrauber, hier die Ergebnisse:
__________________Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-05-2014 02
Ran by Natasa und Armin at 2014-05-27 20:49:23 Run:2
Running from C:\Users\Natasa und Armin\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Task: {D1633233-AD77-479B-BD77-7E40B0A12CF2} - \DTReg No Task File <==== ATTENTION
URLSearchHook: HKLM-x32 - (No Name) - {9427041a-a8dc-4d06-9a68-93873486e957} - No File
URLSearchHook: HKCU - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
URLSearchHook: HKCU - (No Name) - {9427041a-a8dc-4d06-9a68-93873486e957} - No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM-x32 - {777A245C-D638-4D06-98C2-D124300EBEFC} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKCU - {BFE4BC16-D4E3-4556-890A-E03DD7EB0E7C} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {C3777C87-018C-470A-BAA4-84AD3FCAA7E7} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
BHO: Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport_x64.dll (APN LLC.)
BHO-x32: No Name - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No File
BHO-x32: No Name - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - No File
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO-x32: No Name - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No File
BHO-x32: No Name - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No File
BHO-x32: No Name - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No File
BHO-x32: No Name - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - No File
BHO-x32: No Name - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - No File
BHO-x32: No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
BHO-x32: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - No File
Toolbar: HKLM - No Name - !{B922D405-6D13-4A2B-AE89-08A030DA4402} - No File
Toolbar: HKLM - No Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKLM-x32 - No Name - {9427041a-a8dc-4d06-9a68-93873486e957} - No File
Toolbar: HKLM-x32 - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKLM-x32 - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKLM-x32 - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - No File
Toolbar: HKLM-x32 - No Name - !{B922D405-6D13-4A2B-AE89-08A030DA4402} - No File
Toolbar: HKLM-x32 - No Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport_x64.dll (APN LLC.)
Toolbar: HKCU - No Name - {9427041A-A8DC-4D06-9A68-93873486E957} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - No File
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - No File
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - No File
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - No File
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - No File
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - No File
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - No File
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - No File
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - No File
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - No File
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No File
2014-05-22 21:44 - 2014-05-22 21:44 - 00002998 _____ () C:\Windows\System32\Tasks\{7FD7DAF0-373E-432D-ACEB-82141534FBD5}
2014-05-22 21:42 - 2014-05-22 21:42 - 00002998 _____ () C:\Windows\System32\Tasks\{6AECF2BA-377E-440A-902E-81708899513C}
2014-05-22 21:40 - 2014-05-22 21:40 - 00002998 _____ () C:\Windows\System32\Tasks\{64319BAB-851D-4AAB-ACC4-E812E3DE8323}
2014-05-22 21:33 - 2014-05-22 21:33 - 00002998 _____ () C:\Windows\System32\Tasks\{088C32C4-4A56-4180-B3FF-DAAADB90666C}
2014-05-22 21:32 - 2014-05-22 21:32 - 00002998 _____ () C:\Windows\System32\Tasks\{12E715F7-E5F2-4653-A9B4-224E9E1B26E5}
2014-05-22 21:30 - 2014-05-22 21:30 - 00002998 _____ () C:\Windows\System32\Tasks\{DE1EA9E1-65A2-459A-A99F-8F893C15DC4F}
2014-05-22 21:30 - 2014-05-22 21:30 - 00002998 _____ () C:\Windows\System32\Tasks\{1FC6F5E2-CB02-4493-B40B-5F392180348C}
2014-05-22 21:05 - 2014-05-22 21:05 - 00002998 _____ () C:\Windows\System32\Tasks\{A64B4597-A3A8-4370-99C4-340D84A5F9D1}
2014-05-22 21:02 - 2014-05-22 21:02 - 00002998 _____ () C:\Windows\System32\Tasks\{712CC67B-5E03-4302-BE12-3BD9212E30F1}
2014-05-22 20:57 - 2014-05-22 20:57 - 00002998 _____ () C:\Windows\System32\Tasks\{CB31438F-68BD-4CC1-9691-9C158531AF7A}
2014-05-22 20:29 - 2014-05-22 20:29 - 00000000 _____ () C:\Windows\SysWOW64\sho85F.tmp
2014-05-16 22:02 - 2014-05-16 22:02 - 00003050 _____ () C:\Windows\System32\Tasks\{4B1046B0-DE81-435D-8551-053CB4E64791}
2014-05-16 21:58 - 2014-05-16 21:58 - 00003050 _____ () C:\Windows\System32\Tasks\{F8C4B024-311F-485F-BD32-451FCAB94929}
2014-05-16 21:58 - 2014-05-16 21:58 - 00003050 _____ () C:\Windows\System32\Tasks\{BCE4E927-7BEA-4B7C-AA7F-971D0225DD3D}
2014-05-16 21:58 - 2014-05-16 21:58 - 00003050 _____ () C:\Windows\System32\Tasks\{A76075EB-21C0-4A94-88DE-92EBA756C5F4}
2014-05-16 21:58 - 2014-05-16 21:58 - 00003050 _____ () C:\Windows\System32\Tasks\{0255DF94-D006-44B1-AD3F-0E0EB16A94EE}
*****************
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D1633233-AD77-479B-BD77-7E40B0A12CF2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1633233-AD77-479B-BD77-7E40B0A12CF2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DTReg => Key deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{9427041a-a8dc-4d06-9a68-93873486e957} => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{9427041a-a8dc-4d06-9a68-93873486e957} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{777A245C-D638-4D06-98C2-D124300EBEFC} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{777A245C-D638-4D06-98C2-D124300EBEFC} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFE4BC16-D4E3-4556-890A-E03DD7EB0E7C} => Key deleted successfully.
HKCR\CLSID\{BFE4BC16-D4E3-4556-890A-E03DD7EB0E7C} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C3777C87-018C-470A-BAA4-84AD3FCAA7E7} => Key deleted successfully.
HKCR\CLSID\{C3777C87-018C-470A-BAA4-84AD3FCAA7E7} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{5018CFD2-804D-4C99-9F81-25EAEA2769DE} => Value deleted successfully.
HKCR\CLSID\!{5018CFD2-804D-4C99-9F81-25EAEA2769DE} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{B922D405-6D13-4A2B-AE89-08A030DA4402} => Value deleted successfully.
HKCR\CLSID\!{B922D405-6D13-4A2B-AE89-08A030DA4402} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\!{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{9427041a-a8dc-4d06-9a68-93873486e957} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{9427041a-a8dc-4d06-9a68-93873486e957} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{5018CFD2-804D-4C99-9F81-25EAEA2769DE} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{5018CFD2-804D-4C99-9F81-25EAEA2769DE} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{B922D405-6D13-4A2B-AE89-08A030DA4402} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{B922D405-6D13-4A2B-AE89-08A030DA4402} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\!{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{9427041A-A8DC-4D06-9A68-93873486E957} => Value deleted successfully.
HKCR\CLSID\{9427041A-A8DC-4D06-9A68-93873486E957} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} => Value deleted successfully.
HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000} => Key deleted successfully.
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\about => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B} => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\cdl => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{3dd53d40-7b8b-11D0-b013-00aa0059ce02} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\dvd => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{12D51199-0DB5-46FE-A120-47A3D7D937CC} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\file => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{79eac9e7-baf9-11ce-8c82-00aa004ba90b} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\ftp => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{79eac9e3-baf9-11ce-8c82-00aa004ba90b} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\http => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{79eac9e2-baf9-11ce-8c82-00aa004ba90b} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\https => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{79eac9e5-baf9-11ce-8c82-00aa004ba90b} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\its => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9D148291-B9C8-11D0-A4CC-0000F80149F6} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\javascript => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\local => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{79eac9e7-baf9-11ce-8c82-00aa004ba90b} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\mailto => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\mhtml => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{05300401-BCBC-11d0-85E3-00C04FD85AB4} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\mk => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{79eac9e6-baf9-11ce-8c82-00aa004ba90b} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\ms-its => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9D148291-B9C8-11D0-A4CC-0000F80149F6} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\res => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\skype-ie-addon-data => Key not found.
HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\tv => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\vbscript => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Filter\application/octet-stream => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Filter\application/x-complus => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Filter\application/x-msdownload => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{1E66F26B-79EE-11D2-8710-00C04F79ED0D} => Key not found.
C:\Windows\System32\Tasks\{7FD7DAF0-373E-432D-ACEB-82141534FBD5} => Moved successfully.
C:\Windows\System32\Tasks\{6AECF2BA-377E-440A-902E-81708899513C} => Moved successfully.
C:\Windows\System32\Tasks\{64319BAB-851D-4AAB-ACC4-E812E3DE8323} => Moved successfully.
C:\Windows\System32\Tasks\{088C32C4-4A56-4180-B3FF-DAAADB90666C} => Moved successfully.
C:\Windows\System32\Tasks\{12E715F7-E5F2-4653-A9B4-224E9E1B26E5} => Moved successfully.
C:\Windows\System32\Tasks\{DE1EA9E1-65A2-459A-A99F-8F893C15DC4F} => Moved successfully.
C:\Windows\System32\Tasks\{1FC6F5E2-CB02-4493-B40B-5F392180348C} => Moved successfully.
C:\Windows\System32\Tasks\{A64B4597-A3A8-4370-99C4-340D84A5F9D1} => Moved successfully.
C:\Windows\System32\Tasks\{712CC67B-5E03-4302-BE12-3BD9212E30F1} => Moved successfully.
C:\Windows\System32\Tasks\{CB31438F-68BD-4CC1-9691-9C158531AF7A} => Moved successfully.
C:\Windows\SysWOW64\sho85F.tmp => Moved successfully.
C:\Windows\System32\Tasks\{4B1046B0-DE81-435D-8551-053CB4E64791} => Moved successfully.
C:\Windows\System32\Tasks\{F8C4B024-311F-485F-BD32-451FCAB94929} => Moved successfully.
C:\Windows\System32\Tasks\{BCE4E927-7BEA-4B7C-AA7F-971D0225DD3D} => Moved successfully.
C:\Windows\System32\Tasks\{A76075EB-21C0-4A94-88DE-92EBA756C5F4} => Moved successfully.
C:\Windows\System32\Tasks\{0255DF94-D006-44B1-AD3F-0E0EB16A94EE} => Moved successfully.
==== End of Fixlog ====
|
|
28.05.2014, 12:21
| #34 |
| /// the machine /// TB-Ausbilder | Keine Downloads Internet möglich, Office 2013 funktioniert nicht Was besteht aktuell noch an Problemen?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.05.2014, 17:55
| #35 |
| | Keine Downloads Internet möglich, Office 2013 funktioniert nicht Hallo schrauber, ehrlich gesagt keine Besserung: Ich kann nach wie vor eigentlich nichts mit dem Rechner anfangen, z.B.: - keine Downloads aus dem Internet möglich - kein Upload von Anhängen bei meinen Email-Programmen möglich - Office 2013 funktioniert nicht - mein Rechner erkennt auch keine CD's (z.B. Installations-CD von Office 2013) oder DVD's - Kein Drucken möglich - kein Öffnen bestimmter Dateien/Programme möglich (z.B. Windows Repair) - und und und... Was kann ich überhaupt noch tun? |
|
30.05.2014, 15:48
| #36 |
| /// the machine /// TB-Ausbilder | Keine Downloads Internet möglich, Office 2013 funktioniert nicht Haben wir schon ein INplace Upgrade gemacht?
__________________ --> Keine Downloads Internet möglich, Office 2013 funktioniert nicht |
|
31.05.2014, 08:16
| #37 |
| | Keine Downloads Internet möglich, Office 2013 funktioniert nicht Hallo schrauber, nein das haben wir nicht. Was muss ich tun? |
|
31.05.2014, 15:50
| #38 |
| /// the machine /// TB-Ausbilder | Keine Downloads Internet möglich, Office 2013 funktioniert nicht "In Place Upgrade" Mach das mal bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.05.2014, 21:08
| #39 |
| | Keine Downloads Internet möglich, Office 2013 funktioniert nicht Eine Setup-CD habe ich leider nicht...? Für dieses Programm scheint man eine Set-Up CD zu benötigen... |
|
01.06.2014, 21:56
| #40 |
| /// the machine /// TB-Ausbilder | Keine Downloads Internet möglich, Office 2013 funktioniert nicht Du brauchst deine Original WIndows DVD.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.06.2014, 20:50
| #41 |
| | Keine Downloads Internet möglich, Office 2013 funktioniert nicht Eine Original Windows DVD habe ich nicht. Ich habe ein Samsung Laptop, beim Kauf vor 3 Jahren erhielt ich keine DVD, sondern einen Installations Guide ohne DVD. Ich habe gerade in den Unterlagen gewühlt, hier gibt es einen Hinweis dass man mit Hilfe von Samsung Recovery Solution das Betriebssystem wieder herstellen kann. Das muss ich mal in Ruhe studieren. Kennst Du Dich hiermit aus? |
|
03.06.2014, 18:43
| #42 |
| /// the machine /// TB-Ausbilder | Keine Downloads Internet möglich, Office 2013 funktioniert nicht Ja ist ne normale Recovery. Lies mal, fraglich hierbei ist ob deine Daten erhalten bleiben.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Keine Downloads Internet möglich, Office 2013 funktioniert nicht |
| absoluter, adware/adware.gen2, adware/installcore.a.148, android/smsreg.a.897, downloads, fehlermeldung, funktioniert, funktioniert nicht, interne, internet, problem, programm, quarantäne, schließe, software, starte, tr/bprotector.gen, windows, überhaupt, zusammen |
Linear-Darstellung
