Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Firefox läßt sich nicht mehr öffnen - Der Vorgang wurde aufgrund von Beschränkungen auf dem Computer abgebrochen. Wenden sie sich an den Sys (https://www.trojaner-board.de/156962-firefox-laesst-mehr-oeffnen-vorgang-wurde-aufgrund-beschraenkungen-computer-abgebrochen-wenden-sys.html)

sandsonne 28.07.2014 13:51
Firefox läßt sich nicht mehr öffnen - Der Vorgang wurde aufgrund von Beschränkungen auf dem Computer abgebrochen. Wenden sie sich an den Sys
 
Guten Morgen,

unerwartet und plötzlich kann ich Firefox nicht mehr öffnen. Fehlermeldung:

Der Vorgang wurde aufgrund von Beschränkungen auf dem Computer abgebrochen. Wenden sie sich an den Systemadministrator

IE geht noch.

Ich bin nicht sicher ob das Problem durch Maleware o.ä. entstanden ist, weil aber ich mit diesem Forum sehr gute Erfahrungen gemacht habe, habe ich mir erlaubt, mein Problem hier einzustellen.

Auch heute wäre ich für jedweden Hinweis oder Tipp aufrichtig dankbar.
Mit freundlichen Grüßen
sandsonne

schrauber 28.07.2014 14:00
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


sandsonne 28.07.2014 16:20
Guten Tag, Schrauber,

vielen Dank für die schnelle Rückmeldung.

Hier die FRST Log

Code:
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

       
Code:

       
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-07-2014
Ran by Kerstin (administrator) on USER1011-PC on 28-07-2014 15:42:00
Running from C:\Users\Kerstin\Desktop
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(BUP) C:\Users\Kerstin\AppData\Roaming\BupSystem\bup.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(NEC Electronics Corporation) C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVM Berlin) C:\Program Files\avmwlanstick\FRITZWLanMini.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
(Spencer Kimball, Peter Mattis and the GIMP Development Team) C:\Program Files\GIMP 2\bin\gimp-2.8.exe
(Spencer Kimball, Peter Mattis and the GIMP Development Team) C:\Program Files\GIMP 2\lib\gimp\2.0\plug-ins\script-fu.exe
(FileZilla Project) C:\Program Files\FileZilla FTP Client\filezilla.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Don HO don.h@free.fr) C:\Program Files\Notepad++\notepad++.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3467251772-538213018-3341465458-1001\...\Run: [SCheck] => C:\Users\Kerstin\AppData\Roaming\SCheck\SCheck.exe [37376 2013-12-09] ()
HKU\S-1-5-21-3467251772-538213018-3341465458-1001\...\Run: [Snoozer] => C:\Users\Kerstin\AppData\Roaming\Snz\Snz.exe [1210387 2014-05-07] ()
HKU\S-1-5-21-3467251772-538213018-3341465458-1001\...\Policies\Explorer\DisallowRun: [1] firefox.exe
HKU\S-1-5-21-3467251772-538213018-3341465458-1001\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-3467251772-538213018-3341465458-1001\...\Policies\Explorer: [DisallowRun] 1
Startup: C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKCU - {AFF5BEFB-01AB-4CF5-9CB1-6B3AF075A3F7} URL = hxxp://www.ant.com/search?s=browser&q={searchTerms}
BHO: Simple New Tab Bho -> {5C2DD58F-613F-4580-8AC0-F10D760AF938} -> C:\Users\Kerstin\AppData\Local\simple_new_tab\simple_new_tab.dll (Temp Company Ltd)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {FCADDC14-BD46-408A-9842-CDBE1C6D37EB} -> C:\Users\Kerstin\AppData\LocalLow\systems ie bho\bho.dll ()
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\dk53go6k.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: bebomedia.com/OfferMosquitoIEHelper - C:\Users\Kerstin\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Extension: Firebug - C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\dk53go6k.default\Extensions\firebug@software.joehewitt.com.xpi [2014-07-27]
FF Extension: OfferMosquito - C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\dk53go6k.default\Extensions\om@offermosquito.com.xpi [2014-04-02]

Chrome:
=======
CHR HomePage: hxxp://native-search.com/?channel=deg
CHR RestoreOnStartup: "hxxp://native-search.com/?channel=deg"
CHR DefaultSearchKeyword: Search
CHR DefaultSearchProvider: Search
CHR DefaultSearchURL: hxxp://native-search.com/search.php?channel=deg&q={searchTerms}
CHR Extension: (Google Docs) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-27]
CHR Extension: (Google Drive) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-27]
CHR Extension: (YouTube) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-27]
CHR Extension: (Google-Suche) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-27]
CHR Extension: (OfferMosquito) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk [2014-05-08]
CHR Extension: (Securita Scout) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfkilfadjoneaheacgmkahfgcjchkpad [2014-07-26]
CHR Extension: (Google Wallet) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-27]
CHR Extension: (Google Mail) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-27]
CHR Extension: (Simple New Tab) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga [2014-05-08]
CHR HKLM\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Kerstin\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-07-26]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 bupService; C:\Users\Kerstin\AppData\Roaming\BupSystem\bup.exe [642048 2014-04-14] (BUP) [File not signed]
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S2 PDFProFiltSrv; C:\Program Files\Nuance\PDF Professional 8\PDFProFiltSrv.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-17] (Avira Operations GmbH & Co. KG)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [264704 2006-04-06] (AVM GmbH)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2012-12-07] (GFI Software)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-11] (Avira GmbH)
S3 catchme; \??\C:\Users\Kerstin\AppData\Local\Temp\catchme.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-28 15:40 - 2014-07-28 15:42 - 00008771 _____ () C:\Users\Kerstin\Desktop\FRST.txt
2014-07-28 15:40 - 2014-07-28 15:40 - 01084416 _____ (Farbar) C:\Users\Kerstin\Desktop\FRST.exe
2014-07-28 15:30 - 2014-07-28 15:30 - 00080146 _____ () C:\Users\Kerstin\AppData\Local\recently-used.xbel
2014-07-28 15:16 - 2014-07-28 15:16 - 00000000 ____D () C:\Users\Kerstin\Desktop\mod_artnewsticker_unzip_first
2014-07-28 15:15 - 2014-07-28 15:15 - 00108263 _____ () C:\Users\Kerstin\Desktop\mod_artnewsticker_unzip_first.zip
2014-07-28 15:09 - 2014-07-28 15:09 - 00010015 _____ () C:\Users\Kerstin\Desktop\mod_mh_simple_marquee.rev.32.zip
2014-07-28 14:12 - 2014-07-28 14:12 - 00063182 _____ () C:\Users\Kerstin\Desktop\UNZIPFIRST.zip
2014-07-28 14:12 - 2014-07-28 14:12 - 00000000 ____D () C:\Users\Kerstin\Desktop\UNZIPFIRST
2014-07-28 13:32 - 2014-07-28 13:32 - 00002501 _____ () C:\Users\Kerstin\Desktop\hd-floaty06.zip
2014-07-28 13:15 - 2014-07-28 13:15 - 00193850 _____ () C:\Users\Kerstin\Desktop\Slide_Note_UNZIP.zip
2014-07-28 13:15 - 2014-07-28 13:15 - 00000000 ____D () C:\Users\Kerstin\Desktop\Slide_Note_UNZIP
2014-07-28 12:04 - 2014-07-28 12:04 - 00000000 ____D () C:\Users\Kerstin\Desktop\flexslider_unzip_first
2014-07-28 12:03 - 2014-07-28 12:03 - 00695684 _____ () C:\Users\Kerstin\Desktop\flexslider_unzip_first.zip
2014-07-28 10:08 - 2014-07-28 10:08 - 00006583 _____ () C:\Users\Kerstin\Documents\Fixit50388.reg
2014-07-28 09:28 - 2014-07-28 10:02 - 00000168 _____ () C:\Users\Kerstin\Desktop\ölkäpüö.txt
2014-07-27 17:31 - 2014-07-27 17:32 - 02041554 _____ () C:\Users\Kerstin\Downloads\ol_albos_free_unzipfirst_1.0.7.zip
2014-07-26 08:00 - 2014-07-26 08:25 - 00000229 _____ () C:\Users\Kerstin\Desktop\sms.txt
2014-07-26 07:59 - 2014-07-26 07:59 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\BupSystem
2014-07-26 07:59 - 2014-07-26 07:59 - 00000000 ____D () C:\Users\Kerstin\AppData\Local\Temp6c48a98e100f1e81b387bb5b2088d4fb
2014-07-26 07:58 - 2014-07-26 10:34 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\Security System 2
2014-07-26 07:55 - 2014-07-26 07:55 - 00000000 ____D () C:\Users\Kerstin\Downloads\Terminerinnerung
2014-07-26 07:55 - 2014-07-26 07:55 - 00000000 ____D () C:\Users\Kerstin\ChromeExtensions
2014-07-26 07:55 - 2014-07-26 07:55 - 00000000 ____D () C:\Users\Kerstin\AppData\Local\Temp5ac07127001d978dc00a9445ec364dd4
2014-07-26 07:54 - 2014-07-26 07:54 - 01035152 _____ () C:\Users\Kerstin\Downloads\Terminerinnerung-lnstall.exe
2014-07-22 19:35 - 2014-07-26 13:39 - 00010260 _____ () C:\Users\Kerstin\Desktop\verschickt.txt
2014-07-22 14:51 - 2014-07-22 14:51 - 05981830 _____ (Tim Kosse) C:\Users\Kerstin\Downloads\FileZilla_3.9.0.1_win32-setup.exe
2014-07-22 14:18 - 2014-07-22 14:18 - 00644997 _____ () C:\Users\Kerstin\Downloads\allerleye_support_paket_erst_entpacken.zip
2014-07-22 10:22 - 2014-07-22 10:22 - 00391986 _____ () C:\Users\Kerstin\Downloads\JSN_Package_UNZIP_ME_FIRST_20140722152154.zip
2014-07-22 10:22 - 2014-07-22 10:22 - 00000000 ____D () C:\Users\Kerstin\Downloads\JSN_Package_UNZIP_ME_FIRST_20140722152154
2014-07-21 10:40 - 2014-07-21 10:40 - 00000099 _____ () C:\Users\Kerstin\Desktop\ICS AG.txt
2014-07-21 08:31 - 2014-07-21 08:31 - 00000733 _____ () C:\Users\Kerstin\Desktop\muster.txt
2014-07-14 15:45 - 2014-07-14 15:49 - 128051271 _____ () C:\Users\Kerstin\Downloads\site-main-kinzigjobs.de-20140714-153314.jpa
2014-07-09 06:28 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 06:28 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 06:28 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 06:28 - 2014-06-19 01:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 06:28 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 06:28 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 06:28 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 06:28 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 06:28 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 06:28 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 06:28 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 06:28 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 06:28 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 06:28 - 2014-06-19 01:23 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 06:28 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 06:28 - 2014-06-19 01:16 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 06:28 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 06:28 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 06:28 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 06:28 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 06:28 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 06:28 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 06:28 - 2014-06-19 00:52 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 06:28 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 06:28 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 06:28 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 06:28 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 06:28 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 06:28 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 06:28 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 06:27 - 2014-06-30 03:40 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 06:27 - 2014-06-30 03:36 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 06:27 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 06:27 - 2014-06-18 02:52 - 02350080 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 06:27 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 06:27 - 2014-06-05 16:26 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 06:27 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 06:27 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 06:27 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 06:27 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 06:27 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 06:27 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 06:27 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 06:27 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-07 12:30 - 2014-07-07 12:30 - 10746848 _____ (PlotSoft LLC) C:\Users\Kerstin\Downloads\PDFill_11.exe
2014-07-07 12:27 - 2014-07-07 12:28 - 00000043 _____ () C:\Windows\gswin32.ini
2014-07-06 10:18 - 2014-07-06 12:25 - 00004154 _____ () C:\Users\Kerstin\Desktop\schwarze nüsse.txt
2014-07-04 12:59 - 2014-07-04 12:59 - 00000000 ____D () C:\Users\Kerstin\Desktop\RE9990701D-IW
2014-07-02 12:09 - 2014-07-02 20:22 - 01093454 _____ () C:\Users\Kerstin\Desktop\Projekte.pptx
2014-07-02 08:55 - 2014-07-02 13:56 - 00000000 ____D () C:\Users\Kerstin\Downloads\2947_construction_ppt
2014-07-02 08:55 - 2014-07-02 08:55 - 00713228 _____ () C:\Users\Kerstin\Downloads\2947_construction_ppt.zip
2014-07-01 15:42 - 2014-07-01 15:43 - 00000000 ____D () C:\Users\Kerstin\Downloads\Markus-Rak-Bewerbung
2014-07-01 15:41 - 2014-07-01 15:42 - 06467861 _____ () C:\Users\Kerstin\Downloads\Markus-Rak-Bewerbung.zip
2014-07-01 08:03 - 2014-07-01 08:03 - 01058200 _____ (Adobe) C:\Users\Kerstin\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe
2014-06-30 10:17 - 2014-06-30 10:18 - 01088012 _____ () C:\Users\Kerstin\Downloads\spacepost3d.zip
2014-06-30 09:11 - 2014-06-30 09:11 - 00000000 ____D () C:\Users\Kerstin\Desktop\structure

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-28 15:42 - 2014-07-28 15:40 - 00008771 _____ () C:\Users\Kerstin\Desktop\FRST.txt
2014-07-28 15:42 - 2014-03-20 17:49 - 00000000 ____D () C:\FRST
2014-07-28 15:40 - 2014-07-28 15:40 - 01084416 _____ (Farbar) C:\Users\Kerstin\Desktop\FRST.exe
2014-07-28 15:30 - 2014-07-28 15:30 - 00080146 _____ () C:\Users\Kerstin\AppData\Local\recently-used.xbel
2014-07-28 15:16 - 2014-07-28 15:16 - 00000000 ____D () C:\Users\Kerstin\Desktop\mod_artnewsticker_unzip_first
2014-07-28 15:15 - 2014-07-28 15:15 - 00108263 _____ () C:\Users\Kerstin\Desktop\mod_artnewsticker_unzip_first.zip
2014-07-28 15:11 - 2012-04-18 08:12 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-28 15:09 - 2014-07-28 15:09 - 00010015 _____ () C:\Users\Kerstin\Desktop\mod_mh_simple_marquee.rev.32.zip
2014-07-28 14:12 - 2014-07-28 14:12 - 00063182 _____ () C:\Users\Kerstin\Desktop\UNZIPFIRST.zip
2014-07-28 14:12 - 2014-07-28 14:12 - 00000000 ____D () C:\Users\Kerstin\Desktop\UNZIPFIRST
2014-07-28 13:48 - 2012-12-07 19:58 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\FileZilla
2014-07-28 13:32 - 2014-07-28 13:32 - 00002501 _____ () C:\Users\Kerstin\Desktop\hd-floaty06.zip
2014-07-28 13:15 - 2014-07-28 13:15 - 00193850 _____ () C:\Users\Kerstin\Desktop\Slide_Note_UNZIP.zip
2014-07-28 13:15 - 2014-07-28 13:15 - 00000000 ____D () C:\Users\Kerstin\Desktop\Slide_Note_UNZIP
2014-07-28 12:04 - 2014-07-28 12:04 - 00000000 ____D () C:\Users\Kerstin\Desktop\flexslider_unzip_first
2014-07-28 12:03 - 2014-07-28 12:03 - 00695684 _____ () C:\Users\Kerstin\Desktop\flexslider_unzip_first.zip
2014-07-28 11:31 - 2013-05-16 10:12 - 00000000 ____D () C:\Users\Kerstin\.gimp-2.8
2014-07-28 10:18 - 2012-05-08 10:08 - 00000000 ____D () C:\Program Files\Google
2014-07-28 10:18 - 2009-07-14 06:34 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-28 10:18 - 2009-07-14 06:34 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-28 10:17 - 2012-05-08 10:08 - 00000000 ____D () C:\Users\Kerstin\AppData\Local\Google
2014-07-28 10:16 - 2014-06-18 08:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-28 10:15 - 2011-09-17 15:55 - 01184117 _____ () C:\Windows\WindowsUpdate.log
2014-07-28 10:10 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-28 10:10 - 2009-07-14 06:39 - 00477008 _____ () C:\Windows\setupact.log
2014-07-28 10:08 - 2014-07-28 10:08 - 00006583 _____ () C:\Users\Kerstin\Documents\Fixit50388.reg
2014-07-28 10:02 - 2014-07-28 09:28 - 00000168 _____ () C:\Users\Kerstin\Desktop\ölkäpüö.txt
2014-07-27 21:30 - 2012-03-01 18:45 - 00000000 ____D () C:\Users\Kerstin\AppData\Local\CrashDumps
2014-07-27 17:32 - 2014-07-27 17:31 - 02041554 _____ () C:\Users\Kerstin\Downloads\ol_albos_free_unzipfirst_1.0.7.zip
2014-07-27 16:46 - 2012-12-07 19:54 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\Mozilla
2014-07-26 13:39 - 2014-07-22 19:35 - 00010260 _____ () C:\Users\Kerstin\Desktop\verschickt.txt
2014-07-26 10:34 - 2014-07-26 07:58 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\Security System 2
2014-07-26 08:25 - 2014-07-26 08:00 - 00000229 _____ () C:\Users\Kerstin\Desktop\sms.txt
2014-07-26 07:59 - 2014-07-26 07:59 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\BupSystem
2014-07-26 07:59 - 2014-07-26 07:59 - 00000000 ____D () C:\Users\Kerstin\AppData\Local\Temp6c48a98e100f1e81b387bb5b2088d4fb
2014-07-26 07:55 - 2014-07-26 07:55 - 00000000 ____D () C:\Users\Kerstin\Downloads\Terminerinnerung
2014-07-26 07:55 - 2014-07-26 07:55 - 00000000 ____D () C:\Users\Kerstin\ChromeExtensions
2014-07-26 07:55 - 2014-07-26 07:55 - 00000000 ____D () C:\Users\Kerstin\AppData\Local\Temp5ac07127001d978dc00a9445ec364dd4
2014-07-26 07:55 - 2012-02-23 19:32 - 00000000 ____D () C:\Users\Kerstin
2014-07-26 07:54 - 2014-07-26 07:54 - 01035152 _____ () C:\Users\Kerstin\Downloads\Terminerinnerung-lnstall.exe
2014-07-24 06:03 - 2012-03-01 18:37 - 00000000 ____D () C:\Program Files\FileZilla FTP Client
2014-07-22 16:06 - 2012-03-01 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-07-22 15:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-22 14:51 - 2014-07-22 14:51 - 05981830 _____ (Tim Kosse) C:\Users\Kerstin\Downloads\FileZilla_3.9.0.1_win32-setup.exe
2014-07-22 14:18 - 2014-07-22 14:18 - 00644997 _____ () C:\Users\Kerstin\Downloads\allerleye_support_paket_erst_entpacken.zip
2014-07-22 10:22 - 2014-07-22 10:22 - 00391986 _____ () C:\Users\Kerstin\Downloads\JSN_Package_UNZIP_ME_FIRST_20140722152154.zip
2014-07-22 10:22 - 2014-07-22 10:22 - 00000000 ____D () C:\Users\Kerstin\Downloads\JSN_Package_UNZIP_ME_FIRST_20140722152154
2014-07-21 11:11 - 2011-09-17 16:05 - 01629372 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-21 10:40 - 2014-07-21 10:40 - 00000099 _____ () C:\Users\Kerstin\Desktop\ICS AG.txt
2014-07-21 10:32 - 2012-02-24 00:17 - 00000000 ____D () C:\Users\Kerstin\Desktop\Office Interim
2014-07-21 08:31 - 2014-07-21 08:31 - 00000733 _____ () C:\Users\Kerstin\Desktop\muster.txt
2014-07-14 15:49 - 2014-07-14 15:45 - 128051271 _____ () C:\Users\Kerstin\Downloads\site-main-kinzigjobs.de-20140714-153314.jpa
2014-07-14 12:51 - 2014-05-28 07:07 - 00000000 ____D () C:\Users\Kerstin\Desktop\Main-KinzigJOBS
2014-07-11 08:24 - 2013-01-21 19:40 - 00000000 ____D () C:\Users\Kerstin\Desktop\privat
2014-07-10 12:36 - 2013-05-06 12:30 - 00035848 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-09 18:13 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-07-09 17:33 - 2009-07-14 06:33 - 00510352 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 17:31 - 2014-04-30 20:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 17:31 - 2009-07-14 10:57 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 17:31 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-07-09 17:28 - 2013-12-13 21:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 17:27 - 2012-02-23 19:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 17:27 - 2011-09-17 20:44 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 08:11 - 2012-04-18 08:12 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-09 08:11 - 2012-02-13 23:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-07 12:30 - 2014-07-07 12:30 - 10746848 _____ (PlotSoft LLC) C:\Users\Kerstin\Downloads\PDFill_11.exe
2014-07-07 12:28 - 2014-07-07 12:27 - 00000043 _____ () C:\Windows\gswin32.ini
2014-07-06 12:25 - 2014-07-06 10:18 - 00004154 _____ () C:\Users\Kerstin\Desktop\schwarze nüsse.txt
2014-07-04 12:59 - 2014-07-04 12:59 - 00000000 ____D () C:\Users\Kerstin\Desktop\RE9990701D-IW
2014-07-02 20:22 - 2014-07-02 12:09 - 01093454 _____ () C:\Users\Kerstin\Desktop\Projekte.pptx
2014-07-02 13:56 - 2014-07-02 08:55 - 00000000 ____D () C:\Users\Kerstin\Downloads\2947_construction_ppt
2014-07-02 08:55 - 2014-07-02 08:55 - 00713228 _____ () C:\Users\Kerstin\Downloads\2947_construction_ppt.zip
2014-07-02 06:07 - 2014-03-09 11:10 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\Fifth
2014-07-01 15:43 - 2014-07-01 15:42 - 00000000 ____D () C:\Users\Kerstin\Downloads\Markus-Rak-Bewerbung
2014-07-01 15:42 - 2014-07-01 15:41 - 06467861 _____ () C:\Users\Kerstin\Downloads\Markus-Rak-Bewerbung.zip
2014-07-01 08:03 - 2014-07-01 08:03 - 01058200 _____ (Adobe) C:\Users\Kerstin\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe
2014-06-30 10:18 - 2014-06-30 10:17 - 01088012 _____ () C:\Users\Kerstin\Downloads\spacepost3d.zip
2014-06-30 09:11 - 2014-06-30 09:11 - 00000000 ____D () C:\Users\Kerstin\Desktop\structure
2014-06-30 03:40 - 2014-07-09 06:27 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 03:36 - 2014-07-09 06:27 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

Some content of TEMP:
====================
C:\Users\Kerstin\AppData\Local\temp\amazonicon_v8.exe
C:\Users\Kerstin\AppData\Local\temp\amazoninstallernircmdc.exe
C:\Users\Kerstin\AppData\Local\temp\avgnt.exe
C:\Users\Kerstin\AppData\Local\temp\MouseKeyboardCenterx86_1031.exe
C:\Users\Kerstin\AppData\Local\temp\Quarantine.exe
C:\Users\Kerstin\AppData\Local\temp\sdanircmdc.exe
C:\Users\Kerstin\AppData\Local\temp\sdapskill.exe
C:\Users\Kerstin\AppData\Local\temp\sdaspwn.exe
C:\Users\Kerstin\AppData\Local\temp\WEB.DE_MailCheck_FF_Setup_2.10.1.1735.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-28 07:26

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---
Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:25-07-2014
Ran by Kerstin at 2014-07-28 17:19:51
Running from C:\Users\Kerstin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
BeCyPDFMetaEdit (HKLM\...\BeCyPDFMetaEdit) (Version: 2.37.0 - Benjamin Bentmann)
BurnAware Professional 6.2 (HKLM\...\BurnAware Professional_is1) (Version:  - Burnaware)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.4003 - CDBurnerXP)
CIB pdf brewer (HKLM\...\{461A4763-28B5-425A-AE3D-B9B54EDF0F21}) (Version: 2.6.0047 - CIB software GmbH)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Document Trace Remover v3.6 (HKLM\...\Document Trace Remover_is1) (Version: 3.6 - Smart PC Solutions)
Exif Tag Remover 2.0 (HKLM\...\Exif Tag Remover_is1) (Version:  - RL Vision)
FileViewPro (HKLM\...\{29938C06-6962-4C27-A94C-25E4F424A665}_is1) (Version: 1.5 - Solvusoft Corporation)
FileZilla Client 3.9.0.1 (HKLM\...\FileZilla Client) (Version: 3.9.0.1 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Fotogalerie (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Hex-Editor MX (HKLM\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Java 7 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.400 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
Lexware büro easy 2005 (HKLM\...\{2F2E04D3-C0DA-4B9A-B2B4-234ED20A2385}) (Version: 12.0 - )
Lexware büro easy 2005 (Version: 12.00 - Lexware) Hidden
Lexware online banking V 3.10 (HKLM\...\{D01F701A-1F23-494C-BE82-8A7441CADEEA}) (Version:  - )
MAGIX Content und Soundpools (HKLM\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (HKLM\...\MAGIX_{B332E15B-243F-4F40-8530-1524F84230A0}) (Version: 4.3.2.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX AG) Hidden
MAGIX Music Maker 2013 (HKLM\...\MAGIX_{3F5C2BC0-B7D7-4114-B273-3B1460B2452B}) (Version: 19.0.3.47 - MAGIX AG)
MAGIX Music Maker 2013 (Version: 19.0.3.47 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Movie Maker (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mp3tag v2.55a (HKLM\...\Mp3tag) (Version: v2.55a - Florian Heidenreich)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NEC Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.18.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (Version: 1.0.18.0 - NEC Electronics Corporation) Hidden
Norton Internet Security (Version: 18.1.0.37 - Symantec Corporation) Hidden
Notepad++ (HKLM\...\Notepad++) (Version: 6.4.1 - Notepad++ Team)
Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Resource Hacker Version 3.6.0 (HKLM\...\ResourceHacker_is1) (Version:  - )
Sagede.Shared.Elster.Setup (Version: 1.0.0.0.28 - Sage Software GmbH) Hidden
Securita Scout (HKLM\...\Securita Scout) (Version:  - ) <==== ATTENTION
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.29480 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
XNResourceEditor 3.0.0.1 (HKLM\...\XN Resource Editor_is1) (Version:  - Colin Wilson)
Yahoo! Detect (HKLM\...\YTdetect) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3467251772-538213018-3341465458-1001_Classes\CLSID\{3bc93e76-92f8-5fda-b676-5afee3735bf1}\InprocServer32 -> C:\Users\Kerstin\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll No File
CustomCLSID: HKU\S-1-5-21-3467251772-538213018-3341465458-1001_Classes\CLSID\{9000834c-c6c7-43ac-b8ee-dc9668f39a81}\localserver32 -> C:\Users\Kerstin\AppData\Local\Temp\{91814ec0-b5f0-11d2-80b9-00104b1f6cea}\IDriver.NonElevated.exe N (the data entry has 6 more characters).

==================== Restore Points  =========================

28-07-2014 08:01:49 Wiederherstellung Kirsten
28-07-2014 08:08:13 Installed Microsoft Fix it 50388
28-07-2014 08:17:00 Removed Google Chrome Frame

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2014-03-20 12:11 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {053C1ED7-2B23-4CF4-94FC-C2CF7D0DFE1D} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {0773E3BD-6045-4764-9264-EBF7F5649F71} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {1AFD32CC-E0EE-4337-BE4B-5DE195A6857A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {243FCB46-8BCA-4391-B991-5C447CFEAFB4} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {4E01776C-30F4-4803-B09F-BED5962006D0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {5FE65B3D-08F8-4DB3-9838-735AFB2A85D9} - System32\Tasks\OMESupervisor => C:\Users\Kerstin\AppData\Local\omesuperv.exe [2014-05-07] () <==== ATTENTION
Task: {8806CE8D-40A8-4496-808A-6011FEF64F8C} - System32\Tasks\plushd8.1-validator => C:\Program Files\plushd8.1\plushd8.1-validator.exe
Task: {896E5635-3DB4-4998-B5A9-4CDCBA7CDD4E} - System32\Tasks\Fifth => C:\Users\Kerstin\AppData\Roaming\Fifth\Fifth.exe [2014-05-07] () <==== ATTENTION
Task: {9DDE8C2A-C838-4F5E-92D8-DC9069128774} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {EA049CB8-C3D5-4BF8-B7A6-45AFB1EEC814} - System32\Tasks\SomotoUpdateCheckerAutoStart => C:\Users\Kerstin\AppData\Local\FilesFrog Update Checker\update_checker.exe <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2012-07-26 14:07 - 2010-06-17 21:56 - 00116224 _____ () C:\Windows\System32\redmonnt.dll
2014-07-26 07:59 - 2014-07-26 07:59 - 00374272 _____ () C:\Users\Kerstin\AppData\Roaming\BupSystem\sub\default.dll
2012-12-18 22:43 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00260096 _____ () C:\Program Files\Notepad++\NppShell_05.dll
2009-02-26 14:46 - 2009-02-26 14:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 12:46 - 2011-06-22 12:46 - 00434016 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2011-05-26 21:18 - 2011-05-26 21:18 - 00136536 _____ () C:\Program Files\Microsoft Office\Office12\OUTLCTL.DLL
2013-05-14 10:38 - 2013-02-06 23:04 - 00029392 _____ () C:\Program Files\GIMP 2\bin\libgimpmodule-2.0-0.dll
2013-05-14 10:38 - 2013-02-06 23:03 - 00087472 _____ () C:\Program Files\GIMP 2\bin\libgimpbase-2.0-0.dll
2013-05-14 10:38 - 2012-07-05 13:22 - 00051570 _____ () C:\Program Files\GIMP 2\bin\libffi-5.dll
2013-05-14 10:38 - 2013-02-06 23:04 - 00045672 _____ () C:\Program Files\GIMP 2\bin\libgimpthumb-2.0-0.dll
2013-05-14 10:39 - 2012-07-05 13:21 - 00107212 _____ () C:\Program Files\GIMP 2\bin\zlib1.dll
2013-05-14 10:39 - 2012-07-05 17:10 - 00282742 _____ () C:\Program Files\GIMP 2\bin\libjasper-1.dll
2013-05-14 10:39 - 2012-07-05 16:25 - 00221676 _____ () C:\Program Files\GIMP 2\bin\libjpeg-8.dll
2013-05-14 10:39 - 2012-07-05 13:30 - 00177192 _____ () C:\Program Files\GIMP 2\bin\libpng15-15.dll
2013-05-14 10:39 - 2012-07-05 17:39 - 00448770 _____ () C:\Program Files\GIMP 2\bin\libtiff-5.dll
2013-05-14 10:38 - 2013-02-06 23:04 - 01220912 _____ () C:\Program Files\GIMP 2\bin\libgimpwidgets-2.0-0.dll
2013-05-14 10:38 - 2013-02-06 23:03 - 00060872 _____ () C:\Program Files\GIMP 2\bin\libgimpcolor-2.0-0.dll
2013-05-14 10:38 - 2012-07-05 16:06 - 00644562 _____ () C:\Program Files\GIMP 2\bin\libcairo-2.dll
2013-05-14 10:38 - 2012-07-23 19:01 - 00230256 _____ () C:\Program Files\GIMP 2\bin\libfontconfig-1.dll
2013-05-14 10:38 - 2012-07-05 13:49 - 00493606 _____ () C:\Program Files\GIMP 2\bin\libfreetype-6.dll
2013-05-14 10:39 - 2012-07-05 13:43 - 01161549 _____ () C:\Program Files\GIMP 2\bin\libxml2-2.dll
2013-05-14 10:39 - 2012-07-05 14:49 - 00571650 _____ () C:\Program Files\GIMP 2\bin\libpixman-1-0.dll
2013-05-14 10:38 - 2013-02-06 23:03 - 00072176 _____ () C:\Program Files\GIMP 2\bin\libgimpconfig-2.0-0.dll
2013-05-14 10:38 - 2013-02-06 23:04 - 00032104 _____ () C:\Program Files\GIMP 2\bin\libgimpmath-2.0-0.dll
2013-05-14 10:38 - 2012-07-05 22:15 - 00142350 _____ () C:\Program Files\GIMP 2\bin\libbabl-0.1-0.dll
2013-05-14 10:39 - 2012-07-06 05:41 - 00416219 _____ () C:\Program Files\GIMP 2\bin\libgegl-0.2-0.dll
2013-05-14 10:39 - 2012-07-05 18:51 - 00090998 _____ () C:\Program Files\GIMP 2\lib\gtk-2.0\2.10.0\engines\libwimp.dll
2013-05-14 10:38 - 2013-02-06 23:04 - 00031328 _____ () C:\Program Files\GIMP 2\lib\gimp\2.0\modules\libdisplay-filter-lcms.dll
2013-05-14 10:39 - 2012-07-05 21:06 - 00212624 _____ () C:\Program Files\GIMP 2\bin\liblcms-1.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041356 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\add.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\clear.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\color-burn.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\color-dodge.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\darken.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\difference.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041356 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\divide.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\dst-atop.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\dst-in.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\dst-out.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\dst-over.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\dst.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\exclusion.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044470 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\gamma.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\hard-light.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\lighten.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041356 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\multiply.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00045139 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\opacity.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043862 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\over.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\overlay.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\plus.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\screen.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041220 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\soft-light.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\src-atop.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040718 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\src-in.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\src-out.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\src-over.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\src.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041356 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\subtract.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\svg-multiply.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044825 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\threshold.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041356 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\weighted-blend.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\xor.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042840 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\map-absolute.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042973 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\map-relative.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00047550 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\matting-global.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00049116 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\bilateral-filter.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00050683 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\box-blur.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00060691 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\c2g.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00057172 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\edge-laplace.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00049545 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\edge-sobel.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00055050 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\gaussian-blur.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00051565 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\motion-blur.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00053338 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\noise-reduction.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00049472 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\pixelize.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043478 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\ripple.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00053855 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\snn-mean.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044924 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\stress.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043393 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\waves.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043287 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\brightness-contrast.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044886 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\color-temperature.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042245 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\contrast-curve.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042090 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\convert-format.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040852 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\grey.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041384 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\invert.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043113 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\levels.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040662 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\posterize.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042153 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\svg-huerotate.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041420 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\svg-luminancetoalpha.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043689 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\svg-matrix.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042665 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\svg-saturate.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044118 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\value-invert.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00055173 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\vignette.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041475 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\clone.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042151 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\color-to-alpha.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043329 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\crop.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00061292 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\exp-combine.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00063243 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\fattal02.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00047793 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\lens-distortion.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00058189 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\mantiuk06.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042181 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\mblur.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00047143 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\mirrors.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044245 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\mono-mixer.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040727 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\nop.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00052874 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\path.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00046008 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\polar-coordinates.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00047852 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\reinhard05.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041421 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\stretch-contrast.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00061674 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\transformops.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00048042 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\vector-fill.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00048099 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\vector-stroke.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041409 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\buffer-sink.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042104 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\display.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040837 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\gegl-buffer-save-op.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00045416 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\jpg-save.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00045185 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\png-save.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043509 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\ppm-save.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00050025 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\rgbe-save.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042255 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\save-pixbuf.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042795 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\save.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042969 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\write-buffer.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042068 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\buffer-source.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043241 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\checkerboard.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041549 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\color.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043212 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\grid.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044591 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\noise.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00048966 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\fractal-explorer.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042063 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\gegl-buffer-load-op.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042876 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\introspect.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043505 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\jpg-load.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042259 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\magick-load.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042176 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\open-buffer.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042192 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\pixbuf.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00046500 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\png-load.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043318 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\ppm-load.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043767 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\raw-load.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00050024 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\rgbe-load.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044498 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\svg-load.dll
2013-05-14 10:39 - 2012-07-05 22:09 - 00243241 _____ () C:\Program Files\GIMP 2\bin\librsvg-2-2.dll
2013-05-14 10:38 - 2012-07-05 22:04 - 00225931 _____ () C:\Program Files\GIMP 2\bin\libcroco-0.6-3.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00048776 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\text.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042057 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\difference-of-gaussians.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042619 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\dropshadow.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00045165 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\layer.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042745 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\load.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043207 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\rectangle.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041510 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\unsharp-mask.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040655 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\remap.dll
2013-05-14 10:38 - 2013-02-06 23:04 - 00027952 _____ () C:\Program Files\GIMP 2\lib\gimp\2.0\modules\libcolor-selector-cmyk.dll
2013-05-14 10:38 - 2013-02-06 23:04 - 00029704 _____ () C:\Program Files\GIMP 2\lib\gimp\2.0\modules\libcolor-selector-water.dll
2013-05-14 10:38 - 2013-02-06 23:04 - 00023040 _____ () C:\Program Files\GIMP 2\lib\gimp\2.0\modules\libcolor-selector-wheel.dll
2013-05-14 10:38 - 2013-02-06 23:04 - 00137512 _____ () C:\Program Files\GIMP 2\bin\libgimpui-2.0-0.dll
2013-05-14 10:38 - 2013-02-06 23:03 - 00217976 _____ () C:\Program Files\GIMP 2\bin\libgimp-2.0-0.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files\FileZilla FTP Client\libstdc++-6.dll
2013-06-28 22:57 - 2013-06-28 22:57 - 01589248 _____ () C:\Program Files\Notepad++\plugins\DSpellCheck.dll
2011-07-18 23:07 - 2011-07-18 23:07 - 00014336 _____ () C:\Program Files\Notepad++\plugins\NppExport.dll
2011-09-21 22:46 - 2011-09-21 22:46 - 01673728 _____ () C:\Program Files\Notepad++\plugins\NppFTP.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:18262EDA
AlternateDataStreams: C:\ProgramData\TEMP:66D2723C
AlternateDataStreams: C:\ProgramData\TEMP:6CC0D09A

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/28/2014 03:41:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST.exe, Version 25.7.2014.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18b4

Startzeit: 01cfaa697c544097

Endzeit: 20

Anwendungspfad: C:\Users\Kerstin\Desktop\FRST.exe

Berichts-ID: e2b3e1cd-165c-11e4-905d-001f3f086e4a

Error: (07/28/2014 10:47:28 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:28.752]: [00003068]: lperrcode->api = 1 , lperrcode->code = 2

Error: (07/28/2014 10:47:27 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:27.225]: [00003068]: lperrcode->api = 1 , lperrcode->code = 2

Error: (07/28/2014 10:47:25 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:25.712]: [00003068]: lperrcode->api = 1 , lperrcode->code = 2

Error: (07/28/2014 10:47:24 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:24.177]: [00003068]: lperrcode->api = 1 , lperrcode->code = 2

Error: (07/28/2014 10:47:22 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:22.633]: [00003068]: lperrcode->api = 1 , lperrcode->code = 2

Error: (07/28/2014 10:47:21 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:21.088]: [00003068]: lperrcode->api = 1 , lperrcode->code = 2

Error: (07/28/2014 10:47:19 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:19.544]: [00003068]: lperrcode->api = 1 , lperrcode->code = 2

Error: (07/28/2014 10:47:18 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:18.013]: [00003068]: lperrcode->api = 3 , lperrcode->code = 2

Error: (07/27/2014 09:30:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: bho.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x534e91e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x081acd94
ID des fehlerhaften Prozesses: 0x138c
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3


System errors:
=============
Error: (07/28/2014 01:45:01 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (07/28/2014 10:13:15 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.

Error: (07/28/2014 10:12:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (07/28/2014 10:12:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Media Player-Netzwerkfreigabedienst erreicht.

Error: (07/28/2014 10:10:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PDFProFiltSrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/28/2014 10:05:36 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.

Error: (07/28/2014 10:03:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PDFProFiltSrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/28/2014 09:30:53 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.

Error: (07/28/2014 09:29:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PDFProFiltSrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/28/2014 07:07:14 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.


Microsoft Office Sessions:
=========================
Error: (06/17/2014 07:16:01 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8108 seconds with 420 seconds of active time.  This session ended with a crash.

Error: (05/20/2014 00:36:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3124 seconds with 1560 seconds of active time.  This session ended with a crash.

Error: (04/09/2014 11:32:19 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 13477 seconds with 1860 seconds of active time.  This session ended with a crash.

Error: (03/05/2014 09:09:06 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 2378 seconds with 420 seconds of active time.  This session ended with a crash.

Error: (01/12/2014 01:06:57 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 8572 seconds with 5400 seconds of active time.  This session ended with a crash.

Error: (11/24/2013 02:46:18 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (09/17/2013 08:58:24 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 40101 seconds with 540 seconds of active time.  This session ended with a crash.

Error: (08/28/2013 07:05:05 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 958 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (08/13/2013 08:25:18 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 19809 seconds with 2160 seconds of active time.  This session ended with a crash.

Error: (08/12/2013 01:59:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2170 seconds with 660 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Percentage of memory in use: 55%
Total physical RAM: 3293.24 MB
Available physical RAM: 1464.07 MB
Total Pagefile: 6584.77 MB
Available Pagefile: 3926.25 MB
Total Virtual: 2047.88 MB
Available Virtual: 1909.45 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:368.24 GB) NTFS
Drive d: (14 Mai 2014) (CDROM) (Total:1.37 GB) (Free:1.18 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 069AB8B9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 29.07.2014 07:35
Adware & Co. deinstallieren

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:



Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

sandsonne 29.07.2014 12:23
Guten tag, Schrauber,

danke schön!

Also, die ersten Schritte habe ich ausgeführt meint: Von den mit Attention gemarkterten Programmen habe ich eines gefunden und entsprechend der Anleitung behandelt.

Combofix habe ich auch herunter geladen und auf dem Desktop gespeichert und ausgeführt. Jetzt kommt's: Eine Combofix.txt sprich Logfile wurde nicht erstellt. Weder auf dem Desktop noch unter 'C'. Auch die Suchfunktion des PC's ergab keine Ergebnisse.

Rechner also noch einmal neu gestartet und Combofix nochmal durchlaufen lassen. Wieder kein Logfile.

Ich habe penibel darauf geachtet, weder die Maus zu bewegen noch sonst etwas während Combofix lief.

Es tut mir leid das ich nun ohne es zu wollen auch noch zusätzlich Arbeit mache weil kein Logfile erstellt wurde.

schrauber 29.07.2014 16:22
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

sandsonne 30.07.2014 01:44

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-07-2014
Ran by Kerstin (administrator) on USER1011-PC on 30-07-2014 02:41:55
Running from C:\Users\Kerstin\Desktop
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(NEC Electronics Corporation) C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVM Berlin) C:\Program Files\avmwlanstick\FRITZWLanMini.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\@2\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3467251772-538213018-3341465458-1001\...\Run: [SCheck] => C:\Users\Kerstin\AppData\Roaming\SCheck\SCheck.exe [37376 2013-12-09] ()
HKU\S-1-5-21-3467251772-538213018-3341465458-1001\...\Run: [Snoozer] => C:\Users\Kerstin\AppData\Roaming\Snz\Snz.exe [1210387 2014-05-07] ()
HKU\S-1-5-21-3467251772-538213018-3341465458-1001\...\Policies\Explorer\DisallowRun: [1] firefox.exe
HKU\S-1-5-21-3467251772-538213018-3341465458-1001\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-3467251772-538213018-3341465458-1001\...\Policies\Explorer: [DisallowRun] 1
Startup: C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKCU - {AFF5BEFB-01AB-4CF5-9CB1-6B3AF075A3F7} URL = hxxp://www.ant.com/search?s=browser&q={searchTerms}
BHO: Simple New Tab Bho -> {5C2DD58F-613F-4580-8AC0-F10D760AF938} -> C:\Users\Kerstin\AppData\Local\simple_new_tab\simple_new_tab.dll (Temp Company Ltd)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {FCADDC14-BD46-408A-9842-CDBE1C6D37EB} -> C:\Users\Kerstin\AppData\LocalLow\systems ie bho\bho.dll ()
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\dk53go6k.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: bebomedia.com/OfferMosquitoIEHelper - C:\Users\Kerstin\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Extension: Firebug - C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\dk53go6k.default\Extensions\firebug@software.joehewitt.com.xpi [2014-07-27]
FF Extension: OfferMosquito - C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\dk53go6k.default\Extensions\om@offermosquito.com.xpi [2014-04-02]

Chrome:
=======
CHR HomePage: hxxp://native-search.com/?channel=deg
CHR RestoreOnStartup: "hxxp://native-search.com/?channel=deg"
CHR DefaultSearchKeyword: Search
CHR DefaultSearchProvider: Search
CHR DefaultSearchURL: hxxp://native-search.com/search.php?channel=deg&q={searchTerms}
CHR Extension: (Google Docs) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-27]
CHR Extension: (Google Drive) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-27]
CHR Extension: (YouTube) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-27]
CHR Extension: (Google-Suche) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-27]
CHR Extension: (OfferMosquito) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk [2014-05-08]
CHR Extension: (Securita Scout) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfkilfadjoneaheacgmkahfgcjchkpad [2014-07-26]
CHR Extension: (Google Wallet) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-27]
CHR Extension: (Google Mail) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-27]
CHR Extension: (Simple New Tab) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga [2014-05-08]
CHR HKLM\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Kerstin\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-07-26]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
S2 bupService; C:\Users\Kerstin\AppData\Roaming\BupSystem\bup.exe [642048 2014-04-14] (BUP) [File not signed]
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S2 PDFProFiltSrv; C:\Program Files\Nuance\PDF Professional 8\PDFProFiltSrv.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-17] (Avira Operations GmbH & Co. KG)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [264704 2006-04-06] (AVM GmbH)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2012-12-07] (GFI Software)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-11] (Avira GmbH)
S3 catchme; \??\C:\Users\Kerstin\AppData\Local\Temp\catchme.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-30 02:41 - 2014-07-30 02:41 - 00006814 _____ () C:\Users\Kerstin\Desktop\FRST.txt
2014-07-30 02:40 - 2014-07-30 02:40 - 00000000 ___SD () C:\ComboFix
2014-07-29 17:12 - 2014-07-29 17:17 - 00000000 ____D () C:\Users\Kerstin\Desktop\Neuer Ordner
2014-07-29 16:59 - 2014-07-29 16:59 - 00444059 _____ () C:\Users\Kerstin\Desktop\mod_xpertcaptions.zip
2014-07-29 16:47 - 2014-07-29 16:47 - 00101005 _____ () C:\Users\Kerstin\Desktop\plg_simplepopupv2.0.zip
2014-07-29 13:10 - 2014-07-29 13:10 - 00000516 _____ () C:\Users\Kerstin\Desktop\5.txt
2014-07-29 13:06 - 2014-07-29 13:06 - 00017833 _____ () C:\Users\Kerstin\Desktop\Mappe1.xlsx
2014-07-29 13:05 - 2014-07-29 13:05 - 05563986 ____R (Swearware) C:\Users\Kerstin\Desktop\ComboFix.exe
2014-07-29 12:55 - 2014-07-29 12:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kerstin\Desktop\revosetup95.exe
2014-07-29 12:55 - 2014-07-29 12:55 - 00001222 _____ () C:\Users\Kerstin\Desktop\Revo Uninstaller.lnk
2014-07-29 12:55 - 2014-07-29 12:55 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-07-29 08:32 - 2014-07-29 08:32 - 00004539 _____ () C:\Users\Kerstin\Desktop\Rabatt.html
2014-07-28 17:19 - 2014-07-28 17:20 - 00045033 _____ () C:\Users\Kerstin\Desktop\Addition.txt
2014-07-28 16:24 - 2014-07-28 16:24 - 00080766 _____ () C:\Users\Kerstin\AppData\Local\recently-used.xbel
2014-07-28 15:40 - 2014-07-28 15:40 - 01084416 _____ (Farbar) C:\Users\Kerstin\Desktop\FRST.exe
2014-07-28 15:16 - 2014-07-28 15:16 - 00000000 ____D () C:\Users\Kerstin\Desktop\mod_artnewsticker_unzip_first
2014-07-28 15:15 - 2014-07-28 15:15 - 00108263 _____ () C:\Users\Kerstin\Desktop\mod_artnewsticker_unzip_first.zip
2014-07-28 15:09 - 2014-07-28 15:09 - 00010015 _____ () C:\Users\Kerstin\Desktop\mod_mh_simple_marquee.rev.32.zip
2014-07-28 14:12 - 2014-07-28 14:12 - 00063182 _____ () C:\Users\Kerstin\Desktop\UNZIPFIRST.zip
2014-07-28 14:12 - 2014-07-28 14:12 - 00000000 ____D () C:\Users\Kerstin\Desktop\UNZIPFIRST
2014-07-28 13:32 - 2014-07-28 13:32 - 00002501 _____ () C:\Users\Kerstin\Desktop\hd-floaty06.zip
2014-07-28 13:15 - 2014-07-28 13:15 - 00193850 _____ () C:\Users\Kerstin\Desktop\Slide_Note_UNZIP.zip
2014-07-28 13:15 - 2014-07-28 13:15 - 00000000 ____D () C:\Users\Kerstin\Desktop\Slide_Note_UNZIP
2014-07-28 12:04 - 2014-07-28 12:04 - 00000000 ____D () C:\Users\Kerstin\Desktop\flexslider_unzip_first
2014-07-28 12:03 - 2014-07-28 12:03 - 00695684 _____ () C:\Users\Kerstin\Desktop\flexslider_unzip_first.zip
2014-07-28 10:08 - 2014-07-28 10:08 - 00006583 _____ () C:\Users\Kerstin\Documents\Fixit50388.reg
2014-07-28 09:28 - 2014-07-28 10:02 - 00000168 _____ () C:\Users\Kerstin\Desktop\ölkäpüö.txt
2014-07-27 17:31 - 2014-07-27 17:32 - 02041554 _____ () C:\Users\Kerstin\Downloads\ol_albos_free_unzipfirst_1.0.7.zip
2014-07-26 07:59 - 2014-07-26 07:59 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\BupSystem
2014-07-26 07:59 - 2014-07-26 07:59 - 00000000 ____D () C:\Users\Kerstin\AppData\Local\Temp6c48a98e100f1e81b387bb5b2088d4fb
2014-07-26 07:58 - 2014-07-26 10:34 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\Security System 2
2014-07-26 07:55 - 2014-07-26 07:55 - 00000000 ____D () C:\Users\Kerstin\Downloads\Terminerinnerung
2014-07-26 07:55 - 2014-07-26 07:55 - 00000000 ____D () C:\Users\Kerstin\ChromeExtensions
2014-07-26 07:55 - 2014-07-26 07:55 - 00000000 ____D () C:\Users\Kerstin\AppData\Local\Temp5ac07127001d978dc00a9445ec364dd4
2014-07-26 07:54 - 2014-07-26 07:54 - 01035152 _____ () C:\Users\Kerstin\Downloads\Terminerinnerung-lnstall.exe
2014-07-22 19:35 - 2014-07-29 16:29 - 00010814 _____ () C:\Users\Kerstin\Desktop\verschickt.txt
2014-07-22 14:51 - 2014-07-22 14:51 - 05981830 _____ (Tim Kosse) C:\Users\Kerstin\Downloads\FileZilla_3.9.0.1_win32-setup.exe
2014-07-22 14:18 - 2014-07-22 14:18 - 00644997 _____ () C:\Users\Kerstin\Downloads\allerleye_support_paket_erst_entpacken.zip
2014-07-22 10:22 - 2014-07-22 10:22 - 00391986 _____ () C:\Users\Kerstin\Downloads\JSN_Package_UNZIP_ME_FIRST_20140722152154.zip
2014-07-22 10:22 - 2014-07-22 10:22 - 00000000 ____D () C:\Users\Kerstin\Downloads\JSN_Package_UNZIP_ME_FIRST_20140722152154
2014-07-21 10:40 - 2014-07-21 10:40 - 00000099 _____ () C:\Users\Kerstin\Desktop\ICS AG.txt
2014-07-21 08:31 - 2014-07-21 08:31 - 00000733 _____ () C:\Users\Kerstin\Desktop\muster.txt
2014-07-14 15:45 - 2014-07-14 15:49 - 128051271 _____ () C:\Users\Kerstin\Downloads\site-main-kinzigjobs.de-20140714-153314.jpa
2014-07-09 06:28 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 06:28 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 06:28 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 06:28 - 2014-06-19 01:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 06:28 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 06:28 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 06:28 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 06:28 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 06:28 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 06:28 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 06:28 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 06:28 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 06:28 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 06:28 - 2014-06-19 01:23 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 06:28 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 06:28 - 2014-06-19 01:16 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 06:28 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 06:28 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 06:28 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 06:28 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 06:28 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 06:28 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 06:28 - 2014-06-19 00:52 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 06:28 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 06:28 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 06:28 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 06:28 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 06:28 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 06:28 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 06:28 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 06:27 - 2014-06-30 03:40 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 06:27 - 2014-06-30 03:36 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 06:27 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 06:27 - 2014-06-18 02:52 - 02350080 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 06:27 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 06:27 - 2014-06-05 16:26 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 06:27 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 06:27 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 06:27 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 06:27 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 06:27 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 06:27 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 06:27 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 06:27 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-07 12:30 - 2014-07-07 12:30 - 10746848 _____ (PlotSoft LLC) C:\Users\Kerstin\Downloads\PDFill_11.exe
2014-07-07 12:27 - 2014-07-07 12:28 - 00000043 _____ () C:\Windows\gswin32.ini
2014-07-04 12:59 - 2014-07-04 12:59 - 00000000 ____D () C:\Users\Kerstin\Desktop\RE9990701D-IW
2014-07-02 12:09 - 2014-07-02 20:22 - 01093454 _____ () C:\Users\Kerstin\Desktop\Projekte.pptx
2014-07-02 08:55 - 2014-07-02 13:56 - 00000000 ____D () C:\Users\Kerstin\Downloads\2947_construction_ppt
2014-07-02 08:55 - 2014-07-02 08:55 - 00713228 _____ () C:\Users\Kerstin\Downloads\2947_construction_ppt.zip
2014-07-01 15:42 - 2014-07-01 15:43 - 00000000 ____D () C:\Users\Kerstin\Downloads\Markus-Rak-Bewerbung
2014-07-01 15:41 - 2014-07-01 15:42 - 06467861 _____ () C:\Users\Kerstin\Downloads\Markus-Rak-Bewerbung.zip
2014-07-01 08:03 - 2014-07-01 08:03 - 01058200 _____ (Adobe) C:\Users\Kerstin\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe
2014-06-30 10:17 - 2014-06-30 10:18 - 01088012 _____ () C:\Users\Kerstin\Downloads\spacepost3d.zip
2014-06-30 09:11 - 2014-06-30 09:11 - 00000000 ____D () C:\Users\Kerstin\Desktop\structure

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-30 02:41 - 2014-07-30 02:41 - 00006814 _____ () C:\Users\Kerstin\Desktop\FRST.txt
2014-07-30 02:41 - 2014-03-20 17:49 - 00000000 ____D () C:\FRST
2014-07-30 02:40 - 2014-07-30 02:40 - 00000000 ___SD () C:\ComboFix
2014-07-30 02:38 - 2009-07-14 06:34 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-30 02:38 - 2009-07-14 06:34 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-30 02:30 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-30 02:30 - 2009-07-14 06:39 - 00477176 _____ () C:\Windows\setupact.log
2014-07-29 21:11 - 2012-04-18 08:12 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-29 21:11 - 2011-09-17 15:55 - 01240014 _____ () C:\Windows\WindowsUpdate.log
2014-07-29 17:17 - 2014-07-29 17:12 - 00000000 ____D () C:\Users\Kerstin\Desktop\Neuer Ordner
2014-07-29 16:59 - 2014-07-29 16:59 - 00444059 _____ () C:\Users\Kerstin\Desktop\mod_xpertcaptions.zip
2014-07-29 16:47 - 2014-07-29 16:47 - 00101005 _____ () C:\Users\Kerstin\Desktop\plg_simplepopupv2.0.zip
2014-07-29 16:29 - 2014-07-22 19:35 - 00010814 _____ () C:\Users\Kerstin\Desktop\verschickt.txt
2014-07-29 15:12 - 2012-12-07 19:58 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\FileZilla
2014-07-29 13:10 - 2014-07-29 13:10 - 00000516 _____ () C:\Users\Kerstin\Desktop\5.txt
2014-07-29 13:06 - 2014-07-29 13:06 - 00017833 _____ () C:\Users\Kerstin\Desktop\Mappe1.xlsx
2014-07-29 13:05 - 2014-07-29 13:05 - 05563986 ____R (Swearware) C:\Users\Kerstin\Desktop\ComboFix.exe
2014-07-29 12:55 - 2014-07-29 12:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kerstin\Desktop\revosetup95.exe
2014-07-29 12:55 - 2014-07-29 12:55 - 00001222 _____ () C:\Users\Kerstin\Desktop\Revo Uninstaller.lnk
2014-07-29 12:55 - 2014-07-29 12:55 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-07-29 08:32 - 2014-07-29 08:32 - 00004539 _____ () C:\Users\Kerstin\Desktop\Rabatt.html
2014-07-29 06:59 - 2011-09-17 17:03 - 00515676 _____ () C:\Windows\PFRO.log
2014-07-28 17:27 - 2013-05-16 10:12 - 00000000 ____D () C:\Users\Kerstin\.gimp-2.8
2014-07-28 17:20 - 2014-07-28 17:19 - 00045033 _____ () C:\Users\Kerstin\Desktop\Addition.txt
2014-07-28 16:24 - 2014-07-28 16:24 - 00080766 _____ () C:\Users\Kerstin\AppData\Local\recently-used.xbel
2014-07-28 15:40 - 2014-07-28 15:40 - 01084416 _____ (Farbar) C:\Users\Kerstin\Desktop\FRST.exe
2014-07-28 15:16 - 2014-07-28 15:16 - 00000000 ____D () C:\Users\Kerstin\Desktop\mod_artnewsticker_unzip_first
2014-07-28 15:15 - 2014-07-28 15:15 - 00108263 _____ () C:\Users\Kerstin\Desktop\mod_artnewsticker_unzip_first.zip
2014-07-28 15:09 - 2014-07-28 15:09 - 00010015 _____ () C:\Users\Kerstin\Desktop\mod_mh_simple_marquee.rev.32.zip
2014-07-28 14:12 - 2014-07-28 14:12 - 00063182 _____ () C:\Users\Kerstin\Desktop\UNZIPFIRST.zip
2014-07-28 14:12 - 2014-07-28 14:12 - 00000000 ____D () C:\Users\Kerstin\Desktop\UNZIPFIRST
2014-07-28 13:32 - 2014-07-28 13:32 - 00002501 _____ () C:\Users\Kerstin\Desktop\hd-floaty06.zip
2014-07-28 13:15 - 2014-07-28 13:15 - 00193850 _____ () C:\Users\Kerstin\Desktop\Slide_Note_UNZIP.zip
2014-07-28 13:15 - 2014-07-28 13:15 - 00000000 ____D () C:\Users\Kerstin\Desktop\Slide_Note_UNZIP
2014-07-28 12:04 - 2014-07-28 12:04 - 00000000 ____D () C:\Users\Kerstin\Desktop\flexslider_unzip_first
2014-07-28 12:03 - 2014-07-28 12:03 - 00695684 _____ () C:\Users\Kerstin\Desktop\flexslider_unzip_first.zip
2014-07-28 10:18 - 2012-05-08 10:08 - 00000000 ____D () C:\Program Files\Google
2014-07-28 10:17 - 2012-05-08 10:08 - 00000000 ____D () C:\Users\Kerstin\AppData\Local\Google
2014-07-28 10:16 - 2014-06-18 08:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-28 10:08 - 2014-07-28 10:08 - 00006583 _____ () C:\Users\Kerstin\Documents\Fixit50388.reg
2014-07-28 10:02 - 2014-07-28 09:28 - 00000168 _____ () C:\Users\Kerstin\Desktop\ölkäpüö.txt
2014-07-27 21:30 - 2012-03-01 18:45 - 00000000 ____D () C:\Users\Kerstin\AppData\Local\CrashDumps
2014-07-27 17:32 - 2014-07-27 17:31 - 02041554 _____ () C:\Users\Kerstin\Downloads\ol_albos_free_unzipfirst_1.0.7.zip
2014-07-27 16:46 - 2012-12-07 19:54 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\Mozilla
2014-07-26 10:34 - 2014-07-26 07:58 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\Security System 2
2014-07-26 07:59 - 2014-07-26 07:59 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\BupSystem
2014-07-26 07:59 - 2014-07-26 07:59 - 00000000 ____D () C:\Users\Kerstin\AppData\Local\Temp6c48a98e100f1e81b387bb5b2088d4fb
2014-07-26 07:55 - 2014-07-26 07:55 - 00000000 ____D () C:\Users\Kerstin\Downloads\Terminerinnerung
2014-07-26 07:55 - 2014-07-26 07:55 - 00000000 ____D () C:\Users\Kerstin\ChromeExtensions
2014-07-26 07:55 - 2014-07-26 07:55 - 00000000 ____D () C:\Users\Kerstin\AppData\Local\Temp5ac07127001d978dc00a9445ec364dd4
2014-07-26 07:55 - 2012-02-23 19:32 - 00000000 ____D () C:\Users\Kerstin
2014-07-26 07:54 - 2014-07-26 07:54 - 01035152 _____ () C:\Users\Kerstin\Downloads\Terminerinnerung-lnstall.exe
2014-07-24 06:03 - 2012-03-01 18:37 - 00000000 ____D () C:\Program Files\FileZilla FTP Client
2014-07-22 16:06 - 2012-03-01 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-07-22 15:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-22 14:51 - 2014-07-22 14:51 - 05981830 _____ (Tim Kosse) C:\Users\Kerstin\Downloads\FileZilla_3.9.0.1_win32-setup.exe
2014-07-22 14:18 - 2014-07-22 14:18 - 00644997 _____ () C:\Users\Kerstin\Downloads\allerleye_support_paket_erst_entpacken.zip
2014-07-22 10:22 - 2014-07-22 10:22 - 00391986 _____ () C:\Users\Kerstin\Downloads\JSN_Package_UNZIP_ME_FIRST_20140722152154.zip
2014-07-22 10:22 - 2014-07-22 10:22 - 00000000 ____D () C:\Users\Kerstin\Downloads\JSN_Package_UNZIP_ME_FIRST_20140722152154
2014-07-21 11:11 - 2011-09-17 16:05 - 01629372 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-21 10:40 - 2014-07-21 10:40 - 00000099 _____ () C:\Users\Kerstin\Desktop\ICS AG.txt
2014-07-21 10:32 - 2012-02-24 00:17 - 00000000 ____D () C:\Users\Kerstin\Desktop\Office Interim
2014-07-21 08:31 - 2014-07-21 08:31 - 00000733 _____ () C:\Users\Kerstin\Desktop\muster.txt
2014-07-14 15:49 - 2014-07-14 15:45 - 128051271 _____ () C:\Users\Kerstin\Downloads\site-main-kinzigjobs.de-20140714-153314.jpa
2014-07-14 12:51 - 2014-05-28 07:07 - 00000000 ____D () C:\Users\Kerstin\Desktop\Main-KinzigJOBS
2014-07-11 08:24 - 2013-01-21 19:40 - 00000000 ____D () C:\Users\Kerstin\Desktop\privat
2014-07-10 12:36 - 2013-05-06 12:30 - 00035848 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-09 18:13 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-07-09 17:33 - 2009-07-14 06:33 - 00510352 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 17:31 - 2014-04-30 20:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 17:31 - 2009-07-14 10:57 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 17:31 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-07-09 17:28 - 2013-12-13 21:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 17:27 - 2012-02-23 19:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 17:27 - 2011-09-17 20:44 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 08:11 - 2012-04-18 08:12 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-09 08:11 - 2012-02-13 23:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-07 12:30 - 2014-07-07 12:30 - 10746848 _____ (PlotSoft LLC) C:\Users\Kerstin\Downloads\PDFill_11.exe
2014-07-07 12:28 - 2014-07-07 12:27 - 00000043 _____ () C:\Windows\gswin32.ini
2014-07-04 12:59 - 2014-07-04 12:59 - 00000000 ____D () C:\Users\Kerstin\Desktop\RE9990701D-IW
2014-07-02 20:22 - 2014-07-02 12:09 - 01093454 _____ () C:\Users\Kerstin\Desktop\Projekte.pptx
2014-07-02 13:56 - 2014-07-02 08:55 - 00000000 ____D () C:\Users\Kerstin\Downloads\2947_construction_ppt
2014-07-02 08:55 - 2014-07-02 08:55 - 00713228 _____ () C:\Users\Kerstin\Downloads\2947_construction_ppt.zip
2014-07-02 06:07 - 2014-03-09 11:10 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\Fifth
2014-07-01 15:43 - 2014-07-01 15:42 - 00000000 ____D () C:\Users\Kerstin\Downloads\Markus-Rak-Bewerbung
2014-07-01 15:42 - 2014-07-01 15:41 - 06467861 _____ () C:\Users\Kerstin\Downloads\Markus-Rak-Bewerbung.zip
2014-07-01 08:03 - 2014-07-01 08:03 - 01058200 _____ (Adobe) C:\Users\Kerstin\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe
2014-06-30 10:18 - 2014-06-30 10:17 - 01088012 _____ () C:\Users\Kerstin\Downloads\spacepost3d.zip
2014-06-30 09:11 - 2014-06-30 09:11 - 00000000 ____D () C:\Users\Kerstin\Desktop\structure
2014-06-30 03:40 - 2014-07-09 06:27 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 03:36 - 2014-07-09 06:27 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

Some content of TEMP:
====================
C:\Users\Kerstin\AppData\Local\temp\amazonicon_v8.exe
C:\Users\Kerstin\AppData\Local\temp\amazoninstallernircmdc.exe
C:\Users\Kerstin\AppData\Local\temp\avgnt.exe
C:\Users\Kerstin\AppData\Local\temp\MouseKeyboardCenterx86_1031.exe
C:\Users\Kerstin\AppData\Local\temp\Quarantine.exe
C:\Users\Kerstin\AppData\Local\temp\sdanircmdc.exe
C:\Users\Kerstin\AppData\Local\temp\sdapskill.exe
C:\Users\Kerstin\AppData\Local\temp\sdaspwn.exe
C:\Users\Kerstin\AppData\Local\temp\WEB.DE_MailCheck_FF_Setup_2.10.1.1735.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-28 07:26

==================== End Of Log ============================
--- --- ---

schrauber 30.07.2014 14:33
und die andern logs?

sandsonne 30.07.2014 19:09
Verzeihung, vielmals.

FRST von 18:48 Uhr
Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:25-07-2014
Ran by Kerstin at 2014-07-30 18:47:18
Running from C:\Users\Kerstin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
BeCyPDFMetaEdit (HKLM\...\BeCyPDFMetaEdit) (Version: 2.37.0 - Benjamin Bentmann)
BurnAware Professional 6.2 (HKLM\...\BurnAware Professional_is1) (Version:  - Burnaware)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.4003 - CDBurnerXP)
CIB pdf brewer (HKLM\...\{461A4763-28B5-425A-AE3D-B9B54EDF0F21}) (Version: 2.6.0047 - CIB software GmbH)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Document Trace Remover v3.6 (HKLM\...\Document Trace Remover_is1) (Version: 3.6 - Smart PC Solutions)
Exif Tag Remover 2.0 (HKLM\...\Exif Tag Remover_is1) (Version:  - RL Vision)
FileViewPro (HKLM\...\{29938C06-6962-4C27-A94C-25E4F424A665}_is1) (Version: 1.5 - Solvusoft Corporation)
FileZilla Client 3.9.0.1 (HKLM\...\FileZilla Client) (Version: 3.9.0.1 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Fotogalerie (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Hex-Editor MX (HKLM\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Java 7 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.400 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
Lexware büro easy 2005 (HKLM\...\{2F2E04D3-C0DA-4B9A-B2B4-234ED20A2385}) (Version: 12.0 - )
Lexware büro easy 2005 (Version: 12.00 - Lexware) Hidden
Lexware online banking V 3.10 (HKLM\...\{D01F701A-1F23-494C-BE82-8A7441CADEEA}) (Version:  - )
MAGIX Content und Soundpools (HKLM\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (HKLM\...\MAGIX_{B332E15B-243F-4F40-8530-1524F84230A0}) (Version: 4.3.2.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX AG) Hidden
MAGIX Music Maker 2013 (HKLM\...\MAGIX_{3F5C2BC0-B7D7-4114-B273-3B1460B2452B}) (Version: 19.0.3.47 - MAGIX AG)
MAGIX Music Maker 2013 (Version: 19.0.3.47 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Movie Maker (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mp3tag v2.55a (HKLM\...\Mp3tag) (Version: v2.55a - Florian Heidenreich)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NEC Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.18.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (Version: 1.0.18.0 - NEC Electronics Corporation) Hidden
Norton Internet Security (Version: 18.1.0.37 - Symantec Corporation) Hidden
Notepad++ (HKLM\...\Notepad++) (Version: 6.4.1 - Notepad++ Team)
Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Sagede.Shared.Elster.Setup (Version: 1.0.0.0.28 - Sage Software GmbH) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.29480 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
XNResourceEditor 3.0.0.1 (HKLM\...\XN Resource Editor_is1) (Version:  - Colin Wilson)
Yahoo! Detect (HKLM\...\YTdetect) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3467251772-538213018-3341465458-1001_Classes\CLSID\{3bc93e76-92f8-5fda-b676-5afee3735bf1}\InprocServer32 -> C:\Users\Kerstin\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll No File
CustomCLSID: HKU\S-1-5-21-3467251772-538213018-3341465458-1001_Classes\CLSID\{9000834c-c6c7-43ac-b8ee-dc9668f39a81}\localserver32 -> C:\Users\Kerstin\AppData\Local\Temp\{91814ec0-b5f0-11d2-80b9-00104b1f6cea}\IDriver.NonElevated.exe N (the data entry has 6 more characters).

==================== Restore Points  =========================

28-07-2014 08:01:49 Wiederherstellung Kirsten
28-07-2014 08:08:13 Installed Microsoft Fix it 50388
28-07-2014 08:17:00 Removed Google Chrome Frame
29-07-2014 10:23:43 Windows Update
29-07-2014 11:00:58 Revo Uninstaller's restore point - Securita Scout
29-07-2014 11:02:57 Revo Uninstaller's restore point - Resource Hacker Version 3.6.0

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2014-03-20 12:11 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {053C1ED7-2B23-4CF4-94FC-C2CF7D0DFE1D} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {0773E3BD-6045-4764-9264-EBF7F5649F71} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {1AFD32CC-E0EE-4337-BE4B-5DE195A6857A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {243FCB46-8BCA-4391-B991-5C447CFEAFB4} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {4E01776C-30F4-4803-B09F-BED5962006D0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {5FE65B3D-08F8-4DB3-9838-735AFB2A85D9} - System32\Tasks\OMESupervisor => C:\Users\Kerstin\AppData\Local\omesuperv.exe [2014-05-07] () <==== ATTENTION
Task: {8806CE8D-40A8-4496-808A-6011FEF64F8C} - System32\Tasks\plushd8.1-validator => C:\Program Files\plushd8.1\plushd8.1-validator.exe
Task: {896E5635-3DB4-4998-B5A9-4CDCBA7CDD4E} - System32\Tasks\Fifth => C:\Users\Kerstin\AppData\Roaming\Fifth\Fifth.exe [2014-05-07] () <==== ATTENTION
Task: {9DDE8C2A-C838-4F5E-92D8-DC9069128774} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {EA049CB8-C3D5-4BF8-B7A6-45AFB1EEC814} - System32\Tasks\SomotoUpdateCheckerAutoStart => C:\Users\Kerstin\AppData\Local\FilesFrog Update Checker\update_checker.exe <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2012-07-26 14:07 - 2010-06-17 21:56 - 00116224 _____ () C:\Windows\System32\redmonnt.dll
2014-07-26 07:59 - 2014-07-26 07:59 - 00374272 _____ () C:\Users\Kerstin\AppData\Roaming\BupSystem\sub\default.dll
2012-12-18 22:43 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00260096 _____ () C:\Program Files\Notepad++\NppShell_05.dll
2009-02-26 14:46 - 2009-02-26 14:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 12:46 - 2011-06-22 12:46 - 00434016 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2013-09-03 15:54 - 2013-09-03 15:54 - 00312832 _____ () C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.DEU
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files\FileZilla FTP Client\libstdc++-6.dll
2013-05-14 10:38 - 2013-02-06 23:04 - 00029392 _____ () C:\Program Files\GIMP 2\bin\libgimpmodule-2.0-0.dll
2013-05-14 10:38 - 2013-02-06 23:03 - 00087472 _____ () C:\Program Files\GIMP 2\bin\libgimpbase-2.0-0.dll
2013-05-14 10:38 - 2012-07-05 13:22 - 00051570 _____ () C:\Program Files\GIMP 2\bin\libffi-5.dll
2013-05-14 10:38 - 2013-02-06 23:04 - 00045672 _____ () C:\Program Files\GIMP 2\bin\libgimpthumb-2.0-0.dll
2013-05-14 10:39 - 2012-07-05 13:21 - 00107212 _____ () C:\Program Files\GIMP 2\bin\zlib1.dll
2013-05-14 10:39 - 2012-07-05 17:10 - 00282742 _____ () C:\Program Files\GIMP 2\bin\libjasper-1.dll
2013-05-14 10:39 - 2012-07-05 16:25 - 00221676 _____ () C:\Program Files\GIMP 2\bin\libjpeg-8.dll
2013-05-14 10:39 - 2012-07-05 13:30 - 00177192 _____ () C:\Program Files\GIMP 2\bin\libpng15-15.dll
2013-05-14 10:39 - 2012-07-05 17:39 - 00448770 _____ () C:\Program Files\GIMP 2\bin\libtiff-5.dll
2013-05-14 10:38 - 2013-02-06 23:04 - 01220912 _____ () C:\Program Files\GIMP 2\bin\libgimpwidgets-2.0-0.dll
2013-05-14 10:38 - 2013-02-06 23:03 - 00060872 _____ () C:\Program Files\GIMP 2\bin\libgimpcolor-2.0-0.dll
2013-05-14 10:38 - 2012-07-05 16:06 - 00644562 _____ () C:\Program Files\GIMP 2\bin\libcairo-2.dll
2013-05-14 10:38 - 2012-07-23 19:01 - 00230256 _____ () C:\Program Files\GIMP 2\bin\libfontconfig-1.dll
2013-05-14 10:38 - 2012-07-05 13:49 - 00493606 _____ () C:\Program Files\GIMP 2\bin\libfreetype-6.dll
2013-05-14 10:39 - 2012-07-05 13:43 - 01161549 _____ () C:\Program Files\GIMP 2\bin\libxml2-2.dll
2013-05-14 10:39 - 2012-07-05 14:49 - 00571650 _____ () C:\Program Files\GIMP 2\bin\libpixman-1-0.dll
2013-05-14 10:38 - 2013-02-06 23:03 - 00072176 _____ () C:\Program Files\GIMP 2\bin\libgimpconfig-2.0-0.dll
2013-05-14 10:38 - 2013-02-06 23:04 - 00032104 _____ () C:\Program Files\GIMP 2\bin\libgimpmath-2.0-0.dll
2013-05-14 10:38 - 2012-07-05 22:15 - 00142350 _____ () C:\Program Files\GIMP 2\bin\libbabl-0.1-0.dll
2013-05-14 10:39 - 2012-07-06 05:41 - 00416219 _____ () C:\Program Files\GIMP 2\bin\libgegl-0.2-0.dll
2013-05-14 10:39 - 2012-07-05 18:51 - 00090998 _____ () C:\Program Files\GIMP 2\lib\gtk-2.0\2.10.0\engines\libwimp.dll
2013-05-14 10:38 - 2013-02-06 23:04 - 00031328 _____ () C:\Program Files\GIMP 2\lib\gimp\2.0\modules\libdisplay-filter-lcms.dll
2013-05-14 10:39 - 2012-07-05 21:06 - 00212624 _____ () C:\Program Files\GIMP 2\bin\liblcms-1.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041356 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\add.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\clear.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\color-burn.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\color-dodge.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\darken.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\difference.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041356 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\divide.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\dst-atop.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\dst-in.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\dst-out.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\dst-over.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\dst.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\exclusion.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044470 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\gamma.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\hard-light.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\lighten.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041356 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\multiply.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00045139 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\opacity.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043862 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\over.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\overlay.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\plus.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\screen.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041220 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\soft-light.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\src-atop.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040718 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\src-in.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\src-out.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\src-over.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\src.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041356 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\subtract.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\svg-multiply.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044825 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\threshold.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041356 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\weighted-blend.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\xor.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042840 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\map-absolute.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042973 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\map-relative.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00047550 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\matting-global.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00049116 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\bilateral-filter.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00050683 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\box-blur.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00060691 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\c2g.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00057172 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\edge-laplace.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00049545 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\edge-sobel.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00055050 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\gaussian-blur.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00051565 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\motion-blur.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00053338 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\noise-reduction.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00049472 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\pixelize.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043478 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\ripple.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00053855 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\snn-mean.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044924 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\stress.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043393 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\waves.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043287 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\brightness-contrast.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044886 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\color-temperature.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042245 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\contrast-curve.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042090 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\convert-format.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040852 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\grey.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041384 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\invert.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043113 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\levels.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040662 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\posterize.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042153 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\svg-huerotate.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041420 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\svg-luminancetoalpha.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043689 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\svg-matrix.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042665 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\svg-saturate.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044118 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\value-invert.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00055173 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\vignette.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041475 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\clone.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042151 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\color-to-alpha.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043329 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\crop.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00061292 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\exp-combine.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00063243 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\fattal02.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00047793 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\lens-distortion.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00058189 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\mantiuk06.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042181 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\mblur.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00047143 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\mirrors.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044245 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\mono-mixer.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040727 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\nop.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00052874 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\path.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00046008 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\polar-coordinates.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00047852 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\reinhard05.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041421 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\stretch-contrast.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00061674 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\transformops.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00048042 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\vector-fill.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00048099 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\vector-stroke.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041409 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\buffer-sink.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042104 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\display.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040837 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\gegl-buffer-save-op.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00045416 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\jpg-save.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00045185 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\png-save.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043509 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\ppm-save.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00050025 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\rgbe-save.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042255 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\save-pixbuf.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042795 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\save.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042969 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\write-buffer.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042068 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\buffer-source.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043241 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\checkerboard.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041549 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\color.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043212 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\grid.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044591 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\noise.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00048966 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\fractal-explorer.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042063 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\gegl-buffer-load-op.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042876 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\introspect.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043505 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\jpg-load.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042259 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\magick-load.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042176 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\open-buffer.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042192 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\pixbuf.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00046500 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\png-load.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043318 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\ppm-load.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043767 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\raw-load.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00050024 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\rgbe-load.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044498 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\svg-load.dll
2013-05-14 10:39 - 2012-07-05 22:09 - 00243241 _____ () C:\Program Files\GIMP 2\bin\librsvg-2-2.dll
2013-05-14 10:38 - 2012-07-05 22:04 - 00225931 _____ () C:\Program Files\GIMP 2\bin\libcroco-0.6-3.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00048776 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\text.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042057 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\difference-of-gaussians.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042619 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\dropshadow.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00045165 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\layer.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042745 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\load.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043207 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\rectangle.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041510 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\unsharp-mask.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040655 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\remap.dll
2013-05-14 10:38 - 2013-02-06 23:04 - 00137512 _____ () C:\Program Files\GIMP 2\bin\libgimpui-2.0-0.dll
2013-05-14 10:38 - 2013-02-06 23:03 - 00217976 _____ () C:\Program Files\GIMP 2\bin\libgimp-2.0-0.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:18262EDA
AlternateDataStreams: C:\ProgramData\TEMP:66D2723C
AlternateDataStreams: C:\ProgramData\TEMP:6CC0D09A

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/30/2014 06:44:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.17207 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 8f0

Startzeit: 01cfabd0cb16cfd5

Endzeit: 40

Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe

Berichts-ID:

Error: (07/30/2014 11:01:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: waves.exe, Version: 2.8.4.0, Zeitstempel: 0x5112cea6
Name des fehlerhaften Moduls: waves.exe, Version: 2.8.4.0, Zeitstempel: 0x5112cea6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001e9e
ID des fehlerhaften Prozesses: 0x15b8
Startzeit der fehlerhaften Anwendung: 0xwaves.exe0
Pfad der fehlerhaften Anwendung: waves.exe1
Pfad des fehlerhaften Moduls: waves.exe2
Berichtskennung: waves.exe3

Error: (07/28/2014 03:41:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST.exe, Version 25.7.2014.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18b4

Startzeit: 01cfaa697c544097

Endzeit: 20

Anwendungspfad: C:\Users\Kerstin\Desktop\FRST.exe

Berichts-ID: e2b3e1cd-165c-11e4-905d-001f3f086e4a

Error: (07/28/2014 10:47:28 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:28.752]: [00003068]: lperrcode->api = 1 , lperrcode->code = 2

Error: (07/28/2014 10:47:27 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:27.225]: [00003068]: lperrcode->api = 1 , lperrcode->code = 2

Error: (07/28/2014 10:47:25 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:25.712]: [00003068]: lperrcode->api = 1 , lperrcode->code = 2

Error: (07/28/2014 10:47:24 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:24.177]: [00003068]: lperrcode->api = 1 , lperrcode->code = 2

Error: (07/28/2014 10:47:22 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:22.633]: [00003068]: lperrcode->api = 1 , lperrcode->code = 2

Error: (07/28/2014 10:47:21 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:21.088]: [00003068]: lperrcode->api = 1 , lperrcode->code = 2

Error: (07/28/2014 10:47:19 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:19.544]: [00003068]: lperrcode->api = 1 , lperrcode->code = 2


System errors:
=============
Error: (07/30/2014 11:32:02 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 47.

Error: (07/30/2014 11:32:02 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 47.

Error: (07/30/2014 11:32:02 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 47.

Error: (07/30/2014 11:31:13 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 47.

Error: (07/30/2014 11:31:13 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 47.

Error: (07/30/2014 11:31:13 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 47.

Error: (07/30/2014 11:30:30 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 47.

Error: (07/30/2014 11:30:30 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 47.

Error: (07/30/2014 11:30:29 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 47.

Error: (07/30/2014 11:30:29 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 47.


Microsoft Office Sessions:
=========================
Error: (06/17/2014 07:16:01 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8108 seconds with 420 seconds of active time.  This session ended with a crash.

Error: (05/20/2014 00:36:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3124 seconds with 1560 seconds of active time.  This session ended with a crash.

Error: (04/09/2014 11:32:19 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 13477 seconds with 1860 seconds of active time.  This session ended with a crash.

Error: (03/05/2014 09:09:06 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 2378 seconds with 420 seconds of active time.  This session ended with a crash.

Error: (01/12/2014 01:06:57 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 8572 seconds with 5400 seconds of active time.  This session ended with a crash.

Error: (11/24/2013 02:46:18 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (09/17/2013 08:58:24 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 40101 seconds with 540 seconds of active time.  This session ended with a crash.

Error: (08/28/2013 07:05:05 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 958 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (08/13/2013 08:25:18 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 19809 seconds with 2160 seconds of active time.  This session ended with a crash.

Error: (08/12/2013 01:59:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2170 seconds with 660 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Percentage of memory in use: 43%
Total physical RAM: 3293.24 MB
Available physical RAM: 1857.44 MB
Total Pagefile: 6584.77 MB
Available Pagefile: 4597.36 MB
Total Virtual: 2047.88 MB
Available Virtual: 1909.46 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:366.77 GB) NTFS
Drive d: (14 Mai 2014) (CDROM) (Total:1.37 GB) (Free:1.18 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 069AB8B9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Addition von 18:48 Uhr
Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:25-07-2014
Ran by Kerstin at 2014-07-30 18:47:18
Running from C:\Users\Kerstin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
BeCyPDFMetaEdit (HKLM\...\BeCyPDFMetaEdit) (Version: 2.37.0 - Benjamin Bentmann)
BurnAware Professional 6.2 (HKLM\...\BurnAware Professional_is1) (Version:  - Burnaware)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.4003 - CDBurnerXP)
CIB pdf brewer (HKLM\...\{461A4763-28B5-425A-AE3D-B9B54EDF0F21}) (Version: 2.6.0047 - CIB software GmbH)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Document Trace Remover v3.6 (HKLM\...\Document Trace Remover_is1) (Version: 3.6 - Smart PC Solutions)
Exif Tag Remover 2.0 (HKLM\...\Exif Tag Remover_is1) (Version:  - RL Vision)
FileViewPro (HKLM\...\{29938C06-6962-4C27-A94C-25E4F424A665}_is1) (Version: 1.5 - Solvusoft Corporation)
FileZilla Client 3.9.0.1 (HKLM\...\FileZilla Client) (Version: 3.9.0.1 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Fotogalerie (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Hex-Editor MX (HKLM\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Java 7 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.400 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
Lexware büro easy 2005 (HKLM\...\{2F2E04D3-C0DA-4B9A-B2B4-234ED20A2385}) (Version: 12.0 - )
Lexware büro easy 2005 (Version: 12.00 - Lexware) Hidden
Lexware online banking V 3.10 (HKLM\...\{D01F701A-1F23-494C-BE82-8A7441CADEEA}) (Version:  - )
MAGIX Content und Soundpools (HKLM\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (HKLM\...\MAGIX_{B332E15B-243F-4F40-8530-1524F84230A0}) (Version: 4.3.2.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX AG) Hidden
MAGIX Music Maker 2013 (HKLM\...\MAGIX_{3F5C2BC0-B7D7-4114-B273-3B1460B2452B}) (Version: 19.0.3.47 - MAGIX AG)
MAGIX Music Maker 2013 (Version: 19.0.3.47 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Movie Maker (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mp3tag v2.55a (HKLM\...\Mp3tag) (Version: v2.55a - Florian Heidenreich)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NEC Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.18.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (Version: 1.0.18.0 - NEC Electronics Corporation) Hidden
Norton Internet Security (Version: 18.1.0.37 - Symantec Corporation) Hidden
Notepad++ (HKLM\...\Notepad++) (Version: 6.4.1 - Notepad++ Team)
Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Sagede.Shared.Elster.Setup (Version: 1.0.0.0.28 - Sage Software GmbH) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.29480 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
XNResourceEditor 3.0.0.1 (HKLM\...\XN Resource Editor_is1) (Version:  - Colin Wilson)
Yahoo! Detect (HKLM\...\YTdetect) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3467251772-538213018-3341465458-1001_Classes\CLSID\{3bc93e76-92f8-5fda-b676-5afee3735bf1}\InprocServer32 -> C:\Users\Kerstin\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll No File
CustomCLSID: HKU\S-1-5-21-3467251772-538213018-3341465458-1001_Classes\CLSID\{9000834c-c6c7-43ac-b8ee-dc9668f39a81}\localserver32 -> C:\Users\Kerstin\AppData\Local\Temp\{91814ec0-b5f0-11d2-80b9-00104b1f6cea}\IDriver.NonElevated.exe N (the data entry has 6 more characters).

==================== Restore Points  =========================

28-07-2014 08:01:49 Wiederherstellung Kirsten
28-07-2014 08:08:13 Installed Microsoft Fix it 50388
28-07-2014 08:17:00 Removed Google Chrome Frame
29-07-2014 10:23:43 Windows Update
29-07-2014 11:00:58 Revo Uninstaller's restore point - Securita Scout
29-07-2014 11:02:57 Revo Uninstaller's restore point - Resource Hacker Version 3.6.0

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2014-03-20 12:11 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {053C1ED7-2B23-4CF4-94FC-C2CF7D0DFE1D} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {0773E3BD-6045-4764-9264-EBF7F5649F71} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {1AFD32CC-E0EE-4337-BE4B-5DE195A6857A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {243FCB46-8BCA-4391-B991-5C447CFEAFB4} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {4E01776C-30F4-4803-B09F-BED5962006D0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {5FE65B3D-08F8-4DB3-9838-735AFB2A85D9} - System32\Tasks\OMESupervisor => C:\Users\Kerstin\AppData\Local\omesuperv.exe [2014-05-07] () <==== ATTENTION
Task: {8806CE8D-40A8-4496-808A-6011FEF64F8C} - System32\Tasks\plushd8.1-validator => C:\Program Files\plushd8.1\plushd8.1-validator.exe
Task: {896E5635-3DB4-4998-B5A9-4CDCBA7CDD4E} - System32\Tasks\Fifth => C:\Users\Kerstin\AppData\Roaming\Fifth\Fifth.exe [2014-05-07] () <==== ATTENTION
Task: {9DDE8C2A-C838-4F5E-92D8-DC9069128774} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {EA049CB8-C3D5-4BF8-B7A6-45AFB1EEC814} - System32\Tasks\SomotoUpdateCheckerAutoStart => C:\Users\Kerstin\AppData\Local\FilesFrog Update Checker\update_checker.exe <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2012-07-26 14:07 - 2010-06-17 21:56 - 00116224 _____ () C:\Windows\System32\redmonnt.dll
2014-07-26 07:59 - 2014-07-26 07:59 - 00374272 _____ () C:\Users\Kerstin\AppData\Roaming\BupSystem\sub\default.dll
2012-12-18 22:43 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00260096 _____ () C:\Program Files\Notepad++\NppShell_05.dll
2009-02-26 14:46 - 2009-02-26 14:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 12:46 - 2011-06-22 12:46 - 00434016 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2013-09-03 15:54 - 2013-09-03 15:54 - 00312832 _____ () C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.DEU
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files\FileZilla FTP Client\libstdc++-6.dll
2013-05-14 10:38 - 2013-02-06 23:04 - 00029392 _____ () C:\Program Files\GIMP 2\bin\libgimpmodule-2.0-0.dll
2013-05-14 10:38 - 2013-02-06 23:03 - 00087472 _____ () C:\Program Files\GIMP 2\bin\libgimpbase-2.0-0.dll
2013-05-14 10:38 - 2012-07-05 13:22 - 00051570 _____ () C:\Program Files\GIMP 2\bin\libffi-5.dll
2013-05-14 10:38 - 2013-02-06 23:04 - 00045672 _____ () C:\Program Files\GIMP 2\bin\libgimpthumb-2.0-0.dll
2013-05-14 10:39 - 2012-07-05 13:21 - 00107212 _____ () C:\Program Files\GIMP 2\bin\zlib1.dll
2013-05-14 10:39 - 2012-07-05 17:10 - 00282742 _____ () C:\Program Files\GIMP 2\bin\libjasper-1.dll
2013-05-14 10:39 - 2012-07-05 16:25 - 00221676 _____ () C:\Program Files\GIMP 2\bin\libjpeg-8.dll
2013-05-14 10:39 - 2012-07-05 13:30 - 00177192 _____ () C:\Program Files\GIMP 2\bin\libpng15-15.dll
2013-05-14 10:39 - 2012-07-05 17:39 - 00448770 _____ () C:\Program Files\GIMP 2\bin\libtiff-5.dll
2013-05-14 10:38 - 2013-02-06 23:04 - 01220912 _____ () C:\Program Files\GIMP 2\bin\libgimpwidgets-2.0-0.dll
2013-05-14 10:38 - 2013-02-06 23:03 - 00060872 _____ () C:\Program Files\GIMP 2\bin\libgimpcolor-2.0-0.dll
2013-05-14 10:38 - 2012-07-05 16:06 - 00644562 _____ () C:\Program Files\GIMP 2\bin\libcairo-2.dll
2013-05-14 10:38 - 2012-07-23 19:01 - 00230256 _____ () C:\Program Files\GIMP 2\bin\libfontconfig-1.dll
2013-05-14 10:38 - 2012-07-05 13:49 - 00493606 _____ () C:\Program Files\GIMP 2\bin\libfreetype-6.dll
2013-05-14 10:39 - 2012-07-05 13:43 - 01161549 _____ () C:\Program Files\GIMP 2\bin\libxml2-2.dll
2013-05-14 10:39 - 2012-07-05 14:49 - 00571650 _____ () C:\Program Files\GIMP 2\bin\libpixman-1-0.dll
2013-05-14 10:38 - 2013-02-06 23:03 - 00072176 _____ () C:\Program Files\GIMP 2\bin\libgimpconfig-2.0-0.dll
2013-05-14 10:38 - 2013-02-06 23:04 - 00032104 _____ () C:\Program Files\GIMP 2\bin\libgimpmath-2.0-0.dll
2013-05-14 10:38 - 2012-07-05 22:15 - 00142350 _____ () C:\Program Files\GIMP 2\bin\libbabl-0.1-0.dll
2013-05-14 10:39 - 2012-07-06 05:41 - 00416219 _____ () C:\Program Files\GIMP 2\bin\libgegl-0.2-0.dll
2013-05-14 10:39 - 2012-07-05 18:51 - 00090998 _____ () C:\Program Files\GIMP 2\lib\gtk-2.0\2.10.0\engines\libwimp.dll
2013-05-14 10:38 - 2013-02-06 23:04 - 00031328 _____ () C:\Program Files\GIMP 2\lib\gimp\2.0\modules\libdisplay-filter-lcms.dll
2013-05-14 10:39 - 2012-07-05 21:06 - 00212624 _____ () C:\Program Files\GIMP 2\bin\liblcms-1.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041356 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\add.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\clear.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\color-burn.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\color-dodge.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\darken.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\difference.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041356 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\divide.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\dst-atop.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\dst-in.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\dst-out.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\dst-over.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\dst.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\exclusion.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044470 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\gamma.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\hard-light.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\lighten.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041356 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\multiply.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00045139 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\opacity.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043862 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\over.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\overlay.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\plus.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040708 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\screen.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041220 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\soft-light.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\src-atop.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040718 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\src-in.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\src-out.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\src-over.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\src.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041356 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\subtract.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\svg-multiply.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044825 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\threshold.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041356 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\weighted-blend.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040654 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\xor.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042840 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\map-absolute.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042973 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\map-relative.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00047550 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\matting-global.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00049116 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\bilateral-filter.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00050683 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\box-blur.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00060691 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\c2g.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00057172 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\edge-laplace.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00049545 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\edge-sobel.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00055050 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\gaussian-blur.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00051565 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\motion-blur.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00053338 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\noise-reduction.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00049472 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\pixelize.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043478 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\ripple.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00053855 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\snn-mean.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044924 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\stress.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043393 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\waves.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043287 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\brightness-contrast.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044886 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\color-temperature.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042245 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\contrast-curve.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042090 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\convert-format.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040852 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\grey.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041384 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\invert.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043113 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\levels.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040662 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\posterize.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042153 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\svg-huerotate.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041420 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\svg-luminancetoalpha.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043689 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\svg-matrix.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042665 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\svg-saturate.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044118 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\value-invert.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00055173 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\vignette.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041475 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\clone.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042151 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\color-to-alpha.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043329 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\crop.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00061292 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\exp-combine.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00063243 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\fattal02.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00047793 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\lens-distortion.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00058189 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\mantiuk06.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042181 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\mblur.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00047143 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\mirrors.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044245 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\mono-mixer.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040727 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\nop.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00052874 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\path.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00046008 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\polar-coordinates.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00047852 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\reinhard05.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041421 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\stretch-contrast.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00061674 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\transformops.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00048042 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\vector-fill.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00048099 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\vector-stroke.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041409 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\buffer-sink.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042104 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\display.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040837 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\gegl-buffer-save-op.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00045416 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\jpg-save.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00045185 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\png-save.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043509 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\ppm-save.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00050025 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\rgbe-save.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042255 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\save-pixbuf.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042795 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\save.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042969 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\write-buffer.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042068 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\buffer-source.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043241 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\checkerboard.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041549 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\color.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043212 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\grid.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044591 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\noise.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00048966 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\fractal-explorer.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042063 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\gegl-buffer-load-op.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042876 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\introspect.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043505 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\jpg-load.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042259 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\magick-load.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042176 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\open-buffer.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042192 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\pixbuf.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00046500 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\png-load.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043318 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\ppm-load.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043767 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\raw-load.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00050024 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\rgbe-load.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00044498 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\svg-load.dll
2013-05-14 10:39 - 2012-07-05 22:09 - 00243241 _____ () C:\Program Files\GIMP 2\bin\librsvg-2-2.dll
2013-05-14 10:38 - 2012-07-05 22:04 - 00225931 _____ () C:\Program Files\GIMP 2\bin\libcroco-0.6-3.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00048776 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\text.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042057 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\difference-of-gaussians.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042619 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\dropshadow.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00045165 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\layer.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00042745 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\load.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00043207 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\rectangle.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00041510 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\unsharp-mask.dll
2013-05-14 10:39 - 2012-08-25 10:42 - 00040655 _____ () C:\Program Files\GIMP 2\lib\gegl-0.2\remap.dll
2013-05-14 10:38 - 2013-02-06 23:04 - 00137512 _____ () C:\Program Files\GIMP 2\bin\libgimpui-2.0-0.dll
2013-05-14 10:38 - 2013-02-06 23:03 - 00217976 _____ () C:\Program Files\GIMP 2\bin\libgimp-2.0-0.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:18262EDA
AlternateDataStreams: C:\ProgramData\TEMP:66D2723C
AlternateDataStreams: C:\ProgramData\TEMP:6CC0D09A

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/30/2014 06:44:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.17207 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 8f0

Startzeit: 01cfabd0cb16cfd5

Endzeit: 40

Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe

Berichts-ID:

Error: (07/30/2014 11:01:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: waves.exe, Version: 2.8.4.0, Zeitstempel: 0x5112cea6
Name des fehlerhaften Moduls: waves.exe, Version: 2.8.4.0, Zeitstempel: 0x5112cea6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001e9e
ID des fehlerhaften Prozesses: 0x15b8
Startzeit der fehlerhaften Anwendung: 0xwaves.exe0
Pfad der fehlerhaften Anwendung: waves.exe1
Pfad des fehlerhaften Moduls: waves.exe2
Berichtskennung: waves.exe3

Error: (07/28/2014 03:41:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST.exe, Version 25.7.2014.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18b4

Startzeit: 01cfaa697c544097

Endzeit: 20

Anwendungspfad: C:\Users\Kerstin\Desktop\FRST.exe

Berichts-ID: e2b3e1cd-165c-11e4-905d-001f3f086e4a

Error: (07/28/2014 10:47:28 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:28.752]: [00003068]: lperrcode->api = 1 , lperrcode->code = 2

Error: (07/28/2014 10:47:27 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:27.225]: [00003068]: lperrcode->api = 1 , lperrcode->code = 2

Error: (07/28/2014 10:47:25 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:25.712]: [00003068]: lperrcode->api = 1 , lperrcode->code = 2

Error: (07/28/2014 10:47:24 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:24.177]: [00003068]: lperrcode->api = 1 , lperrcode->code = 2

Error: (07/28/2014 10:47:22 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:22.633]: [00003068]: lperrcode->api = 1 , lperrcode->code = 2

Error: (07/28/2014 10:47:21 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:21.088]: [00003068]: lperrcode->api = 1 , lperrcode->code = 2

Error: (07/28/2014 10:47:19 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2014/07/28 10:47:19.544]: [00003068]: lperrcode->api = 1 , lperrcode->code = 2


System errors:
=============
Error: (07/30/2014 11:32:02 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 47.

Error: (07/30/2014 11:32:02 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 47.

Error: (07/30/2014 11:32:02 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 47.

Error: (07/30/2014 11:31:13 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 47.

Error: (07/30/2014 11:31:13 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 47.

Error: (07/30/2014 11:31:13 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 47.

Error: (07/30/2014 11:30:30 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 47.

Error: (07/30/2014 11:30:30 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 47.

Error: (07/30/2014 11:30:29 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 47.

Error: (07/30/2014 11:30:29 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 47.


Microsoft Office Sessions:
=========================
Error: (06/17/2014 07:16:01 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8108 seconds with 420 seconds of active time.  This session ended with a crash.

Error: (05/20/2014 00:36:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3124 seconds with 1560 seconds of active time.  This session ended with a crash.

Error: (04/09/2014 11:32:19 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 13477 seconds with 1860 seconds of active time.  This session ended with a crash.

Error: (03/05/2014 09:09:06 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 2378 seconds with 420 seconds of active time.  This session ended with a crash.

Error: (01/12/2014 01:06:57 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 8572 seconds with 5400 seconds of active time.  This session ended with a crash.

Error: (11/24/2013 02:46:18 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (09/17/2013 08:58:24 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 40101 seconds with 540 seconds of active time.  This session ended with a crash.

Error: (08/28/2013 07:05:05 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 958 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (08/13/2013 08:25:18 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 19809 seconds with 2160 seconds of active time.  This session ended with a crash.

Error: (08/12/2013 01:59:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2170 seconds with 660 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Percentage of memory in use: 43%
Total physical RAM: 3293.24 MB
Available physical RAM: 1857.44 MB
Total Pagefile: 6584.77 MB
Available Pagefile: 4597.36 MB
Total Virtual: 2047.88 MB
Available Virtual: 1909.46 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:366.77 GB) NTFS
Drive d: (14 Mai 2014) (CDROM) (Total:1.37 GB) (Free:1.18 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 069AB8B9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Mbam-Log - 18:53 Uhr
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 30.07.2014
Scan Time: 18:53:05
Logfile: Mbam-Log.txt
Administrator: No

Version: 2.00.2.1012
Malware Database: v2014.07.30.05
Rootkit Database: v2014.07.17.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Kerstin

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 318702
Time Elapsed: 11 min, 6 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
AdAware Log - 19:55 Uhr

Code:
# AdwCleaner v3.301 - Bericht erstellt am 30/07/2014 um 19:55:09
# Aktualisiert 28/07/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : Kerstin - USER1011-PC
# Gestartet von : C:\Users\Kerstin\Desktop\adwcleaner_3.301.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : bupService

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Kerstin\AppData\Roaming\BupSystem
Ordner Gelöscht : C:\Users\Kerstin\AppData\Roaming\Common\LuaRT
Ordner Gelöscht : C:\Users\Kerstin\AppData\Roaming\Fifth
Ordner Gelöscht : C:\Users\Kerstin\AppData\Roaming\SCheck
Ordner Gelöscht : C:\Users\Kerstin\AppData\Roaming\Snz
Datei Gelöscht : C:\Users\Kerstin\Favorites\Startfenster.lnk
Datei Gelöscht : C:\Users\Kerstin\AppData\Local\omesuperv.exe
Datei Gelöscht : C:\Users\Kerstin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk

***** [ Tasks ] *****

Task Gelöscht : Fifth
Task Gelöscht : OMESupervisor
Task Gelöscht : SomotoUpdateCheckerAutoStart

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [scheck]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Snoozer]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\pdfforgeToolbar-stub-1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\pdfforgeToolbar-stub-1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\OfferMosquito
Schlüssel Gelöscht : HKCU\Software\Protector
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Mozilla Firefox v31.0 (x86 de)

[ Datei : C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\dk53go6k.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://native-search.com/search.php?channel=deg&q={searchTerms}
Gelöscht [Extension] : gbmdkmlcnbapgegninelmjbfibaghdmk
Gelöscht [Extension] : pmgkeimkiojpjcoiiipekfjaopchhjga

*************************

AdwCleaner[R4].txt - [929 octets] - [20/03/2014 17:02:33]
AdwCleaner[R5].txt - [3025 octets] - [30/07/2014 19:39:42]
AdwCleaner[R6].txt - [3144 octets] - [30/07/2014 19:53:03]
AdwCleaner[S4].txt - [989 octets] - [20/03/2014 17:15:52]
AdwCleaner[S5].txt - [326 octets] - [30/07/2014 19:52:46]
AdwCleaner[S6].txt - [3069 octets] - [30/07/2014 19:55:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [3129 octets] ##########
(end)
JRT-Log - 20:02 Uhr
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Professional x86
Ran by Kerstin on 30.07.2014 at 20:02:39,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.07.2014 at 20:07:07,60
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

schrauber 31.07.2014 18:59

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

sandsonne 31.07.2014 20:36
Guten Abend, Schrauber,

danke der Nachfrage und danke, das mir geholfen wird und wurde. Also Probleme stelle ich keine mehr fest - Firefox läuft ohne die Fehlermeldung.

Nachstehend das erforderliche Log:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-07-2014 01
Ran by Kerstin (administrator) on USER1011-PC on 31-07-2014 21:28:00
Running from C:\Users\Kerstin\Desktop
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(NEC Electronics Corporation) C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVM Berlin) C:\Program Files\avmwlanstick\FRITZWLanMini.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3467251772-538213018-3341465458-1001\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-3467251772-538213018-3341465458-1001\...\Policies\Explorer: [DisallowRun] 1
Startup: C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKCU - {AFF5BEFB-01AB-4CF5-9CB1-6B3AF075A3F7} URL = hxxp://www.ant.com/search?s=browser&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\dk53go6k.default
FF Homepage: hxxp://www.Google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: bebomedia.com/OfferMosquitoIEHelper - C:\Users\Kerstin\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Firebug - C:\Users\Kerstin\AppData\Roaming\Mozilla\Firefox\Profiles\dk53go6k.default\Extensions\firebug@software.joehewitt.com.xpi [2014-07-27]

Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: "hxxp://native-search.com/?channel=deg"
CHR DefaultSearchKeyword: Search
CHR DefaultSearchProvider: Search
CHR Extension: (Google Docs) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-27]
CHR Extension: (Google Drive) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-27]
CHR Extension: (YouTube) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-27]
CHR Extension: (Google-Suche) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-27]
CHR Extension: (Securita Scout) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfkilfadjoneaheacgmkahfgcjchkpad [2014-07-26]
CHR Extension: (Google Wallet) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-27]
CHR Extension: (Google Mail) - C:\Users\Kerstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-27]
CHR HKLM\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Kerstin\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-07-26]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S2 PDFProFiltSrv; C:\Program Files\Nuance\PDF Professional 8\PDFProFiltSrv.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-17] (Avira Operations GmbH & Co. KG)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [264704 2006-04-06] (AVM GmbH)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2012-12-07] (GFI Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-07-31] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-11] (Avira GmbH)
S3 catchme; \??\C:\Users\Kerstin\AppData\Local\Temp\catchme.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-31 21:27 - 2014-07-31 21:27 - 00000000 ____D () C:\Users\Kerstin\Desktop\FRST-OlderVersion
2014-07-31 17:09 - 2014-07-31 17:09 - 00093393 _____ () C:\Users\Kerstin\AppData\Local\recently-used.xbel
2014-07-31 16:14 - 2014-07-31 16:14 - 00000000 ____D () C:\Users\Kerstin\Desktop\VTEM_SlideNote_UnzipFirst
2014-07-31 16:13 - 2014-07-31 16:14 - 00085145 _____ () C:\Users\Kerstin\Desktop\VTEM_SlideNote_UnzipFirst.zip
2014-07-31 16:07 - 2014-07-31 16:07 - 00018638 _____ () C:\Users\Kerstin\Desktop\mod_shotimoo_1.1.7.44.zip
2014-07-31 15:59 - 2014-07-31 15:59 - 00140529 _____ () C:\Users\Kerstin\Desktop\mod_dailyquotes_monthly2.5.zip
2014-07-31 08:41 - 2014-07-31 19:13 - 00032133 _____ () C:\Users\Kerstin\Desktop\Mappe1.xlsx
2014-07-30 20:07 - 2014-07-30 20:07 - 00000650 _____ () C:\Users\Kerstin\Desktop\JRT.txt
2014-07-30 19:47 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-07-30 19:33 - 2014-07-30 19:59 - 00093235 _____ () C:\Users\Kerstin\Desktop\bord.txt
2014-07-30 18:52 - 2014-07-31 20:06 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-30 18:51 - 2014-07-30 18:51 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-30 18:51 - 2014-07-30 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-30 18:51 - 2014-07-30 18:51 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-30 18:51 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-30 18:51 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-30 18:51 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-30 18:50 - 2014-07-30 18:50 - 01016261 _____ (Thisisu) C:\Users\Kerstin\Desktop\JRT.exe
2014-07-30 18:49 - 2014-07-30 18:49 - 01365525 _____ () C:\Users\Kerstin\Desktop\adwcleaner_3.301.exe
2014-07-30 18:47 - 2014-07-30 18:48 - 00044414 _____ () C:\Users\Kerstin\Desktop\Addition.txt
2014-07-30 18:46 - 2014-07-30 18:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Kerstin\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-30 10:40 - 2014-07-30 10:40 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-30 10:39 - 2014-07-30 10:40 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-30 02:41 - 2014-07-31 21:28 - 00002913 _____ () C:\Users\Kerstin\Desktop\FRST.txt
2014-07-30 02:40 - 2014-07-30 02:40 - 00000000 ___SD () C:\ComboFix
2014-07-29 17:12 - 2014-07-30 12:50 - 00000000 ____D () C:\Users\Kerstin\Desktop\Neuer Ordner
2014-07-29 13:10 - 2014-07-29 13:10 - 00000516 _____ () C:\Users\Kerstin\Desktop\5.txt
2014-07-29 13:05 - 2014-07-29 13:05 - 05563986 ____R (Swearware) C:\Users\Kerstin\Desktop\ComboFix.exe
2014-07-29 12:55 - 2014-07-29 12:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kerstin\Desktop\revosetup95.exe
2014-07-29 12:55 - 2014-07-29 12:55 - 00001222 _____ () C:\Users\Kerstin\Desktop\Revo Uninstaller.lnk
2014-07-29 12:55 - 2014-07-29 12:55 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-07-28 15:40 - 2014-07-31 21:27 - 01084928 _____ (Farbar) C:\Users\Kerstin\Desktop\FRST.exe
2014-07-28 15:15 - 2014-07-28 15:15 - 00108263 _____ () C:\Users\Kerstin\Desktop\mod_artnewsticker_unzip_first.zip
2014-07-28 13:32 - 2014-07-28 13:32 - 00002501 _____ () C:\Users\Kerstin\Desktop\hd-floaty06.zip
2014-07-28 10:08 - 2014-07-28 10:08 - 00006583 _____ () C:\Users\Kerstin\Documents\Fixit50388.reg
2014-07-28 09:28 - 2014-07-28 10:02 - 00000168 _____ () C:\Users\Kerstin\Desktop\ölkäpüö.txt
2014-07-27 17:31 - 2014-07-27 17:32 - 02041554 _____ () C:\Users\Kerstin\Downloads\ol_albos_free_unzipfirst_1.0.7.zip
2014-07-26 07:59 - 2014-07-26 07:59 - 00000000 ____D () C:\Users\Kerstin\AppData\Local\Temp6c48a98e100f1e81b387bb5b2088d4fb
2014-07-26 07:58 - 2014-07-26 10:34 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\Security System 2
2014-07-26 07:55 - 2014-07-26 07:55 - 00000000 ____D () C:\Users\Kerstin\Downloads\Terminerinnerung
2014-07-26 07:55 - 2014-07-26 07:55 - 00000000 ____D () C:\Users\Kerstin\ChromeExtensions
2014-07-26 07:55 - 2014-07-26 07:55 - 00000000 ____D () C:\Users\Kerstin\AppData\Local\Temp5ac07127001d978dc00a9445ec364dd4
2014-07-26 07:54 - 2014-07-26 07:54 - 01035152 _____ () C:\Users\Kerstin\Downloads\Terminerinnerung-lnstall.exe
2014-07-22 19:35 - 2014-07-29 16:29 - 00010814 _____ () C:\Users\Kerstin\Desktop\verschickt.txt
2014-07-22 14:51 - 2014-07-22 14:51 - 05981830 _____ (Tim Kosse) C:\Users\Kerstin\Downloads\FileZilla_3.9.0.1_win32-setup.exe
2014-07-22 14:18 - 2014-07-22 14:18 - 00644997 _____ () C:\Users\Kerstin\Downloads\allerleye_support_paket_erst_entpacken.zip
2014-07-22 10:22 - 2014-07-22 10:22 - 00391986 _____ () C:\Users\Kerstin\Downloads\JSN_Package_UNZIP_ME_FIRST_20140722152154.zip
2014-07-22 10:22 - 2014-07-22 10:22 - 00000000 ____D () C:\Users\Kerstin\Downloads\JSN_Package_UNZIP_ME_FIRST_20140722152154
2014-07-21 10:40 - 2014-07-21 10:40 - 00000099 _____ () C:\Users\Kerstin\Desktop\ICS AG.txt
2014-07-21 08:31 - 2014-07-21 08:31 - 00000733 _____ () C:\Users\Kerstin\Desktop\muster.txt
2014-07-14 15:45 - 2014-07-14 15:49 - 128051271 _____ () C:\Users\Kerstin\Downloads\site-main-kinzigjobs.de-20140714-153314.jpa
2014-07-09 06:28 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 06:28 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 06:28 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 06:28 - 2014-06-19 01:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 06:28 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 06:28 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 06:28 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 06:28 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 06:28 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 06:28 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 06:28 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 06:28 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 06:28 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 06:28 - 2014-06-19 01:23 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 06:28 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 06:28 - 2014-06-19 01:16 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 06:28 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 06:28 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 06:28 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 06:28 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 06:28 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 06:28 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 06:28 - 2014-06-19 00:52 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 06:28 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 06:28 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 06:28 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 06:28 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 06:28 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 06:28 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 06:28 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 06:27 - 2014-06-30 03:40 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 06:27 - 2014-06-30 03:36 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 06:27 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 06:27 - 2014-06-18 02:52 - 02350080 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 06:27 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 06:27 - 2014-06-05 16:26 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 06:27 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 06:27 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 06:27 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 06:27 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 06:27 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 06:27 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 06:27 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 06:27 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-07 12:30 - 2014-07-07 12:30 - 10746848 _____ (PlotSoft LLC) C:\Users\Kerstin\Downloads\PDFill_11.exe
2014-07-07 12:27 - 2014-07-07 12:28 - 00000043 _____ () C:\Windows\gswin32.ini
2014-07-04 12:59 - 2014-07-04 12:59 - 00000000 ____D () C:\Users\Kerstin\Desktop\RE9990701D-IW
2014-07-02 12:09 - 2014-07-02 20:22 - 01093454 _____ () C:\Users\Kerstin\Desktop\Projekte.pptx
2014-07-02 08:55 - 2014-07-02 13:56 - 00000000 ____D () C:\Users\Kerstin\Downloads\2947_construction_ppt
2014-07-02 08:55 - 2014-07-02 08:55 - 00713228 _____ () C:\Users\Kerstin\Downloads\2947_construction_ppt.zip
2014-07-01 15:42 - 2014-07-01 15:43 - 00000000 ____D () C:\Users\Kerstin\Downloads\Markus-Rak-Bewerbung
2014-07-01 15:41 - 2014-07-01 15:42 - 06467861 _____ () C:\Users\Kerstin\Downloads\Markus-Rak-Bewerbung.zip
2014-07-01 08:03 - 2014-07-01 08:03 - 01058200 _____ (Adobe) C:\Users\Kerstin\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-31 21:28 - 2014-07-30 02:41 - 00002913 _____ () C:\Users\Kerstin\Desktop\FRST.txt
2014-07-31 21:28 - 2014-03-20 17:49 - 00000000 ____D () C:\FRST
2014-07-31 21:27 - 2014-07-31 21:27 - 00000000 ____D () C:\Users\Kerstin\Desktop\FRST-OlderVersion
2014-07-31 21:27 - 2014-07-28 15:40 - 01084928 _____ (Farbar) C:\Users\Kerstin\Desktop\FRST.exe
2014-07-31 21:11 - 2012-04-18 08:12 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-31 20:06 - 2014-07-30 18:52 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-31 19:13 - 2014-07-31 08:41 - 00032133 _____ () C:\Users\Kerstin\Desktop\Mappe1.xlsx
2014-07-31 19:13 - 2013-05-16 10:12 - 00000000 ____D () C:\Users\Kerstin\.gimp-2.8
2014-07-31 19:13 - 2012-12-07 19:58 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\FileZilla
2014-07-31 17:09 - 2014-07-31 17:09 - 00093393 _____ () C:\Users\Kerstin\AppData\Local\recently-used.xbel
2014-07-31 16:14 - 2014-07-31 16:14 - 00000000 ____D () C:\Users\Kerstin\Desktop\VTEM_SlideNote_UnzipFirst
2014-07-31 16:14 - 2014-07-31 16:13 - 00085145 _____ () C:\Users\Kerstin\Desktop\VTEM_SlideNote_UnzipFirst.zip
2014-07-31 16:07 - 2014-07-31 16:07 - 00018638 _____ () C:\Users\Kerstin\Desktop\mod_shotimoo_1.1.7.44.zip
2014-07-31 15:59 - 2014-07-31 15:59 - 00140529 _____ () C:\Users\Kerstin\Desktop\mod_dailyquotes_monthly2.5.zip
2014-07-31 06:32 - 2009-07-14 06:34 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-31 06:32 - 2009-07-14 06:34 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-31 06:24 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-31 06:24 - 2009-07-14 06:39 - 00477456 _____ () C:\Windows\setupact.log
2014-07-30 22:02 - 2011-09-17 15:55 - 01303062 _____ () C:\Windows\WindowsUpdate.log
2014-07-30 20:07 - 2014-07-30 20:07 - 00000650 _____ () C:\Users\Kerstin\Desktop\JRT.txt
2014-07-30 19:59 - 2014-07-30 19:33 - 00093235 _____ () C:\Users\Kerstin\Desktop\bord.txt
2014-07-30 19:56 - 2011-09-17 17:03 - 00529894 _____ () C:\Windows\PFRO.log
2014-07-30 19:55 - 2014-03-20 17:02 - 00000000 ____D () C:\AdwCleaner
2014-07-30 19:55 - 2014-03-09 11:08 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\Common
2014-07-30 19:52 - 2012-03-01 18:45 - 00000000 ____D () C:\Users\Kerstin\AppData\Local\CrashDumps
2014-07-30 18:51 - 2014-07-30 18:51 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-30 18:51 - 2014-07-30 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-30 18:51 - 2014-07-30 18:51 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-30 18:51 - 2013-12-16 10:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-30 18:50 - 2014-07-30 18:50 - 01016261 _____ (Thisisu) C:\Users\Kerstin\Desktop\JRT.exe
2014-07-30 18:49 - 2014-07-30 18:49 - 01365525 _____ () C:\Users\Kerstin\Desktop\adwcleaner_3.301.exe
2014-07-30 18:48 - 2014-07-30 18:47 - 00044414 _____ () C:\Users\Kerstin\Desktop\Addition.txt
2014-07-30 18:46 - 2014-07-30 18:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Kerstin\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-30 12:50 - 2014-07-29 17:12 - 00000000 ____D () C:\Users\Kerstin\Desktop\Neuer Ordner
2014-07-30 10:40 - 2014-07-30 10:40 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-30 10:40 - 2014-07-30 10:39 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-30 10:40 - 2014-06-18 08:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-30 02:40 - 2014-07-30 02:40 - 00000000 ___SD () C:\ComboFix
2014-07-29 16:29 - 2014-07-22 19:35 - 00010814 _____ () C:\Users\Kerstin\Desktop\verschickt.txt
2014-07-29 13:10 - 2014-07-29 13:10 - 00000516 _____ () C:\Users\Kerstin\Desktop\5.txt
2014-07-29 13:05 - 2014-07-29 13:05 - 05563986 ____R (Swearware) C:\Users\Kerstin\Desktop\ComboFix.exe
2014-07-29 12:55 - 2014-07-29 12:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kerstin\Desktop\revosetup95.exe
2014-07-29 12:55 - 2014-07-29 12:55 - 00001222 _____ () C:\Users\Kerstin\Desktop\Revo Uninstaller.lnk
2014-07-29 12:55 - 2014-07-29 12:55 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-07-28 15:15 - 2014-07-28 15:15 - 00108263 _____ () C:\Users\Kerstin\Desktop\mod_artnewsticker_unzip_first.zip
2014-07-28 13:32 - 2014-07-28 13:32 - 00002501 _____ () C:\Users\Kerstin\Desktop\hd-floaty06.zip
2014-07-28 10:18 - 2012-05-08 10:08 - 00000000 ____D () C:\Program Files\Google
2014-07-28 10:17 - 2012-05-08 10:08 - 00000000 ____D () C:\Users\Kerstin\AppData\Local\Google
2014-07-28 10:08 - 2014-07-28 10:08 - 00006583 _____ () C:\Users\Kerstin\Documents\Fixit50388.reg
2014-07-28 10:02 - 2014-07-28 09:28 - 00000168 _____ () C:\Users\Kerstin\Desktop\ölkäpüö.txt
2014-07-27 17:32 - 2014-07-27 17:31 - 02041554 _____ () C:\Users\Kerstin\Downloads\ol_albos_free_unzipfirst_1.0.7.zip
2014-07-27 16:46 - 2012-12-07 19:54 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\Mozilla
2014-07-26 10:34 - 2014-07-26 07:58 - 00000000 ____D () C:\Users\Kerstin\AppData\Roaming\Security System 2
2014-07-26 07:59 - 2014-07-26 07:59 - 00000000 ____D () C:\Users\Kerstin\AppData\Local\Temp6c48a98e100f1e81b387bb5b2088d4fb
2014-07-26 07:55 - 2014-07-26 07:55 - 00000000 ____D () C:\Users\Kerstin\Downloads\Terminerinnerung
2014-07-26 07:55 - 2014-07-26 07:55 - 00000000 ____D () C:\Users\Kerstin\ChromeExtensions
2014-07-26 07:55 - 2014-07-26 07:55 - 00000000 ____D () C:\Users\Kerstin\AppData\Local\Temp5ac07127001d978dc00a9445ec364dd4
2014-07-26 07:55 - 2012-02-23 19:32 - 00000000 ____D () C:\Users\Kerstin
2014-07-26 07:54 - 2014-07-26 07:54 - 01035152 _____ () C:\Users\Kerstin\Downloads\Terminerinnerung-lnstall.exe
2014-07-24 06:03 - 2012-03-01 18:37 - 00000000 ____D () C:\Program Files\FileZilla FTP Client
2014-07-22 16:06 - 2012-03-01 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-07-22 15:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-22 14:51 - 2014-07-22 14:51 - 05981830 _____ (Tim Kosse) C:\Users\Kerstin\Downloads\FileZilla_3.9.0.1_win32-setup.exe
2014-07-22 14:18 - 2014-07-22 14:18 - 00644997 _____ () C:\Users\Kerstin\Downloads\allerleye_support_paket_erst_entpacken.zip
2014-07-22 10:22 - 2014-07-22 10:22 - 00391986 _____ () C:\Users\Kerstin\Downloads\JSN_Package_UNZIP_ME_FIRST_20140722152154.zip
2014-07-22 10:22 - 2014-07-22 10:22 - 00000000 ____D () C:\Users\Kerstin\Downloads\JSN_Package_UNZIP_ME_FIRST_20140722152154
2014-07-21 11:11 - 2011-09-17 16:05 - 01629372 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-21 10:40 - 2014-07-21 10:40 - 00000099 _____ () C:\Users\Kerstin\Desktop\ICS AG.txt
2014-07-21 10:32 - 2012-02-24 00:17 - 00000000 ____D () C:\Users\Kerstin\Desktop\Office Interim
2014-07-21 08:31 - 2014-07-21 08:31 - 00000733 _____ () C:\Users\Kerstin\Desktop\muster.txt
2014-07-14 15:49 - 2014-07-14 15:45 - 128051271 _____ () C:\Users\Kerstin\Downloads\site-main-kinzigjobs.de-20140714-153314.jpa
2014-07-14 12:51 - 2014-05-28 07:07 - 00000000 ____D () C:\Users\Kerstin\Desktop\Main-KinzigJOBS
2014-07-11 08:24 - 2013-01-21 19:40 - 00000000 ____D () C:\Users\Kerstin\Desktop\privat
2014-07-10 12:36 - 2013-05-06 12:30 - 00035848 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-09 18:13 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-07-09 17:33 - 2009-07-14 06:33 - 00510352 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 17:31 - 2014-04-30 20:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 17:31 - 2009-07-14 10:57 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 17:31 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-07-09 17:28 - 2013-12-13 21:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 17:27 - 2012-02-23 19:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 17:27 - 2011-09-17 20:44 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 08:11 - 2012-04-18 08:12 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-09 08:11 - 2012-02-13 23:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-07 12:30 - 2014-07-07 12:30 - 10746848 _____ (PlotSoft LLC) C:\Users\Kerstin\Downloads\PDFill_11.exe
2014-07-07 12:28 - 2014-07-07 12:27 - 00000043 _____ () C:\Windows\gswin32.ini
2014-07-04 12:59 - 2014-07-04 12:59 - 00000000 ____D () C:\Users\Kerstin\Desktop\RE9990701D-IW
2014-07-02 20:22 - 2014-07-02 12:09 - 01093454 _____ () C:\Users\Kerstin\Desktop\Projekte.pptx
2014-07-02 13:56 - 2014-07-02 08:55 - 00000000 ____D () C:\Users\Kerstin\Downloads\2947_construction_ppt
2014-07-02 08:55 - 2014-07-02 08:55 - 00713228 _____ () C:\Users\Kerstin\Downloads\2947_construction_ppt.zip
2014-07-01 15:43 - 2014-07-01 15:42 - 00000000 ____D () C:\Users\Kerstin\Downloads\Markus-Rak-Bewerbung
2014-07-01 15:42 - 2014-07-01 15:41 - 06467861 _____ () C:\Users\Kerstin\Downloads\Markus-Rak-Bewerbung.zip
2014-07-01 08:03 - 2014-07-01 08:03 - 01058200 _____ (Adobe) C:\Users\Kerstin\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe

Some content of TEMP:
====================
C:\Users\Kerstin\AppData\Local\temp\amazonicon_v8.exe
C:\Users\Kerstin\AppData\Local\temp\amazoninstallernircmdc.exe
C:\Users\Kerstin\AppData\Local\temp\avgnt.exe
C:\Users\Kerstin\AppData\Local\temp\MouseKeyboardCenterx86_1031.exe
C:\Users\Kerstin\AppData\Local\temp\Quarantine.exe
C:\Users\Kerstin\AppData\Local\temp\sdanircmdc.exe
C:\Users\Kerstin\AppData\Local\temp\sdapskill.exe
C:\Users\Kerstin\AppData\Local\temp\sdaspwn.exe
C:\Users\Kerstin\AppData\Local\temp\WEB.DE_MailCheck_FF_Setup_2.10.1.1735.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-28 07:26

==================== End Of Log ============================
--- --- ---

schrauber 01.08.2014 17:52
Obige Logfiles? :)

sandsonne 01.08.2014 19:50
Zitat:
Zitat von schrauber (Beitrag 1338567)
Obige Logfiles? :)
Guten Abend, Schrauber,

'Obige Logfiles?' :confused:

Es tut mir leid, wenn ich nicht die Files geliefert habe erforderlich sind. Welche fehlen denn konkret.

Entschuldige wenn ich Hilfe in Anspruch nehme und dann noch nichtmal korrekt abliefere :pfui: > damit man mir überhaupt helfen kann...

schrauber 02.08.2014 20:19
ESET Onlinescanner, SecurityCheck, davon fehlen die Logfiles :)

sandsonne 03.08.2014 19:28
Guten Tag, Schrauber,

nochmal entschuldigung - ich habe diese beiden Anweisungen echt überlesen - :pfui: - :daumenrunter:

Hier die Logs:

ESET
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=6f520c7afb48614797c5c2212fa10340
# engine=19479
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-08-03 03:00:24
# local_time=2014-08-03 05:00:24 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 11990 46509309 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 115487 158709215 0 0
# scanned=574673
# found=6
# cleaned=6
# scan_time=5044
sh=C3EAECC7AC31E03A44B677E015014AEFD3E9E920 ft=1 fh=abf2f1d80f8bd186 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Daten Eee\__KM-Eig-Dat\ALT\Admin\Lokale Einstellungen\Temp\Softonic_Deutsch_Qast.exe"
sh=24CC6CB8A8D2790EB0AD23677F773EF8DBA88AAF ft=1 fh=77b67014d1f9f560 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Daten Eee\__KM-Eig-Dat\Eigene Dateien\Downloads\zvipsetup32.exe"
sh=24CC6CB8A8D2790EB0AD23677F773EF8DBA88AAF ft=1 fh=77b67014d1f9f560 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Kerstin\Documents\Downloads\zvipsetup32.exe"
sh=B50257C1D86531E8E2E504C74755C128EF60D66D ft=1 fh=2b2eb2afbd4afc01 vn="Win32/WinloadSDA.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Kerstin\Downloads\Terminerinnerung-lnstall.exe"
sh=FF273D0017363755214FA5CD888C2C2D54721700 ft=1 fh=0089eae0191970f8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll"
sh=A70EFAB5F2D2D83AD2B7E0304169C73F6D0EC700 ft=1 fh=011924ad9c4ebdbf vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
Security Check
Code:
Results of screen317's Security Check version 0.99.85 
 Windows 7 Service Pack 1 x86 (UAC is disabled!) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop 
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 JavaFX 2.1.1   
 Java 7 Update 40 
 Java version out of Date!
 Adobe Flash Player        14.0.0.145 
 Adobe Reader 10.1.7 Adobe Reader out of Date! 
 Mozilla Firefox (31.0)
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
 Malwarebytes Anti-Malware mbamscheduler.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
Noch eine frische FRST jetzt im Anschluss? Bitte sag mir Bescheid.

Danke schön für alles - sandsonne


Alle Zeitangaben in WEZ +1. Es ist jetzt 07:14 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131