Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   malwarebytes hat pups (potentiell unerwünschte software) gefunden - was tun? (https://www.trojaner-board.de/153964-malwarebytes-hat-pups-potentiell-unerwuenschte-software-gefunden-tun.html)

joelsuma 16.05.2014 17:08
malwarebytes hat pups (potentiell unerwünschte software) gefunden - was tun?
 
Hallo trojaner-forum, bin neu hier und bitte um Hilfe:

Ein Scan mit Malwarebytes brachte mir folgendes Ergebnis:

Zitat:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 16.05.2014
Suchlauf-Zeit: 17:06:49
Logdatei:
Administrator: Nein

Version: 2.00.1.1004
Malware Datenbank: v2014.05.16.09
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Hannelore

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 297392
Verstrichene Zeit: 16 Min, 12 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 12
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , [ee2b2c266c0f0333723373eaec16bb45],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , [ee2b2c266c0f0333723373eaec16bb45],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [23f6d77b205bb383b074b079d32fee12],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [23f6d77b205bb383b074b079d32fee12],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [23f6d77b205bb383b074b079d32fee12],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [23f6d77b205bb383b074b079d32fee12],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [27f2351d25565adc770ab1eb71916b95],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-358328064-3020620440-2983200396-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, , [61b8b0a226553006175f8f22946fd729],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-358328064-3020620440-2983200396-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, , [38e1e66cadcee353e0953b7639ca5ca4],
PUP.Optional.AlexaTB.A, HKU\S-1-5-21-358328064-3020620440-2983200396-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DISTROMATIC\Toolbars, , [71a8044ecead96a0de500dabe41fc040],
PUP.Optional.SnapDo.A, HKU\S-1-5-21-358328064-3020620440-2983200396-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR, , [bb5e4e04275460d6690b5e3d57abfd03],
PUP.Optional.Softonic.A, HKU\S-1-5-21-358328064-3020620440-2983200396-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [5cbdcf837efd45f114056228ce3415eb],

Registrierungswerte: 1
PUP.Optional.SnapDo.A, HKU\S-1-5-21-358328064-3020620440-2983200396-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR|publisher, SnapdoOCYB, , [bb5e4e04275460d6690b5e3d57abfd03]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 10
PUP.Optional.OpenCandy, C:\Users\Hannelore\AppData\Roaming\OpenCandy, , [ea2fda786d0e75c1f6abeb850ff314ec],
PUP.Optional.OpenCandy, C:\Users\Hannelore\AppData\Roaming\OpenCandy\F175A2DBC5304CDE80C34E7C2E41BB87, , [ea2fda786d0e75c1f6abeb850ff314ec],
PUP.Optional.OpenCandy, C:\Users\Hannelore\AppData\Roaming\OpenCandy\FFF52D0E2E8C4DF0A296B27F3C7FDC78, , [ea2fda786d0e75c1f6abeb850ff314ec],
PUP.Optional.Iminent.A, C:\Users\Hannelore\AppData\Local\Temp\Iminent, , [1affcb87136860d6c4f683ed8d7545bb],
PUP.Optional.Iminent.A, C:\Users\Hannelore\AppData\Local\Temp\Iminent\Log, , [1affcb87136860d6c4f683ed8d7545bb],
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Local\Temp\mt_ffx\Delta, , [819885cd8bf03501a5191759fa089c64],
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Local\Temp\mt_ffx\Delta\delta, , [819885cd8bf03501a5191759fa089c64],
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.10.0, , [819885cd8bf03501a5191759fa089c64],
PUP.Optional.AmazonTB.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\jetpack\abb@amazon.com, , [78a1ba980b70a393ac6fc2b4c83a30d0],
PUP.Optional.AmazonTB.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\jetpack\abb@amazon.com\simple-storage, , [78a1ba980b70a393ac6fc2b4c83a30d0],

Dateien: 31
PUP.Optional.Somoto, C:\Users\Hannelore\AppData\Local\Temp\xbrYxSWS.exe.part, , [ce4ba4ae6c0f70c6305bbdb0ec18629e],
PUP.Optional.BundleInstaller.A, C:\Users\Hannelore\AppData\Local\Temp\20131217112202.788.exe, , [fe1b7bd734475fd796fad6679a677c84],
PUP.Optional.OptimizePro.A, C:\Users\Hannelore\AppData\Local\Temp\OptimizerPro.exe, , [ef2afe54b7c454e23201d24cde22e61a],
PUP.Optional.Somoto, C:\Users\Hannelore\AppData\Local\Temp\n7dmmWTW.exe.part, , [c7522131f388a88e8704cda0877d7b85],
PUP.Optional.Somoto, C:\Users\Hannelore\AppData\Local\Temp\vLgG1lUM.exe.part, , [74a5262c95e6a88e8dfee18c0afa9f61],
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Local\Temp\DeltaTB.exe, , [4ccd470b76050e2818c47f8747ba4db3],
PUP.Optional.OpenCandy, C:\Users\Hannelore\AppData\Local\Temp\FreemakeVideoConverter_4.1.3.14.exe, , [45d4c98983f8b87ebc69c647867b6997],
PUP.Optional.QuickShare.A, C:\Users\Hannelore\AppData\Local\Temp\QuickShare1.exe, , [0d0ce46ee3983afc7cb565b9e11fed13],
PUP.Optional.BrowserDefender.A, C:\Users\Hannelore\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage, , [db3e2c268eed68cebb196450c1427987],
PUP.Optional.OpenCandy, C:\Users\Hannelore\AppData\Roaming\OpenCandy\F175A2DBC5304CDE80C34E7C2E41BB87\Trial-14.0.1000.89_de-DE_1004733_DE-2.exe, , [ea2fda786d0e75c1f6abeb850ff314ec],
PUP.Optional.OpenCandy, C:\Users\Hannelore\AppData\Roaming\OpenCandy\FFF52D0E2E8C4DF0A296B27F3C7FDC78\Installer.exe, , [ea2fda786d0e75c1f6abeb850ff314ec],
PUP.Optional.AmazonTB.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\jetpack\abb@amazon.com\simple-storage\store.json, , [78a1ba980b70a393ac6fc2b4c83a30d0],
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.admin", false);), ,[e6339fb38eed54e214f1c3b40ff514ec]
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.aflt", "babsst");), ,[9c7d42101b60c86e43c2473011f36a96]
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");), ,[c356fa58433885b1fc0982f5808444bc]
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.autoRvrt", "false");), ,[b960bb975922082e0203c2b56e96a759]
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.dfltLng", "en");), ,[74a5df7382f9fa3cb74e166125df8080]
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.excTlbr", false);), ,[a3765bf75526a29458ad463118ecba46]
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.id", "9230138b00000000000014dae9b1bf0f");), ,[7d9c4111dba02e0842c3364136ce7987]
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.instlDay", "15761");), ,[001994bedf9cdc5a1de8a7d00ef64bb5]
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.instlRef", "sst");), ,[8b8e7fd34e2d85b1a263bdbad52f9b65]
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.newTab", false);), ,[ff1a282ae6954bebf312f08793712fd1]
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.prdct", "delta");), ,[eb2e2f233c3ff640ef1611660df7ef11]
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.prtnrId", "delta");), ,[958468ea6219c47221e41067f60e7789]
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.rvrt", "false");), ,[2bee4f035e1d93a3b3522156b3519d63]
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.smplGrp", "none");), ,[8b8e72e09be0340254b10770dc2803fd]
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.tlbrId", "base");), ,[85940a4896e569cdd53078ff3ec639c7]
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.tlbrSrchUrl", "");), ,[5ebbada524570f27887d78ff52b2847c]
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.vrsn", "1.8.10.0");), ,[19001f330b704aecf411581f5da7bb45]
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.vrsnTs", "1.8.10.016:19:41");), ,[1dfcb49e6912f244e22392e523e1f20e]
PUP.Optional.Delta.A, C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.vrsni", "1.8.10.0");), ,[b6637fd3c3b873c37194e39463a17d83]

Physische Sektoren: 0
(No malicious items detected)


(end)
Es sieht aus, als gäbe es nix bösartiges :kaffee:, muss ich bei den "vielleicht ungewollten" etwas tun :confused:?

Vielen Danke fürs Anschauen und Kommentieren.
joelsuma

schrauber 16.05.2014 17:49
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


joelsuma 16.05.2014 18:40
Danke für Du mir hilfst.

hier mal die frst.txt:


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-05-2014
Ran by Hannelore (administrator) on JANUS on 16-05-2014 19:22:54
Running from C:\Users\Hannelore\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Dropbox, Inc.) C:\Users\Hannelore\AppData\Roaming\Dropbox\bin\Dropbox.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\GUI\GDSC.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVK.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-26] (CANON INC.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2489456 2010-12-17] (VIA)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-07-10] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5545328 2014-02-28] (Western Digital Technologies, Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-358328064-3020620440-2983200396-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-358328064-3020620440-2983200396-1000\...\Run: [] => [X]
Startup: C:\Users\Hannelore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Hannelore\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?p=pLsH3anR-Rz0cILJ
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD1F87D7F6457CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default
FF NewTab: chrome://fvd.speeddial/content/fvd_about_blank.html
FF SelectedSearchEngine: Google
FF Homepage: chrome://fvd.speeddial/content/fvd_about_blank.html
FF Keyword.URL: hxxp://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Speed Dial [FVD] - New Tab Page, Sync... - C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\pavel.sherbakov@gmail.com [2014-05-16]
FF Extension: Spartipps von SparPilot.com - C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\sparpilot@sparpilot.com [2013-04-24]
FF Extension: ColorZilla - C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2012-11-28]
FF Extension: WOT - C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: FoxLingo - C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} [2012-11-10]
FF Extension: Open With Photoshop - C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\{f3f219f9-cbce-467e-b8fe-6e076d29665c} [2014-03-27]
FF Extension: Customizable Shortcuts - C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\customizable-shortcuts@timtaubert.de.xpi [2014-02-28]
FF Extension: Firebug - C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\firebug@software.joehewitt.com.xpi [2012-05-23]
FF Extension: Flagfox - C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-08]
FF Extension: PDF to Word - C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\{b6f3913d-d2e8-480c-9aca-c41d3d4c1db3}.xpi [2013-05-11]
FF Extension: Adblock Plus - C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-23]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-12-16]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR StartupUrls: "hxxp://www.google.com"
CHR DefaultSearchKeyword: delta-search.com
CHR DefaultSearchProvider: Delta Search
CHR DefaultSearchURL: hxxp://www.delta-search.com/?q={searchTerms}&affID=119828&babsrc=SP_ss&mntrId=9230138b00000000000014dae9b1bf0f
CHR DefaultNewTabURL:
CHR Extension: (Google Drive) - C:\Users\Hannelore\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-29]
CHR Extension: (YouTube) - C:\Users\Hannelore\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-29]
CHR Extension: (Google-Suche) - C:\Users\Hannelore\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-29]
CHR Extension: (Freemake Video Converter) - C:\Users\Hannelore\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2014-03-26]
CHR Extension: (Google Wallet) - C:\Users\Hannelore\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-06]
CHR Extension: (Google Mail) - C:\Users\Hannelore\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-29]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-03-22]
[/QUOTE]

Und hier das Additional run-Ergebnis.

[QUOTE]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05-2014
Ran by Hannelore at 2014-05-16 19:26:18
Running from C:\Users\Hannelore\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: G Data InternetSecurity (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data InternetSecurity (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Active@ ISO Burner (HKLM-x32\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.1 - LSoft Technologies)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.5.0.1060 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.5 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version:  - )
Apophysis 2.0 (HKLM-x32\...\Apophysis 2.0) (Version:  - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{E4166C46-5BCD-0EB0-AF19-25E9F27A985B}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CanoScan 9000F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9602) (Version:  - )
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.4.12044 - Landesfinanzdirektion Thüringen)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
G Data InternetSecurity (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HijackThis 2.0.2 (HKLM-x32\...\HijackThis) (Version: 2.0.2 - TrendMicro)
IMAPSize 0.3.7 (HKLM-x32\...\IMAPSize_is1) (Version:  - Broobles)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
jAlbum (HKLM-x32\...\{BEA1650D-B938-46D2-A384-4D2A41067261}) (Version: 11.6.3 - Jalbum AB)
JannieBall (HKLM-x32\...\ST6UNST #1) (Version:  - )
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
KompoZer 0.77 (HKLM-x32\...\KompoZer_is1) (Version: 0.77 - Thorsten Fritz)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NAVIGON Fresh 3.4.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.4.1 - NAVIGON)
Neat Image v7.2.0 Demo plug-in for Photoshop (64-bit) (HKLM\...\Neat Image plug-in for Photoshop_is1) (Version:  - Neat Image team, ABSoft)
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
No23 Recorder (x32 Version: 2.1.0.3 - No23) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Perfect Effects 8 (HKLM-x32\...\{ABC791C9-E95B-40C8-8BDD-F5E84E2E268B}) (Version: 8.1.0 - onOne Software)
Personal Backup 5.5 (HKLM-x32\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev)
PhotoLine 32, Version 12.05 (HKLM-x32\...\PhotoLine 32_is1) (Version:  - )
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
SearchAnonymizer (HKLM\...\SearchAnonymizer) (Version: 1.0.1 (de) - )
Sigel Professional Label Software SE (HKLM-x32\...\Sigel Professional Label Software SE) (Version:  - )
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Streamripper (Remove only) (HKLM-x32\...\Streamripper) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TKexe (HKLM-x32\...\Kalender) (Version:  - )
TKexe designer (HKCU\...\c4db908bc0b92124) (Version: 2.0.1.11 - TKexe Printservice)
TreeSize Free V2.7 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
Ulead Photo Explorer 8.6 (HKLM-x32\...\{025C3792-E9C6-432A-92C1-661F99D021CA}) (Version: 8.6 - Ulead Systems, Inc.)
Ulead PhotoImpact (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - )
Ulead PhotoImpact 11 (HKLM-x32\...\{C8550C86-A712-4219-AD4C-038C9FD1D149}) (Version: 11.0 - Ulead System)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{2D2BD030-2DC0-478F-9710-3554FFC0D797}) (Version: 1.0.7.3 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{C0D71DFA-F9D4-45C2-A6C9-DAE2212766EE}) (Version: 2.3.0.20 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{8A7B24E8-864E-4794-95C4-17644D0991AA}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{50469799-BDF0-4F98-BCC4-80FC3F1F14E1}) (Version: 2.3.0.20 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{1ec9e03a-452b-48fb-8e1b-27ee0477985f}) (Version: 2.3.0.20 - Western Digital Technologies, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
XnView 2.13 (HKLM-x32\...\XnView_is1) (Version: 2.13 - Gougelet Pierre-e)

==================== Restore Points  =========================

08-05-2014 09:04:21 Installed WD Drive Utilities
09-05-2014 09:28:22 AGFEO TK-ServiceProvider3 (x64) wird entfernt
10-05-2014 00:50:56 Windows Update
14-05-2014 00:29:45 Windows Update
15-05-2014 00:41:19 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {10BADE2D-1FBD-46A7-8B81-EC5E8E068F85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-07] (Google Inc.)
Task: {5BA30FB5-48AE-473A-A31B-F7A924CF3557} - System32\Tasks\{CF2B5FE6-7EDC-4944-9F21-0AAFF372ED06} => Firefox.exe Downloading
Task: {6974FCE7-F142-424A-A5FD-708110A73DD5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-07] (Google Inc.)
Task: {9E1EB2FE-D65E-45E9-AF1E-E1771FE6702E} - System32\Tasks\{1EECBF9F-137C-4CE0-A3B7-48000CA9FEF3} => Firefox.exe Downloading
Task: {D95B6BA3-E07C-41F2-8451-4A9BD6524A4A} - System32\Tasks\AdobeAAMUpdater-1.0-Hannelore-PC-Hannelore => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {F29F64B4-AA44-4500-A06C-B5FF40FA5439} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-01-17 12:12 - 2013-01-31 11:25 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-12-11 10:39 - 2010-06-17 21:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-12-19 04:42 - 2013-12-19 04:42 - 00350840 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2012-02-13 16:41 - 2012-02-13 16:41 - 00006144 _____ () C:\Users\Hannelore\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\CoreTempReader.dll
2012-02-13 16:41 - 2012-02-13 16:41 - 00008704 _____ () C:\Users\Hannelore\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\GetCoreTempInfoNET.dll
2012-02-13 16:41 - 2012-02-13 16:41 - 00007680 _____ () C:\Users\Hannelore\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\SystemInfo.dll
2012-02-09 17:26 - 2010-12-17 14:25 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2012-02-09 17:26 - 2010-12-17 14:25 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2012-02-09 17:26 - 2010-12-17 14:25 - 00105584 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2012-02-09 17:26 - 2010-12-17 14:25 - 64643696 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Hannelore\AppData\Roaming\Dropbox\bin\libcef.dll
2014-05-11 14:09 - 2014-05-11 14:09 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-30 12:00 - 2014-04-30 12:00 - 03019888 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-04-30 12:00 - 2014-04-30 12:00 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-04-30 12:00 - 2014-04-30 12:00 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-04-29 08:58 - 2014-04-29 08:58 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns1
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns2
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns3
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns4

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/16/2014 04:29:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/14/2014 10:19:24 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Volume "System (C:)" wurde aufgrund eines Fehlers nicht defragmentiert: Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)

Error: (05/11/2014 09:54:18 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Volume "System (C:)" wurde aufgrund eines Fehlers nicht defragmentiert: Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)

Error: (05/10/2014 02:16:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Photoshop.exe, Version 13.0.1.34 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 17bc

Startzeit: 01cf6c48015ee4d7

Endzeit: 19021

Anwendungspfad: C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe

Berichts-ID:

Error: (05/09/2014 03:50:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18ec

Startzeit: 01cf6b8150504e52

Endzeit: 52

Anwendungspfad: C:\Windows\explorer.exe

Berichts-ID: b2478384-d780-11e3-984e-404e57434401

Error: (05/09/2014 02:19:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ad4

Startzeit: 01cf6b68907d622c

Endzeit: 60000

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 08f2546b-d774-11e3-984e-404e57434401

Error: (05/09/2014 11:09:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: EXPLORERFRAME.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c6a8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000411ce
ID des fehlerhaften Prozesses: 0xacc
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (05/09/2014 10:43:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm DllHost.exe, Version 6.1.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1114

Startzeit: 01cf6b620ec2cc91

Endzeit: 60000

Anwendungspfad: C:\Windows\system32\DllHost.exe

Berichts-ID: ce7db22d-d755-11e3-95cc-404e57434401

Error: (05/09/2014 10:43:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Persbackup.exe, Version 5.5.6.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 7c8

Startzeit: 01cf6b5ebcb66845

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Personal Backup 5\Persbackup.exe

Berichts-ID:

Error: (05/08/2014 07:46:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 9ac

Startzeit: 01cf6accf05c751d

Endzeit: 60000

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 5e912d91-d6d8-11e3-a7d0-404e57434401


System errors:
=============
Error: (05/16/2014 09:44:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SearchAnonymizer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (05/16/2014 02:34:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "G Data Personal Firewall" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (05/16/2014 02:34:29 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst G Data Personal Firewall erreicht.

Error: (05/15/2014 09:18:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SearchAnonymizer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (05/14/2014 09:34:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SearchAnonymizer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (05/14/2014 01:45:21 AM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (05/14/2014 01:44:21 AM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (05/14/2014 01:43:21 AM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (05/13/2014 10:10:21 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (05/13/2014 08:59:21 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.


Microsoft Office Sessions:
=========================
Error: (12/19/2013 11:29:34 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 215 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/17/2013 06:04:08 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 13053 seconds with 8640 seconds of active time.  This session ended with a crash.

Error: (09/05/2013 10:53:31 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 572 seconds with 420 seconds of active time.  This session ended with a crash.

Error: (06/03/2013 11:00:43 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 68 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/03/2013 04:07:11 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16870 seconds with 1620 seconds of active time.  This session ended with a crash.

Error: (05/01/2013 10:32:39 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 157549 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/25/2013 01:50:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 62 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/16/2012 04:28:05 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 23042 seconds with 6540 seconds of active time.  This session ended with a crash.

Error: (06/02/2012 07:18:33 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 248 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (05/29/2012 10:36:11 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 75 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Percentage of memory in use: 53%
Total physical RAM: 8169.32 MB
Available physical RAM: 3770.06 MB
Total Pagefile: 16336.82 MB
Available Pagefile: 11208.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:984.01 GB) (Free:868 GB) NTFS
Drive d: (Daten HDD1) (Fixed) (Total:1081.77 GB) (Free:214.85 GB) NTFS
Drive e: (HDD2-1) (Fixed) (Total:878.91 GB) (Free:516.2 GB) NTFS
Drive f: (HDD2-2) (Fixed) (Total:781.25 GB) (Free:157.44 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: EA7A706F)
Partition 1: (Not Active) - (Size=-1037485211648) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=781 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: EA7A7079)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=984 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=879 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

--- --- ---


Und hier das Additional scan-Ergebnis:

Zitat:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05-2014
Ran by Hannelore at 2014-05-16 19:26:18
Running from C:\Users\Hannelore\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: G Data InternetSecurity (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data InternetSecurity (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Active@ ISO Burner (HKLM-x32\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.1 - LSoft Technologies)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.5.0.1060 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.5 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version: - )
Apophysis 2.0 (HKLM-x32\...\Apophysis 2.0) (Version: - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{E4166C46-5BCD-0EB0-AF19-25E9F27A985B}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CanoScan 9000F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9602) (Version: - )
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.4.12044 - Landesfinanzdirektion Thüringen)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
G Data InternetSecurity (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HijackThis 2.0.2 (HKLM-x32\...\HijackThis) (Version: 2.0.2 - TrendMicro)
IMAPSize 0.3.7 (HKLM-x32\...\IMAPSize_is1) (Version: - Broobles)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
jAlbum (HKLM-x32\...\{BEA1650D-B938-46D2-A384-4D2A41067261}) (Version: 11.6.3 - Jalbum AB)
JannieBall (HKLM-x32\...\ST6UNST #1) (Version: - )
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
KompoZer 0.77 (HKLM-x32\...\KompoZer_is1) (Version: 0.77 - Thorsten Fritz)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NAVIGON Fresh 3.4.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.4.1 - NAVIGON)
Neat Image v7.2.0 Demo plug-in for Photoshop (64-bit) (HKLM\...\Neat Image plug-in for Photoshop_is1) (Version: - Neat Image team, ABSoft)
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
No23 Recorder (x32 Version: 2.1.0.3 - No23) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Perfect Effects 8 (HKLM-x32\...\{ABC791C9-E95B-40C8-8BDD-F5E84E2E268B}) (Version: 8.1.0 - onOne Software)
Personal Backup 5.5 (HKLM-x32\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev)
PhotoLine 32, Version 12.05 (HKLM-x32\...\PhotoLine 32_is1) (Version: - )
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
SearchAnonymizer (HKLM\...\SearchAnonymizer) (Version: 1.0.1 (de) - )
Sigel Professional Label Software SE (HKLM-x32\...\Sigel Professional Label Software SE) (Version: - )
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Streamripper (Remove only) (HKLM-x32\...\Streamripper) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TKexe (HKLM-x32\...\Kalender) (Version: - )
TKexe designer (HKCU\...\c4db908bc0b92124) (Version: 2.0.1.11 - TKexe Printservice)
TreeSize Free V2.7 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
Ulead Photo Explorer 8.6 (HKLM-x32\...\{025C3792-E9C6-432A-92C1-661F99D021CA}) (Version: 8.6 - Ulead Systems, Inc.)
Ulead PhotoImpact (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - )
Ulead PhotoImpact 11 (HKLM-x32\...\{C8550C86-A712-4219-AD4C-038C9FD1D149}) (Version: 11.0 - Ulead System)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{2D2BD030-2DC0-478F-9710-3554FFC0D797}) (Version: 1.0.7.3 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{C0D71DFA-F9D4-45C2-A6C9-DAE2212766EE}) (Version: 2.3.0.20 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{8A7B24E8-864E-4794-95C4-17644D0991AA}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{50469799-BDF0-4F98-BCC4-80FC3F1F14E1}) (Version: 2.3.0.20 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{1ec9e03a-452b-48fb-8e1b-27ee0477985f}) (Version: 2.3.0.20 - Western Digital Technologies, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
XnView 2.13 (HKLM-x32\...\XnView_is1) (Version: 2.13 - Gougelet Pierre-e)

==================== Restore Points =========================

08-05-2014 09:04:21 Installed WD Drive Utilities
09-05-2014 09:28:22 AGFEO TK-ServiceProvider3 (x64) wird entfernt
10-05-2014 00:50:56 Windows Update
14-05-2014 00:29:45 Windows Update
15-05-2014 00:41:19 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {10BADE2D-1FBD-46A7-8B81-EC5E8E068F85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-07] (Google Inc.)
Task: {5BA30FB5-48AE-473A-A31B-F7A924CF3557} - System32\Tasks\{CF2B5FE6-7EDC-4944-9F21-0AAFF372ED06} => Firefox.exe Downloading
Task: {6974FCE7-F142-424A-A5FD-708110A73DD5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-07] (Google Inc.)
Task: {9E1EB2FE-D65E-45E9-AF1E-E1771FE6702E} - System32\Tasks\{1EECBF9F-137C-4CE0-A3B7-48000CA9FEF3} => Firefox.exe Downloading
Task: {D95B6BA3-E07C-41F2-8451-4A9BD6524A4A} - System32\Tasks\AdobeAAMUpdater-1.0-Hannelore-PC-Hannelore => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {F29F64B4-AA44-4500-A06C-B5FF40FA5439} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-01-17 12:12 - 2013-01-31 11:25 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-12-11 10:39 - 2010-06-17 21:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-12-19 04:42 - 2013-12-19 04:42 - 00350840 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2012-02-13 16:41 - 2012-02-13 16:41 - 00006144 _____ () C:\Users\Hannelore\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\CoreTempReader.dll
2012-02-13 16:41 - 2012-02-13 16:41 - 00008704 _____ () C:\Users\Hannelore\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\GetCoreTempInfoNET.dll
2012-02-13 16:41 - 2012-02-13 16:41 - 00007680 _____ () C:\Users\Hannelore\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\SystemInfo.dll
2012-02-09 17:26 - 2010-12-17 14:25 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2012-02-09 17:26 - 2010-12-17 14:25 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2012-02-09 17:26 - 2010-12-17 14:25 - 00105584 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2012-02-09 17:26 - 2010-12-17 14:25 - 64643696 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Hannelore\AppData\Roaming\Dropbox\bin\libcef.dll
2014-05-11 14:09 - 2014-05-11 14:09 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-30 12:00 - 2014-04-30 12:00 - 03019888 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-04-30 12:00 - 2014-04-30 12:00 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-04-30 12:00 - 2014-04-30 12:00 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-04-29 08:58 - 2014-04-29 08:58 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns1
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns2
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns3
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns4

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/16/2014 04:29:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/14/2014 10:19:24 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Volume "System (C:)" wurde aufgrund eines Fehlers nicht defragmentiert: Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)

Error: (05/11/2014 09:54:18 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Volume "System (C:)" wurde aufgrund eines Fehlers nicht defragmentiert: Die Startoptimierung konnte aufgrund fehlenden Speicherplatzes nicht abgeschlossen werden. (0x89000019)

Error: (05/10/2014 02:16:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Photoshop.exe, Version 13.0.1.34 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 17bc

Startzeit: 01cf6c48015ee4d7

Endzeit: 19021

Anwendungspfad: C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe

Berichts-ID:

Error: (05/09/2014 03:50:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18ec

Startzeit: 01cf6b8150504e52

Endzeit: 52

Anwendungspfad: C:\Windows\explorer.exe

Berichts-ID: b2478384-d780-11e3-984e-404e57434401

Error: (05/09/2014 02:19:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ad4

Startzeit: 01cf6b68907d622c

Endzeit: 60000

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 08f2546b-d774-11e3-984e-404e57434401

Error: (05/09/2014 11:09:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: EXPLORERFRAME.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c6a8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000411ce
ID des fehlerhaften Prozesses: 0xacc
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (05/09/2014 10:43:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm DllHost.exe, Version 6.1.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1114

Startzeit: 01cf6b620ec2cc91

Endzeit: 60000

Anwendungspfad: C:\Windows\system32\DllHost.exe

Berichts-ID: ce7db22d-d755-11e3-95cc-404e57434401

Error: (05/09/2014 10:43:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Persbackup.exe, Version 5.5.6.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 7c8

Startzeit: 01cf6b5ebcb66845

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Personal Backup 5\Persbackup.exe

Berichts-ID:

Error: (05/08/2014 07:46:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 9ac

Startzeit: 01cf6accf05c751d

Endzeit: 60000

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 5e912d91-d6d8-11e3-a7d0-404e57434401


System errors:
=============
Error: (05/16/2014 09:44:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SearchAnonymizer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (05/16/2014 02:34:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "G Data Personal Firewall" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (05/16/2014 02:34:29 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst G Data Personal Firewall erreicht.

Error: (05/15/2014 09:18:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SearchAnonymizer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (05/14/2014 09:34:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SearchAnonymizer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (05/14/2014 01:45:21 AM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (05/14/2014 01:44:21 AM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (05/14/2014 01:43:21 AM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (05/13/2014 10:10:21 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (05/13/2014 08:59:21 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.


Microsoft Office Sessions:
=========================
Error: (12/19/2013 11:29:34 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 215 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/17/2013 06:04:08 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 13053 seconds with 8640 seconds of active time. This session ended with a crash.

Error: (09/05/2013 10:53:31 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 572 seconds with 420 seconds of active time. This session ended with a crash.

Error: (06/03/2013 11:00:43 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 68 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/03/2013 04:07:11 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16870 seconds with 1620 seconds of active time. This session ended with a crash.

Error: (05/01/2013 10:32:39 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 157549 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/25/2013 01:50:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 62 seconds with 0 seconds of active time. This session ended with a crash.

Error: (07/16/2012 04:28:05 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 23042 seconds with 6540 seconds of active time. This session ended with a crash.

Error: (06/02/2012 07:18:33 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 248 seconds with 60 seconds of active time. This session ended with a crash.

Error: (05/29/2012 10:36:11 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 75 seconds with 0 seconds of active time. This session ended with a crash.


==================== Memory info ===========================

Percentage of memory in use: 53%
Total physical RAM: 8169.32 MB
Available physical RAM: 3770.06 MB
Total Pagefile: 16336.82 MB
Available Pagefile: 11208.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:984.01 GB) (Free:868 GB) NTFS
Drive d: (Daten HDD1) (Fixed) (Total:1081.77 GB) (Free:214.85 GB) NTFS
Drive e: (HDD2-1) (Fixed) (Total:878.91 GB) (Free:516.2 GB) NTFS
Drive f: (HDD2-2) (Fixed) (Total:781.25 GB) (Free:157.44 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: EA7A706F)
Partition 1: (Not Active) - (Size=-1037485211648) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=781 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: EA7A7079)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=984 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=879 GB) - (Type=07 NTFS)

==================== End Of Log ============================

joelsuma 17.05.2014 19:32
... muss ich noch etwas liefern?

schrauber 17.05.2014 19:35
MBAM updaten, Scannen, Funde löschen.

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

joelsuma 18.05.2014 10:09
Na, dann weiß ich ja, was ich morgen zu tun habe. Vielen Danke einstweilen ... :dankeschoen:
joelsuma

Hallo Schrauber,

alle Anweisungen ausgeführt:

AdwCleaner Logfile:
Code:
# AdwCleaner v3.208 - Bericht erstellt am 18/05/2014 um 10:36:27
# Aktualisiert 11/05/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Hannelore - JANUS
# Gestartet von : C:\Users\Hannelore\Desktop\adwcleaner_3.208.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : SearchAnonymizer

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Users\Hannelore\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\HANNEL~1\AppData\Local\Temp\mt_ffx
Ordner Gelöscht : C:\Users\HANNEL~1\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Hannelore\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Hannelore\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\Hannelore\AppData\Roaming\OCS
Ordner Gelöscht : C:\Users\Hannelore\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\sparpilot@sparpilot.com
Ordner Gelöscht : C:\Users\Hannelore\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Datei Gelöscht : C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\invalidprefs.js
Datei Gelöscht : C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\lv0d227a.default\user.js
Datei Gelöscht : C:\Users\Hannelore\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage
Datei Gelöscht : C:\Users\Hannelore\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage-journal

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKCU\Software\524ddd9b53fe413
Schlüssel Gelöscht : HKLM\SOFTWARE\524ddd9b53fe413
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cdex_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cdex_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_jannieballs_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_jannieballs_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\Alexa Internet
Schlüssel Gelöscht : HKCU\Software\distromatic
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Lyrics_Monkey
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAnonymizer

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\prefs.js ]

Zeile gelöscht : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.id", "9230138b00000000000014dae9b1bf0f");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15761");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.10.0");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.10.016:19:41");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.10.0");
Zeile gelöscht : user_pref("extensions.helperbar.BackPageActive", true);
Zeile gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Zeile gelöscht : user_pref("extensions.helperbar.Visibility", true);
Zeile gelöscht : user_pref("extensions.helperbar.backPageCapacity", 3);
Zeile gelöscht : user_pref("extensions.helperbar.backPageCounter", 0);
Zeile gelöscht : user_pref("extensions.helperbar.backPageDay", 22);
Zeile gelöscht : user_pref("extensions.helperbar.backPageLastEvent", "1395306930034");
Zeile gelöscht : user_pref("extensions.helperbar.backPageMinInterval", 15);
Zeile gelöscht : user_pref("extensions.helperbar.barcodeid", "127028");
Zeile gelöscht : user_pref("extensions.helperbar.countryiso", "de");
Zeile gelöscht : user_pref("extensions.helperbar.downloadprovider", "snapdoocybch");
Zeile gelöscht : user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\"],\\\"hxxpInjection\\\":\\\"hxxp:\\\\\\/\\\\\\/www.superfish.com\\\\\\/ws\\\\\\/[...]
Zeile gelöscht : user_pref("extensions.helperbar.fromautoupdate", "false");
Zeile gelöscht : user_pref("extensions.helperbar.installationid", "8b0f8edb-fae7-ed74-7767-767891b54141");
Zeile gelöscht : user_pref("extensions.helperbar.installdate", "22/03/2014");
Zeile gelöscht : user_pref("extensions.helperbar.keepAliveLastevent", "1395479728");
Zeile gelöscht : user_pref("extensions.helperbar.lastExternalJsUpdate", "1395479746461");
Zeile gelöscht : user_pref("extensions.helperbar.publisher", "snapdoocyb");

-\\ Google Chrome v34.0.1847.137

[ Datei : C:\Users\Hannelore\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0BoSeW1UbsqGYWi9W7bAKYZEtgbjycUzLQpLPXiG4TFAk4jWTH5vunUh6zpnefwJCXpUEM-BMIwXsPwY1QSr-k2tAQBi0TViesr96xhj9VtxfvVIw9z4yr4esGHuLaeup&q={searchTerms}
Gelöscht [Extension] : jbolfgndggfhhpbnkgnpjkfhinclbigj
Gelöscht [Extension] : khialnikbocfgkohdegnebhmmaifoglp

*************************

AdwCleaner[R0].txt - [9161 octets] - [18/05/2014 10:34:32]
AdwCleaner[S0].txt - [8736 octets] - [18/05/2014 10:36:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8796 octets] ##########[/QUOTE]
--- --- ---

Zitat:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Hannelore on 18.05.2014 at 10:49:24,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-358328064-3020620440-2983200396-1000\Software\sweetim



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Empty Folder] C:\Users\Hannelore\appdata\local\{8c2f2eb4-a93e-94dc-870f-bfd953114134}



~~~ FireFox

Emptied folder: C:\Users\Hannelore\AppData\Roaming\mozilla\firefox\profiles\tctzyckl.default\minidumps [86 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.05.2014 at 10:56:54,66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-05-2014
Ran by Hannelore (administrator) on JANUS on 18-05-2014 11:00:55
Running from C:\Users\Hannelore\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Dropbox, Inc.) C:\Users\Hannelore\AppData\Roaming\Dropbox\bin\Dropbox.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-26] (CANON INC.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2489456 2010-12-17] (VIA)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-07-10] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5545328 2014-02-28] (Western Digital Technologies, Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-358328064-3020620440-2983200396-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-358328064-3020620440-2983200396-1000\...\Run: [] => [X]
Startup: C:\Users\Hannelore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Hannelore\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?p=pLsH3anR-Rz0cILJ
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD1F87D7F6457CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default
FF NewTab: chrome://fvd.speeddial/content/fvd_about_blank.html
FF SelectedSearchEngine: Google
FF Homepage: chrome://fvd.speeddial/content/fvd_about_blank.html
FF Keyword.URL: hxxp://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Speed Dial [FVD] - New Tab Page, Sync... - C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\pavel.sherbakov@gmail.com [2014-05-16]
FF Extension: ColorZilla - C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2012-11-28]
FF Extension: WOT - C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: FoxLingo - C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} [2012-11-10]
FF Extension: Open With Photoshop - C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\{f3f219f9-cbce-467e-b8fe-6e076d29665c} [2014-03-27]
FF Extension: Customizable Shortcuts - C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\customizable-shortcuts@timtaubert.de.xpi [2014-02-28]
FF Extension: Firebug - C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\firebug@software.joehewitt.com.xpi [2012-05-23]
FF Extension: Flagfox - C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-08]
FF Extension: PDF to Word - C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\{b6f3913d-d2e8-480c-9aca-c41d3d4c1db3}.xpi [2013-05-11]
FF Extension: Adblock Plus - C:\Users\Hannelore\AppData\Roaming\Mozilla\Firefox\Profiles\tctzyckl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-23]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-12-16]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR StartupUrls: "hxxp://www.google.com"
CHR DefaultSearchKeyword: delta-search.com
CHR DefaultSearchProvider: Delta Search
CHR DefaultSearchURL: hxxp://www.delta-search.com/?q={searchTerms}&affID=119828&babsrc=SP_ss&mntrId=9230138b00000000000014dae9b1bf0f
CHR DefaultNewTabURL:
CHR Extension: (Google Drive) - C:\Users\Hannelore\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-29]
CHR Extension: (YouTube) - C:\Users\Hannelore\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-29]
CHR Extension: (Google-Suche) - C:\Users\Hannelore\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-29]
CHR Extension: (No Name) - C:\Users\Hannelore\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2014-03-26]
CHR Extension: (Google Wallet) - C:\Users\Hannelore\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-06]
CHR Extension: (Google Mail) - C:\Users\Hannelore\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-29]

==================== Services (Whitelisted) =================

R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2723400 2014-03-25] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2992760 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-02-28] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [271728 2014-02-28] (Western Digital Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)
R3 FUS2BASE; C:\Windows\System32\DRIVERS\fus2base.sys [696832 2009-06-10] (AVM Berlin)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [57344 2014-04-10] (G Data Software AG)
R3 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [22016 2014-04-10] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [135168 2014-04-10] (G Data Software AG)
S3 GdNetMon; C:\Windows\system32\drivers\GdNetMon64.sys [31448 2012-02-09] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [68608 2014-04-10] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-04-10] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-05-16] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65024 2014-04-10] (G Data Software AG)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-12-25] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-18 10:56 - 2014-05-18 10:56 - 00001134 _____ () C:\Users\Hannelore\Desktop\JRT.txt
2014-05-18 10:49 - 2014-05-18 10:49 - 00000000 ____D () C:\Windows\ERUNT
2014-05-18 10:42 - 2014-05-18 10:42 - 00008896 _____ () C:\Users\Hannelore\Desktop\AdwCleaner[S0].txt
2014-05-18 10:35 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-18 10:34 - 2014-05-18 10:36 - 00000000 ____D () C:\AdwCleaner
2014-05-18 10:25 - 2014-05-18 10:25 - 00001453 _____ () C:\Users\Hannelore\Desktop\anweisungen 18052014.txt
2014-05-18 10:09 - 2014-05-18 10:09 - 01016261 _____ (Thisisu) C:\Users\Hannelore\Desktop\JRT.exe
2014-05-18 10:06 - 2014-05-18 10:06 - 01325827 _____ () C:\Users\Hannelore\Desktop\adwcleaner_3.208.exe
2014-05-17 12:30 - 2014-05-17 12:30 - 00000000 ____D () C:\Users\Hannelore\AppData\Roaming\DropboxMaster
2014-05-16 19:26 - 2014-05-16 19:28 - 00034376 _____ () C:\Users\Hannelore\Desktop\Addition.txt
2014-05-16 19:22 - 2014-05-18 11:00 - 00015863 _____ () C:\Users\Hannelore\Desktop\FRST.txt
2014-05-16 19:19 - 2014-05-18 11:00 - 00000000 ____D () C:\FRST
2014-05-16 19:14 - 2014-05-16 19:14 - 02067456 _____ (Farbar) C:\Users\Hannelore\Desktop\FRST64.exe
2014-05-16 16:49 - 2014-05-18 10:11 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-16 16:48 - 2014-05-16 16:48 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-16 16:48 - 2014-05-16 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-16 16:48 - 2014-05-16 16:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-16 16:48 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-16 16:48 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-16 16:48 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-15 02:50 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 02:50 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 02:50 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 02:50 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 02:50 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 02:50 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 15:42 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 15:42 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 15:42 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 15:42 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 15:41 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 15:41 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 15:41 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 15:41 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 15:41 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 15:41 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 15:41 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 15:41 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 15:41 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 15:41 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 15:41 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 15:41 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 15:41 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 15:41 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 15:41 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 15:41 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 15:41 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 15:41 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 15:41 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 15:41 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 15:41 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 15:41 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 15:41 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 15:41 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 15:41 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 15:41 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 15:41 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 15:41 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 15:41 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 15:41 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 15:41 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 15:41 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 15:41 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 15:41 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 15:41 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 15:41 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 15:41 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 15:41 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 15:41 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 15:41 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 15:41 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-11 14:09 - 2014-05-11 14:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 16:03 - 2014-05-09 16:03 - 00000000 __SHD () C:\Users\Hannelore\AppData\Local\EmieUserList
2014-05-09 16:03 - 2014-05-09 16:03 - 00000000 __SHD () C:\Users\Hannelore\AppData\Local\EmieSiteList
2014-05-08 16:53 - 2014-05-09 17:41 - 00000000 ____D () C:\Users\Hannelore\Documents\PersBackup
2014-05-08 16:53 - 2014-05-08 18:48 - 00000000 ____D () C:\Users\Hannelore\AppData\Roaming\PersBackup5
2014-05-08 16:48 - 2014-05-08 16:56 - 00001086 _____ () C:\Users\Public\Desktop\Personal Backup 5.lnk
2014-05-08 16:48 - 2014-05-08 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Personal Backup
2014-05-08 16:48 - 2014-05-08 16:56 - 00000000 ____D () C:\Program Files (x86)\Personal Backup 5
2014-05-08 11:32 - 2014-05-08 11:32 - 00001220 _____ () C:\Users\Hannelore\Desktop\WD Quick View.lnk
2014-05-08 11:23 - 2014-05-08 11:23 - 00001174 _____ () C:\Users\Hannelore\Desktop\WD SmartWare.lnk
2014-05-08 11:17 - 2014-05-08 11:17 - 00001253 _____ () C:\Users\Hannelore\Desktop\WD Drive Utilities.lnk
2014-05-06 09:03 - 2014-05-15 09:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-30 12:00 - 2014-04-30 12:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-30 02:37 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-30 02:37 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-30 02:37 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-30 02:37 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-30 02:37 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-30 02:37 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-30 02:37 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-30 02:37 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-30 02:37 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-30 02:37 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-30 02:37 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-30 02:37 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-30 02:37 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-30 02:37 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-30 02:37 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-30 02:37 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-30 02:37 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-30 02:37 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-30 02:37 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-30 02:37 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-30 02:37 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-30 02:37 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-30 02:37 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-30 02:37 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-30 02:37 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-30 02:37 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-30 02:37 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-30 02:37 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-30 02:37 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-30 02:37 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-30 02:37 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-30 02:37 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-30 02:37 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-30 02:37 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-30 02:37 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-30 02:37 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-30 02:37 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-30 02:37 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-30 02:37 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-30 02:37 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-30 02:37 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-30 02:37 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-30 02:37 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-30 02:37 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-28 09:14 - 2014-05-18 10:39 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2014-04-21 14:08 - 2014-04-21 14:08 - 00001931 _____ () C:\Users\Public\Desktop\Perfect Effects 8.lnk
2014-04-21 14:08 - 2014-04-21 14:08 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\onOne Software
2014-04-21 14:07 - 2014-04-21 14:07 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Adobe
2014-04-21 14:07 - 2014-04-21 14:07 - 00000000 ____D () C:\Program Files\onOne Software
2014-04-21 14:06 - 2014-04-21 14:07 - 00000000 ____D () C:\ProgramData\onOne Software
2014-04-21 14:06 - 2014-04-21 14:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\onOne Software
2014-04-20 14:05 - 2014-04-20 14:05 - 00000000 ____D () C:\Users\Hannelore\AppData\Local\Skype
2014-04-20 14:04 - 2014-04-20 14:04 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-20 14:04 - 2014-04-20 14:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-20 14:04 - 2014-04-20 14:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== One Month Modified Files and Folders =======

2014-05-18 11:01 - 2014-05-16 19:22 - 00015863 _____ () C:\Users\Hannelore\Desktop\FRST.txt
2014-05-18 11:00 - 2014-05-16 19:19 - 00000000 ____D () C:\FRST
2014-05-18 10:56 - 2014-05-18 10:56 - 00001134 _____ () C:\Users\Hannelore\Desktop\JRT.txt
2014-05-18 10:55 - 2012-05-07 15:48 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-18 10:49 - 2014-05-18 10:49 - 00000000 ____D () C:\Windows\ERUNT
2014-05-18 10:47 - 2009-07-14 06:45 - 00015120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-18 10:47 - 2009-07-14 06:45 - 00015120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-18 10:42 - 2014-05-18 10:42 - 00008896 _____ () C:\Users\Hannelore\Desktop\AdwCleaner[S0].txt
2014-05-18 10:40 - 2012-02-17 19:08 - 00000000 ___RD () C:\Users\Hannelore\Dropbox
2014-05-18 10:40 - 2012-02-17 19:05 - 00000000 ____D () C:\Users\Hannelore\AppData\Roaming\Dropbox
2014-05-18 10:39 - 2014-04-28 09:14 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2014-05-18 10:39 - 2012-05-07 15:47 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-18 10:38 - 2012-02-09 18:59 - 00506650 _____ () C:\Windows\PFRO.log
2014-05-18 10:38 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-18 10:38 - 2009-07-14 06:51 - 00076793 _____ () C:\Windows\setupact.log
2014-05-18 10:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-18 10:37 - 2012-02-09 17:12 - 01204110 _____ () C:\Windows\WindowsUpdate.log
2014-05-18 10:36 - 2014-05-18 10:34 - 00000000 ____D () C:\AdwCleaner
2014-05-18 10:26 - 2014-02-10 13:28 - 00000000 ____D () C:\Users\Hannelore\AppData\Local\Clipboarder
2014-05-18 10:25 - 2014-05-18 10:25 - 00001453 _____ () C:\Users\Hannelore\Desktop\anweisungen 18052014.txt
2014-05-18 10:11 - 2014-05-16 16:49 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-18 10:09 - 2014-05-18 10:09 - 01016261 _____ (Thisisu) C:\Users\Hannelore\Desktop\JRT.exe
2014-05-18 10:06 - 2014-05-18 10:06 - 01325827 _____ () C:\Users\Hannelore\Desktop\adwcleaner_3.208.exe
2014-05-18 02:00 - 2012-02-11 19:04 - 00000000 ____D () C:\Users\Hannelore\AppData\Local\Adobe
2014-05-17 19:02 - 2013-01-21 15:05 - 00000132 _____ () C:\Users\Hannelore\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2014-05-17 12:30 - 2014-05-17 12:30 - 00000000 ____D () C:\Users\Hannelore\AppData\Roaming\DropboxMaster
2014-05-17 12:30 - 2012-02-17 19:08 - 00001034 _____ () C:\Users\Hannelore\Desktop\Dropbox.lnk
2014-05-17 12:30 - 2012-02-17 19:06 - 00000000 ____D () C:\Users\Hannelore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-17 12:30 - 2012-02-09 17:13 - 00000000 ___RD () C:\Users\Hannelore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-17 12:26 - 2012-12-31 19:00 - 00001456 _____ () C:\Users\Hannelore\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-05-16 19:28 - 2014-05-16 19:26 - 00034376 _____ () C:\Users\Hannelore\Desktop\Addition.txt
2014-05-16 19:14 - 2014-05-16 19:14 - 02067456 _____ (Farbar) C:\Users\Hannelore\Desktop\FRST64.exe
2014-05-16 16:48 - 2014-05-16 16:48 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-16 16:48 - 2014-05-16 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-16 16:48 - 2014-05-16 16:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-16 16:48 - 2012-08-04 16:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-16 10:35 - 2014-01-28 13:04 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2014-05-16 10:35 - 2012-12-24 19:36 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2014-05-16 02:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-15 15:07 - 2014-02-27 11:04 - 00002181 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-15 09:20 - 2012-02-09 17:13 - 00000000 ___RD () C:\Users\Hannelore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 09:16 - 2014-05-06 09:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-15 02:49 - 2012-05-05 18:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 02:48 - 2013-08-14 10:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 02:44 - 2012-02-12 15:14 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 10:14 - 2012-06-06 09:45 - 00000000 ____D () C:\Users\Hannelore\AppData\Roaming\XnView
2014-05-12 09:29 - 2012-09-07 14:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-11 14:09 - 2014-05-11 14:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-10 12:39 - 2013-04-19 11:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2014-05-10 09:45 - 2013-10-31 15:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-09 17:41 - 2014-05-08 16:53 - 00000000 ____D () C:\Users\Hannelore\Documents\PersBackup
2014-05-09 16:03 - 2014-05-09 16:03 - 00000000 __SHD () C:\Users\Hannelore\AppData\Local\EmieUserList
2014-05-09 16:03 - 2014-05-09 16:03 - 00000000 __SHD () C:\Users\Hannelore\AppData\Local\EmieSiteList
2014-05-09 12:19 - 2013-10-31 15:06 - 00003824 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-09 08:14 - 2014-05-14 15:42 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 15:42 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 18:48 - 2014-05-08 16:53 - 00000000 ____D () C:\Users\Hannelore\AppData\Roaming\PersBackup5
2014-05-08 16:56 - 2014-05-08 16:48 - 00001086 _____ () C:\Users\Public\Desktop\Personal Backup 5.lnk
2014-05-08 16:56 - 2014-05-08 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Personal Backup
2014-05-08 16:56 - 2014-05-08 16:48 - 00000000 ____D () C:\Program Files (x86)\Personal Backup 5
2014-05-08 11:32 - 2014-05-08 11:32 - 00001220 _____ () C:\Users\Hannelore\Desktop\WD Quick View.lnk
2014-05-08 11:23 - 2014-05-08 11:23 - 00001174 _____ () C:\Users\Hannelore\Desktop\WD SmartWare.lnk
2014-05-08 11:22 - 2009-07-14 19:58 - 00713806 _____ () C:\Windows\system32\perfh007.dat
2014-05-08 11:22 - 2009-07-14 19:58 - 00153922 _____ () C:\Windows\system32\perfc007.dat
2014-05-08 11:22 - 2009-07-14 07:13 - 01648056 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-08 11:17 - 2014-05-08 11:17 - 00001253 _____ () C:\Users\Hannelore\Desktop\WD Drive Utilities.lnk
2014-05-08 11:06 - 2013-12-30 13:50 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2014-05-08 11:06 - 2013-08-07 17:54 - 00057970 _____ () C:\Windows\DPINST.LOG
2014-05-06 18:50 - 2012-05-07 15:48 - 00004112 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-06 18:50 - 2012-05-07 15:48 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-06 06:40 - 2014-05-15 02:50 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-15 02:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-15 02:50 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-15 02:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-15 02:50 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-15 02:50 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 18:03 - 2014-01-28 11:51 - 00000000 ____D () C:\Users\Hannelore\AppData\Roaming\Audacity
2014-04-30 12:01 - 2014-04-30 12:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-29 08:58 - 2013-10-31 15:06 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 08:58 - 2013-10-31 15:06 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-28 11:33 - 2012-04-13 18:54 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-28 11:32 - 2012-04-13 18:54 - 00000000 ____D () C:\Users\Hannelore\AppData\Local\Google
2014-04-24 17:11 - 2013-01-07 11:55 - 00000000 ____D () C:\Users\Hannelore\AppData\Roaming\PhotoLine
2014-04-21 14:08 - 2014-04-21 14:08 - 00001931 _____ () C:\Users\Public\Desktop\Perfect Effects 8.lnk
2014-04-21 14:08 - 2014-04-21 14:08 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\onOne Software
2014-04-21 14:08 - 2014-01-18 15:41 - 00000000 ____D () C:\Users\Hannelore\AppData\Roaming\onOne Software
2014-04-21 14:07 - 2014-04-21 14:07 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Adobe
2014-04-21 14:07 - 2014-04-21 14:07 - 00000000 ____D () C:\Program Files\onOne Software
2014-04-21 14:07 - 2014-04-21 14:06 - 00000000 ____D () C:\ProgramData\onOne Software
2014-04-21 14:06 - 2014-04-21 14:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\onOne Software
2014-04-21 14:06 - 2014-01-18 15:39 - 00000000 ____D () C:\Program Files (x86)\onOne Software
2014-04-21 14:06 - 2012-02-09 17:28 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-21 02:04 - 2013-11-18 18:19 - 00000000 ____D () C:\Users\Hannelore\AppData\Roaming\Skype
2014-04-20 14:05 - 2014-04-20 14:05 - 00000000 ____D () C:\Users\Hannelore\AppData\Local\Skype
2014-04-20 14:04 - 2014-04-20 14:04 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-20 14:04 - 2014-04-20 14:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-20 14:04 - 2014-04-20 14:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-20 14:04 - 2013-11-18 18:18 - 00000000 ____D () C:\ProgramData\Skype

ZeroAccess:
C:\Users\Hannelore\AppData\Local\{8c2f2eb4-a93e-94dc-870f-bfd953114134}
C:\Users\Hannelore\AppData\Local\{8c2f2eb4-a93e-94dc-870f-bfd953114134}\@

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.4528.dll


Some content of TEMP:
====================
C:\Users\Hannelore\AppData\Local\Temp\6_Offer_8.exe
C:\Users\Hannelore\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\Hannelore\AppData\Local\Temp\ACDSee Pro 7.exe
C:\Users\Hannelore\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmlja1n.dll
C:\Users\Hannelore\AppData\Local\Temp\finvap.exe
C:\Users\Hannelore\AppData\Local\Temp\install_flashplayer13x32au_mssd_aaa_aih.exe
C:\Users\Hannelore\AppData\Local\Temp\iv_uninstall.exe
C:\Users\Hannelore\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Hannelore\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Hannelore\AppData\Local\Temp\Quarantine.exe
C:\Users\Hannelore\AppData\Local\Temp\uninst1.exe
C:\Users\Hannelore\AppData\Local\Temp\vlc-2.1.3-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-14 15:41] - [2014-03-04 11:43] - 0455168 ____A (Microsoft Corporation) 88AB9B72B4BF3963A0DE0820B4B0B06C

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-09 00:13

==================== End Of Log ============================
--- --- ---

--- --- ---


Ich hoffe, es ist alles erledigt. :taenzer:
:dankeschoen: Ganz herzlichen Dank für Deine Hilfe. :dankeschoen:

Ist es möglich, dass meine geposteten Files gelöscht werden?, das wäre schön. :dankeschoen:

Schönen Sonntag und viele Grüße
joelsuma

schrauber 19.05.2014 08:25
Wir sind noch nicht ganz fertig :)

Zum Thema Logs löschen:
http://www.trojaner-board.de/108422-...-anfragen.html





ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 23:42 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19