Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Proxy Server Einstellung 127.0.0.1

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 18.06.2014, 07:58   #1
kief15
 
Proxy Server Einstellung 127.0.0.1 - Standard

Proxy Server Einstellung 127.0.0.1



Hallo,

benutze Win 7 und den Internet Explorer.

Seit gestern werden die Proxy Einstellungen automatisch überschrieben und ich komme nicht mehr ins Internet.

Neuer Proxy Eintrag: 127.0.0.1 Port 51988

Wenn ich die alten Einstellungen wieder eingebe, werden Sie nach ein paar Minuten wieder überschrieben.

Gruß Heiko

Alt 18.06.2014, 08:15   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Proxy Server Einstellung 127.0.0.1 - Standard

Proxy Server Einstellung 127.0.0.1



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 18.06.2014, 11:39   #3
kief15
 
Proxy Server Einstellung 127.0.0.1 - Standard

Proxy Server Einstellung 127.0.0.1



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2014
Ran by Kiefer (administrator) on SB-NB-KIEFER7 on 18-06-2014 10:50:27
Running from C:\Users\Kiefer\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
() C:\Program Files\003\vxlsnyaiet64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Users\Kiefer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(sw4you) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(Novell, Inc.) C:\Program Files (x86)\Novell\GroupWise\notify.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
() C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\pnamain.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Novell, Inc.) C:\Program Files (x86)\Novell\GroupWise\grpwise.exe
(Novell, Inc.) C:\Program Files (x86)\Novell\GroupWise\gwsync.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfica32.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE
(SolarWorld AG) C:\Program Files (x86)\SolarWorld AG\Suntool\Suntool.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13260944 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [585376 2010-05-25] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [354464 2010-05-25] (Atheros Commnucations)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [358336 2011-08-11] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [676608 2013-06-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ccApp] => C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [115624 2011-03-30] (Symantec Corporation)
HKLM-x32\...\Run: [BrowserSafeguard] => C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe [348672 2014-05-08] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4206700253-882151942-3262977069-1300\...\Run: [Amazon Cloud Player] => C:\Users\Kiefer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\info.cmd ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Notify.lnk
ShortcutTarget: Notify.lnk -> C:\Program Files (x86)\Novell\GroupWise\notify.exe (Novell, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Receiver.lnk
ShortcutTarget: Receiver.lnk -> C:\Windows\Installer\{C0B728CE-BF48-48C2-A19C-01563CCEDD9F}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe ()
Startup: C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:51988;https=127.0.0.1:51988
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0B662402EE74CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403062960&from=obw&uid=HitachiXHTS545032B9A300_100904PBNL04B7JB0NPLX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1403062960&from=obw&uid=HitachiXHTS545032B9A300_100904PBNL04B7JB0NPLX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403062960&from=obw&uid=HitachiXHTS545032B9A300_100904PBNL04B7JB0NPLX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1403062960&from=obw&uid=HitachiXHTS545032B9A300_100904PBNL04B7JB0NPLX&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1403062960&from=obw&uid=HitachiXHTS545032B9A300_100904PBNL04B7JB0NPLX
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=MFC4ED9F7-F5F6-4A2E-B0A5-ED4A9E568891&SearchSource=58&CUI=&UM=5&UP=SP2F89AE7D-C44E-475D-BEC7-8192823D52CA&q={searchTerms}&SSPV=SP215B_sp_ie
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: 2rs3 - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\SupraSavings\2rs3.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.66.41 192.168.76.146

FireFox:
========
FF ProfilePath: C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF SearchPlugin: C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: SupraSavings - C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\Extensions\SupraSavings@jetpack [2014-06-13]

==================== Services (Whitelisted) =================

S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-06-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [47776 2010-05-25] (Atheros Commnucations) [File not signed]
R2 ccEvtMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108456 2011-03-30] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108456 2011-03-30] (Symantec Corporation)
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093944 2011-02-07] (Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
R2 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe [3250392 2011-04-27] (Symantec Corporation)
S4 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE [428976 2011-04-21] (Symantec Corporation)
R2 Symantec AntiVirus; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [1846592 2011-05-11] (Symantec Corporation)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
R2 vxlsnyaiet64; C:\Program Files\003\vxlsnyaiet64.exe [706560 2014-06-13] () [File not signed]

==================== Drivers (Whitelisted) ====================

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-11] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20140617.009\eng64.sys [126040 2014-03-20] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20140617.009\ex64.sys [2099288 2014-03-20] (Symantec Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [453240 2011-03-08] (Symantec Corporation)
R1 SRTSP; C:\Windows\SysWOW64\Drivers\SRTSP64.SYS [453240 2011-03-08] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [482424 2011-03-08] (Symantec Corporation)
S3 SRTSPL; C:\Windows\SysWOW64\Drivers\SRTSPL64.SYS [482424 2011-03-08] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [32376 2011-03-08] (Symantec Corporation)
R1 SRTSPX; C:\Windows\SysWOW64\Drivers\SRTSPX64.SYS [32376 2011-03-08] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2014-04-15] (Symantec Corporation)
R1 Teefer3; C:\Windows\System32\DRIVERS\Teefer3.sys [53880 2011-04-09] (Symantec Corporation)
R1 WPS; C:\Windows\system32\drivers\wpsdrvnt.sys [54392 2011-04-27] (Symantec Corporation)
R3 WpsHelper; C:\Windows\system32\drivers\WpsHelper.sys [233120 2012-10-04] (Symantec Corporation)
S2 APXACC; system32\DRIVERS\appexDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-18 10:50 - 2014-06-18 10:51 - 00020849 _____ () C:\Users\Kiefer\Desktop\FRST.txt
2014-06-18 10:50 - 2014-06-18 10:50 - 00000000 ____D () C:\FRST
2014-06-18 10:48 - 2014-06-18 10:48 - 02081280 _____ (Farbar) C:\Users\Kiefer\Desktop\FRST64.exe
2014-06-18 07:18 - 2014-06-18 07:18 - 00002153 _____ () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citrix Adobe Reader.lnk
2014-06-18 07:18 - 2014-06-18 07:18 - 00002147 _____ () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SHC Prod.lnk
2014-06-18 07:18 - 2014-06-18 07:18 - 00002145 _____ () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citrix Groupwise.lnk
2014-06-18 07:18 - 2014-06-18 07:18 - 00002123 _____ () C:\Users\Kiefer\Desktop\Citrix Adobe Reader.lnk
2014-06-18 07:18 - 2014-06-18 07:18 - 00002117 _____ () C:\Users\Kiefer\Desktop\SHC Prod.lnk
2014-06-18 05:44 - 2014-06-18 05:45 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Advanced System Protector
2014-06-18 05:44 - 2014-06-18 05:44 - 00003324 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-06-18 05:43 - 2014-06-18 05:43 - 00004390 _____ () C:\Windows\System32\Tasks\BrowserSafeguard Update Task
2014-06-18 05:43 - 2014-06-18 05:43 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-18 05:43 - 2014-06-18 05:43 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-06-18 05:40 - 2014-06-18 05:40 - 00998400 _____ () C:\Users\Kiefer\Downloads\setup(2).exe
2014-06-16 16:41 - 2014-06-17 16:36 - 00010014 _____ () C:\Users\Kiefer\Desktop\gme.xlsx
2014-06-16 05:33 - 2014-06-16 05:33 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
2014-06-15 18:25 - 2014-06-18 05:56 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Mp3tag
2014-06-15 15:33 - 2014-06-15 15:33 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\TuneUp Software
2014-06-15 15:33 - 2014-06-15 15:33 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\TuneUp Software
2014-06-15 15:32 - 2014-06-15 15:34 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-06-15 15:32 - 2014-06-15 15:32 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-06-15 15:29 - 2014-06-15 15:48 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\DVDVideoSoft
2014-06-15 15:29 - 2014-06-15 15:29 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\OpenCandy
2014-06-15 15:26 - 2014-06-15 15:29 - 34314288 _____ (DVDVideoSoft Ltd. ) C:\Users\Kiefer\Downloads\FreeAudioConverter5.0.43.605.exe
2014-06-15 15:22 - 2014-06-15 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-06-15 15:21 - 2014-06-15 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain
2014-06-15 15:20 - 2014-06-15 15:21 - 02638704 _____ () C:\Users\Kiefer\Downloads\mp3tagv259asetup.exe
2014-06-15 15:15 - 2014-06-15 15:15 - 00000000 ____D () C:\ProgramData\Licenses
2014-06-15 15:14 - 2014-06-15 15:14 - 01980509 _____ () C:\Users\Kiefer\Downloads\mp3gain-win-full-1_3_4.exe
2014-06-13 13:44 - 2014-06-13 13:44 - 00001157 _____ () C:\Users\Public\Desktop\Suntool.lnk
2014-06-13 13:43 - 2014-06-13 13:43 - 05923765 _____ (SolarWorld AG ) C:\Users\Kiefer\Downloads\SetupSuntool (1).exe
2014-06-13 13:27 - 2014-06-13 13:27 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Engelmann Media
2014-06-13 09:10 - 2014-06-13 09:10 - 00001154 _____ () C:\Users\Public\Desktop\Formatwandler 4 SE.lnk
2014-06-13 09:10 - 2014-06-13 09:10 - 00000000 ____D () C:\ProgramData\Engelmann Media
2014-06-13 09:09 - 2014-06-13 09:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.A.D
2014-06-13 09:09 - 2014-06-13 09:09 - 00000000 ____D () C:\Program Files (x86)\S.A.D
2014-06-13 05:52 - 2014-06-18 05:57 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\systweak
2014-06-13 05:52 - 2013-08-22 18:36 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-06-13 05:51 - 2014-06-13 05:53 - 00000000 ____D () C:\temp
2014-06-13 05:51 - 2014-06-13 05:51 - 00000000 ____D () C:\Program Files (x86)\SupraSavings
2014-06-13 05:50 - 2014-06-13 05:50 - 00000000 ____D () C:\Program Files\003
2014-06-13 05:47 - 2014-06-13 05:47 - 00232240 _____ (Fusion Install ) C:\Users\Kiefer\Downloads\Setup(1).exe
2014-06-13 05:41 - 2014-06-13 05:45 - 31167936 _____ (S.A.D.) C:\Users\Kiefer\Downloads\formatconverter6.exe
2014-06-12 21:28 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 21:28 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 21:28 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 21:28 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 21:21 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 21:21 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 21:21 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 21:21 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 21:21 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 21:21 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 21:21 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 21:21 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 21:19 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-12 21:19 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-12 21:16 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 21:16 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 21:16 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 21:16 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 21:16 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 21:16 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 21:15 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 21:15 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 21:15 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 21:15 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 21:15 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 21:15 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 21:15 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 21:15 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 21:15 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 21:15 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 21:15 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 21:15 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 21:15 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 21:15 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 21:15 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 21:15 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 21:15 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 21:15 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 21:15 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 21:15 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 21:15 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 21:15 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 21:15 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 21:15 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 21:15 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 21:15 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 21:15 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 21:15 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 21:15 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 21:15 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 21:15 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 21:15 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 21:15 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 21:15 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 21:15 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 21:15 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 21:15 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 21:15 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 21:15 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 21:15 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 21:15 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 21:15 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 21:15 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 21:15 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 21:15 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 21:15 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 21:07 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 21:07 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-12 12:17 - 2014-06-12 12:17 - 00009413 _____ () C:\Users\Kiefer\Desktop\Mappe1.xlsx
2014-06-12 05:58 - 2014-06-12 05:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-09 15:24 - 2014-06-09 15:24 - 00001175 _____ () C:\Users\Kiefer\Desktop\Amazon Cloud Player.lnk
2014-06-09 15:23 - 2014-06-09 15:24 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-06-09 15:23 - 2014-06-09 15:24 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\Amazon Cloud Player
2014-06-09 14:22 - 2014-06-09 14:22 - 00000066 _____ () C:\Windows\wiso.ini
2014-06-09 14:22 - 2014-06-09 14:22 - 00000000 ____D () C:\Users\Kiefer\Documents\Steuer
2014-06-09 14:22 - 2014-06-09 14:22 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steuer 2013
2014-06-09 14:22 - 2014-06-09 14:22 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\Buhl
2014-06-09 14:18 - 2014-06-09 14:18 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\InstallShield Installation Information
2014-06-09 14:16 - 2014-06-09 14:22 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-06-04 08:32 - 2014-06-04 08:49 - 00049289 _____ () C:\Users\Kiefer\Downloads\Siebenpfeiffer.suntool
2014-06-03 09:32 - 2014-06-03 09:32 - 00000545 _____ () C:\Users\Kiefer\Downloads\Anna_Fenninger_.vcf
2014-06-03 07:47 - 2014-06-03 07:47 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\.elfohilfe
2014-06-01 17:56 - 2014-06-01 17:56 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\elsterformular
2014-06-01 17:54 - 2014-06-01 17:55 - 00000000 ____D () C:\ProgramData\elsterformular
2014-06-01 17:54 - 2014-06-01 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2014-06-01 17:53 - 2014-06-01 17:53 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-06-01 17:43 - 2014-06-01 17:52 - 118565328 _____ (Landesfinanzdirektion Thüringen) C:\Users\Kiefer\Downloads\ElsterFormular-15.2.20140326u.exe
2014-05-28 14:42 - 2014-05-28 14:42 - 00009665 _____ () C:\Users\Kiefer\Desktop\Termine Intersolar.xlsx
2014-05-28 09:05 - 2014-06-10 10:28 - 00980370 _____ () C:\Users\Kiefer\Desktop\MWSnap001.bmp
2014-05-27 15:52 - 2014-05-27 15:52 - 00000372 _____ () C:\Users\Kiefer\Desktop\Schletter Configurator.appref-ms
2014-05-27 07:42 - 2014-05-27 07:42 - 02016730 _____ () C:\Users\Kiefer\Desktop\Fehlermeldung.bmp
2014-05-26 15:54 - 2014-06-18 05:58 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-05-26 15:52 - 2002-07-06 15:45 - 00427008 _____ (Mirek Wojtowicz) C:\Users\Kiefer\Desktop\MWSnap.exe
2014-05-26 15:51 - 2014-05-26 15:51 - 00961360 _____ (Chip Digital GmbH) C:\Users\Kiefer\Downloads\VLC media player 32 Bit - CHIP-Installer.exe
2014-05-26 15:22 - 2014-05-26 15:22 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Schletter
2014-05-26 08:28 - 2014-05-26 08:42 - 00000000 ____D () C:\Program Files (x86)\Stellar Phoenix Photo Recovery
2014-05-26 08:28 - 2014-05-26 08:29 - 00000000 ____D () C:\ProgramData\TEMP
2014-05-26 08:27 - 2014-05-26 08:27 - 10770432 _____ (Stellar Information Technology Pvt Ltd. ) C:\Users\Kiefer\Downloads\StellarPhoenixPhotoRecoveryWindows_DE.exe
2014-05-26 07:43 - 2014-05-26 07:43 - 06415389 _____ (InstallShield Software Corporation) C:\Users\Kiefer\Downloads\pci_de_smartrecovery45 (1).exe
2014-05-26 05:56 - 2000-10-02 12:27 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2014-05-26 05:56 - 1998-06-18 00:00 - 00089360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB5DB.DLL
2014-05-26 05:54 - 2014-05-26 05:55 - 06415389 _____ (InstallShield Software Corporation) C:\Users\Kiefer\Downloads\pci_de_smartrecovery45.exe
2014-05-26 05:43 - 2014-05-26 05:44 - 12175896 _____ (Rene.E Laboratory ) C:\Users\Kiefer\Downloads\ReneeUndeleter_2014.exe
2014-05-26 05:43 - 2014-05-26 05:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-05-26 05:24 - 2014-05-26 05:24 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-23 08:23 - 2014-05-23 08:23 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Schletter GmbH
2014-05-23 08:20 - 2014-06-18 07:20 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\Deployment
2014-05-23 08:20 - 2014-05-23 08:20 - 00508008 _____ () C:\Users\Kiefer\Downloads\setup.exe
2014-05-23 08:20 - 2014-05-23 08:20 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\Apps\2.0
2014-05-23 07:18 - 2014-05-23 07:26 - 00212280 _____ () C:\Windows\DPINST.LOG
2014-05-23 07:17 - 2014-05-23 07:17 - 00002098 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-05-23 07:17 - 2014-05-23 07:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-05-23 07:16 - 2014-05-23 07:16 - 00000000 ____D () C:\ProgramData\Sony
2014-05-23 07:16 - 2014-05-23 07:16 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-05-23 07:15 - 2014-05-23 07:16 - 27874312 _____ (Sony Mobile Communications ) C:\Users\Kiefer\Downloads\Sony PC Companion_Web.exe
2014-05-22 08:22 - 2014-05-22 08:23 - 00001574 _____ () C:\Users\Kiefer\Desktop\SMA Sunny Design Web.lnk
2014-05-22 08:21 - 2014-05-22 08:21 - 00000000 ____D () C:\ProgramData\SMA
2014-05-22 08:21 - 2014-05-22 08:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sunny Design 3
2014-05-22 08:21 - 2014-05-22 08:21 - 00000000 ____D () C:\Program Files (x86)\SMA
2014-05-22 08:14 - 2014-05-22 08:21 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-05-22 08:07 - 2014-05-22 08:07 - 07843758 _____ () C:\Users\Kiefer\Downloads\AutoCalculatorProSetupV1.2.2.1.exe
2014-05-22 08:07 - 2014-05-22 08:07 - 00001288 _____ () C:\Users\Public\Desktop\AutoCalculatorEasy.lnk
2014-05-22 08:07 - 2014-05-22 08:07 - 00000000 ____D () C:\Program Files (x86)\Schletter GmbH
2014-05-22 07:53 - 2014-05-22 07:53 - 00000000 ____D () C:\Users\Kiefer\Documents\KOSTAL
2014-05-22 07:40 - 2014-05-22 07:40 - 00000000 _____ () C:\Windows\HPMProp.INI
2014-05-22 05:58 - 2014-05-22 06:07 - 132878770 _____ () C:\Users\Kiefer\Desktop\Rocky.mp4
2014-05-21 14:50 - 2014-05-21 14:50 - 00000000 __SHD () C:\Users\Kiefer\AppData\Local\EmieUserList
2014-05-21 14:50 - 2014-05-21 14:50 - 00000000 __SHD () C:\Users\Kiefer\AppData\Local\EmieSiteList
2014-05-19 04:55 - 2014-05-19 04:55 - 02051934 _____ () C:\Users\Kiefer\Downloads\wkw.zip

==================== One Month Modified Files and Folders =======

2014-06-18 10:51 - 2014-06-18 10:50 - 00020849 _____ () C:\Users\Kiefer\Desktop\FRST.txt
2014-06-18 10:51 - 2014-04-16 11:41 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\Temp
2014-06-18 10:50 - 2014-06-18 10:50 - 00000000 ____D () C:\FRST
2014-06-18 10:48 - 2014-06-18 10:48 - 02081280 _____ (Farbar) C:\Users\Kiefer\Desktop\FRST64.exe
2014-06-18 10:23 - 2013-10-01 07:35 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-18 10:09 - 2014-04-15 12:45 - 00000043 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini
2014-06-18 09:47 - 2014-04-28 11:14 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\.oit
2014-06-18 09:30 - 2014-04-15 13:39 - 00000160 _____ () C:\Windows\system32\config\netlogon.ftl
2014-06-18 08:54 - 2013-09-30 18:13 - 01855383 _____ () C:\Windows\WindowsUpdate.log
2014-06-18 07:59 - 2014-04-28 08:28 - 00005136 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for {b6104221-2e7c-48a2-9302-edf72d0ce1a8} SB-NB-Kiefer7.STREB-AD.friedrich-streb.de
2014-06-18 07:53 - 2009-07-14 06:45 - 00037792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-18 07:53 - 2009-07-14 06:45 - 00037792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-18 07:51 - 2014-04-22 05:35 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\CrashDumps
2014-06-18 07:45 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-18 07:45 - 2009-07-14 06:51 - 00042389 _____ () C:\Windows\setupact.log
2014-06-18 07:20 - 2014-05-23 08:20 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\Deployment
2014-06-18 07:18 - 2014-06-18 07:18 - 00002153 _____ () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citrix Adobe Reader.lnk
2014-06-18 07:18 - 2014-06-18 07:18 - 00002147 _____ () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SHC Prod.lnk
2014-06-18 07:18 - 2014-06-18 07:18 - 00002145 _____ () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citrix Groupwise.lnk
2014-06-18 07:18 - 2014-06-18 07:18 - 00002123 _____ () C:\Users\Kiefer\Desktop\Citrix Adobe Reader.lnk
2014-06-18 07:18 - 2014-06-18 07:18 - 00002117 _____ () C:\Users\Kiefer\Desktop\SHC Prod.lnk
2014-06-18 07:15 - 2014-04-15 11:23 - 00017920 _____ () C:\Windows\SysWOW64\rpcnetp.dll
2014-06-18 07:15 - 2014-04-15 11:22 - 00017920 _____ () C:\Windows\SysWOW64\rpcnetp.exe
2014-06-18 07:15 - 2014-04-15 11:22 - 00017920 _____ () C:\Windows\system32\rpcnetp.exe
2014-06-18 07:15 - 2010-11-21 05:47 - 00061490 _____ () C:\Windows\PFRO.log
2014-06-18 05:58 - 2014-05-26 15:54 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-06-18 05:58 - 2014-04-16 11:43 - 00000000 ___RD () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-18 05:57 - 2014-06-13 05:52 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\systweak
2014-06-18 05:56 - 2014-06-15 18:25 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Mp3tag
2014-06-18 05:55 - 2014-04-16 11:43 - 00001421 _____ () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-18 05:55 - 2013-10-01 06:25 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-18 05:55 - 2013-10-01 06:25 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-18 05:45 - 2014-06-18 05:44 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Advanced System Protector
2014-06-18 05:44 - 2014-06-18 05:44 - 00003324 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-06-18 05:43 - 2014-06-18 05:43 - 00004390 _____ () C:\Windows\System32\Tasks\BrowserSafeguard Update Task
2014-06-18 05:43 - 2014-06-18 05:43 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-18 05:43 - 2014-06-18 05:43 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-06-18 05:42 - 2014-04-30 05:28 - 00005136 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for STREB-AD-Kiefer SB-NB-Kiefer7.STREB-AD.friedrich-streb.de
2014-06-18 05:40 - 2014-06-18 05:40 - 00998400 _____ () C:\Users\Kiefer\Downloads\setup(2).exe
2014-06-17 16:36 - 2014-06-16 16:41 - 00010014 _____ () C:\Users\Kiefer\Desktop\gme.xlsx
2014-06-16 11:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-16 05:33 - 2014-06-16 05:33 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
2014-06-15 17:12 - 2014-04-16 11:43 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\VirtualStore
2014-06-15 15:48 - 2014-06-15 15:29 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\DVDVideoSoft
2014-06-15 15:48 - 2014-04-21 15:48 - 00000000 ____D () C:\Users\Kiefer\Desktop\Heiko Kiefer
2014-06-15 15:34 - 2014-06-15 15:32 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-06-15 15:33 - 2014-06-15 15:33 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\TuneUp Software
2014-06-15 15:33 - 2014-06-15 15:33 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\TuneUp Software
2014-06-15 15:32 - 2014-06-15 15:32 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-06-15 15:29 - 2014-06-15 15:29 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\OpenCandy
2014-06-15 15:29 - 2014-06-15 15:26 - 34314288 _____ (DVDVideoSoft Ltd. ) C:\Users\Kiefer\Downloads\FreeAudioConverter5.0.43.605.exe
2014-06-15 15:22 - 2014-06-15 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-06-15 15:21 - 2014-06-15 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain
2014-06-15 15:21 - 2014-06-15 15:20 - 02638704 _____ () C:\Users\Kiefer\Downloads\mp3tagv259asetup.exe
2014-06-15 15:15 - 2014-06-15 15:15 - 00000000 ____D () C:\ProgramData\Licenses
2014-06-15 15:14 - 2014-06-15 15:14 - 01980509 _____ () C:\Users\Kiefer\Downloads\mp3gain-win-full-1_3_4.exe
2014-06-13 13:44 - 2014-06-13 13:44 - 00001157 _____ () C:\Users\Public\Desktop\Suntool.lnk
2014-06-13 13:43 - 2014-06-13 13:43 - 05923765 _____ (SolarWorld AG ) C:\Users\Kiefer\Downloads\SetupSuntool (1).exe
2014-06-13 13:27 - 2014-06-13 13:27 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Engelmann Media
2014-06-13 09:10 - 2014-06-13 09:10 - 00001154 _____ () C:\Users\Public\Desktop\Formatwandler 4 SE.lnk
2014-06-13 09:10 - 2014-06-13 09:10 - 00000000 ____D () C:\ProgramData\Engelmann Media
2014-06-13 09:09 - 2014-06-13 09:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.A.D
2014-06-13 09:09 - 2014-06-13 09:09 - 00000000 ____D () C:\Program Files (x86)\S.A.D
2014-06-13 05:53 - 2014-06-13 05:51 - 00000000 ____D () C:\temp
2014-06-13 05:51 - 2014-06-13 05:51 - 00000000 ____D () C:\Program Files (x86)\SupraSavings
2014-06-13 05:50 - 2014-06-13 05:50 - 00000000 ____D () C:\Program Files\003
2014-06-13 05:47 - 2014-06-13 05:47 - 00232240 _____ (Fusion Install ) C:\Users\Kiefer\Downloads\Setup(1).exe
2014-06-13 05:45 - 2014-06-13 05:41 - 31167936 _____ (S.A.D.) C:\Users\Kiefer\Downloads\formatconverter6.exe
2014-06-13 05:34 - 2011-04-12 09:43 - 00699342 _____ () C:\Windows\system32\perfh007.dat
2014-06-13 05:34 - 2011-04-12 09:43 - 00149450 _____ () C:\Windows\system32\perfc007.dat
2014-06-13 05:34 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-13 05:22 - 2013-10-01 06:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-12 21:32 - 2014-04-15 13:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-12 21:32 - 2014-04-15 13:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 21:08 - 2014-05-07 06:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 12:17 - 2014-06-12 12:17 - 00009413 _____ () C:\Users\Kiefer\Desktop\Mappe1.xlsx
2014-06-12 05:58 - 2014-06-12 05:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-10 10:28 - 2014-05-28 09:05 - 00980370 _____ () C:\Users\Kiefer\Desktop\MWSnap001.bmp
2014-06-09 15:24 - 2014-06-09 15:24 - 00001175 _____ () C:\Users\Kiefer\Desktop\Amazon Cloud Player.lnk
2014-06-09 15:24 - 2014-06-09 15:23 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-06-09 15:24 - 2014-06-09 15:23 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\Amazon Cloud Player
2014-06-09 14:22 - 2014-06-09 14:22 - 00000066 _____ () C:\Windows\wiso.ini
2014-06-09 14:22 - 2014-06-09 14:22 - 00000000 ____D () C:\Users\Kiefer\Documents\Steuer
2014-06-09 14:22 - 2014-06-09 14:22 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steuer 2013
2014-06-09 14:22 - 2014-06-09 14:22 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\Buhl
2014-06-09 14:22 - 2014-06-09 14:16 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-06-09 14:18 - 2014-06-09 14:18 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\InstallShield Installation Information
2014-06-08 11:13 - 2014-06-12 21:07 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-12 21:07 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-04 08:49 - 2014-06-04 08:32 - 00049289 _____ () C:\Users\Kiefer\Downloads\Siebenpfeiffer.suntool
2014-06-03 09:32 - 2014-06-03 09:32 - 00000545 _____ () C:\Users\Kiefer\Downloads\Anna_Fenninger_.vcf
2014-06-03 07:47 - 2014-06-03 07:47 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\.elfohilfe
2014-06-02 09:21 - 2014-04-17 13:29 - 00000000 ____D () C:\Heiko Kiefer
2014-06-02 07:27 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-01 17:56 - 2014-06-01 17:56 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\elsterformular
2014-06-01 17:55 - 2014-06-01 17:54 - 00000000 ____D () C:\ProgramData\elsterformular
2014-06-01 17:54 - 2014-06-01 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2014-06-01 17:53 - 2014-06-01 17:53 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-06-01 17:52 - 2014-06-01 17:43 - 118565328 _____ (Landesfinanzdirektion Thüringen) C:\Users\Kiefer\Downloads\ElsterFormular-15.2.20140326u.exe
2014-05-30 12:21 - 2014-06-12 21:15 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-12 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-12 21:15 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-12 21:15 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-12 21:15 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-12 21:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-12 21:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-12 21:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-12 21:15 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-12 21:16 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-12 21:15 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-12 21:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-12 21:16 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-12 21:15 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-12 21:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-12 21:15 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-12 21:15 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-12 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-12 21:15 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-12 21:15 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-12 21:15 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-12 21:15 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-12 21:15 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-12 21:15 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-12 21:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-12 21:15 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-12 21:15 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-12 21:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-12 21:15 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-12 21:16 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-12 21:15 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-12 21:15 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-12 21:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-12 21:15 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-12 21:15 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-12 21:15 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-12 21:15 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-12 21:15 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-12 21:15 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-12 21:15 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-12 21:15 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-12 21:15 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-12 21:15 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-12 21:15 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-12 21:15 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-12 21:15 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-12 21:15 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-12 21:15 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-12 21:15 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-12 21:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-12 21:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-12 21:15 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-28 14:42 - 2014-05-28 14:42 - 00009665 _____ () C:\Users\Kiefer\Desktop\Termine Intersolar.xlsx
2014-05-27 15:52 - 2014-05-27 15:52 - 00000372 _____ () C:\Users\Kiefer\Desktop\Schletter Configurator.appref-ms
2014-05-27 07:42 - 2014-05-27 07:42 - 02016730 _____ () C:\Users\Kiefer\Desktop\Fehlermeldung.bmp
2014-05-26 15:51 - 2014-05-26 15:51 - 00961360 _____ (Chip Digital GmbH) C:\Users\Kiefer\Downloads\VLC media player 32 Bit - CHIP-Installer.exe
2014-05-26 15:22 - 2014-05-26 15:22 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Schletter
2014-05-26 08:42 - 2014-05-26 08:28 - 00000000 ____D () C:\Program Files (x86)\Stellar Phoenix Photo Recovery
2014-05-26 08:29 - 2014-05-26 08:28 - 00000000 ____D () C:\ProgramData\TEMP
2014-05-26 08:27 - 2014-05-26 08:27 - 10770432 _____ (Stellar Information Technology Pvt Ltd. ) C:\Users\Kiefer\Downloads\StellarPhoenixPhotoRecoveryWindows_DE.exe
2014-05-26 07:47 - 2013-09-30 22:25 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-26 07:43 - 2014-05-26 07:43 - 06415389 _____ (InstallShield Software Corporation) C:\Users\Kiefer\Downloads\pci_de_smartrecovery45 (1).exe
2014-05-26 05:55 - 2014-05-26 05:54 - 06415389 _____ (InstallShield Software Corporation) C:\Users\Kiefer\Downloads\pci_de_smartrecovery45.exe
2014-05-26 05:49 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-05-26 05:44 - 2014-05-26 05:43 - 12175896 _____ (Rene.E Laboratory ) C:\Users\Kiefer\Downloads\ReneeUndeleter_2014.exe
2014-05-26 05:43 - 2014-05-26 05:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-05-26 05:24 - 2014-05-26 05:24 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-26 05:24 - 2013-10-01 07:35 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-26 05:24 - 2013-10-01 07:35 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-26 05:24 - 2013-10-01 07:35 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-23 08:23 - 2014-05-23 08:23 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Schletter GmbH
2014-05-23 08:20 - 2014-05-23 08:20 - 00508008 _____ () C:\Users\Kiefer\Downloads\setup.exe
2014-05-23 08:20 - 2014-05-23 08:20 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\Apps\2.0
2014-05-23 07:26 - 2014-05-23 07:18 - 00212280 _____ () C:\Windows\DPINST.LOG
2014-05-23 07:17 - 2014-05-23 07:17 - 00002098 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-05-23 07:17 - 2014-05-23 07:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-05-23 07:16 - 2014-05-23 07:16 - 00000000 ____D () C:\ProgramData\Sony
2014-05-23 07:16 - 2014-05-23 07:16 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-05-23 07:16 - 2014-05-23 07:15 - 27874312 _____ (Sony Mobile Communications ) C:\Users\Kiefer\Downloads\Sony PC Companion_Web.exe
2014-05-23 05:22 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-22 08:23 - 2014-05-22 08:22 - 00001574 _____ () C:\Users\Kiefer\Desktop\SMA Sunny Design Web.lnk
2014-05-22 08:21 - 2014-05-22 08:21 - 00000000 ____D () C:\ProgramData\SMA
2014-05-22 08:21 - 2014-05-22 08:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sunny Design 3
2014-05-22 08:21 - 2014-05-22 08:21 - 00000000 ____D () C:\Program Files (x86)\SMA
2014-05-22 08:21 - 2014-05-22 08:14 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-05-22 08:07 - 2014-05-22 08:07 - 07843758 _____ () C:\Users\Kiefer\Downloads\AutoCalculatorProSetupV1.2.2.1.exe
2014-05-22 08:07 - 2014-05-22 08:07 - 00001288 _____ () C:\Users\Public\Desktop\AutoCalculatorEasy.lnk
2014-05-22 08:07 - 2014-05-22 08:07 - 00000000 ____D () C:\Program Files (x86)\Schletter GmbH
2014-05-22 07:57 - 2014-04-21 15:49 - 00000000 ____D () C:\Users\Kiefer\Desktop\Stiebel Eltron
2014-05-22 07:53 - 2014-05-22 07:53 - 00000000 ____D () C:\Users\Kiefer\Documents\KOSTAL
2014-05-22 07:40 - 2014-05-22 07:40 - 00000000 _____ () C:\Windows\HPMProp.INI
2014-05-22 07:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\spool
2014-05-22 06:07 - 2014-05-22 05:58 - 132878770 _____ () C:\Users\Kiefer\Desktop\Rocky.mp4
2014-05-21 16:43 - 2013-10-01 07:34 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-21 14:50 - 2014-05-21 14:50 - 00000000 __SHD () C:\Users\Kiefer\AppData\Local\EmieUserList
2014-05-21 14:50 - 2014-05-21 14:50 - 00000000 __SHD () C:\Users\Kiefer\AppData\Local\EmieSiteList
2014-05-21 05:36 - 2014-04-16 11:43 - 00000000 ___RD () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-20 08:46 - 2014-04-15 13:51 - 00011611 __RSH () C:\ProgramData\ntuser.pol
2014-05-19 04:55 - 2014-05-19 04:55 - 02051934 _____ () C:\Users\Kiefer\Downloads\wkw.zip

Some content of TEMP:
====================
C:\Users\Kiefer\AppData\Local\Temp\6_Offer_16.exe
C:\Users\Kiefer\AppData\Local\Temp\BackupSetup.exe
C:\Users\Kiefer\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Kiefer\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Kiefer\AppData\Local\Temp\f.exe
C:\Users\Kiefer\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Kiefer\AppData\Local\Temp\nsf1760.exe
C:\Users\Kiefer\AppData\Local\Temp\nskE44A.exe
C:\Users\Kiefer\AppData\Local\Temp\nskE7A5.exe
C:\Users\Kiefer\AppData\Local\Temp\nsnBD19.tmp.exe
C:\Users\Kiefer\AppData\Local\Temp\nsnC823.exe
C:\Users\Kiefer\AppData\Local\Temp\nsu13C6.exe
C:\Users\Kiefer\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Kiefer\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Kiefer\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Kiefer\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-08 17:26

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-06-2014
Ran by Kiefer at 2014-06-18 10:51:41
Running from C:\Users\Kiefer\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Symantec Endpoint Protection (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Symantec Endpoint Protection (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Symantec Endpoint Protection (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 15.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
AMD Accelerated Video Transcoding (Version: 13.10.100.30604 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0604.1838.31590 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{7A28320F-8333-CF8F-7A34-D1ADF1C0622E}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2013.0604.1838.31590 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.80604.1838 - Advanced Micro Devices, Inc.) Hidden
AMD USB 3.0 Device Detector (Version: 2.1.29.0 - Advanced Micro Devices, Inc.) Hidden
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
AutoCalculatorPro (HKLM-x32\...\AutoCalculatorPro) (Version:  - )
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.01.000.18 - Atheros Communications)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.18.8 - Broadcom Corporation)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 12.52.04 - Broadcom Corporation)
BrowserSafeguard with Rockettab (HKLM-x32\...\BrowserSafeguard) (Version:  - BrowserSafeguard with Rockettab) <==== ATTENTION
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0604.1838.31590 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0604.1838.31590 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2013.0604.1838.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0604.1837.31590 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0604.1838.31590 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Receiver (DV) (x32 Version: 13.0.0.6685 - Citrix Systems, Inc.) Hidden
Citrix Receiver (Enterprise) (HKLM-x32\...\CitrixOnlinePluginFull) (Version: 13.0.0.6685 - Citrix Systems, Inc.)
Citrix Receiver (HDX Flash-Umleitung) (x32 Version: 13.0.0.6685 - Citrix Systems, Inc.) Hidden
Citrix Receiver (USB) (x32 Version: 13.0.0.6685 - Citrix Systems, Inc.) Hidden
Citrix Receiver Inside (x32 Version: 3.0.0.56418 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (x32 Version: 13.0.0.6685 - Citrix Systems, Inc.) Hidden
Citrix Receiver(PNA) (x32 Version: 13.0.0.6685 - Citrix Systems, Inc.) Hidden
Citrix Receiver(SSON) (x32 Version: 13.0.0.6685 - Citrix Systems, Inc.) Hidden
Das Fussball Studio 8.5.2 (Beta) (HKLM-x32\...\{F804CEB4-747E-46D5-B8AB-C56E3BAF27D9}_is1) (Version: 8.5.2 - vmLOGIC - Volker Mallmann)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{2BC398D2-11C8-43B1-AB84-675D33EB28C2}) (Version:  - Microsoft)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.20140326 - Landesfinanzdirektion Thüringen)
Evernote v. 5.3.1 (HKLM-x32\...\{28AAF752-C41B-11E3-8CB0-00163E98E7D6}) (Version: 5.3.1.3363 - Evernote Corp.)
Formatwandler 4 SE (HKLM-x32\...\{DC4071FC-A3FF-4F6B-0001-CCB79085A90A}) (Version: 4.0.11.1129 - S.A.D.)
GroupWise (HKLM-x32\...\{6BE2A534-B26E-4B00-8C05-8DBAF61A9095}) (Version: 8.0.3 - Novell)
GroupWise Client - VC Runtimes (release) (x32 Version: 1.00.0000 - Novell) Hidden
Hardcopy (HKLM-x32\...\Hardcopy) (Version: 2013.06.27 - www.hardcopy.de)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2057 - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LiveUpdate 3.3 (Symantec Corporation) (HKLM-x32\...\LiveUpdate) (Version: 3.3.0.102 - Symantec Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Standard 2013 (HKLM-x32\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Standard 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 4.0 x64 DEU (HKLM\...\{CCBF4FD7-F4D2-4DB0-BC0E-F4EC42220EFF}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSXML 4.0 SP2 (KB941833) (HKLM-x32\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Online Plug-in (x32 Version: 13.0.0.6685 - Citrix Systems, Inc.) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
PIKO Plan 2.0 (HKLM-x32\...\KOSTAL PIKO Plan 2.0) (Version: 1.0.1416.7 - KOSTAL)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.80.218.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6782 - Realtek Semiconductor Corp.)
Schletter Configurator (HKCU\...\1ee12b9c315055f6) (Version: 2.6.9.2 - Schletter GmbH)
Sony PC Companion 2.10.197 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.197 - Sony)
Steuer 2013 (HKCU\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Sunny Design 3 (HKLM-x32\...\{B9002F3C-5AE1-4869-A304-B8415F666EEE}) (Version: 3.10.2.4 - SMA Solar Technology AG)
Suntool 2.6.4.1 (HKLM-x32\...\{96F6C130-2C1B-496C-8C11-0AFC223A0006}_is1) (Version: 2.6.4.1 - SolarWorld AG)
SupraSavings (x32 Version: 1.0.0.0 - SupraSavings) Hidden <==== ATTENTION
Symantec Endpoint Protection (HKLM\...\{5C75DA6D-F5E3-4D4B-A381-B52B8CA5B1CF}) (Version: 11.0.7000.975 -  Symantec Corporation)
TightVNC (HKLM\...\{D2372F87-7DA2-47F7-A102-AF2181B8EAA2}) (Version: 2.7.10.0 - GlavSoft LLC.)
Toooor Fussball - Ligen- und Turnierverwaltung (HKCU\...\Toooor Fussball - Ligen- und Turnierverwaltung_is1) (Version:  - Sportinformationsdienst Toooor24)
Toooor Fussball - Ligen- und Turnierverwaltung (HKLM-x32\...\Toooor Fussball - Ligen- und Turnierverwaltung_is1) (Version:  - Sportinformationsdienst Toooor24)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.STANDARD_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.STANDARD_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.STANDARD_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.STANDARD_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.STANDARD_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.STANDARD_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{1FB43AFB-8112-41B9-B9A6-A43474F46123}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.STANDARD_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.STANDARD_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.STANDARD_{071A9ED9-C72F-4CDA-9A88-F100C5EF9EE1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.STANDARD_{3365FE58-896F-45DE-8051-E48F6D8069FD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.STANDARD_{A2D4D766-14AE-46CA-BD99-801FB1523626}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.STANDARD_{FE13BE31-2B5B-4D4E-8538-B3BB9B370C66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.STANDARD_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.STANDARD_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0407-1000-0000000FF1CE}_Office15.STANDARD_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.STANDARD_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.STANDARD_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.STANDARD_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.STANDARD_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.STANDARD_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0407-0000-0000000FF1CE}_Office15.STANDARD_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.STANDARD_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.STANDARD_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.STANDARD_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version:  - Microsoft)
Windows NT Messaging (HKLM-x32\...\WMS) (Version:  - )

==================== Restore Points  =========================

02-06-2014 14:18:32 Geplanter Prüfpunkt
09-06-2014 12:18:36 Installiert Steuer 2013
12-06-2014 10:18:27 Windows Update
12-06-2014 19:07:14 Windows Modules Installer
12-06-2014 19:08:25 Windows Modules Installer
12-06-2014 19:15:32 Windows Modules Installer
13-06-2014 07:09:00 Formatwandler 4 SE wird installiert
15-06-2014 13:43:45 TuneUp Utilities 2014 wird entfernt
15-06-2014 13:44:24 TuneUp Utilities 2014 (de-DE) wird entfernt
18-06-2014 03:51:11 Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0244378B-3A79-44A3-9027-0B649E336017} - System32\Tasks\Microsoft Office 15 Sync Maintenance for STREB-AD-Kiefer SB-NB-Kiefer7.STREB-AD.friedrich-streb.de => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2014-04-08] (Microsoft Corporation)
Task: {118A2FDF-18E3-454D-B06C-C3D9891501EC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-26] (Adobe Systems Incorporated)
Task: {286CB36B-23E4-4954-83E5-A9B6754AD545} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {3AFC0D21-9069-4742-B7BF-12BC886BCCC1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {45A64FC5-2873-4EB7-A7BE-B8745FE67A05} - System32\Tasks\Microsoft Office 15 Sync Maintenance for {b6104221-2e7c-48a2-9302-edf72d0ce1a8} SB-NB-Kiefer7.STREB-AD.friedrich-streb.de => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2014-04-08] (Microsoft Corporation)
Task: {46386D15-CAE8-403F-91AC-033291843B65} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {735C2CCF-D63D-4B5F-8E6E-D3B829D0E856} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe [2014-06-18] () <==== ATTENTION
Task: {BB60D2BF-465C-403F-A2B8-A019957EC20E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {D1F22E44-1C1F-428B-A567-67893B66C37E} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe [2012-11-08] ()
Task: {F2FCAD94-4419-4433-A846-103CF042A951} - System32\Tasks\hcdll2_ex_x64 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe [2012-11-08] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-06-13 05:50 - 2014-06-13 05:50 - 00706560 _____ () C:\Program Files\003\vxlsnyaiet64.exe
2013-10-01 07:28 - 2012-07-30 10:28 - 00125504 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_38_x64.dll
2013-10-01 07:28 - 2012-11-08 08:39 - 00037440 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
2013-10-01 07:28 - 2012-11-08 08:38 - 00044608 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
2014-06-09 15:23 - 2014-05-08 19:26 - 03145536 _____ () C:\Users\Kiefer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-05-07 20:30 - 2014-05-08 01:28 - 00348672 _____ () C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
2013-10-01 07:28 - 2012-07-05 15:56 - 00052800 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_05.dll
2013-10-01 07:28 - 2012-07-30 10:27 - 00116800 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_38_Win32.dll
2013-10-01 07:28 - 2013-06-26 09:51 - 02921976 _____ () C:\Program Files (x86)\Hardcopy\HcDllS.dll
2014-04-14 14:17 - 2014-04-14 14:17 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2014-04-14 14:17 - 2014-04-14 14:17 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2011-03-15 02:11 - 2011-03-15 02:11 - 01099790 _____ () C:\Program Files (x86)\Citrix\ICA Client\avcodec-52.dll
2011-03-15 02:11 - 2011-03-15 02:11 - 00079886 _____ () C:\Program Files (x86)\Citrix\ICA Client\avutil-50.dll
2011-03-15 02:11 - 2011-03-15 02:11 - 00121870 _____ () C:\Program Files (x86)\Citrix\ICA Client\swscale-0.dll
2011-03-15 02:11 - 2011-03-15 02:11 - 00117774 _____ () C:\Program Files (x86)\Citrix\ICA Client\avformat-52.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:F0D7EE30

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antvirus => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/18/2014 07:51:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: 2rs3.dll, Version: 0.0.0.0, Zeitstempel: 0x532c6f79
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000148c
ID des fehlerhaften Prozesses: 0x1204
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (06/18/2014 07:46:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2014 07:37:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: 2rs3.dll, Version: 0.0.0.0, Zeitstempel: 0x532c6f79
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000148c
ID des fehlerhaften Prozesses: 0x129c
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (06/18/2014 07:23:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17126, Zeitstempel: 0x53882e30
Name des fehlerhaften Moduls: 2rs3.dll, Version: 0.0.0.0, Zeitstempel: 0x532c6f79
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001482
ID des fehlerhaften Prozesses: 0x79c
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (06/18/2014 07:16:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2014 05:55:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1430
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (06/18/2014 05:47:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1770
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (06/18/2014 05:44:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x11e8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (06/18/2014 05:43:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x147c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (06/18/2014 05:42:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x11ac
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3


System errors:
=============
Error: (06/18/2014 07:46:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/18/2014 07:46:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AMD FUEL Service erreicht.

Error: (06/18/2014 07:45:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AppEx Networks Accelerator LWF" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/18/2014 07:15:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/18/2014 07:15:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AMD FUEL Service erreicht.

Error: (06/18/2014 07:15:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AppEx Networks Accelerator LWF" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/18/2014 05:58:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Update ConstaSurf" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/18/2014 05:31:01 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: STREB-AD)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.

Error: (06/18/2014 05:29:05 AM) (Source: TermService) (EventID: 1067) (User: )
Description: Der Terminalserver kann den Dienstprinzipalnamen "TERMSRV", der für die Serverauthentifizierung verwendet werden soll, nicht registrieren. Der folgende Fehler ist aufgetreten: Die angegebene Domäne ist nicht vorhanden, oder es konnte keine Verbindung hergestellt werden.
.

Error: (06/18/2014 05:26:45 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT-AUTORITÄT)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.


Microsoft Office Sessions:
=========================
Error: (06/18/2014 07:51:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1712653882e302rs3.dll0.0.0.0532c6f79c00000050000148c120401cf8ab91d1879d5C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Program Files (x86)\SupraSavings\2rs3.dlla6d3a6fa-f6ac-11e3-a4af-88ae1d8d071e

Error: (06/18/2014 07:46:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2014 07:37:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1712653882e302rs3.dll0.0.0.0532c6f79c00000050000148c129c01cf8ab7301caf59C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Program Files (x86)\SupraSavings\2rs3.dlla0463c4b-f6aa-11e3-8d73-88ae1d8d071e

Error: (06/18/2014 07:23:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1712653882e302rs3.dll0.0.0.0532c6f79c00000050000148279c01cf8ab581670f61C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Program Files (x86)\SupraSavings\2rs3.dllc02029fb-f6a8-11e3-8d73-88ae1d8d071e

Error: (06/18/2014 07:16:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2014 05:55:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b143001cf8aa83771182cC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll60176bd0-f69c-11e3-b2f9-88ae1d8d071e

Error: (06/18/2014 05:47:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b177001cf8aa7cbf4f888C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll3be8a438-f69b-11e3-b2f9-88ae1d8d071e

Error: (06/18/2014 05:44:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b11e801cf8aa79b39f1b7C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlle16b9c7f-f69a-11e3-b2f9-88ae1d8d071e

Error: (06/18/2014 05:43:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b147c01cf8aa767e9058dC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb6fda675-f69a-11e3-b2f9-88ae1d8d071e

Error: (06/18/2014 05:42:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b11ac01cf8aa6bcd07400C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll99c09597-f69a-11e3-b2f9-88ae1d8d071e


==================== Memory info =========================== 

Percentage of memory in use: 62%
Total physical RAM: 3766.71 MB
Available physical RAM: 1403.6 MB
Total Pagefile: 7531.6 MB
Available Pagefile: 5008.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.99 GB) (Free:246.73 GB) NTFS
Drive m: () (Removable) (Total:29.88 GB) (Free:26.97 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 74C3D8CD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 30 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
__________________

Alt 19.06.2014, 11:50   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Proxy Server Einstellung 127.0.0.1 - Standard

Proxy Server Einstellung 127.0.0.1



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:51988;https=127.0.0.1:51988

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Adware & Co. deinstallieren
  • Lade Dir bitte von hier Revo Uninstaller herunter.
  • Installiere und starte das Programm.
  • Suche im Uninstallerfeld nach den Programmen, die unter:

    diesen Zusatz haben:
  • Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:




Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.06.2014, 04:56   #5
kief15
 
Proxy Server Einstellung 127.0.0.1 - Standard

Proxy Server Einstellung 127.0.0.1



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-06-2014 01
Ran by Kiefer at 2014-06-22 17:19:58 Run:1
Running from C:\Users\Kiefer\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:51988;https=127.0.0.1:51988
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.

==== End of Fixlog ====
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 22.06.2014
Suchlauf-Zeit: 17:29:21
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.22.02
Rootkit Datenbank: v2014.06.20.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Kiefer

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 305321
Verstrichene Zeit: 12 Min, 55 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 3
Adware.Adpeak, C:\Program Files\003\vxlsnyaiet64.exe, 2168, Löschen bei Neustart, [2d4d2259a8d3f64072b173fad82cc23e]
PUP.Optional.AdPeak.A, C:\Program Files\003\vxlsnyaiet64.exe, 2168, Löschen bei Neustart, [01797605c1bab284df9d05adfa08f50b]
PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe, 3948, Löschen bei Neustart, [cfab0d6e99e237ff2ae6994d2ed537c9]

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 14
Adware.Adpeak, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\vxlsnyaiet64, In Quarantäne, [2d4d2259a8d3f64072b173fad82cc23e], 
PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [59216318a7d42214703649fa917128d8], 
PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [59216318a7d42214703649fa917128d8], 
PUP.Optional.CouponDownloader.A, HKU\S-1-5-21-4206700253-882151942-3262977069-1300-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [59216318a7d42214703649fa917128d8], 
PUP.Optional.CouponDownloader.A, HKU\S-1-5-21-4206700253-882151942-3262977069-1300-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [59216318a7d42214703649fa917128d8], 
PUP.Optional.AdPeak.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\vxlsnyaiet64, In Quarantäne, [01797605c1bab284df9d05adfa08f50b], 
PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BrowserSafeguard, In Quarantäne, [cfab0d6e99e237ff2ae6994d2ed537c9], 
PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\suprasavings, In Quarantäne, [205a99e292e9989eb5fb52691fe37b85], 
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\webssearchesSoftware, In Quarantäne, [ec8ebbc096e5aa8c3406c9f4f70bfe02], 
PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\BROWSERSAFEGUARD, In Quarantäne, [91e9106bbdbe9c9a8c86786ed132fe02], 
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E6B105B8-1F65-4428-9397-1DFD8A03B94D}, In Quarantäne, [3a40215aaecd072f97b0f4b654ae7888], 
PUP.Optional.SupraSavings.A, HKU\S-1-5-21-4206700253-882151942-3262977069-1300-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupraSavings, In Quarantäne, [5327d2a97b0080b6773a8c2fd32f659b], 
PUP.Optional.SupraSavings.A, HKU\S-1-5-21-4206700253-882151942-3262977069-1300-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, In Quarantäne, [abcf4b3081fa89adb1f4eeccbb478080], 
PUP.Optional.SupraSavings.A, HKU\S-1-5-21-4206700253-882151942-3262977069-1300-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\suprasavings, In Quarantäne, [f9810972c2b9fd39e9c94675ab570cf4], 

Registrierungswerte: 2
PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BrowserSafeguard, "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe", In Quarantäne, [cfab0d6e99e237ff2ae6994d2ed537c9]
PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\BROWSERSAFEGUARD|sourceid, EAAAACTzsvhEK9uN+ZTvY5WdojZzLG+lbA40FnDpo/UKhJjFufG8HD64YuWSMqPCaf8MAoNZdQxrfcu+9RHyKI+xQu8=, In Quarantäne, [91e9106bbdbe9c9a8c86786ed132fe02]

Registrierungsdaten: 4
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1403062960&from=obw&uid=HitachiXHTS545032B9A300_100904PBNL04B7JB0NPLX, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1403062960&from=obw&uid=HitachiXHTS545032B9A300_100904PBNL04B7JB0NPLX),Ersetzt,[d7a3c4b77506aa8c2daa5b1cb450ef11]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1403062960&from=obw&uid=HitachiXHTS545032B9A300_100904PBNL04B7JB0NPLX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1403062960&from=obw&uid=HitachiXHTS545032B9A300_100904PBNL04B7JB0NPLX&q={searchTerms}),Ersetzt,[b8c2215af586cc6ae7e7dd9a9074f808]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1403062960&from=obw&uid=HitachiXHTS545032B9A300_100904PBNL04B7JB0NPLX, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1403062960&from=obw&uid=HitachiXHTS545032B9A300_100904PBNL04B7JB0NPLX),Ersetzt,[0773d7a43744d6600ec925525da7d62a]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1403062960&from=obw&uid=HitachiXHTS545032B9A300_100904PBNL04B7JB0NPLX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1403062960&from=obw&uid=HitachiXHTS545032B9A300_100904PBNL04B7JB0NPLX&q={searchTerms}),Ersetzt,[a7d32358641778be537b294eb4508b75]

Ordner: 37
PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard, Löschen bei Neustart, [cfab0d6e99e237ff2ae6994d2ed537c9], 
PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\Resources, In Quarantäne, [cfab0d6e99e237ff2ae6994d2ed537c9], 
PUP.Optional.OpenCandy, C:\Users\Kiefer\AppData\Roaming\OpenCandy, In Quarantäne, [1d5d3546b2c977bf5365038b738f936d], 
PUP.Optional.OpenCandy, C:\Users\Kiefer\AppData\Roaming\OpenCandy\30FB155110D443F8B3FF8296C2E512D5, In Quarantäne, [1d5d3546b2c977bf5365038b738f936d], 
PUP.Optional.OpenCandy, C:\Users\Kiefer\AppData\Roaming\OpenCandy\DE9DE579F6954D7291E1477C9C82C486, In Quarantäne, [1d5d3546b2c977bf5365038b738f936d], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings, In Quarantäne, [2e4cb4c7d0ab61d50548cdc9ea18d52b], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\defaults, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\defaults\preferences, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\locale, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\addon-kit, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\addon-kit\data, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\addon-kit\lib, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\data, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\event, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\addon, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\content, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\dom, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\events, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\l10n, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\private-browsing, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\system, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\tabs, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\traits, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\utils, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\window, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\windows, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\SupraSavings, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\SupraSavings\data, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\SupraSavings\lib, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\SupraSavings\tests, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger, In Quarantäne, [f9815724d9a22d09ed65396c778ba45c], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log, In Quarantäne, [f9815724d9a22d09ed65396c778ba45c], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update, In Quarantäne, [f9815724d9a22d09ed65396c778ba45c], 

Dateien: 135
Adware.Adpeak, C:\Program Files\003\vxlsnyaiet64.exe, Löschen bei Neustart, [2d4d2259a8d3f64072b173fad82cc23e], 
PUP.Optional.CouponDownloader.A, C:\Program Files (x86)\SupraSavings\2rs3.dll, In Quarantäne, [59216318a7d42214703649fa917128d8], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\wprotectmanager.exe, In Quarantäne, [0971e3989cdf1620db645d308978db25], 
PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, In Quarantäne, [3941fc7f96e5171fe4a283bae51bb749], 
PUP.Optional.SupraSavings.A, C:\temp\t.msi, In Quarantäne, [eb8fb2c97efdd561d701b4b71de7d030], 
PUP.Optional.Conduit.A, C:\Users\Kiefer\AppData\Local\Temp\nsf1760.exe, In Quarantäne, [6a104f2c4239979fd156671f9c65de22], 
PUP.Optional.Conduit.A, C:\Users\Kiefer\AppData\Local\Temp\nskE44A.exe, In Quarantäne, [e6944a31413ab2845bccfd89aa57e41c], 
PUP.Optional.Conduit.A, C:\Users\Kiefer\AppData\Local\Temp\nskE7A5.exe, In Quarantäne, [4a309cdf3b4056e0e6418bfb11f08b75], 
PUP.Optional.Conduit.A, C:\Users\Kiefer\AppData\Local\Temp\nsnC823.exe, In Quarantäne, [6d0de497b7c4d75f9295a0e60bf6d12f], 
PUP.Optional.Conduit.A, C:\Users\Kiefer\AppData\Local\Temp\nsu13C6.exe, In Quarantäne, [3f3b5a21bbc02412b176f49228d93fc1], 
PUP.Optional.Conduit.A, C:\Users\Kiefer\AppData\Local\Temp\nsz68A4\SpSetup.exe, In Quarantäne, [2258205b8deed95dfd2ae2a40100cf31], 
PUP.Optional.OptimumInstaller.A, C:\Users\Kiefer\Downloads\Setup(1).exe, In Quarantäne, [0c6ea0db7dfe989e3ea11938877aec14], 
PUP.Optional.OutBrowse, C:\Users\Kiefer\Downloads\setup(2).exe, In Quarantäne, [0971c7b4d3a89f97e82cd8b18c75c53b], 
PUP.Optional.SupraSavings.A, C:\Windows\Installer\1b0c44.msi, In Quarantäne, [7efcb9c2ccafed49cd0b35360202956b], 
PUP.Optional.BrowserSafeGuard.A, C:\Windows\System32\Tasks\BrowserSafeguard Update Task, In Quarantäne, [85f59be0601ba591a944782dbf43e61a], 
PUP.Optional.Trovi.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\searchplugins\trovi-search.xml, In Quarantäne, [700a3f3c6c0fb482e731456c55ad34cc], 
PUP.Optional.AdPeak.A, C:\Program Files\003\vxlsnyaiet64.exe, Löschen bei Neustart, [01797605c1bab284df9d05adfa08f50b], 
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, In Quarantäne, [59210a71106b61d5aa270db68f731ce4], 
PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\ewebstorewrapper.dll, In Quarantäne, [cfab0d6e99e237ff2ae6994d2ed537c9], 
PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe, Löschen bei Neustart, [cfab0d6e99e237ff2ae6994d2ed537c9], 
PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\config.dat, In Quarantäne, [cfab0d6e99e237ff2ae6994d2ed537c9], 
PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\makecert.exe, In Quarantäne, [cfab0d6e99e237ff2ae6994d2ed537c9], 
PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\TrustedRoot.cer, In Quarantäne, [cfab0d6e99e237ff2ae6994d2ed537c9], 
PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe, In Quarantäne, [cfab0d6e99e237ff2ae6994d2ed537c9], 
PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\Resources\certutil.exe, In Quarantäne, [cfab0d6e99e237ff2ae6994d2ed537c9], 
PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\Resources\libnspr4.dll, In Quarantäne, [cfab0d6e99e237ff2ae6994d2ed537c9], 
PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\Resources\libplc4.dll, In Quarantäne, [cfab0d6e99e237ff2ae6994d2ed537c9], 
PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\Resources\libplds4.dll, In Quarantäne, [cfab0d6e99e237ff2ae6994d2ed537c9], 
PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\Resources\nss3.dll, In Quarantäne, [cfab0d6e99e237ff2ae6994d2ed537c9], 
PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\Resources\smime3.dll, In Quarantäne, [cfab0d6e99e237ff2ae6994d2ed537c9], 
PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\Resources\softokn3.dll, In Quarantäne, [cfab0d6e99e237ff2ae6994d2ed537c9], 
PUP.Optional.OpenCandy, C:\Users\Kiefer\AppData\Roaming\OpenCandy\30FB155110D443F8B3FF8296C2E512D5\TuneUpUtilities2014_de-DE.exe, In Quarantäne, [1d5d3546b2c977bf5365038b738f936d], 
PUP.Optional.OpenCandy, C:\Users\Kiefer\AppData\Roaming\OpenCandy\DE9DE579F6954D7291E1477C9C82C486\WEB.DE_MailCheck_IE_WebSetup_sps_dss_ki20101.exe, In Quarantäne, [1d5d3546b2c977bf5365038b738f936d], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\background.js, In Quarantäne, [2e4cb4c7d0ab61d50548cdc9ea18d52b], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\CustomActionInstall, In Quarantäne, [2e4cb4c7d0ab61d50548cdc9ea18d52b], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\CustomActionUninstall, In Quarantäne, [2e4cb4c7d0ab61d50548cdc9ea18d52b], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\icon128.png, In Quarantäne, [2e4cb4c7d0ab61d50548cdc9ea18d52b], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\icon16.png, In Quarantäne, [2e4cb4c7d0ab61d50548cdc9ea18d52b], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\icon32.png, In Quarantäne, [2e4cb4c7d0ab61d50548cdc9ea18d52b], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\icon48.png, In Quarantäne, [2e4cb4c7d0ab61d50548cdc9ea18d52b], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\icon64.png, In Quarantäne, [2e4cb4c7d0ab61d50548cdc9ea18d52b], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\icon8.png, In Quarantäne, [2e4cb4c7d0ab61d50548cdc9ea18d52b], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\iwalyk.js, In Quarantäne, [2e4cb4c7d0ab61d50548cdc9ea18d52b], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\manifest.json, In Quarantäne, [2e4cb4c7d0ab61d50548cdc9ea18d52b], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\marcopolo.js, In Quarantäne, [2e4cb4c7d0ab61d50548cdc9ea18d52b], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\Microsoft.Deployment.WindowsInstaller.dll, In Quarantäne, [2e4cb4c7d0ab61d50548cdc9ea18d52b], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\Microsoft.Deployment.WindowsInstaller.xml, In Quarantäne, [2e4cb4c7d0ab61d50548cdc9ea18d52b], 
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\SupraSavings\SendJson.dll, In Quarantäne, [2e4cb4c7d0ab61d50548cdc9ea18d52b], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\bootstrap.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\harness-options.json, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\icon.png, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\install.rdf, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\locales.json, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\defaults\preferences\prefs.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\addon-kit\lib\page-mod.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\addon-kit\lib\private-browsing.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\addon-kit\lib\request.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\addon-kit\lib\windows.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\observer-service.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\api-utils.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\base64.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\byte-streams.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\collection.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\content.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\cortex.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\cuddlefish.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\deprecate.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\environment.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\errors.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\events.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\file.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\functional.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\globals.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\heritage.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\hidden-frame.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\light-traits.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\list.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\loader.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\match-pattern.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\memory.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\namespace.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\plain-text-console.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\preferences-service.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\promise.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\querystring.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\runtime.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\sandbox.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\self.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\system.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\text-streams.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\timer.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\traceback.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\traits.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\unload.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\url.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\uuid.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\window-utils.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\xhr.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\xpcom.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\xul-app.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\event\core.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\event\target.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\addon\runner.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\content\content-proxy.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\content\content-worker.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\content\loader.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\content\symbiont.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\content\worker.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\dom\events.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\events\assembler.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\l10n\core.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\l10n\html.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\l10n\loader.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\l10n\locale.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\l10n\prefs.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\private-browsing\utils.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\system\events.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\tabs\events.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\tabs\observer.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\tabs\tab.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\tabs\utils.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\traits\core.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\utils\data.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\utils\object.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\utils\registry.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\utils\thumbnail.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\window\utils.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\windows\dom.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\windows\loader.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\windows\observer.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\api-utils\lib\windows\tabs.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\SupraSavings\data\icon64.png, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.SupraSavings.A, C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\extensions\SupraSavings@jetpack\resources\SupraSavings\lib\main.js, In Quarantäne, [5822b7c4e59688ae6c83910557ab1fe1], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log\wprotectmanager_2014-06-18[05-43-12-054].log, In Quarantäne, [f9815724d9a22d09ed65396c778ba45c], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update\conf, In Quarantäne, [f9815724d9a22d09ed65396c778ba45c], 

Physische Sektoren: 0
(No malicious items detected)


(end)
         
Code:
ATTFilter
# AdwCleaner v3.212 - Bericht erstellt am 22/06/2014 um 18:01:26
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Kiefer - SB-NB-KIEFER7
# Gestartet von : C:\Users\Kiefer\Desktop\adwcleaner_3.212.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\user.js
Datei Gefunden : C:\Windows\System32\Tasks\Advanced System Protector
Ordner Gefunden : C:\Program Files\003
Ordner Gefunden : C:\Users\Brudergruppe\AppData\Roaming\pdfforge
Ordner Gefunden : C:\Users\Kiefer\AppData\Local\BrowserSafeguard
Ordner Gefunden : C:\Users\Kiefer\AppData\Local\Temp\ConstaSurf
Ordner Gefunden : C:\Users\Kiefer\AppData\Local\Temp\OCS
Ordner Gefunden : C:\Users\Kiefer\AppData\Roaming\Advanced System Protector
Ordner Gefunden : C:\Users\Kiefer\AppData\Roaming\Systweak

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\systweak
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\systweak
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gefunden : HKLM\Software\systweak
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126

Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://istart.webssearches.com/web/?type=ds&ts=1403062960&from=obw&uid=HitachiXHTS545032B9A300_100904PBNL04B7JB0NPLX&q={searchTerms}
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://istart.webssearches.com/web/?type=ds&ts=1403062960&from=obw&uid=HitachiXHTS545032B9A300_100904PBNL04B7JB0NPLX&q={searchTerms}

-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\Brudergruppe\AppData\Roaming\Mozilla\Firefox\Profiles\jb9bwpxi.default\prefs.js ]


[ Datei : C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [2909 octets] - [22/06/2014 18:01:26]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2969 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Kiefer on 23.06.2014 at  5:47:44,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Kiefer\AppData\Roaming\mozilla\firefox\profiles\p6rbb3n4.default\minidumps [7 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.06.2014 at  5:54:28,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         


Alt 23.06.2014, 18:44   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Proxy Server Einstellung 127.0.0.1 - Standard

Proxy Server Einstellung 127.0.0.1



AdwCleaner unbedingt die Löschfunktion benutzen!!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Proxy Server Einstellung 127.0.0.1

Alt 27.06.2014, 04:57   #7
kief15
 
Proxy Server Einstellung 127.0.0.1 - Standard

Proxy Server Einstellung 127.0.0.1



ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=e7c1fa5fe5551343b7cbde32ddcbbdf6
# engine=18885
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-26 04:05:40
# local_time=2014-06-26 06:05:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776638 100 94 6192945 155385390 0 0
# scanned=3636
# found=1
# cleaned=0
# scan_time=535
sh=99F97AD369E8621AB4D17DF53E80E60FEE99C727 ft=1 fh=42567613b862d846 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kiefer\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"

Alt 27.06.2014, 13:47   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Proxy Server Einstellung 127.0.0.1 - Standard

Proxy Server Einstellung 127.0.0.1



und weiter.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.06.2014, 16:23   #9
kief15
 
Proxy Server Einstellung 127.0.0.1 - Standard

Proxy Server Einstellung 127.0.0.1



Results of screen317's Security Check version 0.99.83
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Symantec Endpoint Protection
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 55
Adobe Flash Player 13.0.0.214
Adobe Reader XI
Mozilla Firefox (30.0)
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

Alt 28.06.2014, 13:48   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Proxy Server Einstellung 127.0.0.1 - Standard

Proxy Server Einstellung 127.0.0.1



und der Rest?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.06.2014, 10:17   #11
kief15
 
Proxy Server Einstellung 127.0.0.1 - Standard

Proxy Server Einstellung 127.0.0.1




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014 01 (ATTENTION: ====> FRST version is 8 days old and could be outdated)
Ran by Kiefer (administrator) on SB-NB-KIEFER7 on 29-06-2014 10:53:21
Running from C:\Users\Kiefer\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Windows\System32\rpcnetp.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Users\Kiefer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(sw4you) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\MSOSYNC.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13260944 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [585376 2010-05-25] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [354464 2010-05-25] (Atheros Commnucations)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [358336 2011-08-11] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [676608 2013-06-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ccApp] => C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [115624 2011-03-30] (Symantec Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4206700253-882151942-3262977069-1300\...\Run: [Amazon Cloud Player] => C:\Users\Kiefer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\info.cmd ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Notify.lnk
ShortcutTarget: Notify.lnk -> C:\Program Files (x86)\Novell\GroupWise\notify.exe (Novell, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Receiver.lnk
ShortcutTarget: Receiver.lnk -> C:\Windows\Installer\{C0B728CE-BF48-48C2-A19C-01563CCEDD9F}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe ()
Startup: C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

ProxyServer: streb-fw.streb-ad.friedrich-streb.de:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0B662402EE74CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Kiefer\AppData\Roaming\Mozilla\Firefox\Profiles\p6rbb3n4.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Kiefer\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

==================== Services (Whitelisted) =================

S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-06-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [47776 2010-05-25] (Atheros Commnucations) [File not signed]
R2 ccEvtMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108456 2011-03-30] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108456 2011-03-30] (Symantec Corporation)
U3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093944 2011-02-07] (Symantec Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
S4 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE [428976 2011-04-21] (Symantec Corporation)
R2 Symantec AntiVirus; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [1846592 2011-05-11] (Symantec Corporation)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)

==================== Drivers (Whitelisted) ====================

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-11] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20140626.008\eng64.sys [126040 2014-03-20] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20140626.008\ex64.sys [2099288 2014-03-20] (Symantec Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [453240 2011-03-08] (Symantec Corporation)
R1 SRTSP; C:\Windows\SysWOW64\Drivers\SRTSP64.SYS [453240 2011-03-08] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [482424 2011-03-08] (Symantec Corporation)
S3 SRTSPL; C:\Windows\SysWOW64\Drivers\SRTSPL64.SYS [482424 2011-03-08] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [32376 2011-03-08] (Symantec Corporation)
R1 SRTSPX; C:\Windows\SysWOW64\Drivers\SRTSPX64.SYS [32376 2011-03-08] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2014-04-15] (Symantec Corporation)
R1 Teefer3; C:\Windows\System32\DRIVERS\Teefer3.sys [53880 2011-04-09] (Symantec Corporation)
R1 WPS; C:\Windows\system32\drivers\wpsdrvnt.sys [54392 2011-04-27] (Symantec Corporation)
R3 WpsHelper; C:\Windows\system32\drivers\WpsHelper.sys [233120 2012-11-13] (Symantec Corporation)
S2 APXACC; system32\DRIVERS\appexDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-26 11:10 - 2014-06-26 11:15 - 00044591 _____ () C:\Users\Kiefer\Desktop\PREISE.xlsm
2014-06-26 05:50 - 2014-06-26 05:50 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-24 17:05 - 2014-06-24 17:05 - 00000000 ____D () C:\ProgramData\EPSON
2014-06-24 17:03 - 2014-06-24 17:05 - 14896640 _____ () C:\Users\Kiefer\Downloads\epson374991eu.exe
2014-06-24 17:02 - 2014-06-24 17:02 - 00000930 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2014-06-24 17:02 - 2014-06-24 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-06-24 17:02 - 2014-06-24 17:02 - 00000000 ____D () C:\Program Files (x86)\epson
2014-06-24 17:02 - 2007-07-13 00:00 - 00083968 _____ (SEIKO EPSON CORP.) C:\Windows\system32\esxcwiad.dll
2014-06-24 16:59 - 2014-06-24 17:01 - 12419072 _____ () C:\Users\Kiefer\Downloads\epson376742eu.exe
2014-06-24 14:00 - 2014-06-24 14:00 - 00002584 _____ () C:\Users\Kiefer\Desktop\GoToMeeting Quick Connect.lnk
2014-06-24 13:59 - 2014-06-29 10:50 - 00000568 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4206700253-882151942-3262977069-1300.job
2014-06-24 13:59 - 2014-06-24 13:59 - 00003596 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4206700253-882151942-3262977069-1300
2014-06-24 05:46 - 2014-06-24 05:46 - 02347384 _____ (ESET) C:\Users\Kiefer\Downloads\esetsmartinstaller_deu.exe
2014-06-24 05:46 - 2014-06-24 05:46 - 00854367 _____ () C:\Users\Kiefer\Downloads\SecurityCheck.exe
2014-06-23 12:44 - 2014-06-23 12:44 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\SolarWorld
2014-06-23 05:54 - 2014-06-23 05:54 - 00000828 _____ () C:\Users\Kiefer\Desktop\JRT.txt
2014-06-23 05:47 - 2014-06-23 05:47 - 00000000 ____D () C:\Windows\ERUNT
2014-06-23 05:43 - 2014-06-23 05:43 - 00039496 _____ () C:\Users\Kiefer\Desktop\mbam.txt
2014-06-22 18:08 - 2014-06-22 18:08 - 00002667 _____ () C:\Users\Kiefer\Desktop\AdwCleaner[S0].txt
2014-06-22 18:01 - 2014-06-24 05:42 - 00000000 ____D () C:\AdwCleaner
2014-06-22 17:46 - 2014-06-22 17:46 - 00000000 ____D () C:\Avenger
2014-06-22 17:28 - 2014-06-29 11:05 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-22 17:27 - 2014-06-22 17:27 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-22 17:27 - 2014-06-22 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-22 17:27 - 2014-06-22 17:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-22 17:27 - 2014-06-22 17:27 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-22 17:27 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-22 17:27 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-22 17:27 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-22 17:21 - 2014-06-22 17:21 - 00001264 _____ () C:\Users\Kiefer\Desktop\Revo Uninstaller.lnk
2014-06-22 17:21 - 2014-06-22 17:21 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-22 17:08 - 2014-06-22 17:08 - 00000000 ____D () C:\Users\Kiefer\Desktop\FRST-OlderVersion
2014-06-20 09:11 - 2014-06-20 05:42 - 17292760 ____N (Malwarebytes Corporation ) C:\Users\Kiefer\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-20 09:11 - 2014-06-20 05:41 - 01333465 ____N () C:\Users\Kiefer\Desktop\adwcleaner_3.212.exe
2014-06-20 09:11 - 2014-06-20 05:41 - 01016261 ____N (Thisisu) C:\Users\Kiefer\Desktop\JRT.exe
2014-06-20 09:11 - 2014-06-20 05:40 - 02623656 ____N (VS Revo Group Ltd.) C:\Users\Kiefer\Desktop\revosetup95.exe
2014-06-18 10:51 - 2014-06-18 10:52 - 00041990 _____ () C:\Users\Kiefer\Desktop\Addition.txt
2014-06-18 10:50 - 2014-06-29 10:53 - 00019867 _____ () C:\Users\Kiefer\Desktop\FRST.txt
2014-06-18 10:50 - 2014-06-29 10:53 - 00000000 ____D () C:\FRST
2014-06-18 10:48 - 2014-06-22 17:08 - 02083328 _____ (Farbar) C:\Users\Kiefer\Desktop\FRST64.exe
2014-06-16 16:41 - 2014-06-17 16:36 - 00010014 _____ () C:\Users\Kiefer\Desktop\gme.xlsx
2014-06-16 05:33 - 2014-06-16 05:33 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
2014-06-15 18:25 - 2014-06-22 21:41 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Mp3tag
2014-06-15 15:33 - 2014-06-15 15:33 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\TuneUp Software
2014-06-15 15:33 - 2014-06-15 15:33 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\TuneUp Software
2014-06-15 15:32 - 2014-06-15 15:34 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-06-15 15:32 - 2014-06-15 15:32 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-06-15 15:29 - 2014-06-15 15:48 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\DVDVideoSoft
2014-06-15 15:26 - 2014-06-15 15:29 - 34314288 _____ (DVDVideoSoft Ltd. ) C:\Users\Kiefer\Downloads\FreeAudioConverter5.0.43.605.exe
2014-06-15 15:22 - 2014-06-15 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-06-15 15:21 - 2014-06-15 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain
2014-06-15 15:20 - 2014-06-15 15:21 - 02638704 _____ () C:\Users\Kiefer\Downloads\mp3tagv259asetup.exe
2014-06-15 15:15 - 2014-06-15 15:15 - 00000000 ____D () C:\ProgramData\Licenses
2014-06-15 15:14 - 2014-06-15 15:14 - 01980509 _____ () C:\Users\Kiefer\Downloads\mp3gain-win-full-1_3_4.exe
2014-06-13 13:44 - 2014-06-13 13:44 - 00001157 _____ () C:\Users\Public\Desktop\Suntool.lnk
2014-06-13 13:43 - 2014-06-13 13:43 - 05923765 _____ (SolarWorld AG ) C:\Users\Kiefer\Downloads\SetupSuntool (1).exe
2014-06-13 13:27 - 2014-06-13 13:27 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Engelmann Media
2014-06-13 09:10 - 2014-06-13 09:10 - 00001154 _____ () C:\Users\Public\Desktop\Formatwandler 4 SE.lnk
2014-06-13 09:10 - 2014-06-13 09:10 - 00000000 ____D () C:\ProgramData\Engelmann Media
2014-06-13 09:09 - 2014-06-13 09:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.A.D
2014-06-13 09:09 - 2014-06-13 09:09 - 00000000 ____D () C:\Program Files (x86)\S.A.D
2014-06-13 05:51 - 2014-06-22 17:44 - 00000000 ____D () C:\temp
2014-06-13 05:41 - 2014-06-13 05:45 - 31167936 _____ (S.A.D.) C:\Users\Kiefer\Downloads\formatconverter6.exe
2014-06-12 21:28 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 21:28 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 21:28 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 21:28 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 21:21 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 21:21 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 21:21 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 21:21 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 21:21 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 21:21 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 21:21 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 21:21 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 21:19 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-12 21:19 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-12 21:16 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 21:16 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 21:16 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 21:16 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 21:16 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 21:16 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 21:15 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 21:15 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 21:15 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 21:15 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 21:15 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 21:15 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 21:15 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 21:15 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 21:15 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 21:15 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 21:15 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 21:15 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 21:15 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 21:15 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 21:15 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 21:15 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 21:15 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 21:15 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 21:15 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 21:15 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 21:15 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 21:15 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 21:15 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 21:15 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 21:15 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 21:15 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 21:15 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 21:15 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 21:15 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 21:15 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 21:15 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 21:15 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 21:15 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 21:15 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 21:15 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 21:15 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 21:15 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 21:15 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 21:15 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 21:15 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 21:15 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 21:15 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 21:15 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 21:15 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 21:15 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 21:15 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 21:07 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 21:07 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-12 12:17 - 2014-06-12 12:17 - 00009413 _____ () C:\Users\Kiefer\Desktop\Mappe1.xlsx
2014-06-12 05:58 - 2014-06-12 05:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-09 15:24 - 2014-06-09 15:24 - 00001175 _____ () C:\Users\Kiefer\Desktop\Amazon Cloud Player.lnk
2014-06-09 15:23 - 2014-06-09 15:24 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-06-09 15:23 - 2014-06-09 15:24 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\Amazon Cloud Player
2014-06-09 14:22 - 2014-06-09 14:22 - 00000066 _____ () C:\Windows\wiso.ini
2014-06-09 14:22 - 2014-06-09 14:22 - 00000000 ____D () C:\Users\Kiefer\Documents\Steuer
2014-06-09 14:22 - 2014-06-09 14:22 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steuer 2013
2014-06-09 14:22 - 2014-06-09 14:22 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\Buhl
2014-06-09 14:18 - 2014-06-09 14:18 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\InstallShield Installation Information
2014-06-09 14:16 - 2014-06-09 14:22 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-06-04 08:32 - 2014-06-04 08:49 - 00049289 _____ () C:\Users\Kiefer\Downloads\Siebenpfeiffer.suntool
2014-06-03 09:32 - 2014-06-03 09:32 - 00000545 _____ () C:\Users\Kiefer\Downloads\Anna_Fenninger_.vcf
2014-06-03 07:47 - 2014-06-03 07:47 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\.elfohilfe
2014-06-01 17:56 - 2014-06-01 17:56 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\elsterformular
2014-06-01 17:54 - 2014-06-01 17:55 - 00000000 ____D () C:\ProgramData\elsterformular
2014-06-01 17:54 - 2014-06-01 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2014-06-01 17:53 - 2014-06-01 17:53 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-06-01 17:43 - 2014-06-01 17:52 - 118565328 _____ (Landesfinanzdirektion Thüringen) C:\Users\Kiefer\Downloads\ElsterFormular-15.2.20140326u.exe

==================== One Month Modified Files and Folders =======

2014-06-29 11:05 - 2014-06-22 17:28 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-29 11:05 - 2014-06-18 10:50 - 00019867 _____ () C:\Users\Kiefer\Desktop\FRST.txt
2014-06-29 11:04 - 2014-04-15 12:45 - 00000043 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini
2014-06-29 10:53 - 2014-06-18 10:50 - 00000000 ____D () C:\FRST
2014-06-29 10:50 - 2014-06-24 13:59 - 00000568 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4206700253-882151942-3262977069-1300.job
2014-06-29 10:50 - 2009-07-14 06:45 - 00037792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-29 10:50 - 2009-07-14 06:45 - 00037792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-29 10:49 - 2014-04-30 05:28 - 00005136 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for STREB-AD-Kiefer SB-NB-Kiefer7.STREB-AD.friedrich-streb.de
2014-06-29 10:47 - 2013-09-30 18:13 - 01214981 _____ () C:\Windows\WindowsUpdate.log
2014-06-29 10:43 - 2014-04-15 11:23 - 00017920 _____ () C:\Windows\SysWOW64\rpcnetp.dll
2014-06-29 10:43 - 2014-04-15 11:22 - 00017920 _____ () C:\Windows\SysWOW64\rpcnetp.exe
2014-06-29 10:43 - 2014-04-15 11:22 - 00017920 _____ () C:\Windows\system32\rpcnetp.exe
2014-06-29 10:43 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-29 10:43 - 2009-07-14 06:51 - 00043677 _____ () C:\Windows\setupact.log
2014-06-27 17:23 - 2013-10-01 07:35 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-27 13:58 - 2014-04-28 11:14 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\.oit
2014-06-27 12:54 - 2014-04-15 13:39 - 00000160 _____ () C:\Windows\system32\config\netlogon.ftl
2014-06-27 12:46 - 2014-04-28 08:28 - 00005134 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for {b6104221-2e7c-48a2-9302-edf72d0ce1a8} SB-NB-Kiefer7.STREB-AD.friedrich-streb.de
2014-06-26 11:15 - 2014-06-26 11:10 - 00044591 _____ () C:\Users\Kiefer\Desktop\PREISE.xlsm
2014-06-26 05:50 - 2014-06-26 05:50 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-25 13:39 - 2014-05-28 09:05 - 01775414 _____ () C:\Users\Kiefer\Desktop\MWSnap001.bmp
2014-06-25 09:39 - 2014-05-23 08:20 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\Deployment
2014-06-24 17:05 - 2014-06-24 17:05 - 00000000 ____D () C:\ProgramData\EPSON
2014-06-24 17:05 - 2014-06-24 17:03 - 14896640 _____ () C:\Users\Kiefer\Downloads\epson374991eu.exe
2014-06-24 17:02 - 2014-06-24 17:02 - 00000930 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2014-06-24 17:02 - 2014-06-24 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-06-24 17:02 - 2014-06-24 17:02 - 00000000 ____D () C:\Program Files (x86)\epson
2014-06-24 17:01 - 2014-06-24 16:59 - 12419072 _____ () C:\Users\Kiefer\Downloads\epson376742eu.exe
2014-06-24 14:00 - 2014-06-24 14:00 - 00002584 _____ () C:\Users\Kiefer\Desktop\GoToMeeting Quick Connect.lnk
2014-06-24 13:59 - 2014-06-24 13:59 - 00003596 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4206700253-882151942-3262977069-1300
2014-06-24 13:59 - 2014-04-16 11:43 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\Citrix
2014-06-24 05:46 - 2014-06-24 05:46 - 02347384 _____ (ESET) C:\Users\Kiefer\Downloads\esetsmartinstaller_deu.exe
2014-06-24 05:46 - 2014-06-24 05:46 - 00854367 _____ () C:\Users\Kiefer\Downloads\SecurityCheck.exe
2014-06-24 05:42 - 2014-06-22 18:01 - 00000000 ____D () C:\AdwCleaner
2014-06-24 05:38 - 2010-11-21 05:47 - 00124510 _____ () C:\Windows\PFRO.log
2014-06-23 13:23 - 2014-04-21 15:49 - 00000000 ____D () C:\Users\Kiefer\Desktop\Stiebel Eltron
2014-06-23 12:44 - 2014-06-23 12:44 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\SolarWorld
2014-06-23 05:54 - 2014-06-23 05:54 - 00000828 _____ () C:\Users\Kiefer\Desktop\JRT.txt
2014-06-23 05:47 - 2014-06-23 05:47 - 00000000 ____D () C:\Windows\ERUNT
2014-06-23 05:43 - 2014-06-23 05:43 - 00039496 _____ () C:\Users\Kiefer\Desktop\mbam.txt
2014-06-22 21:41 - 2014-06-15 18:25 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Mp3tag
2014-06-22 18:08 - 2014-06-22 18:08 - 00002667 _____ () C:\Users\Kiefer\Desktop\AdwCleaner[S0].txt
2014-06-22 17:46 - 2014-06-22 17:46 - 00000000 ____D () C:\Avenger
2014-06-22 17:44 - 2014-06-13 05:51 - 00000000 ____D () C:\temp
2014-06-22 17:27 - 2014-06-22 17:27 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-22 17:27 - 2014-06-22 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-22 17:27 - 2014-06-22 17:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-22 17:27 - 2014-06-22 17:27 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-22 17:21 - 2014-06-22 17:21 - 00001264 _____ () C:\Users\Kiefer\Desktop\Revo Uninstaller.lnk
2014-06-22 17:21 - 2014-06-22 17:21 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-22 17:08 - 2014-06-22 17:08 - 00000000 ____D () C:\Users\Kiefer\Desktop\FRST-OlderVersion
2014-06-22 17:08 - 2014-06-18 10:48 - 02083328 _____ (Farbar) C:\Users\Kiefer\Desktop\FRST64.exe
2014-06-20 05:42 - 2014-06-20 09:11 - 17292760 ____N (Malwarebytes Corporation ) C:\Users\Kiefer\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-20 05:41 - 2014-06-20 09:11 - 01333465 ____N () C:\Users\Kiefer\Desktop\adwcleaner_3.212.exe
2014-06-20 05:41 - 2014-06-20 09:11 - 01016261 ____N (Thisisu) C:\Users\Kiefer\Desktop\JRT.exe
2014-06-20 05:40 - 2014-06-20 09:11 - 02623656 ____N (VS Revo Group Ltd.) C:\Users\Kiefer\Desktop\revosetup95.exe
2014-06-19 12:20 - 2014-04-22 05:35 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\CrashDumps
2014-06-18 10:52 - 2014-06-18 10:51 - 00041990 _____ () C:\Users\Kiefer\Desktop\Addition.txt
2014-06-18 05:58 - 2014-05-26 15:54 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-06-18 05:55 - 2014-04-16 11:43 - 00001421 _____ () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-18 05:55 - 2013-10-01 06:25 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-18 05:55 - 2013-10-01 06:25 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-17 16:36 - 2014-06-16 16:41 - 00010014 _____ () C:\Users\Kiefer\Desktop\gme.xlsx
2014-06-16 11:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-16 05:33 - 2014-06-16 05:33 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
2014-06-15 17:12 - 2014-04-16 11:43 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\VirtualStore
2014-06-15 15:48 - 2014-06-15 15:29 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\DVDVideoSoft
2014-06-15 15:48 - 2014-04-21 15:48 - 00000000 ____D () C:\Users\Kiefer\Desktop\Heiko Kiefer
2014-06-15 15:34 - 2014-06-15 15:32 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-06-15 15:33 - 2014-06-15 15:33 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\TuneUp Software
2014-06-15 15:33 - 2014-06-15 15:33 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\TuneUp Software
2014-06-15 15:32 - 2014-06-15 15:32 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-06-15 15:29 - 2014-06-15 15:26 - 34314288 _____ (DVDVideoSoft Ltd. ) C:\Users\Kiefer\Downloads\FreeAudioConverter5.0.43.605.exe
2014-06-15 15:22 - 2014-06-15 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-06-15 15:21 - 2014-06-15 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain
2014-06-15 15:21 - 2014-06-15 15:20 - 02638704 _____ () C:\Users\Kiefer\Downloads\mp3tagv259asetup.exe
2014-06-15 15:15 - 2014-06-15 15:15 - 00000000 ____D () C:\ProgramData\Licenses
2014-06-15 15:14 - 2014-06-15 15:14 - 01980509 _____ () C:\Users\Kiefer\Downloads\mp3gain-win-full-1_3_4.exe
2014-06-13 13:44 - 2014-06-13 13:44 - 00001157 _____ () C:\Users\Public\Desktop\Suntool.lnk
2014-06-13 13:43 - 2014-06-13 13:43 - 05923765 _____ (SolarWorld AG ) C:\Users\Kiefer\Downloads\SetupSuntool (1).exe
2014-06-13 13:27 - 2014-06-13 13:27 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Engelmann Media
2014-06-13 09:10 - 2014-06-13 09:10 - 00001154 _____ () C:\Users\Public\Desktop\Formatwandler 4 SE.lnk
2014-06-13 09:10 - 2014-06-13 09:10 - 00000000 ____D () C:\ProgramData\Engelmann Media
2014-06-13 09:09 - 2014-06-13 09:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.A.D
2014-06-13 09:09 - 2014-06-13 09:09 - 00000000 ____D () C:\Program Files (x86)\S.A.D
2014-06-13 05:45 - 2014-06-13 05:41 - 31167936 _____ (S.A.D.) C:\Users\Kiefer\Downloads\formatconverter6.exe
2014-06-13 05:34 - 2011-04-12 09:43 - 00699342 _____ () C:\Windows\system32\perfh007.dat
2014-06-13 05:34 - 2011-04-12 09:43 - 00149450 _____ () C:\Windows\system32\perfc007.dat
2014-06-13 05:34 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-13 05:22 - 2013-10-01 06:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-12 21:32 - 2014-04-15 13:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-12 21:32 - 2014-04-15 13:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 21:08 - 2014-05-07 06:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 12:17 - 2014-06-12 12:17 - 00009413 _____ () C:\Users\Kiefer\Desktop\Mappe1.xlsx
2014-06-12 05:58 - 2014-06-12 05:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-09 15:24 - 2014-06-09 15:24 - 00001175 _____ () C:\Users\Kiefer\Desktop\Amazon Cloud Player.lnk
2014-06-09 15:24 - 2014-06-09 15:23 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-06-09 15:24 - 2014-06-09 15:23 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\Amazon Cloud Player
2014-06-09 14:22 - 2014-06-09 14:22 - 00000066 _____ () C:\Windows\wiso.ini
2014-06-09 14:22 - 2014-06-09 14:22 - 00000000 ____D () C:\Users\Kiefer\Documents\Steuer
2014-06-09 14:22 - 2014-06-09 14:22 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steuer 2013
2014-06-09 14:22 - 2014-06-09 14:22 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\Buhl
2014-06-09 14:22 - 2014-06-09 14:16 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-06-09 14:18 - 2014-06-09 14:18 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\InstallShield Installation Information
2014-06-08 11:13 - 2014-06-12 21:07 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-12 21:07 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-04 08:49 - 2014-06-04 08:32 - 00049289 _____ () C:\Users\Kiefer\Downloads\Siebenpfeiffer.suntool
2014-06-03 09:32 - 2014-06-03 09:32 - 00000545 _____ () C:\Users\Kiefer\Downloads\Anna_Fenninger_.vcf
2014-06-03 07:47 - 2014-06-03 07:47 - 00000000 ____D () C:\Users\Kiefer\AppData\Local\.elfohilfe
2014-06-02 09:21 - 2014-04-17 13:29 - 00000000 ____D () C:\Heiko Kiefer
2014-06-02 07:27 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-01 17:56 - 2014-06-01 17:56 - 00000000 ____D () C:\Users\Kiefer\AppData\Roaming\elsterformular
2014-06-01 17:55 - 2014-06-01 17:54 - 00000000 ____D () C:\ProgramData\elsterformular
2014-06-01 17:54 - 2014-06-01 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2014-06-01 17:53 - 2014-06-01 17:53 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-06-01 17:52 - 2014-06-01 17:43 - 118565328 _____ (Landesfinanzdirektion Thüringen) C:\Users\Kiefer\Downloads\ElsterFormular-15.2.20140326u.exe
2014-05-30 12:21 - 2014-06-12 21:15 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-12 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-12 21:15 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-12 21:15 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-12 21:15 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-12 21:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-12 21:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-12 21:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-12 21:15 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-12 21:16 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-12 21:15 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-12 21:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-12 21:16 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-12 21:15 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-12 21:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-12 21:15 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-12 21:15 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-12 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-12 21:15 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-12 21:15 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-12 21:15 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-12 21:15 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-12 21:15 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-12 21:15 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-12 21:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-12 21:15 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-12 21:15 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-12 21:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-12 21:15 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-12 21:16 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-12 21:15 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-12 21:15 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-12 21:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-12 21:15 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-12 21:15 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-12 21:15 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-12 21:15 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-12 21:15 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-12 21:15 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-12 21:15 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-12 21:15 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-12 21:15 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-12 21:15 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-12 21:15 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-12 21:15 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-12 21:15 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-12 21:15 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-12 21:15 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-12 21:15 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-12 21:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-12 21:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-12 21:15 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

Some content of TEMP:
====================
C:\Users\Kiefer\AppData\Local\Temp\6_Offer_16.exe
C:\Users\Kiefer\AppData\Local\Temp\BackupSetup.exe
C:\Users\Kiefer\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Kiefer\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Kiefer\AppData\Local\Temp\f.exe
C:\Users\Kiefer\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Kiefer\AppData\Local\Temp\nsnBD19.tmp.exe
C:\Users\Kiefer\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Kiefer\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Kiefer\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Kiefer\AppData\Local\Temp\System.Data.SQLite27274.dll
C:\Users\Kiefer\AppData\Local\Temp\System.Data.SQLite36683.dll
C:\Users\Kiefer\AppData\Local\Temp\System.Data.SQLite45012.dll
C:\Users\Kiefer\AppData\Local\Temp\System.Data.SQLite59074.dll
C:\Users\Kiefer\AppData\Local\Temp\System.Data.SQLite73666.dll
C:\Users\Kiefer\AppData\Local\Temp\System.Data.SQLite79917.dll
C:\Users\Kiefer\AppData\Local\Temp\System.Data.SQLite80414.dll
C:\Users\Kiefer\AppData\Local\Temp\System.Data.SQLite82237.dll
C:\Users\Kiefer\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-19 15:36

==================== End Of Log ============================
         
--- --- ---

Alt 29.06.2014, 12:35   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Proxy Server Einstellung 127.0.0.1 - Standard

Proxy Server Einstellung 127.0.0.1



muss man dir alles aus der Nase ziehen? Nicht möglich mal meine ANweisungen alle am Stück durch zu machen?

Frage obes noch Probleme gibt wurde ignoriert, also bedeutet das für mich es gibt keine mehr.


Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.07.2014, 05:00   #13
kief15
 
Proxy Server Einstellung 127.0.0.1 - Standard

Proxy Server Einstellung 127.0.0.1



Hallo,

sorry, hatte Deine Antwort nicht richtig bis zum Schluss durchgelesen...

Zuerst aber, vielen Dank!
Es funktioniert wieder alles...!

Habe Deine Tipps zur Absicherung befolgt.

Gruß Kief15

Alt 08.07.2014, 19:09   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Proxy Server Einstellung 127.0.0.1 - Standard

Proxy Server Einstellung 127.0.0.1



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Proxy Server Einstellung 127.0.0.1
adware.adpeak, pup.optional.adpeak.a, pup.optional.browsersafeguard.a, pup.optional.conduit.a, pup.optional.coupondownloader.a, pup.optional.opencandy, pup.optional.optimuminstaller.a, pup.optional.outbrowse, pup.optional.pcperformer.a, pup.optional.suprasavings.a, pup.optional.trovi.a, pup.optional.webssearches.a, pup.optional.wpm.a, win 7 u, win32/downloadsponsor.a



Ähnliche Themen: Proxy Server Einstellung 127.0.0.1


  1. Problem mit Proxy-Server
    Log-Analyse und Auswertung - 12.02.2015 (22)
  2. Windows 7 - Fehler Proxy Server
    Plagegeister aller Art und deren Bekämpfung - 15.01.2015 (11)
  3. Proxy-Einstellung des Systems sorgen dafür, dass keine Verbindung zum Internet aufgebaut werden kann
    Plagegeister aller Art und deren Bekämpfung - 12.12.2014 (32)
  4. Firefox: Proxy-Server verweigert die Verbindung
    Plagegeister aller Art und deren Bekämpfung - 13.09.2014 (1)
  5. Proxy Server Einstellungen geändert
    Plagegeister aller Art und deren Bekämpfung - 28.08.2014 (9)
  6. Proxy-Server verweigert die Verbindung
    Plagegeister aller Art und deren Bekämpfung - 19.08.2014 (15)
  7. Windows 7: Proxy-Server reagiert nicht
    Log-Analyse und Auswertung - 15.08.2014 (11)
  8. Firefox: Proxy-Server verweigert die Verbindung
    Log-Analyse und Auswertung - 19.05.2014 (12)
  9. proxy server verweigert die verbindung
    Log-Analyse und Auswertung - 14.04.2014 (12)
  10. Firefox: Ein Proxy-Server verweigert die Verbindung
    Plagegeister aller Art und deren Bekämpfung - 25.02.2014 (13)
  11. Proxy Server verweigert die Verbindung
    Mülltonne - 27.10.2013 (3)
  12. Proxy-Server Problem
    Log-Analyse und Auswertung - 20.04.2013 (30)
  13. Firefox: Proxy Server verweigert die Verbindung
    Plagegeister aller Art und deren Bekämpfung - 06.03.2012 (5)
  14. Was loggt ein Proxy Server?
    Überwachung, Datenschutz und Spam - 26.12.2009 (21)
  15. Trojaner durch Proxy-Server?
    Plagegeister aller Art und deren Bekämpfung - 25.11.2009 (1)
  16. proxy server
    Antiviren-, Firewall- und andere Schutzprogramme - 31.05.2008 (1)
  17. Was hat NAT , Proxy Server und Paketfilter mit dem Thema Trojaner zu tun???
    Plagegeister aller Art und deren Bekämpfung - 01.12.2004 (1)

Zum Thema Proxy Server Einstellung 127.0.0.1 - Hallo, benutze Win 7 und den Internet Explorer. Seit gestern werden die Proxy Einstellungen automatisch überschrieben und ich komme nicht mehr ins Internet. Neuer Proxy Eintrag: 127.0.0.1 Port 51988 Wenn - Proxy Server Einstellung 127.0.0.1...
Archiv
Du betrachtest: Proxy Server Einstellung 127.0.0.1 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.