Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Supra Savings im Firefox

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 05.07.2014, 22:36   #1
kimberger
 
Supra Savings im Firefox - Standard

Supra Savings im Firefox



und sehr lahme Ladezeiten von z.B. Wetter-Seiten.
Aber auch insgesamt sind auf dem Laptop alle Programmstarts sehr langsam.

Wie in anderne Foren angegeben habe ich das Programm Supra Savings zwar in WIN8 deinstalliert, aber das hat gar nichts geändert. Im Gegenteil habe ich den Eindruck, da seien Programme dazu gekommen.

Ich bin auf Eure Seite gekommen, weil ich zur Behebung des Supra Savings das Programm STOPzilla empfohlen bekam, was mir Laien aber unüberschaubar reagierte und beim ersten Start eine Bedrohung durch eine xmkysecqun64.exe erkannte. Dadurch habe ich einen Eurer tollen Beratungsthreads gefunden!!

Also jetzt habe ich STOPzilla wieder deinstalliert und dafür defogger und frst ausgführt (siehe Anhänge).
Aber GMER funktionierte nicht, da es wohl von einer WIN8 App abgegriffen wurde, die eine Bedrohung erkannte und automatisch den PC herunterfuhr :-(((((

Leute, ich hoffe, Ihr könnt mir aus diesem Schlamassel heraushelfen ....!!
Gruß
Kim
P.S. ich bin nicht sehr erfahren im Abarbeiten der ganzen Vorbereitungen, hoffe aber alle erforderlichen Informationen bereitgestellt zu haben. Ansonsten bitte um Mitteilung, was fehlt und ggfls. wie ich das liefern kann...

Hier addition.txt

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by ### (administrator) on ###### on 05-07-2014 20:59:16
Running from C:\Users\###\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco SystemsVPN Client\cvpnd.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Thermaltake) C:\Program Files (x86)\Mouse Tt eSPORTS BLACK\BlackMonitor.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [IntelMyWiFiDashboard] => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [5010224 2012-07-13] (Intel® Corporation)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2912056 2012-08-16] (Synaptics Incorporated)
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [320824 2012-08-16] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [388408 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258576 2012-07-30] (CyberLink Corp.)
HKLM-x32\...\Run: [Tt eSPORTS BLACK Gaming Mouse] => C:\Program Files (x86)\Mouse Tt eSPORTS BLACK\BlackMonitor.exe [105864 2012-08-10] (Thermaltake)
HKLM-x32\...\Run: [AVMFBoxMonitor] => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [1503232 2009-07-06] (AVM Berlin)
HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe [328992 2010-10-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2092032 2014-02-03] (Dominik Reichl)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime Lite\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-3410272128-3850883635-1020607561-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2011-06-04] (Acresso Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyUsers\S-1-5-21-3410272128-3850883635-1020607561-1004\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3410272128-3850883635-1020607561-1001\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {9B62A7FA-C373-4BF4-BCA6-12C03F49BB1A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKCU - {9B62A7FA-C373-4BF4-BCA6-12C03F49BB1A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\####\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default
FF NewTab: hxxp://search.conduit.com/?gd=&ctid=CT3315513&octid=EB_ORIGINAL_CTID&ISID=M3D6AB86D-DF50-4066-8CD4-43434B9052EF&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SPB7CBB68B-550A-4643-AF69-91C9F7CA5C79
FF Homepage: leer
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-ExchangeViewer\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-ExchangeViewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-ExchangeViewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPSibelius.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\PDFNetC.dll (PDFTron Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchPDFWrapper.dll ()
FF SearchPlugin: C:\Users\#####\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\######\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\searchplugins\googlemaps.xml
FF SearchPlugin: C:\Users\####\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\searchplugins\ixquick-https.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\####\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\youtubeunblocker@unblocker.yt [2014-01-23]
FF Extension: Flashblock - C:\Users\####\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-09-23]
FF Extension: DownloadHelper - C:\Users\#####\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26]
FF Extension: AutoGroup - C:\Users\####\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\akimkin_denis@mail.ru.xpi [2014-04-21]
FF Extension: FlashStopper - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\flashstopper@byo.co.il.xpi [2014-04-21]
FF Extension: Image and Flash Blocker - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\imgflashblocker@shimon.chohen.xpi [2013-09-23]
FF Extension: media menu - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\jid0-X4tVYTsgT60azyHVye1faT8MjIA@jetpack.xpi [2014-04-21]
FF Extension: YouTube Control Center - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\jid1-CikLKKPVkw6ipw@jetpack.xpi [2014-04-21]
FF Extension: Media Sniffer - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\MediaSniffer@hiyoko.info.xpi [2014-04-21]
FF Extension: betterFox - Make your browsing experience 15% faster. - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\multirevenue@googlemail.com.xpi [2014-04-21]
FF Extension: SmartVideo For YouTube - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\mytube@ashishmishra.in.xpi [2014-04-21]
FF Extension: Niederschlagsradar - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\niederschlagsradar@sensiva.net.xpi [2014-06-10]
FF Extension: S3.Download Statusbar - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\s3download@statusbar.xpi [2014-02-13]
FF Extension: Search Tab - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\searchtab@pratikpoddar.xpi [2013-12-13]
FF Extension: Secure Login - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\secureLogin@blueimp.net.xpi [2013-09-21]
FF Extension: StopTube - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\stoptube@kashiif.com.xpi [2013-09-23]
FF Extension: SuperStop - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\superstop@gavinsharp.com.xpi [2013-09-23]
FF Extension: Todoist - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\support@todoist.com.xpi [2013-10-15]
FF Extension: Session Manager - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2013-09-21]
FF Extension: ScrapBook - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2014-01-04]
FF Extension: Web Marker - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{5755466A-DB04-11DA-A2DD-0E545D5EE2F7}.xpi [2014-03-09]
FF Extension: NoScript - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-04-21]
FF Extension: Flash Block - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{95ab36d4-fb6f-47b0-8b8d-e5f3bd547953}.xpi [2013-09-23]
FF Extension: Adblock Plus - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-21]
FF Extension: Tab Mix Plus - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-12-26]

==================== Services (Whitelisted) =================

R2 CVPND; C:\Program Files (x86)\Cisco SystemsVPN Client\cvpnd.exe [1528616 2010-03-23] (Cisco Systems, Inc.)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 TipCtrl; C:\Program Files (x86)\uTIPu\TipCtrl.exe [314504 2009-02-03] (Utipu inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2012-08-13] (Wistron Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)
S2 SupraSavingsService64; C:\Program Files (x86)\19A6D51C-2D35-44DB-B412-0B01BF8D2D62\SupraSavingsService64.exe [X]
S2 xmkysecqun64; C:\Program Files\003\xmkysecqun64.exe run options=01110010030000000000000000000000 sourceguid=19A6D51C-2D35-44DB-B412-0B01BF8D2D62 [X]

==================== Drivers (Whitelisted) ====================

S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2014-03-20] (Disc Soft Ltd)
R2 easycvfs; C:\WINDOWS\system32\drivers\easycvfs.sys [110472 2010-07-29] () [File not signed]
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-16] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-03-20] (Duplex Secure Ltd.)
S3 synusb64; C:\Windows\System32\drivers\synusb64.sys [30352 2010-09-17] (Steinberg Media Technologies GmbH)
R1 ui11rdr; C:\Windows\System32\DRIVERS\ui11rdr.sys [199752 2011-11-21] (1&1 Internet AG)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-05 20:59 - 2014-07-05 21:00 - 00022100 _____ () C:\Users\###\Downloads\FRST.txt
2014-07-05 20:59 - 2014-07-05 20:59 - 00000000 ____D () C:\FRST
2014-07-05 20:53 - 2014-07-05 20:53 - 00000578 _____ () C:\Users\###\Downloads\defogger_disable.log
2014-07-05 20:53 - 2014-07-05 20:53 - 00000020 _____ () C:\Users\###\defogger_reenable
2014-07-05 20:52 - 2014-07-05 20:52 - 00050477 _____ () C:\Users\###\Downloads\Defogger.exe
2014-07-05 20:45 - 2014-07-05 20:45 - 02084352 _____ (Farbar) C:\Users\###\Downloads\FRST64.exe
2014-07-04 22:08 - 2014-07-05 20:16 - 00000664 _____ () C:\WINDOWS\SysWOW64\Drivers\kgpfr2.cfg
2014-07-04 22:07 - 2014-07-04 22:22 - 00002496 _____ () C:\WINDOWS\system32\Drivers\kgpcpy.cfg
2014-07-04 22:03 - 2014-07-04 22:03 - 00707664 _____ (iS3, Inc.) C:\Users\###\Downloads\SZSetup_AID10121_AV.exe
2014-07-03 11:34 - 2014-07-03 11:34 - 00001411 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-07-03 11:34 - 2014-07-03 11:34 - 00001399 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-07-03 11:34 - 2014-07-03 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-07-03 11:34 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2014-07-03 10:56 - 2014-06-06 11:33 - 00000824 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20140703-105625.backup
2014-07-03 10:02 - 2014-07-03 10:03 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\###\Downloads\spybot-2.4.exe
2014-07-03 09:52 - 2014-07-03 09:52 - 00002184 _____ () C:\Users\###\Desktop\ Malwarebytes Anti-Malware  - Malware Scanner - CHIP Downloader.lnk
2014-07-03 09:43 - 2014-07-03 09:43 - 00961360 _____ (Chip Digital GmbH) C:\Users\###\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-06-30 16:18 - 2014-06-30 16:18 - 00002302 _____ () C:\Users\###\Desktop\WIN######4 - Verknüpfung.lnk
2014-06-26 22:15 - 2014-07-04 22:22 - 00000000 ____D () C:\Program Files (x86)\19A6D51C-2D35-44DB-B412-0B01BF8D2D62
2014-06-26 09:32 - 2014-06-26 09:32 - 00517413 _____ () C:\Users\###\Downloads\quickfolders_tabbed_folders-3.14.1-sm+tb.xpi
2014-06-26 09:32 - 2014-06-26 09:32 - 00097251 _____ () C:\Users\###\Downloads\expression_search_gmailui-0.8.8-tb.xpi
2014-06-26 09:31 - 2014-06-26 09:31 - 00376218 _____ () C:\Users\###\Downloads\archive_this-1.4.8.0-tb.xpi
2014-06-26 09:31 - 2014-06-26 09:31 - 00204851 _____ () C:\Users\###\Downloads\quickfilters-2.5-sm+tb.xpi
2014-06-26 09:28 - 2014-06-26 09:28 - 00046321 _____ () C:\Users\###\Downloads\totalquickfilter-3.0-tb.xpi
2014-06-26 09:27 - 2014-06-26 09:27 - 00002054 _____ () C:\Users\###\Downloads\filter_of_filters-1.1-tb.xpi
2014-06-23 16:15 - 2014-06-23 16:15 - 00000000 _____ () C:\Users\###\Downloads\IRON_BUTTERFLY_-_IN_A_GADDA_DA_VIDA_-_1968_ORIGINAL_FULL_VERSION_CD_SOUND_3D_VIDEO.flv
2014-06-23 12:54 - 2014-06-23 12:54 - 00003832 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1396198660
2014-06-23 12:04 - 2014-06-23 12:04 - 00000000 ____D () C:\Users\###\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2014-06-23 12:04 - 2014-06-23 12:04 - 00000000 ____D () C:\Program Files (x86)\LinuxLive USB Creator
2014-06-23 11:52 - 2014-06-23 11:52 - 05001199 _____ (LinuxLive USB Creator) C:\Users\Public\Documents\LinuxLive USB Creator 2.8.29.exe
2014-06-23 11:40 - 2014-06-23 12:00 - 1010827264 _____ () C:\Users\Public\Documents\ubuntu-14.04-desktop-amd64.iso
2014-06-23 10:50 - 2014-06-23 10:50 - 05001199 _____ (LinuxLive USB Creator) C:\Users\###\Downloads\LinuxLive USB Creator 2.8.29.exe
2014-06-23 08:37 - 2014-06-23 08:43 - 34251899 _____ () C:\Users\###\Downloads\Led_Zeppelin_-_Whole_Lotta_Love_HD.flv
2014-06-22 20:43 - 2014-06-22 20:43 - 00000000 _____ () C:\Users\###\Downloads\Red_Hot_Chili_Peppers_-_Stadion_Slaski_Chorz_w_Poland_Full_Concert_2007.07.03.flv
2014-06-21 14:24 - 2014-06-21 14:24 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-06-21 14:24 - 2014-03-19 03:27 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2014-06-21 14:24 - 2014-03-19 03:27 - 00109056 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2014-06-21 13:50 - 2014-06-21 14:23 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-21 13:33 - 2014-06-21 13:33 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-06-21 13:32 - 2014-06-21 13:54 - 00000000 ____D () C:\Users\###\Documents\samsung
2014-06-21 13:32 - 2014-06-21 13:33 - 00000000 ____D () C:\Users\###\AppData\Roaming\Samsung
2014-06-21 13:32 - 2014-06-21 13:32 - 00001993 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\Users\###\Documents\SelfMV
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-06-21 13:32 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2014-06-21 13:30 - 2014-06-21 13:31 - 41820464 _____ (Samsung Electronics Co., Ltd.) C:\Users\###\Downloads\Kies3Setup.exe
2014-06-21 13:28 - 2014-06-21 13:28 - 00000000 ____D () C:\Users\###\Downloads\CF-Auto-Root-jflte-jfltexx-gti9505
2014-06-21 13:26 - 2014-06-21 13:27 - 20536004 _____ () C:\Users\###\Downloads\CF-Auto-Root-jflte-jfltexx-gti9505.zip
2014-06-21 13:26 - 2014-06-21 13:26 - 00467537 _____ () C:\Users\###\Downloads\Odin304.zip
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Copenhagen_Denmark_1972_Full_Concert-1.flv
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Copenhagen_Denmark_1972_Full_Concert.flv
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\AC_DC_-_Greatest_Hits_2011_Full_Completo.flv
2014-06-21 07:57 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Live_Rockpalast_-_1985_-_Palais_Omnisport_Paris_-_Full.flv
2014-06-20 23:41 - 2014-06-21 00:07 - 77834736 _____ () C:\Users\###\Downloads\Deep_Purple-Made_In_Japan_1972.flv
2014-06-16 10:39 - 2014-06-16 10:43 - 00000000 ____D () C:\Users\###\Documents\_Gedä KreKo Kreativit-
2014-06-11 21:05 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-11 21:05 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-11 21:05 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-11 21:05 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-11 21:05 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-11 21:05 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-11 21:05 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-11 21:05 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-11 21:05 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-11 21:05 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-11 21:05 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-11 21:05 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-11 21:05 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-11 21:05 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-11 21:05 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-11 21:05 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-11 21:05 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-11 21:05 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-11 21:05 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-11 21:05 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-11 21:05 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-11 21:05 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-11 21:05 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-11 21:05 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-11 21:05 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-11 21:05 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-11 21:05 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-11 21:05 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-11 21:05 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-11 21:04 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-11 21:04 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-11 21:04 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-11 21:04 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 21:04 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 21:04 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-11 21:04 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-11 21:04 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-11 21:04 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-11 21:03 - 2014-06-11 21:03 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 21:03 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-11 21:03 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-11 21:03 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-11 21:03 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-11 21:03 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-11 21:03 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-11 21:03 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-11 21:03 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-11 21:03 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-11 21:03 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-11 21:03 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-11 21:03 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-11 21:03 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-11 21:03 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-11 21:03 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-11 21:03 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-11 13:02 - 2014-06-11 13:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 09:08 - 2014-06-13 22:41 - 00000000 ____D () C:\Users\###\Documents\_mi####r

==================== One Month Modified Files and Folders =======

2014-07-05 21:00 - 2014-07-05 20:59 - 00022100 _____ () C:\Users\###\Downloads\FRST.txt
2014-07-05 21:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-05 20:59 - 2014-07-05 20:59 - 00000000 ____D () C:\FRST
2014-07-05 20:56 - 2013-09-21 14:35 - 00000000 ____D () C:\Users\###\Documents\Youcam
2014-07-05 20:55 - 2013-09-24 18:17 - 00001114 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-05 20:54 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-05 20:54 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-05 20:53 - 2014-07-05 20:53 - 00000578 _____ () C:\Users\###\Downloads\defogger_disable.log
2014-07-05 20:53 - 2014-07-05 20:53 - 00000020 _____ () C:\Users\###\defogger_reenable
2014-07-05 20:53 - 2014-02-17 10:50 - 00000000 ____D () C:\Users\###
2014-07-05 20:52 - 2014-07-05 20:52 - 00050477 _____ () C:\Users\###\Downloads\Defogger.exe
2014-07-05 20:45 - 2014-07-05 20:45 - 02084352 _____ (Farbar) C:\Users\###\Downloads\FRST64.exe
2014-07-05 20:43 - 2014-02-17 11:09 - 01099006 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-05 20:19 - 2014-02-18 09:25 - 00000000 ____D () C:\Users\###\Documents\_WIN-PC
2014-07-05 20:16 - 2014-07-04 22:08 - 00000664 _____ () C:\WINDOWS\SysWOW64\Drivers\kgpfr2.cfg
2014-07-05 20:03 - 2013-12-20 08:45 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-05 20:01 - 2013-09-24 18:18 - 00001118 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-05 18:45 - 2014-04-01 19:13 - 00000000 ____D () C:\Program Files\003
2014-07-04 22:22 - 2014-07-04 22:07 - 00002496 _____ () C:\WINDOWS\system32\Drivers\kgpcpy.cfg
2014-07-04 22:22 - 2014-06-26 22:15 - 00000000 ____D () C:\Program Files (x86)\19A6D51C-2D35-44DB-B412-0B01BF8D2D62
2014-07-04 22:15 - 2014-06-02 16:32 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-04 22:11 - 2013-09-21 14:40 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3410272128-3850883635-1020607561-1001
2014-07-04 22:03 - 2014-07-04 22:03 - 00707664 _____ (iS3, Inc.) C:\Users\###\Downloads\SZSetup_AID10121_AV.exe
2014-07-04 12:58 - 2013-11-03 09:28 - 00125952 ___SH () C:\Users\###\Desktop\Thumbs.db
2014-07-03 11:34 - 2014-07-03 11:34 - 00001411 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-07-03 11:34 - 2014-07-03 11:34 - 00001399 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-07-03 11:34 - 2014-07-03 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-07-03 11:34 - 2014-01-03 10:31 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-03 11:34 - 2014-01-03 10:31 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-07-03 11:30 - 2013-11-14 00:18 - 00009156 _____ () C:\WINDOWS\PFRO.log
2014-07-03 11:10 - 2014-01-03 10:34 - 00000135 _____ () C:\WINDOWS\wininit.ini
2014-07-03 10:52 - 2013-11-03 11:00 - 00000000 ____D () C:\Users\###\AppData\Roaming\vlc
2014-07-03 10:03 - 2014-07-03 10:02 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\###\Downloads\spybot-2.4.exe
2014-07-03 09:52 - 2014-07-03 09:52 - 00002184 _____ () C:\Users\###\Desktop\ Malwarebytes Anti-Malware  - Malware Scanner - CHIP Downloader.lnk
2014-07-03 09:43 - 2014-07-03 09:43 - 00961360 _____ (Chip Digital GmbH) C:\Users\###\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-07-02 19:35 - 2014-02-25 19:13 - 00000000 ____D () C:\Users\###\Documents\_#####
2014-07-01 14:53 - 2013-11-14 09:27 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-01 14:53 - 2013-11-14 09:11 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-01 14:53 - 2013-11-14 09:11 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-01 08:46 - 2013-10-23 13:56 - 00000000 ____D () C:\Users\###\Documents\###a
2014-06-30 16:29 - 2013-11-06 15:32 - 00000000 ____D () C:\Users\###\Documents\___Tests
2014-06-30 16:18 - 2014-06-30 16:18 - 00002302 _____ () C:\Users\###\Desktop\### - Verknüpfung.lnk
2014-06-30 07:29 - 2013-12-25 13:32 - 00000000 ____D () C:\Users\###\AppData\Roaming\FileAdvisor
2014-06-26 09:32 - 2014-06-26 09:32 - 00517413 _____ () C:\Users\###\Downloads\quickfolders_tabbed_folders-3.14.1-sm+tb.xpi
2014-06-26 09:32 - 2014-06-26 09:32 - 00097251 _____ () C:\Users\###\Downloads\expression_search_gmailui-0.8.8-tb.xpi
2014-06-26 09:31 - 2014-06-26 09:31 - 00376218 _____ () C:\Users\###\Downloads\archive_this-1.4.8.0-tb.xpi
2014-06-26 09:31 - 2014-06-26 09:31 - 00204851 _____ () C:\Users\###\Downloads\quickfilters-2.5-sm+tb.xpi
2014-06-26 09:28 - 2014-06-26 09:28 - 00046321 _____ () C:\Users\###\Downloads\totalquickfilter-3.0-tb.xpi
2014-06-26 09:27 - 2014-06-26 09:27 - 00002054 _____ () C:\Users\###\Downloads\filter_of_filters-1.1-tb.xpi
2014-06-25 19:47 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-25 13:51 - 2014-01-27 21:27 - 00000000 ____D () C:\D-EVERYTHINGSEARCH
2014-06-25 13:51 - 2014-01-27 21:25 - 00000000 ____D () C:\Program Files (x86)\Everything
2014-06-23 16:15 - 2014-06-23 16:15 - 00000000 _____ () C:\Users\###\Downloads\IRON_BUTTERFLY_-_IN_A_GADDA_DA_VIDA_-_1968_ORIGINAL_FULL_VERSION_CD_SOUND_3D_VIDEO.flv
2014-06-23 12:54 - 2014-06-23 12:54 - 00003832 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1396198660
2014-06-23 12:54 - 2014-03-30 18:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-06-23 12:04 - 2014-06-23 12:04 - 00000000 ____D () C:\Users\###\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2014-06-23 12:04 - 2014-06-23 12:04 - 00000000 ____D () C:\Program Files (x86)\LinuxLive USB Creator
2014-06-23 12:00 - 2014-06-23 11:40 - 1010827264 _____ () C:\Users\Public\Documents\ubuntu-14.04-desktop-amd64.iso
2014-06-23 11:52 - 2014-06-23 11:52 - 05001199 _____ (LinuxLive USB Creator) C:\Users\Public\Documents\LinuxLive USB Creator 2.8.29.exe
2014-06-23 11:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-06-23 11:00 - 2013-08-22 16:46 - 00305858 _____ () C:\WINDOWS\setupact.log
2014-06-23 10:50 - 2014-06-23 10:50 - 05001199 _____ (LinuxLive USB Creator) C:\Users\###\Downloads\LinuxLive USB Creator 2.8.29.exe
2014-06-23 08:43 - 2014-06-23 08:37 - 34251899 _____ () C:\Users\###\Downloads\Led_Zeppelin_-_Whole_Lotta_Love_HD.flv
2014-06-22 20:43 - 2014-06-22 20:43 - 00000000 _____ () C:\Users\###\Downloads\Red_Hot_Chili_Peppers_-_Stadion_Slaski_Chorz_w_Poland_Full_Concert_2007.07.03.flv
2014-06-21 14:24 - 2014-06-21 14:24 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-06-21 14:23 - 2014-06-21 13:50 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-21 13:54 - 2014-06-21 13:32 - 00000000 ____D () C:\Users\###\Documents\samsung
2014-06-21 13:33 - 2014-06-21 13:33 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-06-21 13:33 - 2014-06-21 13:32 - 00000000 ____D () C:\Users\###\AppData\Roaming\Samsung
2014-06-21 13:32 - 2014-06-21 13:32 - 00001993 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\Users\###\Documents\SelfMV
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-06-21 13:32 - 2012-11-05 19:52 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-21 13:31 - 2014-06-21 13:30 - 41820464 _____ (Samsung Electronics Co., Ltd.) C:\Users\###\Downloads\Kies3Setup.exe
2014-06-21 13:28 - 2014-06-21 13:28 - 00000000 ____D () C:\Users\###\Downloads\CF-Auto-Root-jflte-jfltexx-gti9505
2014-06-21 13:27 - 2014-06-21 13:26 - 20536004 _____ () C:\Users\###\Downloads\CF-Auto-Root-jflte-jfltexx-gti9505.zip
2014-06-21 13:26 - 2014-06-21 13:26 - 00467537 _____ () C:\Users\###\Downloads\Odin304.zip
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Copenhagen_Denmark_1972_Full_Concert-1.flv
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Copenhagen_Denmark_1972_Full_Concert.flv
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\AC_DC_-_Greatest_Hits_2011_Full_Completo.flv
2014-06-21 07:58 - 2014-06-21 07:57 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Live_Rockpalast_-_1985_-_Palais_Omnisport_Paris_-_Full.flv
2014-06-21 00:20 - 2014-03-22 01:03 - 00000000 ____D () C:\Users\###\AppData\Local\Windows Live
2014-06-21 00:07 - 2014-06-20 23:41 - 77834736 _____ () C:\Users\###\Downloads\Deep_Purple-Made_In_Japan_1972.flv
2014-06-18 17:56 - 2013-09-24 18:18 - 00004090 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-18 17:56 - 2013-09-24 18:17 - 00003854 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-17 18:29 - 2013-09-22 22:02 - 00006234 _____ () C:\WirelessDiagLog.csv
2014-06-16 10:43 - 2014-06-16 10:39 - 00000000 ____D () C:\Users\###\Documents\_Gedä KreKo Kreativit-
2014-06-13 22:41 - 2014-06-11 09:08 - 00000000 ____D () C:\Users\###\Documents\####r
2014-06-12 08:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-12 07:37 - 2013-10-14 10:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-12 07:30 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-12 07:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-11 21:45 - 2013-09-22 14:37 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-11 21:43 - 2012-11-05 19:14 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 13:02 - 2014-06-11 13:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 12:25 - 2014-05-02 10:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-08 21:44 - 2013-12-24 08:55 - 00000000 ____D () C:\Users\###\Documents\###
2014-06-06 12:15 - 2014-03-19 08:46 - 00000000 ____D () C:\Users\###\Documents\#####
2014-06-06 11:33 - 2014-07-03 10:56 - 00000824 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20140703-105625.backup
2014-06-05 05:43 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

Files to move or delete:
====================
C:\Users\###\AppData\Roaming\CamLayout.ini
C:\Users\###\AppData\Roaming\CamShapes.ini
C:\Users\###\AppData\Roaming\CamStudio.Producer.Data.ini


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-03 18:49

==================== End Of Log ============================
         
--- --- ---


und FRST.txt


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by ### (administrator) on ###### on 05-07-2014 20:59:16
Running from C:\Users\###\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco SystemsVPN Client\cvpnd.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Thermaltake) C:\Program Files (x86)\Mouse Tt eSPORTS BLACK\BlackMonitor.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [IntelMyWiFiDashboard] => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [5010224 2012-07-13] (Intel® Corporation)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2912056 2012-08-16] (Synaptics Incorporated)
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [320824 2012-08-16] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [388408 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258576 2012-07-30] (CyberLink Corp.)
HKLM-x32\...\Run: [Tt eSPORTS BLACK Gaming Mouse] => C:\Program Files (x86)\Mouse Tt eSPORTS BLACK\BlackMonitor.exe [105864 2012-08-10] (Thermaltake)
HKLM-x32\...\Run: [AVMFBoxMonitor] => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [1503232 2009-07-06] (AVM Berlin)
HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe [328992 2010-10-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2092032 2014-02-03] (Dominik Reichl)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime Lite\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-3410272128-3850883635-1020607561-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2011-06-04] (Acresso Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyUsers\S-1-5-21-3410272128-3850883635-1020607561-1004\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3410272128-3850883635-1020607561-1001\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {9B62A7FA-C373-4BF4-BCA6-12C03F49BB1A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKCU - {9B62A7FA-C373-4BF4-BCA6-12C03F49BB1A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\####\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default
FF NewTab: hxxp://search.conduit.com/?gd=&ctid=CT3315513&octid=EB_ORIGINAL_CTID&ISID=M3D6AB86D-DF50-4066-8CD4-43434B9052EF&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SPB7CBB68B-550A-4643-AF69-91C9F7CA5C79
FF Homepage: leer
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-ExchangeViewer\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-ExchangeViewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-ExchangeViewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPSibelius.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\PDFNetC.dll (PDFTron Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchPDFWrapper.dll ()
FF SearchPlugin: C:\Users\#####\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\######\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\searchplugins\googlemaps.xml
FF SearchPlugin: C:\Users\####\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\searchplugins\ixquick-https.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\####\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\youtubeunblocker@unblocker.yt [2014-01-23]
FF Extension: Flashblock - C:\Users\####\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-09-23]
FF Extension: DownloadHelper - C:\Users\#####\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26]
FF Extension: AutoGroup - C:\Users\####\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\akimkin_denis@mail.ru.xpi [2014-04-21]
FF Extension: FlashStopper - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\flashstopper@byo.co.il.xpi [2014-04-21]
FF Extension: Image and Flash Blocker - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\imgflashblocker@shimon.chohen.xpi [2013-09-23]
FF Extension: media menu - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\jid0-X4tVYTsgT60azyHVye1faT8MjIA@jetpack.xpi [2014-04-21]
FF Extension: YouTube Control Center - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\jid1-CikLKKPVkw6ipw@jetpack.xpi [2014-04-21]
FF Extension: Media Sniffer - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\MediaSniffer@hiyoko.info.xpi [2014-04-21]
FF Extension: betterFox - Make your browsing experience 15% faster. - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\multirevenue@googlemail.com.xpi [2014-04-21]
FF Extension: SmartVideo For YouTube - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\mytube@ashishmishra.in.xpi [2014-04-21]
FF Extension: Niederschlagsradar - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\niederschlagsradar@sensiva.net.xpi [2014-06-10]
FF Extension: S3.Download Statusbar - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\s3download@statusbar.xpi [2014-02-13]
FF Extension: Search Tab - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\searchtab@pratikpoddar.xpi [2013-12-13]
FF Extension: Secure Login - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\secureLogin@blueimp.net.xpi [2013-09-21]
FF Extension: StopTube - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\stoptube@kashiif.com.xpi [2013-09-23]
FF Extension: SuperStop - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\superstop@gavinsharp.com.xpi [2013-09-23]
FF Extension: Todoist - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\support@todoist.com.xpi [2013-10-15]
FF Extension: Session Manager - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2013-09-21]
FF Extension: ScrapBook - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2014-01-04]
FF Extension: Web Marker - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{5755466A-DB04-11DA-A2DD-0E545D5EE2F7}.xpi [2014-03-09]
FF Extension: NoScript - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-04-21]
FF Extension: Flash Block - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{95ab36d4-fb6f-47b0-8b8d-e5f3bd547953}.xpi [2013-09-23]
FF Extension: Adblock Plus - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-21]
FF Extension: Tab Mix Plus - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-12-26]

==================== Services (Whitelisted) =================

R2 CVPND; C:\Program Files (x86)\Cisco SystemsVPN Client\cvpnd.exe [1528616 2010-03-23] (Cisco Systems, Inc.)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 TipCtrl; C:\Program Files (x86)\uTIPu\TipCtrl.exe [314504 2009-02-03] (Utipu inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2012-08-13] (Wistron Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)
S2 SupraSavingsService64; C:\Program Files (x86)\19A6D51C-2D35-44DB-B412-0B01BF8D2D62\SupraSavingsService64.exe [X]
S2 xmkysecqun64; C:\Program Files\003\xmkysecqun64.exe run options=01110010030000000000000000000000 sourceguid=19A6D51C-2D35-44DB-B412-0B01BF8D2D62 [X]

==================== Drivers (Whitelisted) ====================

S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2014-03-20] (Disc Soft Ltd)
R2 easycvfs; C:\WINDOWS\system32\drivers\easycvfs.sys [110472 2010-07-29] () [File not signed]
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-16] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-03-20] (Duplex Secure Ltd.)
S3 synusb64; C:\Windows\System32\drivers\synusb64.sys [30352 2010-09-17] (Steinberg Media Technologies GmbH)
R1 ui11rdr; C:\Windows\System32\DRIVERS\ui11rdr.sys [199752 2011-11-21] (1&1 Internet AG)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-05 20:59 - 2014-07-05 21:00 - 00022100 _____ () C:\Users\###\Downloads\FRST.txt
2014-07-05 20:59 - 2014-07-05 20:59 - 00000000 ____D () C:\FRST
2014-07-05 20:53 - 2014-07-05 20:53 - 00000578 _____ () C:\Users\###\Downloads\defogger_disable.log
2014-07-05 20:53 - 2014-07-05 20:53 - 00000020 _____ () C:\Users\###\defogger_reenable
2014-07-05 20:52 - 2014-07-05 20:52 - 00050477 _____ () C:\Users\###\Downloads\Defogger.exe
2014-07-05 20:45 - 2014-07-05 20:45 - 02084352 _____ (Farbar) C:\Users\###\Downloads\FRST64.exe
2014-07-04 22:08 - 2014-07-05 20:16 - 00000664 _____ () C:\WINDOWS\SysWOW64\Drivers\kgpfr2.cfg
2014-07-04 22:07 - 2014-07-04 22:22 - 00002496 _____ () C:\WINDOWS\system32\Drivers\kgpcpy.cfg
2014-07-04 22:03 - 2014-07-04 22:03 - 00707664 _____ (iS3, Inc.) C:\Users\###\Downloads\SZSetup_AID10121_AV.exe
2014-07-03 11:34 - 2014-07-03 11:34 - 00001411 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-07-03 11:34 - 2014-07-03 11:34 - 00001399 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-07-03 11:34 - 2014-07-03 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-07-03 11:34 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2014-07-03 10:56 - 2014-06-06 11:33 - 00000824 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20140703-105625.backup
2014-07-03 10:02 - 2014-07-03 10:03 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\###\Downloads\spybot-2.4.exe
2014-07-03 09:52 - 2014-07-03 09:52 - 00002184 _____ () C:\Users\###\Desktop\ Malwarebytes Anti-Malware  - Malware Scanner - CHIP Downloader.lnk
2014-07-03 09:43 - 2014-07-03 09:43 - 00961360 _____ (Chip Digital GmbH) C:\Users\###\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-06-30 16:18 - 2014-06-30 16:18 - 00002302 _____ () C:\Users\###\Desktop\WIN######4 - Verknüpfung.lnk
2014-06-26 22:15 - 2014-07-04 22:22 - 00000000 ____D () C:\Program Files (x86)\19A6D51C-2D35-44DB-B412-0B01BF8D2D62
2014-06-26 09:32 - 2014-06-26 09:32 - 00517413 _____ () C:\Users\###\Downloads\quickfolders_tabbed_folders-3.14.1-sm+tb.xpi
2014-06-26 09:32 - 2014-06-26 09:32 - 00097251 _____ () C:\Users\###\Downloads\expression_search_gmailui-0.8.8-tb.xpi
2014-06-26 09:31 - 2014-06-26 09:31 - 00376218 _____ () C:\Users\###\Downloads\archive_this-1.4.8.0-tb.xpi
2014-06-26 09:31 - 2014-06-26 09:31 - 00204851 _____ () C:\Users\###\Downloads\quickfilters-2.5-sm+tb.xpi
2014-06-26 09:28 - 2014-06-26 09:28 - 00046321 _____ () C:\Users\###\Downloads\totalquickfilter-3.0-tb.xpi
2014-06-26 09:27 - 2014-06-26 09:27 - 00002054 _____ () C:\Users\###\Downloads\filter_of_filters-1.1-tb.xpi
2014-06-23 16:15 - 2014-06-23 16:15 - 00000000 _____ () C:\Users\###\Downloads\IRON_BUTTERFLY_-_IN_A_GADDA_DA_VIDA_-_1968_ORIGINAL_FULL_VERSION_CD_SOUND_3D_VIDEO.flv
2014-06-23 12:54 - 2014-06-23 12:54 - 00003832 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1396198660
2014-06-23 12:04 - 2014-06-23 12:04 - 00000000 ____D () C:\Users\###\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2014-06-23 12:04 - 2014-06-23 12:04 - 00000000 ____D () C:\Program Files (x86)\LinuxLive USB Creator
2014-06-23 11:52 - 2014-06-23 11:52 - 05001199 _____ (LinuxLive USB Creator) C:\Users\Public\Documents\LinuxLive USB Creator 2.8.29.exe
2014-06-23 11:40 - 2014-06-23 12:00 - 1010827264 _____ () C:\Users\Public\Documents\ubuntu-14.04-desktop-amd64.iso
2014-06-23 10:50 - 2014-06-23 10:50 - 05001199 _____ (LinuxLive USB Creator) C:\Users\###\Downloads\LinuxLive USB Creator 2.8.29.exe
2014-06-23 08:37 - 2014-06-23 08:43 - 34251899 _____ () C:\Users\###\Downloads\Led_Zeppelin_-_Whole_Lotta_Love_HD.flv
2014-06-22 20:43 - 2014-06-22 20:43 - 00000000 _____ () C:\Users\###\Downloads\Red_Hot_Chili_Peppers_-_Stadion_Slaski_Chorz_w_Poland_Full_Concert_2007.07.03.flv
2014-06-21 14:24 - 2014-06-21 14:24 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-06-21 14:24 - 2014-03-19 03:27 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2014-06-21 14:24 - 2014-03-19 03:27 - 00109056 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2014-06-21 13:50 - 2014-06-21 14:23 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-21 13:33 - 2014-06-21 13:33 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-06-21 13:32 - 2014-06-21 13:54 - 00000000 ____D () C:\Users\###\Documents\samsung
2014-06-21 13:32 - 2014-06-21 13:33 - 00000000 ____D () C:\Users\###\AppData\Roaming\Samsung
2014-06-21 13:32 - 2014-06-21 13:32 - 00001993 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\Users\###\Documents\SelfMV
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-06-21 13:32 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2014-06-21 13:30 - 2014-06-21 13:31 - 41820464 _____ (Samsung Electronics Co., Ltd.) C:\Users\###\Downloads\Kies3Setup.exe
2014-06-21 13:28 - 2014-06-21 13:28 - 00000000 ____D () C:\Users\###\Downloads\CF-Auto-Root-jflte-jfltexx-gti9505
2014-06-21 13:26 - 2014-06-21 13:27 - 20536004 _____ () C:\Users\###\Downloads\CF-Auto-Root-jflte-jfltexx-gti9505.zip
2014-06-21 13:26 - 2014-06-21 13:26 - 00467537 _____ () C:\Users\###\Downloads\Odin304.zip
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Copenhagen_Denmark_1972_Full_Concert-1.flv
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Copenhagen_Denmark_1972_Full_Concert.flv
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\AC_DC_-_Greatest_Hits_2011_Full_Completo.flv
2014-06-21 07:57 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Live_Rockpalast_-_1985_-_Palais_Omnisport_Paris_-_Full.flv
2014-06-20 23:41 - 2014-06-21 00:07 - 77834736 _____ () C:\Users\###\Downloads\Deep_Purple-Made_In_Japan_1972.flv
2014-06-16 10:39 - 2014-06-16 10:43 - 00000000 ____D () C:\Users\###\Documents\_Gedä KreKo Kreativit-
2014-06-11 21:05 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-11 21:05 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-11 21:05 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-11 21:05 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-11 21:05 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-11 21:05 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-11 21:05 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-11 21:05 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-11 21:05 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-11 21:05 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-11 21:05 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-11 21:05 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-11 21:05 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-11 21:05 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-11 21:05 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-11 21:05 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-11 21:05 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-11 21:05 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-11 21:05 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-11 21:05 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-11 21:05 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-11 21:05 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-11 21:05 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-11 21:05 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-11 21:05 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-11 21:05 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-11 21:05 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-11 21:05 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-11 21:05 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-11 21:04 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-11 21:04 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-11 21:04 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-11 21:04 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 21:04 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 21:04 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-11 21:04 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-11 21:04 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-11 21:04 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-11 21:03 - 2014-06-11 21:03 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 21:03 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-11 21:03 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-11 21:03 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-11 21:03 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-11 21:03 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-11 21:03 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-11 21:03 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-11 21:03 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-11 21:03 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-11 21:03 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-11 21:03 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-11 21:03 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-11 21:03 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-11 21:03 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-11 21:03 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-11 21:03 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-11 13:02 - 2014-06-11 13:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 09:08 - 2014-06-13 22:41 - 00000000 ____D () C:\Users\###\Documents\_mi####r

==================== One Month Modified Files and Folders =======

2014-07-05 21:00 - 2014-07-05 20:59 - 00022100 _____ () C:\Users\###\Downloads\FRST.txt
2014-07-05 21:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-05 20:59 - 2014-07-05 20:59 - 00000000 ____D () C:\FRST
2014-07-05 20:56 - 2013-09-21 14:35 - 00000000 ____D () C:\Users\###\Documents\Youcam
2014-07-05 20:55 - 2013-09-24 18:17 - 00001114 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-05 20:54 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-05 20:54 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-05 20:53 - 2014-07-05 20:53 - 00000578 _____ () C:\Users\###\Downloads\defogger_disable.log
2014-07-05 20:53 - 2014-07-05 20:53 - 00000020 _____ () C:\Users\###\defogger_reenable
2014-07-05 20:53 - 2014-02-17 10:50 - 00000000 ____D () C:\Users\###
2014-07-05 20:52 - 2014-07-05 20:52 - 00050477 _____ () C:\Users\###\Downloads\Defogger.exe
2014-07-05 20:45 - 2014-07-05 20:45 - 02084352 _____ (Farbar) C:\Users\###\Downloads\FRST64.exe
2014-07-05 20:43 - 2014-02-17 11:09 - 01099006 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-05 20:19 - 2014-02-18 09:25 - 00000000 ____D () C:\Users\###\Documents\_WIN-PC
2014-07-05 20:16 - 2014-07-04 22:08 - 00000664 _____ () C:\WINDOWS\SysWOW64\Drivers\kgpfr2.cfg
2014-07-05 20:03 - 2013-12-20 08:45 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-05 20:01 - 2013-09-24 18:18 - 00001118 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-05 18:45 - 2014-04-01 19:13 - 00000000 ____D () C:\Program Files\003
2014-07-04 22:22 - 2014-07-04 22:07 - 00002496 _____ () C:\WINDOWS\system32\Drivers\kgpcpy.cfg
2014-07-04 22:22 - 2014-06-26 22:15 - 00000000 ____D () C:\Program Files (x86)\19A6D51C-2D35-44DB-B412-0B01BF8D2D62
2014-07-04 22:15 - 2014-06-02 16:32 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-04 22:11 - 2013-09-21 14:40 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3410272128-3850883635-1020607561-1001
2014-07-04 22:03 - 2014-07-04 22:03 - 00707664 _____ (iS3, Inc.) C:\Users\###\Downloads\SZSetup_AID10121_AV.exe
2014-07-04 12:58 - 2013-11-03 09:28 - 00125952 ___SH () C:\Users\###\Desktop\Thumbs.db
2014-07-03 11:34 - 2014-07-03 11:34 - 00001411 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-07-03 11:34 - 2014-07-03 11:34 - 00001399 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-07-03 11:34 - 2014-07-03 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-07-03 11:34 - 2014-01-03 10:31 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-03 11:34 - 2014-01-03 10:31 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-07-03 11:30 - 2013-11-14 00:18 - 00009156 _____ () C:\WINDOWS\PFRO.log
2014-07-03 11:10 - 2014-01-03 10:34 - 00000135 _____ () C:\WINDOWS\wininit.ini
2014-07-03 10:52 - 2013-11-03 11:00 - 00000000 ____D () C:\Users\###\AppData\Roaming\vlc
2014-07-03 10:03 - 2014-07-03 10:02 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\###\Downloads\spybot-2.4.exe
2014-07-03 09:52 - 2014-07-03 09:52 - 00002184 _____ () C:\Users\###\Desktop\ Malwarebytes Anti-Malware  - Malware Scanner - CHIP Downloader.lnk
2014-07-03 09:43 - 2014-07-03 09:43 - 00961360 _____ (Chip Digital GmbH) C:\Users\###\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-07-02 19:35 - 2014-02-25 19:13 - 00000000 ____D () C:\Users\###\Documents\_#####
2014-07-01 14:53 - 2013-11-14 09:27 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-01 14:53 - 2013-11-14 09:11 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-01 14:53 - 2013-11-14 09:11 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-01 08:46 - 2013-10-23 13:56 - 00000000 ____D () C:\Users\###\Documents\###a
2014-06-30 16:29 - 2013-11-06 15:32 - 00000000 ____D () C:\Users\###\Documents\___Tests
2014-06-30 16:18 - 2014-06-30 16:18 - 00002302 _____ () C:\Users\###\Desktop\### - Verknüpfung.lnk
2014-06-30 07:29 - 2013-12-25 13:32 - 00000000 ____D () C:\Users\###\AppData\Roaming\FileAdvisor
2014-06-26 09:32 - 2014-06-26 09:32 - 00517413 _____ () C:\Users\###\Downloads\quickfolders_tabbed_folders-3.14.1-sm+tb.xpi
2014-06-26 09:32 - 2014-06-26 09:32 - 00097251 _____ () C:\Users\###\Downloads\expression_search_gmailui-0.8.8-tb.xpi
2014-06-26 09:31 - 2014-06-26 09:31 - 00376218 _____ () C:\Users\###\Downloads\archive_this-1.4.8.0-tb.xpi
2014-06-26 09:31 - 2014-06-26 09:31 - 00204851 _____ () C:\Users\###\Downloads\quickfilters-2.5-sm+tb.xpi
2014-06-26 09:28 - 2014-06-26 09:28 - 00046321 _____ () C:\Users\###\Downloads\totalquickfilter-3.0-tb.xpi
2014-06-26 09:27 - 2014-06-26 09:27 - 00002054 _____ () C:\Users\###\Downloads\filter_of_filters-1.1-tb.xpi
2014-06-25 19:47 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-25 13:51 - 2014-01-27 21:27 - 00000000 ____D () C:\D-EVERYTHINGSEARCH
2014-06-25 13:51 - 2014-01-27 21:25 - 00000000 ____D () C:\Program Files (x86)\Everything
2014-06-23 16:15 - 2014-06-23 16:15 - 00000000 _____ () C:\Users\###\Downloads\IRON_BUTTERFLY_-_IN_A_GADDA_DA_VIDA_-_1968_ORIGINAL_FULL_VERSION_CD_SOUND_3D_VIDEO.flv
2014-06-23 12:54 - 2014-06-23 12:54 - 00003832 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1396198660
2014-06-23 12:54 - 2014-03-30 18:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-06-23 12:04 - 2014-06-23 12:04 - 00000000 ____D () C:\Users\###\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2014-06-23 12:04 - 2014-06-23 12:04 - 00000000 ____D () C:\Program Files (x86)\LinuxLive USB Creator
2014-06-23 12:00 - 2014-06-23 11:40 - 1010827264 _____ () C:\Users\Public\Documents\ubuntu-14.04-desktop-amd64.iso
2014-06-23 11:52 - 2014-06-23 11:52 - 05001199 _____ (LinuxLive USB Creator) C:\Users\Public\Documents\LinuxLive USB Creator 2.8.29.exe
2014-06-23 11:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-06-23 11:00 - 2013-08-22 16:46 - 00305858 _____ () C:\WINDOWS\setupact.log
2014-06-23 10:50 - 2014-06-23 10:50 - 05001199 _____ (LinuxLive USB Creator) C:\Users\###\Downloads\LinuxLive USB Creator 2.8.29.exe
2014-06-23 08:43 - 2014-06-23 08:37 - 34251899 _____ () C:\Users\###\Downloads\Led_Zeppelin_-_Whole_Lotta_Love_HD.flv
2014-06-22 20:43 - 2014-06-22 20:43 - 00000000 _____ () C:\Users\###\Downloads\Red_Hot_Chili_Peppers_-_Stadion_Slaski_Chorz_w_Poland_Full_Concert_2007.07.03.flv
2014-06-21 14:24 - 2014-06-21 14:24 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-06-21 14:23 - 2014-06-21 13:50 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-21 13:54 - 2014-06-21 13:32 - 00000000 ____D () C:\Users\###\Documents\samsung
2014-06-21 13:33 - 2014-06-21 13:33 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-06-21 13:33 - 2014-06-21 13:32 - 00000000 ____D () C:\Users\###\AppData\Roaming\Samsung
2014-06-21 13:32 - 2014-06-21 13:32 - 00001993 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\Users\###\Documents\SelfMV
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-06-21 13:32 - 2012-11-05 19:52 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-21 13:31 - 2014-06-21 13:30 - 41820464 _____ (Samsung Electronics Co., Ltd.) C:\Users\###\Downloads\Kies3Setup.exe
2014-06-21 13:28 - 2014-06-21 13:28 - 00000000 ____D () C:\Users\###\Downloads\CF-Auto-Root-jflte-jfltexx-gti9505
2014-06-21 13:27 - 2014-06-21 13:26 - 20536004 _____ () C:\Users\###\Downloads\CF-Auto-Root-jflte-jfltexx-gti9505.zip
2014-06-21 13:26 - 2014-06-21 13:26 - 00467537 _____ () C:\Users\###\Downloads\Odin304.zip
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Copenhagen_Denmark_1972_Full_Concert-1.flv
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Copenhagen_Denmark_1972_Full_Concert.flv
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\AC_DC_-_Greatest_Hits_2011_Full_Completo.flv
2014-06-21 07:58 - 2014-06-21 07:57 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Live_Rockpalast_-_1985_-_Palais_Omnisport_Paris_-_Full.flv
2014-06-21 00:20 - 2014-03-22 01:03 - 00000000 ____D () C:\Users\###\AppData\Local\Windows Live
2014-06-21 00:07 - 2014-06-20 23:41 - 77834736 _____ () C:\Users\###\Downloads\Deep_Purple-Made_In_Japan_1972.flv
2014-06-18 17:56 - 2013-09-24 18:18 - 00004090 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-18 17:56 - 2013-09-24 18:17 - 00003854 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-17 18:29 - 2013-09-22 22:02 - 00006234 _____ () C:\WirelessDiagLog.csv
2014-06-16 10:43 - 2014-06-16 10:39 - 00000000 ____D () C:\Users\###\Documents\_Gedä KreKo Kreativit-
2014-06-13 22:41 - 2014-06-11 09:08 - 00000000 ____D () C:\Users\###\Documents\####r
2014-06-12 08:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-12 07:37 - 2013-10-14 10:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-12 07:30 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-12 07:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-11 21:45 - 2013-09-22 14:37 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-11 21:43 - 2012-11-05 19:14 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 13:02 - 2014-06-11 13:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 12:25 - 2014-05-02 10:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-08 21:44 - 2013-12-24 08:55 - 00000000 ____D () C:\Users\###\Documents\###
2014-06-06 12:15 - 2014-03-19 08:46 - 00000000 ____D () C:\Users\###\Documents\#####
2014-06-06 11:33 - 2014-07-03 10:56 - 00000824 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20140703-105625.backup
2014-06-05 05:43 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

Files to move or delete:
====================
C:\Users\###\AppData\Roaming\CamLayout.ini
C:\Users\###\AppData\Roaming\CamShapes.ini
C:\Users\###\AppData\Roaming\CamStudio.Producer.Data.ini


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-03 18:49

==================== End Of Log ============================
         
--- --- ---



Search+Destroy-Code kommt noch. Der benötigt immer sehr lange!

Alt 05.07.2014, 23:10   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Supra Savings im Firefox - Standard

Supra Savings im Firefox



hi,

Addition.txt fehlt noch.
__________________

__________________

Alt 05.07.2014, 23:12   #3
kimberger
 
Supra Savings im Firefox - Standard

Supra Savings im Firefox



Oh, sorry, ja ich hatte den anderen doppelt :-((((
Mann, hast Du schnell geantwortet !!!

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by ###### at 2014-07-05 21:01:06
Running from C:\Users\###\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

1&1 SmartFax (HKLM-x32\...\1&1 SmartFax) (Version: 2.00.231 - 1&1 Internet AG)
1&1 Upload-Manager (HKLM-x32\...\1&1 Upload-Manager) (Version: 2.0.676 - 1&1 Internet AG)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Anvil Studio (HKLM-x32\...\{DAC80967-02DF-4292-B5E2-5E3959A4E2F1}) (Version: 13.10.03 - Willow Software)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Photo Commander 10 v.10.2.1 (HKLM-x32\...\{C92AB6F1-4B66-808A-D77C-25EF81C0176A}_is1) (Version: 10.2.1 - Ashampoo GmbH & Co. KG)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AVM FRITZ!Box Monitor (HKLM-x32\...\AVMFBoxMonitor) (Version:  - AVM Berlin)
Bing Maps 3D (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation)
Blender (HKLM\...\Blender) (Version: 2.70a - Blender Foundation)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CanoScan LiDE 200 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4807) (Version:  - )
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
CRoadX (HKLM-x32\...\{8BFBC2E1-A22C-49B7-A946-A22247AC2B1C}) (Version: 1.0.4 - Arnold Laffrenzen)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3111_44883 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3124 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.3124 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (x32 Version: 8.0.0.1920 - CyberLink Corp.) Hidden
CyberLink PowerDirector (Version: 9.0.0.3815c - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4125.02 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy 1.5 (x32 Version: 1.5.2715b - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.0913 - CyberLink Corp.) Hidden
CyberLink YouCam 5 (x32 Version: 5.0.1930 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dragon NaturallySpeaking 11 (HKLM-x32\...\{EFFA53BC-8C04-2E21-3D90-A13B1697B0CA}) (Version: 11.50.100 - Nuance Communications Inc.)
DriveOnWeb Client Version 11.00.67 2014.01.14 (HKLM\...\DriveOnWeb Client_is1) (Version:  - abilis GmbH)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version:  - Steinberg Media Technologies GmbH)
Everything 1.2.1.371 (HKLM-x32\...\Everything) (Version:  - )
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
FileLocator Lite x64 (HKLM\...\{62BE2E9E-73AD-4E91-A654-3650A4F0F31C}) (Version: 7.0.820.1 - Mythicsoft Ltd)
FormatFactory 3.3.3.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.3.0 - Format Factory)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.2.75.126 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)
Free M4a to MP3 Converter 8.1 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free Screen To Video V 2.0 (HKLM-x32\...\Free Screen To Video_is1) (Version: 2.0.0.0 - Koyote Soft)
Free Screen Video Recorder version 2.5.31.1022 (HKLM-x32\...\Free Screen Video Recorder_is1) (Version: 2.5.31.1022 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GNU Privacy Guard (HKLM-x32\...\GnuPG) (Version: 1.4.9 - Free Software Foundation)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPL Ghostscript 8.56 (HKLM-x32\...\GPL Ghostscript 8.56) (Version:  - )
GPL Ghostscript Fonts (HKLM-x32\...\GPL Ghostscript Fonts) (Version:  - )
HeavyLoad V3.3 (64 bit) (HKLM\...\HeavyLoad_is1) (Version: 3.3 - JAM Software)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
HyperCam 3 (HKLM-x32\...\HyperCam 3 3.5.1210.30) (Version: 3.5.1210.30 - Solveig Multimedia)
HyperCam 3 (HKLM-x32\...\HyperCam 3 3.6.1311.20) (Version: 3.6.1311.20 - Solveig Multimedia)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) My WiFi Dashboard (HKLM\...\{1E741267-F54B-4b3a-A7B6-1D1A156E385E}) (Version: 15.05.5000.0219 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{99FDAE3B-6905-45A6-8F73-595363AAD3D1}) (Version: 15.05.1000.1411 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
Jing (HKLM-x32\...\{22800204-9E53-45C7-B6F3-5BB0F1C1A147}) (Version: 2.8.13007.1 - TechSmith Corporation)
KeePass Password Safe 2.25 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.25 - Dominik Reichl)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.8 - Wistron Corp.)
LibreOffice 4.1 Help Pack (German) (HKLM-x32\...\{5BF97A3C-24C0-489F-8CB9-90A051C0B7B1}) (Version: 4.1.6.2 - The Document Foundation)
LibreOffice 4.1.6.2 (HKLM-x32\...\{146232A9-AB53-48A7-A102-56624D92C80D}) (Version: 4.1.6.2 - The Document Foundation)
LightZone 4.0.0 (HKLM-x32\...\3263-1164-2624-0047) (Version: 4.0.0 - LightZone Project)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere)
Live-Styler 15 (HKLM-x32\...\Live-Styler_is1) (Version:  - Norbert Stellberg)
Mediathek (HKLM-x32\...\{EFFED0C0-5299-422E-AFE6-8B8066D18A2A}) (Version: 1.4.0 - Medion)
Medion Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Medion Home Cinema 10 (x32 Version: 10.1924 - CyberLink Corp.) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Neuratron AudioScore Lite (HKLM-x32\...\Neuratron AudioScore Lite) (Version: 6.0.0 - Neuratron Limited)
Neuratron PhotoScore Lite (HKLM-x32\...\Neuratron PhotoScore Lite) (Version: 6.0.0 - Neuratron Limited)
Opera Stable 22.0.1471.70 (HKLM-x32\...\Opera 22.0.1471.70) (Version: 22.0.1471.70 - Opera Software ASA)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd)
PDF-XChange Editor (HKLM-x32\...\{2eef0fe2-cc4a-47d6-959c-de2d5c2cc40b}) (Version: 3.0.307.2 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (Version: 3.0.307.2 - Tracker Software Products (Canada) Ltd.) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.0 - Ihr Firmenname)
QT Lite 4.1.0 (HKLM-x32\...\quicktime_lite_is1) (Version: 4.1.0 - )
QuickLaunch (HKLM-x32\...\{A802F1E3-34C8-4C84-9948-C1C4E37D0FA9}) (Version: 1.00.0019 - Lenovo Group Limited)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Rebeat (HKLM-x32\...\Rebeat_is1) (Version: 1.313.1 - Rebeat)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.40.0 - SAMSUNG Electronics Co., Ltd.)
Screenshot Captor 4.7.2 (HKLM-x32\...\ScreenshotCaptor_is1) (Version:  - )
Sibelius 6.1.0.14 (HKLM-x32\...\Sibelius 6_is1) (Version:  - )
Sibelius Scorch (all browsers) (HKLM-x32\...\{F533A90F-4E9E-4A17-A085-BD285B6AA57A}) (Version: 6.1.0 - Sibelius Software)
Sibelius Sounds Essentials for Sibelius 6 (HKLM-x32\...\{F0EB3969-C007-4ABE-9245-990C5E021A8F}_is1) (Version: 1.1.0 - Sibelius Software, a division of Avid Technology, Inc.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Snagit 11 (HKLM-x32\...\{D0CC22F6-A67A-4083-A043-E0640CB7A4DF}) (Version: 11.2.1 - TechSmith Corporation)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steinberg Cubase 6 64bit (HKLM\...\{C6651CD0-4892-4465-96AC-C9864A695FF9}) (Version: 6.0.0 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.5.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne 64bit (HKLM\...\{743C5D75-6BC8-4881-BF7D-E7DF29F155F4}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.9.6 - Synaptics Incorporated)
TipCam 2.2 (HKLM-x32\...\TipCam) (Version: 2.2 - UTIPU, Inc.)
TreeSize Free V2.7 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
Tt eSPORTS BLACK (HKLM-x32\...\{17885341-8A1D-4C6E-8F90-366B227D30C8}) (Version: 0.0.1 - Tt eSPORTS)
UltraSearch V1.8 (64 bit) (HKLM\...\UltraSearch_is1) (Version: 1.8 - JAM Software)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) (HKLM\...\{4A5A427F-BA39-4BF0-7777-9A47FBE60C9F}) (Version: 11.0.200 - Nuance Communications Inc.)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
VueScan x64 (HKLM\...\VueScan x64) (Version:  - )
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
X Codec Pack (HKLM\...\X Codec Pack) (Version: 2.6.3 - X Codec Pack team)
XMedia Recode Version 3.1.7.9 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.7.9 - XMedia Recode)
xrecode II 1.0.0.209 (HKLM-x32\...\{AFE83615-88BE-47F6-B3E4-A3FEF8B7B57F}_is1) (Version:  - )
Your Software Deals 1.0.0 (HKLM-x32\...\Your Software Deals_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Συλλογή φωτογραφιών (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

17-06-2014 17:52:31 Geplanter Prüfpunkt
21-06-2014 11:31:54 Installed Samsung Kies3
25-06-2014 17:45:09 Windows Update
03-07-2014 16:50:24 Geplanter Prüfpunkt
04-07-2014 20:05:23 Installed STOPzilla

==================== Hosts content: ==========================

2013-08-22 15:25 - 2014-07-04 22:06 - 00000860 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {02C2D867-CD63-405B-AE3A-DADDE267D33C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1361CCD7-6CC2-44D5-802D-4798B26CCF39} - System32\Tasks\IntelBootstrapCCDashServer => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [2012-07-13] (Intel® Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {41A8B047-57D7-4489-A351-799E90180FA0} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {45E625E3-E0BC-46A5-A943-BA8A4899551C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {562E1AFC-B0A6-4472-8F35-C706C0C71125} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {5E686F86-CC21-45DD-AB01-A7EC568CAD6A} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {69939A04-DA7C-4B31-B200-C83FC3940815} - System32\Tasks\Opera scheduled Autoupdate 1396198660 => C:\Program Files (x86)\Opera\launcher.exe [2014-06-16] (Opera Software)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73AAF2B4-6661-40DD-A7D6-A6EED1EB2F04} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {86858ECC-3FF8-41D3-AB6E-7E6C3551288D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A1CE7AFA-DE07-4287-B08D-DC557B88010C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-24] (Google Inc.)
Task: {BE142EAD-7813-4258-886D-F5EF4637CE4D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-24] (Google Inc.)
Task: {C31E3E89-709B-4E60-98A9-C6617211BC6C} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E3AC4C68-6A4B-4D97-963D-0AB686E2F6E0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F57220E6-02D7-40F0-8ADB-A3DC56C43AC6} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {FDA40FEF-BC7E-4A33-86FE-B6EB78DB7573} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-12-18 13:08 - 2010-08-19 19:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-03-20 12:53 - 2011-01-20 17:26 - 00095744 _____ () C:\WINDOWS\system32\easycnp.dll
2014-03-20 12:53 - 2009-08-03 16:32 - 00078848 _____ () C:\Program Files\DriveOnWeb Client\DOWSpdup.dll
2014-03-20 12:53 - 2009-07-27 14:20 - 00016896 _____ () C:\Program Files\DriveOnWeb Client\DOWCommon64.dll
2014-03-20 12:53 - 2012-08-23 14:36 - 00142336 _____ () C:\Program Files\DriveOnWeb Client\easyClientExt.dll
2013-12-21 01:02 - 2013-12-21 01:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2010-03-23 14:26 - 2010-03-23 14:26 - 00201512 _____ () C:\Program Files (x86)\Cisco SystemsVPN Client\vpnapi.dll
2014-06-11 13:02 - 2014-06-11 13:02 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-03 11:34 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-07-03 11:34 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-07-03 11:34 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-07-03 11:34 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-07-03 11:34 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2012-12-18 13:06 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2012-12-18 12:19 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\###\Downloads\wubi1210.exe:BDU
AlternateDataStreams: C:\ProgramData\Temp:0FF263E8

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============

HKU\S-1-5-21-3410272128-3850883635-1020607561-1001\Software\Classes\.exe: exefile =>  <===== ATTENTION!
HKU\S-1-5-21-3410272128-3850883635-1020607561-1001\Software\Classes\exefile:  <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

HKLM\...\StartupApproved\Run32: => "AVMFBoxMonitor"

==================== Faulty Device Manager Devices =============

Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (07/05/2014 06:39:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: xmkysecqun64.exe, Version: 0.0.0.0, Zeitstempel: 0x532dfc16
Name des fehlerhaften Moduls: xmkysecqun64.exe, Version: 0.0.0.0, Zeitstempel: 0x532dfc16
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000534b9
ID des fehlerhaften Prozesses: 0x6f8
Startzeit der fehlerhaften Anwendung: 0xxmkysecqun64.exe0
Pfad der fehlerhaften Anwendung: xmkysecqun64.exe1
Pfad des fehlerhaften Moduls: xmkysecqun64.exe2
Berichtskennung: xmkysecqun64.exe3
Vollständiger Name des fehlerhaften Pakets: xmkysecqun64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: xmkysecqun64.exe5

Error: (07/04/2014 04:20:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x8c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (07/04/2014 11:52:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1640
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (07/03/2014 09:25:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x71d8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (06/27/2014 04:21:42 PM) (Source: SupraSavingsService64) (EventID: 1) (User: )
Description: SupraSavingsService64In SvcInstall, CreateService failed (1073)
 failed with 1073

Error: (06/26/2014 02:12:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0xbbc
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (06/25/2014 04:06:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0xb64
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (06/23/2014 06:55:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x31b8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (06/21/2014 02:25:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x2a04
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (06/21/2014 08:04:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x2a2c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5


System errors:
=============
Error: (07/05/2014 08:55:33 PM) (Source: DCOM) (EventID: 10016) (User: #####)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}a#####k8S-1-5-21-3410272128-3850883635-1020607561-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/05/2014 08:55:33 PM) (Source: DCOM) (EventID: 10016) (User: ###)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}######S-1-5-21-3410272128-3850883635-1020607561-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/05/2014 08:55:33 PM) (Source: DCOM) (EventID: 10016) (User: ###)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}######S-1-5-21-3410272128-3850883635-1020607561-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/05/2014 08:55:33 PM) (Source: DCOM) (EventID: 10016) (User: ###)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}######S-1-5-21-3410272128-3850883635-1020607561-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/05/2014 08:55:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Cisco Systems Inc. IPSec Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%31

Error: (07/05/2014 08:55:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Cisco Systems Inc. IPSec Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%31

Error: (07/05/2014 08:55:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "xmkysecqun64" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/05/2014 08:55:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SupraSavingsService64" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/05/2014 08:55:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/05/2014 08:55:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.


Microsoft Office Sessions:
=========================
Error: (07/05/2014 06:39:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: xmkysecqun64.exe0.0.0.0532dfc16xmkysecqun64.exe0.0.0.0532dfc16c000000500000000000534b96f801cf96a181ec2eacC:\Program Files\003\xmkysecqun64.exeC:\Program Files\003\xmkysecqun64.exefb47dcb8-0462-11e4-bee5-00262dcc4d37

Error: (07/04/2014 04:20:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b8c01cf9792e422259aC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll56527dde-0386-11e4-bee5-00262dcc4d37

Error: (07/04/2014 11:52:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b164001cf976db3d510c4C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllfa58bdf4-0360-11e4-bee5-00262dcc4d37

Error: (07/03/2014 09:25:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b71d801cf968fefc71496C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll40af9e3d-0283-11e4-bee4-00262dcc4d37

Error: (06/27/2014 04:21:42 PM) (Source: SupraSavingsService64) (EventID: 1) (User: )
Description: SupraSavingsService64In SvcInstall, CreateService failed (1073)
 failed with 1073

Error: (06/26/2014 02:12:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141bbbc01cf9129c099199cC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll1b42c4d4-fd2b-11e3-bee2-685d43f0a037

Error: (06/25/2014 04:06:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141bb6401cf8eedb716adc6C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlldc345f46-fc71-11e3-bee1-00262dcc4d37

Error: (06/23/2014 06:55:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b31b801cf8d4c07e0d8adC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlla7b95a94-fa92-11e3-bede-00262dcc4d37

Error: (06/21/2014 02:25:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b2a0401cf8d16b8778dccC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll2370fda1-f93f-11e3-bede-00262dcc4d37

Error: (06/21/2014 08:04:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b2a2c01cf8c5f6f201b82C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlldefea857-f909-11e3-bede-00262dcc4d37


==================== Memory info =========================== 

Percentage of memory in use: 31%
Total physical RAM: 8056.22 MB
Available physical RAM: 5479.82 MB
Total Pagefile: 9336.22 MB
Available Pagefile: 6605.53 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:879.46 GB) (Free:667.44 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:29.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

Und hier gerade der Serach+Detsroy

Code:
ATTFilter
Search results from Spybot - Search & Destroy

05.07.2014 23:12:56
Scan took 00:51:24.
41 items found.

DownloadSponsor: [SBI $CC437C6B] Settings (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3410272128-3850883635-1020607561-1001\Software\OCS\lastPID

DownloadSponsor: [SBI $980DE8E4] Settings (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3410272128-3850883635-1020607561-1001\Software\OCS\PID

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\###\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UVWWJTZ7\cdn.flashtalking.com\ftLocalComms.sol
  Properties.size=61
  Properties.md5=DEB168CBF71E13562EC9A0D7CE266359
  Properties.filedate=1402560237
  Properties.filedatetext=2014-06-12 10:03:57

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\###\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UVWWJTZ7\cdn.flashtalking.com\FT_cookie.sol
  Properties.size=43
  Properties.md5=5BD98BB813EEDA3C606E3671EE84AA76
  Properties.filedate=1403106503
  Properties.filedatetext=2014-06-18 17:48:22

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\###\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UVWWJTZ7\evs-hosted-151cb31da3f450.s3.amazonaws.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=DB3C5E2C9300CCA4A8B3A96EE763579C
  Properties.filedate=1402483630
  Properties.filedatetext=2014-06-11 12:47:10

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\###\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UVWWJTZ7\images-na.ssl-images-amazon.com\mercury.sol
  Properties.size=69
  Properties.md5=E35584B243A182D3D1498EBDBCC78982
  Properties.filedate=1402565202
  Properties.filedatetext=2014-06-12 11:26:41

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\###\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UVWWJTZ7\is1.myvideo.de\com.conviva.livePass.sol
  Properties.size=228
  Properties.md5=78782ADC93C3913B3068AA966CE853F0
  Properties.filedate=1402948720
  Properties.filedatetext=2014-06-16 21:58:39

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\###\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UVWWJTZ7\is2.myvideo.de\com.conviva.livePass.sol
  Properties.size=228
  Properties.md5=81E194265822BC433F4026333ABCDD69
  Properties.filedate=1403685869
  Properties.filedatetext=2014-06-25 10:44:29

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\###\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UVWWJTZ7\is3.myvideo.de\com.conviva.livePass.sol
  Properties.size=228
  Properties.md5=8116A6A1E69C313AE88F07DA283FA1A3
  Properties.filedate=1402693873
  Properties.filedatetext=2014-06-13 23:11:13

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\###\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UVWWJTZ7\is5.myvideo.de\com.conviva.livePass.sol
  Properties.size=222
  Properties.md5=1DDD97D7690C7ACEE36193BA18830F00
  Properties.filedate=1403720534
  Properties.filedatetext=2014-06-25 20:22:13

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\###\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UVWWJTZ7\static1.dmcdn.net\com.dm.player.sol
  Properties.size=281
  Properties.md5=BE410E5C95B8D1E999EC1B2FFE33E2EB
  Properties.filedate=1402696961
  Properties.filedatetext=2014-06-14 00:02:41

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\###\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UVWWJTZ7\www.tripadvisor.co.uk\TA.sol
  Properties.size=62
  Properties.md5=79376BCB45AFBB298862D9999CBF24CD
  Properties.filedate=1402923308
  Properties.filedatetext=2014-06-16 14:55:08

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\###\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UVWWJTZ7\www.tripadvisor.de\TA.sol
  Properties.size=62
  Properties.md5=79376BCB45AFBB298862D9999CBF24CD
  Properties.filedate=1402923315
  Properties.filedatetext=2014-06-16 14:55:14

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\###\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UVWWJTZ7\www.ultimedia.com\analytics.sol
  Properties.size=431
  Properties.md5=F0E77095B6DC6AC7AC708615FEEDEA01
  Properties.filedate=1402696354
  Properties.filedatetext=2014-06-13 23:52:33

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\###\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UVWWJTZ7\www.ultimedia.com\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=899A5266D14DEFCCC086768D486C1175
  Properties.filedate=1402693990
  Properties.filedatetext=2014-06-13 23:13:10

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\###\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UVWWJTZ7\aa.online-metrix.net\fpc.swf\session.sol
  Properties.size=76
  Properties.md5=8F340EFB34F889936029C2BD40815876
  Properties.filedate=1402384993
  Properties.filedatetext=2014-06-10 09:23:13

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\###\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UVWWJTZ7\www.ajaxcdn.org\swf.swf\dm_cookie.sol
  Properties.size=415
  Properties.md5=584FBD156FD8EA6AAE168EDA95DC901D
  Properties.filedate=1404143705
  Properties.filedatetext=2014-06-30 17:55:05

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\###\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UVWWJTZ7\play.snacktv.de\player\videoplayer.swf\SnackTV.sol
  Properties.size=79
  Properties.md5=C8594173BD51C8B70DF38A256A90E88B
  Properties.filedate=1403685292
  Properties.filedatetext=2014-06-25 10:34:52

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3410272128-3850883635-1020607561-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3410272128-3850883635-1020607561-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3410272128-3850883635-1020607561-1001\Software\Microsoft\Microsoft Management Console\Recent File List

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3410272128-3850883635-1020607561-1007\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows.OpenWith: [SBI $C92C6763] Open with list - .BUP extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3410272128-3850883635-1020607561-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BUP\OpenWithList

Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3410272128-3850883635-1020607561-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3410272128-3850883635-1020607561-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3410272128-3850883635-1020607561-1007\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3410272128-3850883635-1020607561-1007\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-3410272128-3850883635-1020607561-1007\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Cookie: [SBI $49804B54] Browser: Cookie (11) (Browser: Cookie, nothing done)
  

Cache: [SBI $49804B54] Browser: Cache (78) (Browser: Cache, nothing done)
  

Verlauf: [SBI $49804B54] Browser: History (102) (Browser: History, nothing done)
  

Cookie: [SBI $49804B54] Browser: Cookie (52) (Browser: Cookie, nothing done)
  

Cookie: [SBI $49804B54] Browser: Cookie (1) (Browser: Cookie, nothing done)
  


--- Spybot - Search & Destroy version: 2.4.40.131  DLL (build: 20140425) ---

2014-06-24 blindman.exe (2.4.40.151)
2014-06-24 explorer.exe (2.4.40.181)
2014-06-24 SDBootCD.exe (2.4.40.109)
2014-06-24 SDCleaner.exe (2.4.40.110)
2014-06-24 SDDelFile.exe (2.4.40.94)
2013-06-18 SDDisableProxy.exe
2014-06-24 SDFiles.exe (2.4.40.135)
2014-06-24 SDFileScanHelper.exe (2.4.40.1)
2014-06-24 SDFSSvc.exe (2.4.40.217)
2014-06-24 SDHelp.exe (2.4.40.1)
2014-04-25 SDHookHelper.exe (2.3.39.2)
2014-04-25 SDHookInst32.exe (2.3.39.2)
2014-04-25 SDHookInst64.exe (2.3.39.2)
2014-06-24 SDImmunize.exe (2.4.40.130)
2014-06-24 SDLogReport.exe (2.4.40.107)
2014-06-24 SDOnAccess.exe (2.4.40.11)
2014-06-24 SDPESetup.exe (2.4.40.3)
2014-06-24 SDPEStart.exe (2.4.40.86)
2014-06-24 SDPhoneScan.exe (2.4.40.28)
2014-06-24 SDPRE.exe (2.4.40.22)
2014-06-24 SDPrepPos.exe (2.4.40.15)
2014-06-24 SDQuarantine.exe (2.4.40.103)
2014-06-24 SDRootAlyzer.exe (2.4.40.116)
2014-06-24 SDSBIEdit.exe (2.4.40.39)
2014-06-24 SDScan.exe (2.4.40.181)
2014-06-24 SDScript.exe (2.4.40.54)
2014-06-24 SDSettings.exe (2.4.40.139)
2014-06-24 SDShell.exe (2.4.40.2)
2014-06-24 SDShred.exe (2.4.40.108)
2014-06-24 SDSysRepair.exe (2.4.40.102)
2014-06-24 SDTools.exe (2.4.40.157)
2014-06-24 SDTray.exe (2.4.40.129)
2014-06-27 SDUpdate.exe (2.4.40.94)
2014-06-27 SDUpdSvc.exe (2.4.40.77)
2014-06-24 SDWelcome.exe (2.4.40.130)
2014-04-25 SDWSCSvc.exe (2.3.39.2)
2014-05-20 spybotsd2-install-bdcore-update.exe (2.3.39.0)
2013-06-19 spybotsd2-translation-frx.exe
2014-07-03 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2014-04-25 NotificationSpreader.dll
2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98)
2014-04-25 SDAV.dll
2014-06-24 SDECon32.dll (2.4.40.114)
2014-06-24 SDECon64.dll (2.3.39.113)
2014-06-24 SDEvents.dll (2.4.40.2)
2014-06-24 SDFileScanLibrary.dll (2.4.40.14)
2014-04-25 SDHook32.dll (2.3.39.2)
2014-04-25 SDHook64.dll (2.3.39.2)
2014-06-24 SDImmunizeLibrary.dll (2.4.40.2)
2014-06-24 SDLicense.dll (2.4.40.0)
2014-06-24 SDLists.dll (2.4.40.4)
2014-06-24 SDResources.dll (2.4.40.7)
2014-06-24 SDScanLibrary.dll (2.4.40.131)
2014-06-24 SDTasks.dll (2.4.40.15)
2014-06-24 SDWinLogon.dll (2.4.40.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2014-06-24 Tools.dll (2.4.40.36)
2014-03-05 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2014-07-02 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-01-08 Includes\Dialer-000.sbi (*)
2014-01-08 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2014-01-09 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2014-01-09 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-01-08 Includes\Hijackers-000.sbi (*)
2014-01-08 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-01-08 Includes\Keyloggers-000.sbi (*)
2014-03-19 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-01-09 Includes\Malware-001.sbi (*)
2014-01-09 Includes\Malware-002.sbi (*)
2014-02-05 Includes\Malware-003.sbi (*)
2014-01-28 Includes\Malware-004.sbi (*)
2014-04-15 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2014-07-02 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-01-15 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2014-07-02 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2014-01-08 Includes\Spyware-000.sbi (*)
2014-01-08 Includes\Spyware-001.sbi (*)
2014-01-08 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-01-15 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2014-01-15 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-01-15 Includes\Trojans-008.sbi (*)
2014-01-15 Includes\Trojans-009.sbi (*)
2014-07-02 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
         
__________________

Alt 06.07.2014, 12:36   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Supra Savings im Firefox - Standard

Supra Savings im Firefox



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.07.2014, 13:46   #5
kimberger
 
Supra Savings im Firefox - Standard

Supra Savings im Firefox



P.S. ich hoffe, alles ist gut formatiert, da ich gerade keien Vorschau finde :-((
Moin Schrauber,
ich sitze jetzt hier schon über 4 Stunden dran, hatte das Anschreiben an Dich fast fertig, da ging alles wieder verloren, weil ich angeblich nicht mehr angemeldet war , ärger ...

Also auf ein Neues:
Ich danke Dir erstmal für die schnelle Hilfe! NAch den dirversen Durchläufen habe ich durch Logfiles-Lesen den Eindruck, einen krebsgeschwürbelasteten Laptop zu haben, obwohl ich immer sehr vorsichtig installiere :-(((((

zuerst mbam1

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 07.07.2014
Suchlauf-Zeit: 08:01:38
Logdatei: mbam1.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.07.07.01
Rootkit Datenbank: v2014.07.03.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: ###

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 320062
Verstrichene Zeit: 16 Min, 6 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 8
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\LevelQualityWatcher, In Quarantäne, [d8d59903cface05638427c39a45eef11], 
PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\Supra Savings, In Quarantäne, [317c36664734e94dedaef9bb43bfbe42], 
PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\suprasavings, In Quarantäne, [3a735a42e19aae889bd56b6008faed13], 
PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\SupraSavings, In Quarantäne, [ebc24e4e3b407fb7fe72b6151fe39967], 
PUP.Optional.SupraSavings.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SupraSavingsService64, In Quarantäne, [d6d74458e99263d30995fa15be4616ea], 
PUP.Optional.AdPeak.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\xmkysecqun64, In Quarantäne, [3e6f574563185bdbe2579a2c0ff39769], 
PUP.Optional.SupraSavings.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, In Quarantäne, [535a128a3e3d1c1a82e8f0dab151de22], 
PUP.Optional.SupraSavings.A, HKU\S-1-5-21-3410272128-3850883635-1020607561-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, In Quarantäne, [2588128abebde551ef7b9e2ccc364ab6], 

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 10
RiskWare.Tool.CK, C:\$Recycle.Bin\S-1-5-21-3410272128-3850883635-1020607561-1001\$RLO0K8K.exe, In Quarantäne, [d8d5bae2e19af343867408e6946d05fb], 
Spyware.Zbot.VXGen, C:\$Recycle.Bin\S-1-5-21-3410272128-3850883635-1020607561-1001\$RNC1LHF.zip, In Quarantäne, [397497054239eb4b8b72ed827e8343bd], 
PUP.Optional.AppsInstaller, C:\$Recycle.Bin\S-1-5-21-3410272128-3850883635-1020607561-1001\$RSDDS2L.exe, In Quarantäne, [baf32a72fd7eb383680f90ee42c2e51b], 
PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, In Quarantäne, [317c8a1228533ef8e9a0ec517c84b64a], 
PUP.Optional.SupraSavings.A, C:\temp\t.msi, In Quarantäne, [d2db0a922f4c2d0968599ede50b49c64], 
PUP.Optional.Koyote.A, C:\Users\###\Downloads\FreeScreenToVideoSetup-r0-n-bf.exe, In Quarantäne, [c7e6a0fc1863cc6aa4c9291dd82913ed], 
PUP.Optional.OpenCandy, C:\Users\###\Downloads\FreemakeVideoConverterSetup_4.1.3.14.exe, In Quarantäne, [228b17854d2e48ee868c7e9638c97c84], 
PUP.Optional.OpenCandy, C:\Users\###\Downloads\MediaInfo_GUI_0.7.67_Windows.exe, In Quarantäne, [ebc2831929527bbb95473c7d5ba9e818], 
PUP.Optional.OpenCandy, C:\Users\###\Downloads\DTLite4491-0356.exe, In Quarantäne, [dad30f8dbfbc40f6defebbfef21256aa], 
PUP.Optional.Conduit.A, C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://search.conduit.com/?gd=&ctid=CT3315513&octid=EB_ORIGINAL_CTID&ISID=M3D6AB86D-DF50-4066-8CD4-43434B9052EF&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SPB7CBB68B-550A-4643-AF69-91C9F7CA5C79");), Ersetzt,[5c51504cc5b6aa8cf97171538f75c43c]

Physische Sektoren: 0
(No malicious items detected)


(end)
         
und mbam2

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 07.07.2014
Suchlauf-Zeit: 09:46:42
Logdatei: mbam2.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.07.07.01
Rootkit Datenbank: v2014.07.03.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: ###

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 319861
Verstrichene Zeit: 16 Min, 22 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 1
PUP.Optional.Conduit.A, C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\prefs.js, Gut: (), Schlecht: (user_pref

("browser.newtab.url", "hxxp://search.conduit.com/?gd=&ctid=CT3315513&octid=EB_ORIGINAL_CTID&ISID=M3D6AB86D-DF50-4066-8CD4-

43434B9052EF&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SPB7CBB68B-550A-4643-AF69-91C9F7CA5C79");), Ersetzt,

[f1bc7c2012690e282446269e0bf9da26]

Physische Sektoren: 0
(No malicious items detected)
         
hier adwcleaner Anmerkung: hier gab es beim restart das Problem, dass der Laptop nach em "MEDION" auf einer dunklen Seite hängen blieb, lange. Auch 3 mal Runter wieder Hoch nutzten nichts. Dann habe ich im BIOS einmal die Bootreihenfolge von CD, USB, HD auf HD Platz 1 geändert. NAch anfänglichem Dunkelschirm ging es dann aber langsam weiter. Was war das??? Kann ich die Reihenfolge wieder ändern?

Code:
ATTFilter
# AdwCleaner v3.214 - Bericht erstellt am 07/07/2014 um 10:14:54
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : ### -#######
# Gestartet von : C:\Users\###\Downloads\adwcleaner_3.214.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files\003

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\Software\Conduit

***** [ Browser ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?gd=&ctid=CT3315513&octid=EB_ORIGINAL_CTID&ISID=M3D6AB86D-DF50

-4066-8CD4-43434B9052EF&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SPB7CBB68B-550[...]
Zeile gelöscht : user_pref("extensions.betterff.surfcanyon.ramp.start_time", "1");

*************************

AdwCleaner[R0].txt - [2297 octets] - [07/07/2014 10:13:11]
AdwCleaner[S0].txt - [2114 octets] - [07/07/2014 10:14:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2174 octets] ##########
         
hier der JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by ### on 07.07.2014 at 12:08:31,55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\###\appdata\locallow\boost_interprocess"



~~~ FireFox

Emptied folder: C:\Users\###\AppData\Roaming\mozilla\firefox\profiles\ewe9a0lr.default\minidumps [25 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.07.2014 at 12:14:57,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
at least FRST frisch ;-)))


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by ### (administrator) on ###### on 07-07-2014 12:19:51
Running from C:\Users\###\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco SystemsVPN Client\cvpnd.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Thermaltake) C:\Program Files (x86)\Mouse Tt eSPORTS BLACK\BlackMonitor.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [IntelMyWiFiDashboard] => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [5010224 2012-07-13] (Intel® Corporation)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2912056 2012-08-16] (Synaptics Incorporated)
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [320824 2012-08-16] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [388408 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258576 2012-07-30] (CyberLink Corp.)
HKLM-x32\...\Run: [Tt eSPORTS BLACK Gaming Mouse] => C:\Program Files (x86)\Mouse Tt eSPORTS BLACK\BlackMonitor.exe [105864 2012-08-10] 

(Thermaltake)
HKLM-x32\...\Run: [AVMFBoxMonitor] => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [1503232 2009-07-06] (AVM Berlin)
HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe [328992 2010-10-27] (Nuance 

Communications, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2092032 2014-02-03] (Dominik Reichl)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] 

(Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime Lite\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-3410272128-3850883635-1020607561-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2011-06-04] 

(Acresso Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyUsers\S-1-5-21-3410272128-3850883635-1020607561-1004\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3410272128-3850883635-1020607561-1001\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {9B62A7FA-C373-4BF4-BCA6-12C03F49BB1A} URL = hxxp://www.bing.com/search?q={searchTerms}

&form=IE10TR&src=IE10TR&pc=MALNJS
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype 

Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default
FF Homepage: leer
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-ExchangeViewer\PDF Viewer

\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Editor

\npPDFXEditPlugin.x64.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-ExchangeViewer\PDF Viewer

\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader

\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader

\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine 

Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT

\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft 

Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft 

Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Editor

\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-ExchangeViewer\PDF Viewer

\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPSibelius.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\PDFNetC.dll (PDFTron Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchPDFWrapper.dll ()
FF SearchPlugin: C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\searchplugins\googlemaps.xml
FF SearchPlugin: C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\searchplugins\ixquick-https.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions

\youtubeunblocker@unblocker.yt [2014-01-23]
FF Extension: Flashblock - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{3d7eb24f-2740-49df-8937-

200b1cc08f8a} [2013-09-23]
FF Extension: DownloadHelper - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{b9db16a4-6edc-47ec-a1f4-

b86292ed211d} [2014-03-26]
FF Extension: AutoGroup - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\akimkin_denis@mail.ru.xpi 

[2014-04-21]
FF Extension: FlashStopper - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\flashstopper@byo.co.il.xpi 

[2014-04-21]
FF Extension: Image and Flash Blocker - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions

\imgflashblocker@shimon.chohen.xpi [2013-09-23]
FF Extension: media menu - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\jid0-

X4tVYTsgT60azyHVye1faT8MjIA@jetpack.xpi [2014-04-21]
FF Extension: YouTube Control Center - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\jid1-

CikLKKPVkw6ipw@jetpack.xpi [2014-04-21]
FF Extension: Media Sniffer - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions

\MediaSniffer@hiyoko.info.xpi [2014-04-21]
FF Extension: betterFox - Make your browsing experience 15% faster. - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles

\ewe9a0lr.default\Extensions\multirevenue@googlemail.com.xpi [2014-04-21]
FF Extension: SmartVideo For YouTube - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions

\mytube@ashishmishra.in.xpi [2014-04-21]
FF Extension: Niederschlagsradar - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions

\niederschlagsradar@sensiva.net.xpi [2014-06-10]
FF Extension: S3.Download Statusbar - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions

\s3download@statusbar.xpi [2014-02-13]
FF Extension: Search Tab - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\searchtab@pratikpoddar.xpi 

[2013-12-13]
FF Extension: Secure Login - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\secureLogin@blueimp.net.xpi 

[2013-09-21]
FF Extension: StopTube - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\stoptube@kashiif.com.xpi [2013-

09-23]
FF Extension: SuperStop - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\superstop@gavinsharp.com.xpi 

[2013-09-23]
FF Extension: Todoist - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\support@todoist.com.xpi [2013-10

-15]
FF Extension: Session Manager - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{1280606b-2510-4fe0-

97ef-9b5a22eafe30}.xpi [2013-09-21]
FF Extension: ScrapBook - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{53A03D43-5363-4669-8190-

99061B2DEBA5}.xpi [2014-01-04]
FF Extension: Web Marker - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{5755466A-DB04-11DA-A2DD-

0E545D5EE2F7}.xpi [2014-03-09]
FF Extension: NoScript - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{73a6fe31-595d-460b-a920-

fcc0f8843232}.xpi [2014-04-21]
FF Extension: Flash Block - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{95ab36d4-fb6f-47b0-8b8d-

e5f3bd547953}.xpi [2013-09-23]
FF Extension: Adblock Plus - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-

2b9879e08c5d}.xpi [2013-09-21]
FF Extension: Tab Mix Plus - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{dc572301-7619-498c-a57d-

39143191b318}.xpi [2013-12-26]

==================== Services (Whitelisted) =================

R2 CVPND; C:\Program Files (x86)\Cisco SystemsVPN Client\cvpnd.exe [1528616 2010-03-23] (Cisco Systems, Inc.)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 

2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] 

(CyberLink)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit 

Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-

18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel 

Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 TipCtrl; C:\Program Files (x86)\uTIPu\TipCtrl.exe [314504 2009-02-03] (Utipu inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2012-08-13] (Wistron Corp.)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2014-03-20] (Disc Soft Ltd)
R2 easycvfs; C:\WINDOWS\system32\drivers\easycvfs.sys [110472 2010-07-29] () [File not signed]
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-16] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-03-20] (Duplex Secure Ltd.)
S3 synusb64; C:\Windows\System32\drivers\synusb64.sys [30352 2010-09-17] (Steinberg Media Technologies GmbH)
R1 ui11rdr; C:\Windows\System32\DRIVERS\ui11rdr.sys [199752 2011-11-21] (1&1 Internet AG)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-07 12:14 - 2014-07-07 12:14 - 00000961 _____ () C:\Users\###\Desktop\JRT.txt
2014-07-07 12:08 - 2014-07-07 12:08 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-07 12:07 - 2014-07-07 12:07 - 01016261 _____ (Thisisu) C:\Users\###\Downloads\JRT.exe
2014-07-07 10:13 - 2014-07-07 10:14 - 00000000 ____D () C:\AdwCleaner
2014-07-07 10:11 - 2014-07-07 10:11 - 01346519 _____ () C:\Users\###\Downloads\adwcleaner_3.214.exe
2014-07-07 07:59 - 2014-07-07 09:41 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-07 07:58 - 2014-07-07 10:05 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-07 07:58 - 2014-07-07 07:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-07 07:58 - 2014-07-07 07:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-07 07:58 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-07 07:58 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-07 07:58 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-07 07:56 - 2014-07-07 07:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\###\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-05 21:38 - 2014-07-05 21:38 - 00043048 _____ () C:\Users\###\Downloads\Addition-korr.txt
2014-07-05 21:33 - 2014-07-05 21:33 - 00049154 _____ () C:\Users\###\Downloads\FRSTkorr.txt
2014-07-05 21:07 - 2014-07-05 21:07 - 517430305 _____ () C:\WINDOWS\MEMORY.DMP
2014-07-05 21:07 - 2014-07-05 21:07 - 00288536 _____ () C:\WINDOWS\Minidump\070514-21531-01.dmp
2014-07-05 21:03 - 2014-07-05 21:03 - 00380416 _____ () C:\Users\###\Downloads\4knde644.exe
2014-07-05 21:01 - 2014-07-05 21:02 - 00043065 _____ () C:\Users\###\Downloads\Addition.txt
2014-07-05 20:59 - 2014-07-07 12:19 - 00021589 _____ () C:\Users\###\Downloads\FRST.txt
2014-07-05 20:59 - 2014-07-07 12:19 - 00000000 ____D () C:\FRST
2014-07-05 20:53 - 2014-07-05 20:53 - 00000578 _____ () C:\Users\###\Downloads\defogger_disable.log
2014-07-05 20:53 - 2014-07-05 20:53 - 00000020 _____ () C:\Users\###\defogger_reenable
2014-07-05 20:52 - 2014-07-05 20:52 - 00050477 _____ () C:\Users\###\Downloads\Defogger.exe
2014-07-05 20:45 - 2014-07-05 20:45 - 02084352 _____ (Farbar) C:\Users\###\Downloads\FRST64.exe
2014-07-04 22:08 - 2014-07-05 20:16 - 00000664 _____ () C:\WINDOWS\SysWOW64\Drivers\kgpfr2.cfg
2014-07-04 22:07 - 2014-07-04 22:22 - 00002496 _____ () C:\WINDOWS\system32\Drivers\kgpcpy.cfg
2014-07-04 22:03 - 2014-07-04 22:03 - 00707664 _____ (iS3, Inc.) C:\Users\###\Downloads\SZSetup_AID10121_AV.exe
2014-07-03 11:34 - 2014-07-03 11:34 - 00001411 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-07-03 11:34 - 2014-07-03 11:34 - 00001399 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-07-03 11:34 - 2014-07-03 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-07-03 11:34 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2014-07-03 10:56 - 2014-06-06 11:33 - 00000824 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20140703-105625.backup
2014-07-03 10:02 - 2014-07-03 10:03 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\###\Downloads\spybot-2.4.exe
2014-07-03 09:52 - 2014-07-03 09:52 - 00002184 _____ () C:\Users\###\Desktop\ Malwarebytes Anti-Malware  - Malware Scanner - CHIP 

Downloader.lnk
2014-07-03 09:43 - 2014-07-03 09:43 - 00961360 _____ (Chip Digital GmbH) C:\Users\###\Downloads\Malwarebytes Anti Malware Malware Scanner - 

CHIP-Installer.exe
2014-06-30 16:18 - 2014-06-30 16:18 - 00002302 _____ () C:\Users\###\Desktop\WIN7 - EA2014 - Verknüpfung.lnk
2014-06-26 22:15 - 2014-07-04 22:22 - 00000000 ____D () C:\Program Files (x86)\19A6D51C-2D35-44DB-B412-0B01BF8D2D62
2014-06-26 09:32 - 2014-06-26 09:32 - 00517413 _____ () C:\Users\###\Downloads\quickfolders_tabbed_folders-3.14.1-sm+tb.xpi
2014-06-26 09:32 - 2014-06-26 09:32 - 00097251 _____ () C:\Users\###\Downloads\expression_search_gmailui-0.8.8-tb.xpi
2014-06-26 09:31 - 2014-06-26 09:31 - 00376218 _____ () C:\Users\###\Downloads\archive_this-1.4.8.0-tb.xpi
2014-06-26 09:31 - 2014-06-26 09:31 - 00204851 _____ () C:\Users\###\Downloads\quickfilters-2.5-sm+tb.xpi
2014-06-26 09:28 - 2014-06-26 09:28 - 00046321 _____ () C:\Users\###\Downloads\totalquickfilter-3.0-tb.xpi
2014-06-26 09:27 - 2014-06-26 09:27 - 00002054 _____ () C:\Users\###\Downloads\filter_of_filters-1.1-tb.xpi
2014-06-23 16:15 - 2014-06-23 16:15 - 00000000 _____ () C:\Users\###\Downloads\IRON_BUTTERFLY_-_IN_A_GADDA_DA_VIDA_-

_1968_ORIGINAL_FULL_VERSION_CD_SOUND_3D_VIDEO.flv
2014-06-23 12:54 - 2014-06-23 12:54 - 00003832 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1396198660
2014-06-23 12:04 - 2014-06-23 12:04 - 00000000 ____D () C:\Users\###\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB 

Creator
2014-06-23 12:04 - 2014-06-23 12:04 - 00000000 ____D () C:\Program Files (x86)\LinuxLive USB Creator
2014-06-23 11:52 - 2014-06-23 11:52 - 05001199 _____ (LinuxLive USB Creator) C:\Users\Public\Documents\LinuxLive USB Creator 2.8.29.exe
2014-06-23 11:40 - 2014-06-23 12:00 - 1010827264 _____ () C:\Users\Public\Documents\ubuntu-14.04-desktop-amd64.iso
2014-06-23 10:50 - 2014-06-23 10:50 - 05001199 _____ (LinuxLive USB Creator) C:\Users\###\Downloads\LinuxLive USB Creator 2.8.29.exe
2014-06-23 08:37 - 2014-06-23 08:43 - 34251899 _____ () C:\Users\###\Downloads\Led_Zeppelin_-_Whole_Lotta_Love_HD.flv
2014-06-22 20:43 - 2014-06-22 20:43 - 00000000 _____ () C:\Users\###\Downloads\Red_Hot_Chili_Peppers_-

_Stadion_Slaski_Chorz_w_Poland_Full_Concert_2007.07.03.flv
2014-06-21 14:24 - 2014-06-21 14:24 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-06-21 14:24 - 2014-03-19 03:27 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2014-06-21 14:24 - 2014-03-19 03:27 - 00109056 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2014-06-21 13:50 - 2014-06-21 14:23 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-21 13:33 - 2014-06-21 13:33 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-06-21 13:32 - 2014-06-21 13:54 - 00000000 ____D () C:\Users\###\Documents\samsung
2014-06-21 13:32 - 2014-06-21 13:33 - 00000000 ____D () C:\Users\###\AppData\Roaming\Samsung
2014-06-21 13:32 - 2014-06-21 13:32 - 00001993 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\Users\###\Documents\SelfMV
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-06-21 13:32 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2014-06-21 13:30 - 2014-06-21 13:31 - 41820464 _____ (Samsung Electronics Co., Ltd.) C:\Users\###\Downloads\Kies3Setup.exe
2014-06-21 13:28 - 2014-06-21 13:28 - 00000000 ____D () C:\Users\###\Downloads\CF-Auto-Root-jflte-jfltexx-gti9505
2014-06-21 13:26 - 2014-06-21 13:27 - 20536004 _____ () C:\Users\###\Downloads\CF-Auto-Root-jflte-jfltexx-gti9505.zip
2014-06-21 13:26 - 2014-06-21 13:26 - 00467537 _____ () C:\Users\###\Downloads\Odin304.zip
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Copenhagen_Denmark_1972_Full_Concert-1.flv
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Copenhagen_Denmark_1972_Full_Concert.flv
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\AC_DC_-_Greatest_Hits_2011_Full_Completo.flv
2014-06-21 07:57 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Live_Rockpalast_-_1985_-

_Palais_Omnisport_Paris_-_Full.flv
2014-06-20 23:41 - 2014-06-21 00:07 - 77834736 _____ () C:\Users\###\Downloads\Deep_Purple-Made_In_Japan_1972.flv
2014-06-16 10:39 - 2014-06-16 10:43 - 00000000 ____D () C:\Users\###\Documents\_Gedä KreKo Kreativit-
2014-06-11 21:05 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-11 21:05 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-11 21:05 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-11 21:05 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-11 21:05 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-11 21:05 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-11 21:05 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-11 21:05 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-11 21:05 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-11 21:05 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-11 21:05 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-11 21:05 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-11 21:05 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-11 21:05 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-11 21:05 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-11 21:05 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-11 21:05 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-11 21:05 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-11 21:05 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-11 21:05 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-11 21:05 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-11 21:05 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-11 21:05 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-11 21:05 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-11 21:05 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-11 21:05 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-11 21:05 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-11 21:05 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-11 21:05 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-11 21:04 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-11 21:04 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-11 21:04 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-11 21:04 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS

\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 21:04 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS

\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 21:04 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-11 21:04 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-11 21:04 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-11 21:04 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-11 21:03 - 2014-06-11 21:03 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 21:03 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-11 21:03 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-11 21:03 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-11 21:03 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-11 21:03 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-11 21:03 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-11 21:03 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-11 21:03 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-11 21:03 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-11 21:03 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-11 21:03 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-11 21:03 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-11 21:03 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-11 21:03 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-11 21:03 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-11 21:03 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-11 13:02 - 2014-06-11 13:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 09:08 - 2014-06-13 22:41 - 00000000 ____D () C:\Users\###\Documents\_mixed-dur

==================== One Month Modified Files and Folders =======

2014-07-07 12:20 - 2014-07-05 20:59 - 00021589 _____ () C:\Users\###\Downloads\FRST.txt
2014-07-07 12:19 - 2014-07-05 20:59 - 00000000 ____D () C:\FRST
2014-07-07 12:16 - 2013-09-21 14:40 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3410272128-

3850883635-1020607561-1001
2014-07-07 12:14 - 2014-07-07 12:14 - 00000961 _____ () C:\Users\###\Desktop\JRT.txt
2014-07-07 12:08 - 2014-07-07 12:08 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-07 12:07 - 2014-07-07 12:07 - 01016261 _____ (Thisisu) C:\Users\###\Downloads\JRT.exe
2014-07-07 12:03 - 2013-12-20 08:45 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-07 12:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-07 12:01 - 2013-09-24 18:18 - 00001118 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-07 11:07 - 2013-09-24 18:17 - 00001114 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-07 11:07 - 2013-09-21 14:35 - 00000000 ____D () C:\Users\###\Documents\Youcam
2014-07-07 11:05 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-07 10:16 - 2013-11-14 00:18 - 00012014 _____ () C:\WINDOWS\PFRO.log
2014-07-07 10:14 - 2014-07-07 10:13 - 00000000 ____D () C:\AdwCleaner
2014-07-07 10:11 - 2014-07-07 10:11 - 01346519 _____ () C:\Users\###\Downloads\adwcleaner_3.214.exe
2014-07-07 10:05 - 2014-07-07 07:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-07 09:50 - 2014-02-17 11:09 - 01216079 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-07 09:41 - 2014-07-07 07:59 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-07 09:34 - 2014-05-16 21:58 - 00000000 ____D () C:\WINDOWS\fr
2014-07-07 09:34 - 2014-04-01 19:14 - 00000000 ____D () C:\temp
2014-07-07 07:58 - 2014-07-07 07:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-07 07:58 - 2014-07-07 07:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-07 07:57 - 2014-07-07 07:56 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\###\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-05 21:38 - 2014-07-05 21:38 - 00043048 _____ () C:\Users\###\Downloads\Addition-korr.txt
2014-07-05 21:33 - 2014-07-05 21:33 - 00049154 _____ () C:\Users\###\Downloads\FRSTkorr.txt
2014-07-05 21:14 - 2014-02-17 10:50 - 00000000 ____D () C:\Users\###
2014-07-05 21:07 - 2014-07-05 21:07 - 517430305 _____ () C:\WINDOWS\MEMORY.DMP
2014-07-05 21:07 - 2014-07-05 21:07 - 00288536 _____ () C:\WINDOWS\Minidump\070514-21531-01.dmp
2014-07-05 21:07 - 2014-06-02 16:32 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-05 21:03 - 2014-07-05 21:03 - 00380416 _____ () C:\Users\###\Downloads\4knde644.exe
2014-07-05 21:02 - 2014-07-05 21:01 - 00043065 _____ () C:\Users\###\Downloads\Addition.txt
2014-07-05 20:54 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-05 20:53 - 2014-07-05 20:53 - 00000578 _____ () C:\Users\###\Downloads\defogger_disable.log
2014-07-05 20:53 - 2014-07-05 20:53 - 00000020 _____ () C:\Users\###\defogger_reenable
2014-07-05 20:52 - 2014-07-05 20:52 - 00050477 _____ () C:\Users\###\Downloads\Defogger.exe
2014-07-05 20:45 - 2014-07-05 20:45 - 02084352 _____ (Farbar) C:\Users\###\Downloads\FRST64.exe
2014-07-05 20:19 - 2014-02-18 09:25 - 00000000 ____D () C:\Users\###\Documents\_WIN-PC
2014-07-05 20:16 - 2014-07-04 22:08 - 00000664 _____ () C:\WINDOWS\SysWOW64\Drivers\kgpfr2.cfg
2014-07-04 22:22 - 2014-07-04 22:07 - 00002496 _____ () C:\WINDOWS\system32\Drivers\kgpcpy.cfg
2014-07-04 22:22 - 2014-06-26 22:15 - 00000000 ____D () C:\Program Files (x86)\19A6D51C-2D35-44DB-B412-0B01BF8D2D62
2014-07-04 22:03 - 2014-07-04 22:03 - 00707664 _____ (iS3, Inc.) C:\Users\###\Downloads\SZSetup_AID10121_AV.exe
2014-07-04 12:58 - 2013-11-03 09:28 - 00125952 ___SH () C:\Users\###\Desktop\Thumbs.db
2014-07-03 11:34 - 2014-07-03 11:34 - 00001411 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-07-03 11:34 - 2014-07-03 11:34 - 00001399 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-07-03 11:34 - 2014-07-03 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-07-03 11:34 - 2014-01-03 10:31 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-03 11:34 - 2014-01-03 10:31 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-07-03 11:10 - 2014-01-03 10:34 - 00000135 _____ () C:\WINDOWS\wininit.ini
2014-07-03 10:52 - 2013-11-03 11:00 - 00000000 ____D () C:\Users\###\AppData\Roaming\vlc
2014-07-03 10:03 - 2014-07-03 10:02 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\###\Downloads\spybot-2.4.exe
2014-07-03 09:52 - 2014-07-03 09:52 - 00002184 _____ () C:\Users\###\Desktop\ Malwarebytes Anti-Malware  - Malware Scanner - CHIP 

Downloader.lnk
2014-07-03 09:43 - 2014-07-03 09:43 - 00961360 _____ (Chip Digital GmbH) C:\Users\###\Downloads\Malwarebytes Anti Malware Malware Scanner - 

CHIP-Installer.exe
2014-07-02 19:35 - 2014-02-25 19:13 - 00000000 ____D () C:\Users\###\Documents\#######
2014-07-01 14:53 - 2013-11-14 09:27 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-01 14:53 - 2013-11-14 09:11 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-01 14:53 - 2013-11-14 09:11 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-01 08:46 - 2013-10-23 13:56 - 00000000 ____D () C:\Users\###\Documents\#######
2014-06-30 16:29 - 2013-11-06 15:32 - 00000000 ____D () C:\Users\###\Documents\___Tests
2014-06-30 16:18 - 2014-06-30 16:18 - 00002302 _____ () C:\Users\###\Desktop\W######4 - Verknüpfung.lnk
2014-06-30 07:29 - 2013-12-25 13:32 - 00000000 ____D () C:\Users\###\AppData\Roaming\FileAdvisor
2014-06-26 09:32 - 2014-06-26 09:32 - 00517413 _____ () C:\Users\###\Downloads\quickfolders_tabbed_folders-3.14.1-sm+tb.xpi
2014-06-26 09:32 - 2014-06-26 09:32 - 00097251 _____ () C:\Users\###\Downloads\expression_search_gmailui-0.8.8-tb.xpi
2014-06-26 09:31 - 2014-06-26 09:31 - 00376218 _____ () C:\Users\###\Downloads\archive_this-1.4.8.0-tb.xpi
2014-06-26 09:31 - 2014-06-26 09:31 - 00204851 _____ () C:\Users\###\Downloads\quickfilters-2.5-sm+tb.xpi
2014-06-26 09:28 - 2014-06-26 09:28 - 00046321 _____ () C:\Users\###\Downloads\totalquickfilter-3.0-tb.xpi
2014-06-26 09:27 - 2014-06-26 09:27 - 00002054 _____ () C:\Users\###\Downloads\filter_of_filters-1.1-tb.xpi
2014-06-25 19:47 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-25 13:51 - 2014-01-27 21:27 - 00000000 ____D () C:\D-EVERYTHINGSEARCH
2014-06-25 13:51 - 2014-01-27 21:25 - 00000000 ____D () C:\Program Files (x86)\Everything
2014-06-23 16:15 - 2014-06-23 16:15 - 00000000 _____ () C:\Users\###\Downloads\IRON_BUTTERFLY_-_IN_A_GADDA_DA_VIDA_-

_1968_ORIGINAL_FULL_VERSION_CD_SOUND_3D_VIDEO.flv
2014-06-23 12:54 - 2014-06-23 12:54 - 00003832 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1396198660
2014-06-23 12:54 - 2014-03-30 18:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-06-23 12:04 - 2014-06-23 12:04 - 00000000 ____D () C:\Users\###\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB 

Creator
2014-06-23 12:04 - 2014-06-23 12:04 - 00000000 ____D () C:\Program Files (x86)\LinuxLive USB Creator
2014-06-23 12:00 - 2014-06-23 11:40 - 1010827264 _____ () C:\Users\Public\Documents\ubuntu-14.04-desktop-amd64.iso
2014-06-23 11:52 - 2014-06-23 11:52 - 05001199 _____ (LinuxLive USB Creator) C:\Users\Public\Documents\LinuxLive USB Creator 2.8.29.exe
2014-06-23 11:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-06-23 11:00 - 2013-08-22 16:46 - 00305858 _____ () C:\WINDOWS\setupact.log
2014-06-23 10:50 - 2014-06-23 10:50 - 05001199 _____ (LinuxLive USB Creator) C:\Users\###\Downloads\LinuxLive USB Creator 2.8.29.exe
2014-06-23 08:43 - 2014-06-23 08:37 - 34251899 _____ () C:\Users\###\Downloads\Led_Zeppelin_-_Whole_Lotta_Love_HD.flv
2014-06-22 20:43 - 2014-06-22 20:43 - 00000000 _____ () C:\Users\###\Downloads\Red_Hot_Chili_Peppers_-

_Stadion_Slaski_Chorz_w_Poland_Full_Concert_2007.07.03.flv
2014-06-21 14:24 - 2014-06-21 14:24 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-06-21 14:23 - 2014-06-21 13:50 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-21 13:54 - 2014-06-21 13:32 - 00000000 ____D () C:\Users\###\Documents\samsung
2014-06-21 13:33 - 2014-06-21 13:33 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-06-21 13:33 - 2014-06-21 13:32 - 00000000 ____D () C:\Users\###\AppData\Roaming\Samsung
2014-06-21 13:32 - 2014-06-21 13:32 - 00001993 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\Users\###\Documents\SelfMV
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-06-21 13:32 - 2012-11-05 19:52 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-21 13:31 - 2014-06-21 13:30 - 41820464 _____ (Samsung Electronics Co., Ltd.) C:\Users\###\Downloads\Kies3Setup.exe
2014-06-21 13:28 - 2014-06-21 13:28 - 00000000 ____D () C:\Users\###\Downloads\CF-Auto-Root-jflte-jfltexx-gti9505
2014-06-21 13:27 - 2014-06-21 13:26 - 20536004 _____ () C:\Users\###\Downloads\CF-Auto-Root-jflte-jfltexx-gti9505.zip
2014-06-21 13:26 - 2014-06-21 13:26 - 00467537 _____ () C:\Users\###\Downloads\Odin304.zip
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Copenhagen_Denmark_1972_Full_Concert-1.flv
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Copenhagen_Denmark_1972_Full_Concert.flv
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\AC_DC_-_Greatest_Hits_2011_Full_Completo.flv
2014-06-21 07:58 - 2014-06-21 07:57 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Live_Rockpalast_-_1985_-

_Palais_Omnisport_Paris_-_Full.flv
2014-06-21 00:20 - 2014-03-22 01:03 - 00000000 ____D () C:\Users\###\AppData\Local\Windows Live
2014-06-21 00:07 - 2014-06-20 23:41 - 77834736 _____ () C:\Users\###\Downloads\Deep_Purple-Made_In_Japan_1972.flv
2014-06-18 17:56 - 2013-09-24 18:18 - 00004090 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-18 17:56 - 2013-09-24 18:17 - 00003854 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-17 18:29 - 2013-09-22 22:02 - 00006234 _____ () C:\WirelessDiagLog.csv
2014-06-16 10:43 - 2014-06-16 10:39 - 00000000 ____D () C:\Users\###\Documents\##-
2014-06-13 22:41 - 2014-06-11 09:08 - 00000000 ____D () C:\Users\###\Documents\######
2014-06-12 08:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-12 07:37 - 2013-10-14 10:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-12 07:30 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-12 07:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-11 21:45 - 2013-09-22 14:37 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-11 21:43 - 2012-11-05 19:14 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 13:02 - 2014-06-11 13:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 12:25 - 2014-05-02 10:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-08 21:44 - 2013-12-24 08:55 - 00000000 ____D () C:\Users\###\Documents\####

Files to move or delete:
====================
C:\Users\###\AppData\Roaming\CamLayout.ini
C:\Users\###\AppData\Roaming\CamShapes.ini
C:\Users\###\AppData\Roaming\CamStudio.Producer.Data.ini


Some content of TEMP:
====================
C:\Users\###\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\###\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-07 10:39

==================== End Of Log ============================
         
--- --- ---



So, ich hoffe, nun geht alles gut - und ich würde mich freuen, wenn Du mir grünes Licht geben könntest (hoffnung, hoffnung)

Gruß
Kim


Alt 08.07.2014, 07:24   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Supra Savings im Firefox - Standard

Supra Savings im Firefox




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Supra Savings im Firefox

Alt 08.07.2014, 18:54   #7
kimberger
 
Supra Savings im Firefox - Standard

Supra Savings im Firefox



Moin Schrauber,
der Download der Signaturen springt immer ab 51% direkt auf 100 und endet mit der Meldung "Unerwarteter Fehler 2002".
Ich habe es 4 mal probiert.
Hast Du eine Lösung?
bis dann
Kim


ER LÄUFT, nach 10 Versuchn steigerte sich die Download-Menge bis 94% - und voila ....

... und wieder ich ;-))

also erst einmal

das ESET-file

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=9162c2ab909ab94f97f37bbbec9a2c67
# engine=19070
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-08 12:48:53
# local_time=2014-07-08 02:48:53 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4560205 29705026 0 0
# scanned=321082
# found=129
# cleaned=0
# scan_time=19281
sh=E5A3C100D2D0FD94482783AF2B2FF94CDFC9923F ft=1 fh=a0ddd0619a504a2e vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe"
sh=E776EFD5C63FC5557E555C280F8839701B9488FC ft=1 fh=2d4cc13ab442d6a0 vn="Variante von Win32/Toolbar.SearchSuite.P evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Free Screen To Video\Helper.dll"
sh=57056BD290F94AE4D6D357BAD744906724BEC681 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\samsung\Kies3\backup\GT-I9505\GT-I9505_\GT-I9505_20140621141150\Others\Download\DetectorMentiras.apk"
sh=9062DF9A6E7BEEB142CDDEE9ED7340BE573D0EA2 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\samsung\Kies3\backup\GT-I9505\GT-I9505_\GT-I9505_20140621141150\Others\Download\Frauenfernbedienung.apk"
sh=9062DF9A6E7BEEB142CDDEE9ED7340BE573D0EA2 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\samsung\Kies3\backup\GT-I9505\GT-I9505_\GT-I9505_20140621141150\Others\Download\Frauenfernbedienung_1.3.apk"
sh=15CB79C631CE41CCE6F12D2188771A11E85FE3A2 ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\samsung\Kies3\backup\GT-I9505\GT-I9505_\GT-I9505_20140621141150\Others\Download\Kundalini Yoga NEW_1.03.apk"
sh=D53CBCBD701A88B9705EBD96239301D5543A3F9E ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.RevMob.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\samsung\Kies3\backup\GT-I9505\GT-I9505_\GT-I9505_20140621141150\Others\Download\Kundalini Yoga_1.0.apk"
sh=B61E9476316B2E182183095F55E148A467321E21 ft=0 fh=0000000000000000 vn="möglicherweise Variante von Android/AdDisplay.RevMob.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\samsung\Kies3\backup\GT-I9505\GT-I9505_\GT-I9505_20140621141150\Others\Download\kundalin_1.0.apk"
sh=9D3242D58C816A30F02670DDFFCD137B293C0641 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\samsung\Kies3\backup\GT-I9505\GT-I9505_\GT-I9505_20140621141150\Others\Download\Love Calculator Deluxe.apk"
sh=2922F7832BF6DD23644E35C3E74790813B38EA8F ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\samsung\Kies3\backup\GT-I9505\GT-I9505_\GT-I9505_20140621141150\Others\Download\_installieren\AdBlock Plus Installations Anleitung.apk"
sh=2922F7832BF6DD23644E35C3E74790813B38EA8F ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\samsung\Kies3\backup\GT-I9505\GT-I9505_\GT-I9505_20140621141150\Others\Download\_nochmLlleaufeinmal\AdBlock Plus Installations Anleitung_2.3.apk"
sh=57056BD290F94AE4D6D357BAD744906724BEC681 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\samsung\Kies3\backup\GT-I9505\GT-I9505_\GT-I9505_20140621141150\Others\Download\_nochmLlleaufeinmal\DetectorMentiras_8.0.apk"
sh=9062DF9A6E7BEEB142CDDEE9ED7340BE573D0EA2 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\samsung\Kies3\backup\GT-I9505\GT-I9505_\GT-I9505_20140621141150\Others\Download\_nochmLlleaufeinmal\Frauenfernbedienung_1.3.apk"
sh=9D3242D58C816A30F02670DDFFCD137B293C0641 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\samsung\Kies3\backup\GT-I9505\GT-I9505_\GT-I9505_20140621141150\Others\Download\_nochmLlleaufeinmal\Love Calculator Deluxe_1.0.apk"
sh=62C7EB02B5D9515B82087390D4F55F5BC9204E73 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\###\Documents\###ar____\A####X\Download\SuperOneClickv2.2-ShortFuse-1.zip"
sh=62C7EB02B5D9515B82087390D4F55F5BC9204E73 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\###\Documents\_###___\##X\Download\SuperOneClickv2.2-ShortFuse.zip"
sh=C01D6DC7001C1D502D70E39C23B025D52E60F522 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\####r____\#X\droidbackupdir\1354109582870\NoteMaster 2.5.apk"
sh=AA87536D5936D1B0D2F10DEE576846097AFA1F88 ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\#____\A###\droidbackupdir\1354109582870\WiFi Mouse 7.9.apk"
sh=62C7EB02B5D9515B82087390D4F55F5BC9204E73 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\mnt\extSdCard\Download\SuperOneClickv2.2-ShortFuse-1.zip"
sh=62C7EB02B5D9515B82087390D4F55F5BC9204E73 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\mnt\extSdCard\Download\SuperOneClickv2.2-ShortFuse.zip"
sh=C01D6DC7001C1D502D70E39C23B025D52E60F522 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\mnt\extSdCard\droidbackupdir\1354109582870\NoteMaster 2.5.apk"
sh=AA87536D5936D1B0D2F10DEE576846097AFA1F88 ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\mnt\extSdCard\droidbackupdir\1354109582870\WiFi Mouse 7.9.apk"
sh=3E6ADC000FA4C0BBF5E5AFDC2904F8F7D65B92CE ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.RevMob.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\MyPhoneExplorer\alps SP-140 [355685022868912]\Cache\phone\mnt\asec\com.bestappsforphone.projectmanagementcoursestrainingsteps3-1\pkg.apk"
sh=BD69A52D80805166692A7BE23A077DA040C0291F ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\MyPhoneExplorer\alps SP-140 [355685022868912]\Cache\phone\mnt\asec\com.mp3.mp3pro-1\pkg.apk"
sh=25FA768DB7BF88430E413CBEE38BA7005AC2322C ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\MyPhoneExplorer\alps SP-140 [355685022868912]\Cache\phone\mnt\asec\com.PaoloOast.HowToPlaySaxophone-1\pkg.apk"
sh=A0C570E5B72B8FE43BD9142D0BE2A61BED44FE6D ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\MyPhoneExplorer\alps SP-140 [355685022868912]\Cache\phone\mnt\asec\com.reviveapps.translator.all3-1\pkg.apk"
sh=469F144AC1931082EBA816385FE0F67D69A4F2A5 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\MyPhoneExplorer\alps SP-140 [355685022868912]\Cache\phone\mnt\asec\com.reviveapps.translator.all4-1\pkg.apk"
sh=5C5B0DE8A3B98263F2658C29F3AFD6BE00491DCE ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\MyPhoneExplorer\alps SP-140 [355685022868912]\Cache\phone\mnt\asec\com.stoik.lnscan_free-1\pkg.apk"
sh=ED9D62B11145ECB1285A326F8262ABCB5912D992 ft=0 fh=0000000000000000 vn="Variante von Android/Plankton.I Trojaner" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\MyPhoneExplorer\alps SP-140 [355685022868912]\Cache\phone\mnt\asec\com.tenorsaxmp.android-1\pkg.apk"
sh=3E6ADC000FA4C0BBF5E5AFDC2904F8F7D65B92CE ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.RevMob.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\MyPhoneExplorer\alps SP-140 [355685022868912]\Cache\sdcard\appmonster2\backup\com.bestappsforphone.projectmanagementcoursestrainingsteps3\rev\2.apk"
sh=62C7EB02B5D9515B82087390D4F55F5BC9204E73 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\MyPhoneExplorer\samsung GT-I9505 [358904058406852]\Cache\phone\mnt\extSdCard\Download\SuperOneClickv2.2-ShortFuse-1.zip"
sh=62C7EB02B5D9515B82087390D4F55F5BC9204E73 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\MyPhoneExplorer\samsung GT-I9505 [358904058406852]\Cache\phone\mnt\extSdCard\Download\SuperOneClickv2.2-ShortFuse.zip"
sh=C01D6DC7001C1D502D70E39C23B025D52E60F522 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\MyPhoneExplorer\samsung GT-I9505 [358904058406852]\Cache\phone\mnt\extSdCard\droidbackupdir\1354109582870\NoteMaster 2.5.apk"
sh=AA87536D5936D1B0D2F10DEE576846097AFA1F88 ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\MyPhoneExplorer\samsung GT-I9505 [358904058406852]\Cache\phone\mnt\extSdCard\droidbackupdir\1354109582870\WiFi Mouse 7.9.apk"
sh=62C7EB02B5D9515B82087390D4F55F5BC9204E73 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\MyPhoneExplorer\samsung GT-I9505 [358904058406852]\Cache\phone\storage\extSdCard\Download\SuperOneClickv2.2-ShortFuse-1.zip"
sh=62C7EB02B5D9515B82087390D4F55F5BC9204E73 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\MyPhoneExplorer\samsung GT-I9505 [358904058406852]\Cache\phone\storage\extSdCard\Download\SuperOneClickv2.2-ShortFuse.zip"
sh=C01D6DC7001C1D502D70E39C23B025D52E60F522 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\MyPhoneExplorer\samsung GT-I9505 [358904058406852]\Cache\phone\storage\extSdCard\droidbackupdir\1354109582870\NoteMaster 2.5.apk"
sh=AA87536D5936D1B0D2F10DEE576846097AFA1F88 ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\MyPhoneExplorer\samsung GT-I9505 [358904058406852]\Cache\phone\storage\extSdCard\droidbackupdir\1354109582870\WiFi Mouse 7.9.apk"
sh=62C7EB02B5D9515B82087390D4F55F5BC9204E73 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\storage\extSdCard\Download\SuperOneClickv2.2-ShortFuse-1.zip"
sh=62C7EB02B5D9515B82087390D4F55F5BC9204E73 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\storage\extSdCard\Download\SuperOneClickv2.2-ShortFuse.zip"
sh=C01D6DC7001C1D502D70E39C23B025D52E60F522 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\storage\extSdCard\droidbackupdir\1354109582870\NoteMaster 2.5.apk"
sh=AA87536D5936D1B0D2F10DEE576846097AFA1F88 ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\storage\extSdCard\droidbackupdir\1354109582870\WiFi Mouse 7.9.apk"
sh=2922F7832BF6DD23644E35C3E74790813B38EA8F ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\_alleAnwendungen\AdBlock Plus Installations Anleitung.apk"
sh=57056BD290F94AE4D6D357BAD744906724BEC681 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\_alleAnwendungen\DetectorMentiras.apk"
sh=9062DF9A6E7BEEB142CDDEE9ED7340BE573D0EA2 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\_alleAnwendungen\Frauenfernbedienung.apk"
sh=9D3242D58C816A30F02670DDFFCD137B293C0641 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\_alleAnwendungen\Love Calculator Deluxe.apk"
sh=2922F7832BF6DD23644E35C3E74790813B38EA8F ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\_alleAnwendungen\_nochmLlleaufeinmal\AdBlock Plus Installations Anleitung_2.3.apk"
sh=57056BD290F94AE4D6D357BAD744906724BEC681 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\_alleAnwendungen\_nochmLlleaufeinmal\DetectorMentiras_8.0.apk"
sh=9062DF9A6E7BEEB142CDDEE9ED7340BE573D0EA2 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\_alleAnwendungen\_nochmLlleaufeinmal\Frauenfernbedienung_1.3.apk"
sh=9D3242D58C816A30F02670DDFFCD137B293C0641 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYback\_alleAnwendungen\_nochmLlleaufeinmal\r Deluxe_1.0.apk"
sh=9062DF9A6E7BEEB142CDDEE9ED7340BE573D0EA2 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYbackKundalinimix\Frauenfernbedienung_1.3.apk"
sh=15CB79C631CE41CCE6F12D2188771A11E85FE3A2 ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYbackKundalinimix\Kundalini Yoga NEW_1.03.apk"
sh=D53CBCBD701A88B9705EBD96239301D5543A3F9E ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.RevMob.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYbackKundalinimix\Kundalini Yoga_1.0.apk"
sh=B61E9476316B2E182183095F55E148A467321E21 ft=0 fh=0000000000000000 vn="möglicherweise Variante von Android/AdDisplay.RevMob.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-GALAXYbackKundalinimix\kundalin_1.0.apk"
sh=BD69A52D80805166692A7BE23A077DA040C0291F ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140back\Android MP3 Pro_6.0.apk"
sh=25FA768DB7BF88430E413CBEE38BA7005AC2322C ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140back\How To Play Saxophone_2.2.apk"
sh=5C5B0DE8A3B98263F2658C29F3AFD6BE00491DCE ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140back\Lectures Scanner Free_1.1.0.apk"
sh=3E6ADC000FA4C0BBF5E5AFDC2904F8F7D65B92CE ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.RevMob.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140back\Project Management Courses Pro_2.apk"
sh=A0C570E5B72B8FE43BD9142D0BE2A61BED44FE6D ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140back\Talking Translator - 2rd version_1.8.apk"
sh=469F144AC1931082EBA816385FE0F67D69A4F2A5 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140back\Talking Translator-Blue Theme_1.70.apk"
sh=ED9D62B11145ECB1285A326F8262ABCB5912D992 ft=0 fh=0000000000000000 vn="Variante von Android/Plankton.I Trojaner" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140back\Tenor Sax MP_1.1.apk"
sh=3E6ADC000FA4C0BBF5E5AFDC2904F8F7D65B92CE ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.RevMob.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien\Speicherkarte\appmonster2\backup\com.bestappsforphone.projectmanagementcoursestrainingsteps3\rev\2.apk"
sh=3E6ADC000FA4C0BBF5E5AFDC2904F8F7D65B92CE ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.RevMob.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien\Systemspeicher\mnt\asec\com.bestappsforphone.projectmanagementcoursestrainingsteps3-1\pkg.apk"
sh=BD69A52D80805166692A7BE23A077DA040C0291F ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien\Systemspeicher\mnt\asec\com.mp3.mp3pro-1\pkg.apk"
sh=25FA768DB7BF88430E413CBEE38BA7005AC2322C ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien\Systemspeicher\mnt\asec\com.PaoloOast.HowToPlaySaxophone-1\pkg.apk"
sh=A0C570E5B72B8FE43BD9142D0BE2A61BED44FE6D ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien\Systemspeicher\mnt\asec\com.reviveapps.translator.all3-1\pkg.apk"
sh=469F144AC1931082EBA816385FE0F67D69A4F2A5 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien\Systemspeicher\mnt\asec\com.reviveapps.translator.all4-1\pkg.apk"
sh=5C5B0DE8A3B98263F2658C29F3AFD6BE00491DCE ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien\Systemspeicher\mnt\asec\com.stoik.lnscan_free-1\pkg.apk"
sh=ED9D62B11145ECB1285A326F8262ABCB5912D992 ft=0 fh=0000000000000000 vn="Variante von Android/Plankton.I Trojaner" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien\Systemspeicher\mnt\asec\com.tenorsaxmp.android-1\pkg.apk"
sh=3E6ADC000FA4C0BBF5E5AFDC2904F8F7D65B92CE ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.RevMob.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien2\Systemspeicher\mnt\asec\com.bestappsforphone.projectmanagementcoursestrainingsteps3-1\pkg.apk"
sh=BD69A52D80805166692A7BE23A077DA040C0291F ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien2\Systemspeicher\mnt\asec\com.mp3.mp3pro-1\pkg.apk"
sh=25FA768DB7BF88430E413CBEE38BA7005AC2322C ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien2\Systemspeicher\mnt\asec\com.PaoloOast.HowToPlaySaxophone-1\pkg.apk"
sh=A0C570E5B72B8FE43BD9142D0BE2A61BED44FE6D ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien2\Systemspeicher\mnt\asec\com.reviveapps.translator.all3-1\pkg.apk"
sh=469F144AC1931082EBA816385FE0F67D69A4F2A5 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien2\Systemspeicher\mnt\asec\com.reviveapps.translator.all4-1\pkg.apk"
sh=5C5B0DE8A3B98263F2658C29F3AFD6BE00491DCE ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien2\Systemspeicher\mnt\asec\com.stoik.lnscan_free-1\pkg.apk"
sh=ED9D62B11145ECB1285A326F8262ABCB5912D992 ft=0 fh=0000000000000000 vn="Variante von Android/Plankton.I Trojaner" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien2\Systemspeicher\mnt\asec\com.tenorsaxmp.android-1\pkg.apk"
sh=3E6ADC000FA4C0BBF5E5AFDC2904F8F7D65B92CE ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.RevMob.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien3\Speicherkarte\appmonster2\backup\com.bestappsforphone.projectmanagementcoursestrainingsteps3\rev\2.apk"
sh=3E6ADC000FA4C0BBF5E5AFDC2904F8F7D65B92CE ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.RevMob.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien3\Systemspeicher\mnt\asec\com.bestappsforphone.projectmanagementcoursestrainingsteps3-1\pkg.apk"
sh=BD69A52D80805166692A7BE23A077DA040C0291F ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien3\Systemspeicher\mnt\asec\com.mp3.mp3pro-1\pkg.apk"
sh=25FA768DB7BF88430E413CBEE38BA7005AC2322C ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien3\Systemspeicher\mnt\asec\com.PaoloOast.HowToPlaySaxophone-1\pkg.apk"
sh=A0C570E5B72B8FE43BD9142D0BE2A61BED44FE6D ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien3\Systemspeicher\mnt\asec\com.reviveapps.translator.all3-1\pkg.apk"
sh=469F144AC1931082EBA816385FE0F67D69A4F2A5 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien3\Systemspeicher\mnt\asec\com.reviveapps.translator.all4-1\pkg.apk"
sh=5C5B0DE8A3B98263F2658C29F3AFD6BE00491DCE ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien3\Systemspeicher\mnt\asec\com.stoik.lnscan_free-1\pkg.apk"
sh=ED9D62B11145ECB1285A326F8262ABCB5912D992 ft=0 fh=0000000000000000 vn="Variante von Android/Plankton.I Trojaner" ac=I fn="C:\Users\###\Documents\_MyPhoneExpl-SP140dateien3\Systemspeicher\mnt\asec\com.tenorsaxmp.android-1\pkg.apk"
sh=31048732171730E332CF83C59A1E9C8F87FE9D9B ft=1 fh=69d728c96126b483 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Downloads\ashampoo_photo_optimizer_4_4.0.3_12123.exe"
sh=711F45D1BE06209A95606D7F176AB5438CF99E48 ft=1 fh=800047b729412605 vn="Variante von MSIL/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Downloads\bvasetup-Downloader.exe"
sh=4721E50B2F43A75EC5CEA290A4E2D5CB922055C0 ft=1 fh=80abae93db0e6516 vn="Variante von MSIL/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Downloads\DaminionSetup-01-Downloader.exe"
sh=19EF385CBC9D7FB4DEAD3510691E7966A0C123F5 ft=1 fh=88e1f55ddb0e6516 vn="Variante von MSIL/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Downloads\dbSThumb5Setup-Downloader.exe"
sh=3AD341693C85B5C4D4003D80A107E1BD38EE9D1E ft=1 fh=42c5a3c829412605 vn="Variante von MSIL/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Downloads\defaultaspx-Downloader.exe"
sh=9F5922424C4E6D114F26978CB09D5B4DD1E856CF ft=1 fh=563f50792626ef96 vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Downloads\FFSetup3.3.3.0.exe"
sh=50E112812573A31FE043C9813099705698BBCA5F ft=1 fh=7487981a60e34864 vn="Variante von MSIL/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Downloads\getpfind-Downloader.exe"
sh=C9D104B7FD3806C658C774155E40CD7A844692CA ft=1 fh=7b1c5982db0e6516 vn="Variante von MSIL/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Downloads\JPhotoTagger-setup-Downloader.exe"
sh=D61F8013A949CC6219B691FD0FC513F9968A33FD ft=1 fh=3b7ff362cfab4f82 vn="Variante von MSIL/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Downloads\LightZone-Installer-4.0.0-Downloader.exe"
sh=9DF97B417C53958902D1876867B1B5233E107868 ft=1 fh=b6fea5969f17fc17 vn="Win32/Somoto.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Downloads\m4a-to-mp3-converter.exe"
sh=CBBD2B5EA101E3EEFB60DBB3B13FFB1D2AAB84F5 ft=1 fh=8334592d4f2b518c vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe"
sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Downloads\MyPhoneExplorer_Setup_1.8.5.exe"
sh=2A84729B74A521D8B149DA3566148849D2C3D367 ft=1 fh=c822ce9dc2448ea4 vn="Variante von MSIL/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\###\Downloads\zps15_de_free-Downloader.exe"
sh=80466BABFA2CC67DC970D6DD9F21A429CA7D7F5D ft=0 fh=0000000000000000 vn="Variante von Android/Plankton.I Trojaner" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\backup\com.altosaxmp.android\rev\2.apk.44979.gzquar"
sh=DE66EA8D2BAB9989AD1D1035CCA6C9DD5E3C5315 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\backup\com.androidlab.gpsfix\rev\130317.apk"
sh=0E2B481AB8E8E97E3CE262FDDD8C12247960D83E ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\backup\com.androidlab.gpsfix\rev\130330.apk"
sh=A578FADB243EF8E2A546C722352289D716D6F73F ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\backup\com.aniXification.copypaste\rev\10.apk"
sh=2058DA4D5093A9CCAE4DC51B846AE4A8195B303C ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\backup\com.caynax.widget.battery.dashboard\rev\40001.apk"
sh=EAE5FD42A8C90A83729F50FE0B3DFF85BE8A2439 ft=0 fh=0000000000000000 vn="Variante von Android/Plankton.I Trojaner" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\backup\com.gokhanyavas\rev\10.apk.61420.gzquar"
sh=EB9F5BBDB85D11FFE103C46610FF805F4BF48DCD ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\backup\com.GreatDBB4\rev\1.apk"
sh=BD69A52D80805166692A7BE23A077DA040C0291F ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\backup\com.mp3.mp3pro\rev\600.apk"
sh=DF634897414A46EB5E0F982AD4EDDA59CF1250D6 ft=0 fh=0000000000000000 vn="möglicherweise Variante von Android/AdDisplay.Youmi.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\backup\com.outfit7.talkingben\rev\8.apk"
sh=25FA768DB7BF88430E413CBEE38BA7005AC2322C ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\backup\com.PaoloOast.HowToPlaySaxophone\rev\2.apk.76233.gzquar"
sh=1319B6088A7799CE6DD8A7BA4DC314477A4378A9 ft=0 fh=0000000000000000 vn="Variante von Android/Plankton.I Trojaner" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\backup\com.saxophonereeds.android\rev\3.apk.61379.gzquar"
sh=049234C6F6ED3406462AAEBEC2A51160E7AF0EA3 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\backup\com.smartdroid.solutions.task_finder\rev\14.apk"
sh=5C5B0DE8A3B98263F2658C29F3AFD6BE00491DCE ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\backup\com.stoik.lnscan_free\rev\10.apk"
sh=ED9D62B11145ECB1285A326F8262ABCB5912D992 ft=0 fh=0000000000000000 vn="Variante von Android/Plankton.I Trojaner" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\backup\com.tenorsaxmp.android\rev\2.apk.158924.gzquar"
sh=45B56F41B715C3AE8CFD640914962AD811818AA0 ft=0 fh=0000000000000000 vn="Android/Gappusin.A Trojaner" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\backup\com.utooo.android.compass\rev\10004.apk"
sh=8A7AE768D17762CE5913C1523E39C9DD14224564 ft=0 fh=0000000000000000 vn="Variante von Android/Domob.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\backup\com.xuecs.AudioRecorder\rev\38.apk"
sh=E1464607BB0BAE82A4765C184636F82AB9DB0962 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\backup\com.y_y_full.photo_dailer\rev\32.apk"
sh=29DF70EABC2807F186EFC4529217D3D110F9C5E3 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\backup\jp.somethinggoodsoft.easyvoicenotepad\rev\11.apk"
sh=0FE5F902516C67CA6FDBBE268B233422D7829E56 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.Cauly.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\backup\net.sonien.calendo\rev\17.apk"
sh=D37EE454E5B0537CE5D43BFB73121EC54A40F40C ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\backup\pl.thalion.mobile.battery\rev\20.apk"
sh=BD69A52D80805166692A7BE23A077DA040C0291F ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\old_style_backup\Android MP3 Pro 6.0.apk"
sh=D37EE454E5B0537CE5D43BFB73121EC54A40F40C ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\old_style_backup\Battery Disc 2.2.2 - Re.apk"
sh=2058DA4D5093A9CCAE4DC51B846AE4A8195B303C ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\old_style_backup\Caynax Dashboard Battery Widget 4.0.1.apk"
sh=A578FADB243EF8E2A546C722352289D716D6F73F ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\old_style_backup\Copy Paste 2.0.1.apk"
sh=6292FFEAD670C6E7C08AAA21ED05858B89F0DAE2 ft=0 fh=0000000000000000 vn="möglicherweise Variante von Android/AdDisplay.SKplanet.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\old_style_backup\Cymera 1.3.8.apk"
sh=45B56F41B715C3AE8CFD640914962AD811818AA0 ft=0 fh=0000000000000000 vn="Android/Gappusin.A Trojaner" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\old_style_backup\GPS Compass 1.0.4.apk"
sh=0E2B481AB8E8E97E3CE262FDDD8C12247960D83E ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\old_style_backup\GpsFix 1.18.2.apk"
sh=25FA768DB7BF88430E413CBEE38BA7005AC2322C ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\old_style_backup\how to play saxophone 2.2.apk.60060.gzquar"
sh=5C5B0DE8A3B98263F2658C29F3AFD6BE00491DCE ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\old_style_backup\Lectures Scanner Free 1.1.0.apk"
sh=E1464607BB0BAE82A4765C184636F82AB9DB0962 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\old_style_backup\Photo Dialer 3.2.apk"
sh=EAE5FD42A8C90A83729F50FE0B3DFF85BE8A2439 ft=0 fh=0000000000000000 vn="Variante von Android/Plankton.I Trojaner" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\old_style_backup\sprechen schreiben 3.3.2.apk.61413.gzquar"
sh=ED9D62B11145ECB1285A326F8262ABCB5912D992 ft=0 fh=0000000000000000 vn="Variante von Android/Plankton.I Trojaner" ac=I fn="C:\Users\Public\Roaming\###\appmonster2\old_style_backup\tenor sax mp 1.1.apk.62109.gzquar"
         
SecurityCheck verursachte immer dieses Text-Ergebnis :-((((((
(ich habe win8)

Code:
ATTFilter
UNSUPPORTED OPERATING SYSTEM! ABORTED!
         

















und dann wieder ein FRST.txt


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by ### (administrator) on ### on 08-07-2014 15:39:09
Running from C:\Users\###\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco SystemsVPN Client\cvpnd.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Thermaltake) C:\Program Files (x86)\Mouse Tt eSPORTS BLACK\BlackMonitor.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe
() C:\Users\###\Downloads\SecurityCheck.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [IntelMyWiFiDashboard] => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [5010224 2012-07-13] (Intel® Corporation)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2912056 2012-08-16] (Synaptics Incorporated)
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [320824 2012-08-16] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [388408 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258576 2012-07-30] (CyberLink Corp.)
HKLM-x32\...\Run: [Tt eSPORTS BLACK Gaming Mouse] => C:\Program Files (x86)\Mouse Tt eSPORTS BLACK\BlackMonitor.exe [105864 2012-08-10] (Thermaltake)
HKLM-x32\...\Run: [AVMFBoxMonitor] => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [1503232 2009-07-06] (AVM Berlin)
HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe [328992 2010-10-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2092032 2014-02-03] (Dominik Reichl)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime Lite\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-3410272128-3850883635-1020607561-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2011-06-04] (Acresso Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyUsers\S-1-5-21-3410272128-3850883635-1020607561-1004\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3410272128-3850883635-1020607561-1001\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {9B62A7FA-C373-4BF4-BCA6-12C03F49BB1A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default
FF Homepage: leer
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-ExchangeViewer\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-ExchangeViewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-ExchangeViewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPSibelius.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\PDFNetC.dll (PDFTron Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchPDFWrapper.dll ()
FF SearchPlugin: C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\searchplugins\googlemaps.xml
FF SearchPlugin: C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\searchplugins\ixquick-https.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\staged [2014-07-08]
FF Extension: YouTube Unblocker - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\youtubeunblocker@unblocker.yt [2014-01-23]
FF Extension: Flashblock - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-09-23]
FF Extension: DownloadHelper - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26]
FF Extension: AutoGroup - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\akimkin_denis@mail.ru.xpi [2014-04-21]
FF Extension: FlashStopper - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\flashstopper@byo.co.il.xpi [2014-04-21]
FF Extension: Image and Flash Blocker - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\imgflashblocker@shimon.chohen.xpi [2013-09-23]
FF Extension: media menu - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\jid0-X4tVYTsgT60azyHVye1faT8MjIA@jetpack.xpi [2014-04-21]
FF Extension: YouTube Control Center - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\jid1-CikLKKPVkw6ipw@jetpack.xpi [2014-04-21]
FF Extension: Media Sniffer - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\MediaSniffer@hiyoko.info.xpi [2014-04-21]
FF Extension: betterFox - Make your browsing experience 15% faster. - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\multirevenue@googlemail.com.xpi [2014-04-21]
FF Extension: SmartVideo For YouTube - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\mytube@ashishmishra.in.xpi [2014-04-21]
FF Extension: Niederschlagsradar - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\niederschlagsradar@sensiva.net.xpi [2014-06-10]
FF Extension: S3.Download Statusbar - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\s3download@statusbar.xpi [2014-02-13]
FF Extension: Search Tab - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\searchtab@pratikpoddar.xpi [2013-12-13]
FF Extension: Secure Login - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\secureLogin@blueimp.net.xpi [2013-09-21]
FF Extension: StopTube - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\stoptube@kashiif.com.xpi [2013-09-23]
FF Extension: SuperStop - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\superstop@gavinsharp.com.xpi [2013-09-23]
FF Extension: Todoist - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\support@todoist.com.xpi [2013-10-15]
FF Extension: Session Manager - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2013-09-21]
FF Extension: ScrapBook - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2014-01-04]
FF Extension: Web Marker - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{5755466A-DB04-11DA-A2DD-0E545D5EE2F7}.xpi [2014-03-09]
FF Extension: NoScript - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-04-21]
FF Extension: Flash Block - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{95ab36d4-fb6f-47b0-8b8d-e5f3bd547953}.xpi [2013-09-23]
FF Extension: Adblock Plus - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-21]
FF Extension: Tab Mix Plus - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-12-26]

==================== Services (Whitelisted) =================

R2 CVPND; C:\Program Files (x86)\Cisco SystemsVPN Client\cvpnd.exe [1528616 2010-03-23] (Cisco Systems, Inc.)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 TipCtrl; C:\Program Files (x86)\uTIPu\TipCtrl.exe [314504 2009-02-03] (Utipu inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2012-08-13] (Wistron Corp.)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2014-03-20] (Disc Soft Ltd)
R2 easycvfs; C:\WINDOWS\system32\drivers\easycvfs.sys [110472 2010-07-29] () [File not signed]
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-16] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-03-20] (Duplex Secure Ltd.)
S3 synusb64; C:\Windows\System32\drivers\synusb64.sys [30352 2010-09-17] (Steinberg Media Technologies GmbH)
R1 ui11rdr; C:\Windows\System32\DRIVERS\ui11rdr.sys [199752 2011-11-21] (1&1 Internet AG)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-08 15:35 - 2014-07-08 15:35 - 00854390 _____ () C:\Users\###\Downloads\SecurityCheck(1).exe
2014-07-08 15:11 - 2014-07-08 15:11 - 00854390 _____ () C:\Users\###\Downloads\SecurityCheck.exe
2014-07-08 08:22 - 2014-07-08 08:22 - 02347384 _____ (ESET) C:\Users\###\Downloads\esetsmartinstaller_deu.exe
2014-07-07 13:41 - 2014-07-07 13:41 - 00052050 _____ () C:\Users\###\Downloads\FRST2korr.txt
2014-07-07 12:08 - 2014-07-07 12:08 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-07 12:07 - 2014-07-07 12:07 - 01016261 _____ (Thisisu) C:\Users\###\Downloads\JRT.exe
2014-07-07 10:13 - 2014-07-07 13:13 - 00000000 ____D () C:\AdwCleaner
2014-07-07 10:11 - 2014-07-07 10:11 - 01346519 _____ () C:\Users\###\Downloads\adwcleaner_3.214.exe
2014-07-07 07:59 - 2014-07-07 09:41 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-07 07:58 - 2014-07-07 10:05 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-07 07:58 - 2014-07-07 07:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-07 07:58 - 2014-07-07 07:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-07 07:58 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-07 07:58 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-07 07:58 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-07 07:56 - 2014-07-07 07:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\###\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-05 21:38 - 2014-07-05 21:38 - 00043048 _____ () C:\Users\###\Downloads\Addition-korr.txt
2014-07-05 21:33 - 2014-07-05 21:33 - 00049154 _____ () C:\Users\###\Downloads\FRSTkorr.txt
2014-07-05 21:07 - 2014-07-05 21:07 - 517430305 _____ () C:\WINDOWS\MEMORY.DMP
2014-07-05 21:07 - 2014-07-05 21:07 - 00288536 _____ () C:\WINDOWS\Minidump\070514-21531-01.dmp
2014-07-05 21:03 - 2014-07-05 21:03 - 00380416 _____ () C:\Users\###\Downloads\4knde644.exe
2014-07-05 21:01 - 2014-07-05 21:02 - 00043065 _____ () C:\Users\###\Downloads\Addition.txt
2014-07-05 20:59 - 2014-07-08 15:39 - 00021540 _____ () C:\Users\###\Downloads\FRST.txt
2014-07-05 20:59 - 2014-07-08 15:39 - 00000000 ____D () C:\FRST
2014-07-05 20:53 - 2014-07-05 20:53 - 00000578 _____ () C:\Users\###\Downloads\defogger_disable.log
2014-07-05 20:53 - 2014-07-05 20:53 - 00000020 _____ () C:\Users\###\defogger_reenable
2014-07-05 20:52 - 2014-07-05 20:52 - 00050477 _____ () C:\Users\###\Downloads\Defogger.exe
2014-07-05 20:45 - 2014-07-05 20:45 - 02084352 _____ (Farbar) C:\Users\###\Downloads\FRST64.exe
2014-07-04 22:08 - 2014-07-05 20:16 - 00000664 _____ () C:\WINDOWS\SysWOW64\Drivers\kgpfr2.cfg
2014-07-04 22:07 - 2014-07-04 22:22 - 00002496 _____ () C:\WINDOWS\system32\Drivers\kgpcpy.cfg
2014-07-04 22:03 - 2014-07-04 22:03 - 00707664 _____ (iS3, Inc.) C:\Users\###\Downloads\SZSetup_AID10121_AV.exe
2014-07-03 11:34 - 2014-07-03 11:34 - 00001411 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-07-03 11:34 - 2014-07-03 11:34 - 00001399 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-07-03 11:34 - 2014-07-03 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-07-03 11:34 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2014-07-03 10:56 - 2014-06-06 11:33 - 00000824 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20140703-105625.backup
2014-07-03 10:02 - 2014-07-03 10:03 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\###\Downloads\spybot-2.4.exe
2014-07-03 09:43 - 2014-07-03 09:43 - 00961360 _____ (Chip Digital GmbH) C:\Users\###\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-06-30 16:18 - 2014-06-30 16:18 - 00002302 _____ () C:\Users\###\Desktop\WIN7 - EA2014 - Verknüpfung.lnk
2014-06-26 22:15 - 2014-07-04 22:22 - 00000000 ____D () C:\Program Files (x86)\19A6D51C-2D35-44DB-B412-0B01BF8D2D62
2014-06-26 09:32 - 2014-06-26 09:32 - 00517413 _____ () C:\Users\###\Downloads\quickfolders_tabbed_folders-3.14.1-sm+tb.xpi
2014-06-26 09:32 - 2014-06-26 09:32 - 00097251 _____ () C:\Users\###\Downloads\expression_search_gmailui-0.8.8-tb.xpi
2014-06-26 09:31 - 2014-06-26 09:31 - 00376218 _____ () C:\Users\###\Downloads\archive_this-1.4.8.0-tb.xpi
2014-06-26 09:31 - 2014-06-26 09:31 - 00204851 _____ () C:\Users\###\Downloads\quickfilters-2.5-sm+tb.xpi
2014-06-26 09:28 - 2014-06-26 09:28 - 00046321 _____ () C:\Users\###\Downloads\totalquickfilter-3.0-tb.xpi
2014-06-26 09:27 - 2014-06-26 09:27 - 00002054 _____ () C:\Users\###\Downloads\filter_of_filters-1.1-tb.xpi
2014-06-23 16:15 - 2014-06-23 16:15 - 00000000 _____ () C:\Users\###\Downloads\IRON_BUTTERFLY_-_IN_A_GADDA_DA_VIDA_-_1968_ORIGINAL_FULL_VERSION_CD_SOUND_3D_VIDEO.flv
2014-06-23 12:54 - 2014-06-23 12:54 - 00003832 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1396198660
2014-06-23 12:04 - 2014-06-23 12:04 - 00000000 ____D () C:\Users\###\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2014-06-23 12:04 - 2014-06-23 12:04 - 00000000 ____D () C:\Program Files (x86)\LinuxLive USB Creator
2014-06-23 11:52 - 2014-06-23 11:52 - 05001199 _____ (LinuxLive USB Creator) C:\Users\Public\Documents\LinuxLive USB Creator 2.8.29.exe
2014-06-23 11:40 - 2014-06-23 12:00 - 1010827264 _____ () C:\Users\Public\Documents\ubuntu-14.04-desktop-amd64.iso
2014-06-23 10:50 - 2014-06-23 10:50 - 05001199 _____ (LinuxLive USB Creator) C:\Users\###\Downloads\LinuxLive USB Creator 2.8.29.exe
2014-06-23 08:37 - 2014-06-23 08:43 - 34251899 _____ () C:\Users\###\Downloads\Led_Zeppelin_-_Whole_Lotta_Love_HD.flv
2014-06-22 20:43 - 2014-06-22 20:43 - 00000000 _____ () C:\Users\###\Downloads\Red_Hot_Chili_Peppers_-_Stadion_Slaski_Chorz_w_Poland_Full_Concert_2007.07.03.flv
2014-06-21 14:24 - 2014-06-21 14:24 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-06-21 14:24 - 2014-03-19 03:27 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2014-06-21 14:24 - 2014-03-19 03:27 - 00109056 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2014-06-21 13:50 - 2014-06-21 14:23 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-21 13:33 - 2014-06-21 13:33 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-06-21 13:32 - 2014-06-21 13:54 - 00000000 ____D () C:\Users\###\Documents\samsung
2014-06-21 13:32 - 2014-06-21 13:33 - 00000000 ____D () C:\Users\###\AppData\Roaming\Samsung
2014-06-21 13:32 - 2014-06-21 13:32 - 00001993 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\Users\###\Documents\SelfMV
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-06-21 13:32 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2014-06-21 13:30 - 2014-06-21 13:31 - 41820464 _____ (Samsung Electronics Co., Ltd.) C:\Users\###\Downloads\Kies3Setup.exe
2014-06-21 13:28 - 2014-06-21 13:28 - 00000000 ____D () C:\Users\###\Downloads\CF-Auto-Root-jflte-jfltexx-gti9505
2014-06-21 13:26 - 2014-06-21 13:27 - 20536004 _____ () C:\Users\###\Downloads\CF-Auto-Root-jflte-jfltexx-gti9505.zip
2014-06-21 13:26 - 2014-06-21 13:26 - 00467537 _____ () C:\Users\###\Downloads\Odin304.zip
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Copenhagen_Denmark_1972_Full_Concert-1.flv
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Copenhagen_Denmark_1972_Full_Concert.flv
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\AC_DC_-_Greatest_Hits_2011_Full_Completo.flv
2014-06-21 07:57 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Live_Rockpalast_-_1985_-_Palais_Omnisport_Paris_-_Full.flv
2014-06-20 23:41 - 2014-06-21 00:07 - 77834736 _____ () C:\Users\###\Downloads\Deep_Purple-Made_In_Japan_1972.flv
2014-06-16 10:39 - 2014-06-16 10:43 - 00000000 ____D () C:\Users\###\Documents\_Gedä KreKo Kreativit-
2014-06-11 21:05 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-11 21:05 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-11 21:05 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-11 21:05 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-11 21:05 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-11 21:05 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-11 21:05 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-11 21:05 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-11 21:05 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-11 21:05 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-11 21:05 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-11 21:05 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-11 21:05 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-11 21:05 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-11 21:05 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-11 21:05 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-11 21:05 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-11 21:05 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-11 21:05 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-11 21:05 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-11 21:05 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-11 21:05 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-11 21:05 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-11 21:05 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-11 21:05 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-11 21:05 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-11 21:05 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-11 21:05 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-11 21:05 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-11 21:04 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-11 21:04 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-11 21:04 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-11 21:04 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 21:04 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 21:04 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-11 21:04 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-11 21:04 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-11 21:04 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-11 21:03 - 2014-06-11 21:03 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 21:03 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-11 21:03 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-11 21:03 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-11 21:03 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-11 21:03 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-11 21:03 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-11 21:03 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-11 21:03 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-11 21:03 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-11 21:03 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-11 21:03 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-11 21:03 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-11 21:03 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-11 21:03 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-11 21:03 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-11 21:03 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-11 13:02 - 2014-06-11 13:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 09:08 - 2014-06-13 22:41 - 00000000 ____D () C:\Users\###\Documents\####r

==================== One Month Modified Files and Folders =======

2014-07-08 15:39 - 2014-07-05 20:59 - 00021540 _____ () C:\Users\###\Downloads\FRST.txt
2014-07-08 15:39 - 2014-07-05 20:59 - 00000000 ____D () C:\FRST
2014-07-08 15:35 - 2014-07-08 15:35 - 00854390 _____ () C:\Users\###\Downloads\SecurityCheck(1).exe
2014-07-08 15:11 - 2014-07-08 15:11 - 00854390 _____ () C:\Users\###\Downloads\SecurityCheck.exe
2014-07-08 15:07 - 2014-02-18 09:25 - 00000000 ____D () C:\Users\###\Documents\####
2014-07-08 15:03 - 2013-12-20 08:45 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-08 15:01 - 2013-09-24 18:18 - 00001118 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-08 15:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-08 09:14 - 2014-02-17 11:09 - 01323383 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-08 08:22 - 2014-07-08 08:22 - 02347384 _____ (ESET) C:\Users\###\Downloads\esetsmartinstaller_deu.exe
2014-07-08 08:22 - 2013-11-14 09:27 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-08 08:22 - 2013-11-14 09:11 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-08 08:22 - 2013-11-14 09:11 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-08 08:21 - 2013-08-22 16:46 - 00306655 _____ () C:\WINDOWS\setupact.log
2014-07-07 13:41 - 2014-07-07 13:41 - 00052050 _____ () C:\Users\###\Downloads\FRST2korr.txt
2014-07-07 13:13 - 2014-07-07 10:13 - 00000000 ____D () C:\AdwCleaner
2014-07-07 12:25 - 2013-09-21 14:40 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3410272128-3850883635-1020607561-1001
2014-07-07 12:08 - 2014-07-07 12:08 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-07 12:07 - 2014-07-07 12:07 - 01016261 _____ (Thisisu) C:\Users\###\Downloads\JRT.exe
2014-07-07 11:07 - 2013-09-24 18:17 - 00001114 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-07 11:07 - 2013-09-21 14:35 - 00000000 ____D () C:\Users\###\Documents\Youcam
2014-07-07 11:05 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-07 10:16 - 2013-11-14 00:18 - 00012014 _____ () C:\WINDOWS\PFRO.log
2014-07-07 10:11 - 2014-07-07 10:11 - 01346519 _____ () C:\Users\###\Downloads\adwcleaner_3.214.exe
2014-07-07 10:05 - 2014-07-07 07:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-07 09:41 - 2014-07-07 07:59 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-07 09:35 - 2014-05-16 21:58 - 00000000 ____D () C:\WINDOWS\fr
2014-07-07 09:34 - 2014-04-01 19:14 - 00000000 ____D () C:\temp
2014-07-07 07:58 - 2014-07-07 07:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-07 07:58 - 2014-07-07 07:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-07 07:57 - 2014-07-07 07:56 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\###\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-05 21:38 - 2014-07-05 21:38 - 00043048 _____ () C:\Users\###\Downloads\Addition-korr.txt
2014-07-05 21:33 - 2014-07-05 21:33 - 00049154 _____ () C:\Users\###\Downloads\FRSTkorr.txt
2014-07-05 21:14 - 2014-02-17 10:50 - 00000000 ____D () C:\Users\###
2014-07-05 21:07 - 2014-07-05 21:07 - 517430305 _____ () C:\WINDOWS\MEMORY.DMP
2014-07-05 21:07 - 2014-07-05 21:07 - 00288536 _____ () C:\WINDOWS\Minidump\070514-21531-01.dmp
2014-07-05 21:07 - 2014-06-02 16:32 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-05 21:03 - 2014-07-05 21:03 - 00380416 _____ () C:\Users\###\Downloads\4knde644.exe
2014-07-05 21:02 - 2014-07-05 21:01 - 00043065 _____ () C:\Users\###\Downloads\Addition.txt
2014-07-05 20:54 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-05 20:53 - 2014-07-05 20:53 - 00000578 _____ () C:\Users\###\Downloads\defogger_disable.log
2014-07-05 20:53 - 2014-07-05 20:53 - 00000020 _____ () C:\Users\###\defogger_reenable
2014-07-05 20:52 - 2014-07-05 20:52 - 00050477 _____ () C:\Users\###\Downloads\Defogger.exe
2014-07-05 20:45 - 2014-07-05 20:45 - 02084352 _____ (Farbar) C:\Users\###\Downloads\FRST64.exe
2014-07-05 20:16 - 2014-07-04 22:08 - 00000664 _____ () C:\WINDOWS\SysWOW64\Drivers\kgpfr2.cfg
2014-07-04 22:22 - 2014-07-04 22:07 - 00002496 _____ () C:\WINDOWS\system32\Drivers\kgpcpy.cfg
2014-07-04 22:22 - 2014-06-26 22:15 - 00000000 ____D () C:\Program Files (x86)\19A6D51C-2D35-44DB-B412-0B01BF8D2D62
2014-07-04 22:03 - 2014-07-04 22:03 - 00707664 _____ (iS3, Inc.) C:\Users\###\Downloads\SZSetup_AID10121_AV.exe
2014-07-04 12:58 - 2013-11-03 09:28 - 00125952 ___SH () C:\Users\###\Desktop\Thumbs.db
2014-07-03 11:34 - 2014-07-03 11:34 - 00001411 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-07-03 11:34 - 2014-07-03 11:34 - 00001399 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-07-03 11:34 - 2014-07-03 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-07-03 11:34 - 2014-01-03 10:31 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-03 11:34 - 2014-01-03 10:31 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-07-03 11:10 - 2014-01-03 10:34 - 00000135 _____ () C:\WINDOWS\wininit.ini
2014-07-03 10:52 - 2013-11-03 11:00 - 00000000 ____D () C:\Users\###\AppData\Roaming\vlc
2014-07-03 10:03 - 2014-07-03 10:02 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\###\Downloads\spybot-2.4.exe
2014-07-03 09:43 - 2014-07-03 09:43 - 00961360 _____ (Chip Digital GmbH) C:\Users\###\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-07-02 19:35 - 2014-02-25 19:13 - 00000000 ____D () C:\Users\###\Documents\####n
2014-07-01 08:46 - 2013-10-23 13:56 - 00000000 ____D () C:\Users\###\Documents\####
2014-06-30 16:29 - 2013-11-06 15:32 - 00000000 ____D () C:\Users\###\Documents\___Tests
2014-06-30 16:18 - 2014-06-30 16:18 - 00002302 _____ () C:\Users\###\Desktop\W####- Verknüpfung.lnk
2014-06-30 07:29 - 2013-12-25 13:32 - 00000000 ____D () C:\Users\###\AppData\Roaming\FileAdvisor
2014-06-26 09:32 - 2014-06-26 09:32 - 00517413 _____ () C:\Users\###\Downloads\quickfolders_tabbed_folders-3.14.1-sm+tb.xpi
2014-06-26 09:32 - 2014-06-26 09:32 - 00097251 _____ () C:\Users\###\Downloads\expression_search_gmailui-0.8.8-tb.xpi
2014-06-26 09:31 - 2014-06-26 09:31 - 00376218 _____ () C:\Users\###\Downloads\archive_this-1.4.8.0-tb.xpi
2014-06-26 09:31 - 2014-06-26 09:31 - 00204851 _____ () C:\Users\###\Downloads\quickfilters-2.5-sm+tb.xpi
2014-06-26 09:28 - 2014-06-26 09:28 - 00046321 _____ () C:\Users\###\Downloads\totalquickfilter-3.0-tb.xpi
2014-06-26 09:27 - 2014-06-26 09:27 - 00002054 _____ () C:\Users\###\Downloads\filter_of_filters-1.1-tb.xpi
2014-06-25 19:47 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-25 13:51 - 2014-01-27 21:27 - 00000000 ____D () C:\D-EVERYTHINGSEARCH
2014-06-25 13:51 - 2014-01-27 21:25 - 00000000 ____D () C:\Program Files (x86)\Everything
2014-06-23 16:15 - 2014-06-23 16:15 - 00000000 _____ () C:\Users\###\Downloads\IRON_BUTTERFLY_-_IN_A_GADDA_DA_VIDA_-_1968_ORIGINAL_FULL_VERSION_CD_SOUND_3D_VIDEO.flv
2014-06-23 12:54 - 2014-06-23 12:54 - 00003832 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1396198660
2014-06-23 12:54 - 2014-03-30 18:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-06-23 12:04 - 2014-06-23 12:04 - 00000000 ____D () C:\Users\###\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2014-06-23 12:04 - 2014-06-23 12:04 - 00000000 ____D () C:\Program Files (x86)\LinuxLive USB Creator
2014-06-23 12:00 - 2014-06-23 11:40 - 1010827264 _____ () C:\Users\Public\Documents\ubuntu-14.04-desktop-amd64.iso
2014-06-23 11:52 - 2014-06-23 11:52 - 05001199 _____ (LinuxLive USB Creator) C:\Users\Public\Documents\LinuxLive USB Creator 2.8.29.exe
2014-06-23 11:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-06-23 10:50 - 2014-06-23 10:50 - 05001199 _____ (LinuxLive USB Creator) C:\Users\###\Downloads\LinuxLive USB Creator 2.8.29.exe
2014-06-23 08:43 - 2014-06-23 08:37 - 34251899 _____ () C:\Users\###\Downloads\Led_Zeppelin_-_Whole_Lotta_Love_HD.flv
2014-06-22 20:43 - 2014-06-22 20:43 - 00000000 _____ () C:\Users\###\Downloads\Red_Hot_Chili_Peppers_-_Stadion_Slaski_Chorz_w_Poland_Full_Concert_2007.07.03.flv
2014-06-21 14:24 - 2014-06-21 14:24 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-06-21 14:23 - 2014-06-21 13:50 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-21 13:54 - 2014-06-21 13:32 - 00000000 ____D () C:\Users\###\Documents\samsung
2014-06-21 13:33 - 2014-06-21 13:33 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-06-21 13:33 - 2014-06-21 13:32 - 00000000 ____D () C:\Users\###\AppData\Roaming\Samsung
2014-06-21 13:32 - 2014-06-21 13:32 - 00001993 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\Users\###\Documents\SelfMV
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-06-21 13:32 - 2012-11-05 19:52 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-21 13:31 - 2014-06-21 13:30 - 41820464 _____ (Samsung Electronics Co., Ltd.) C:\Users\###\Downloads\Kies3Setup.exe
2014-06-21 13:28 - 2014-06-21 13:28 - 00000000 ____D () C:\Users\###\Downloads\CF-Auto-Root-jflte-jfltexx-gti9505
2014-06-21 13:27 - 2014-06-21 13:26 - 20536004 _____ () C:\Users\###\Downloads\CF-Auto-Root-jflte-jfltexx-gti9505.zip
2014-06-21 13:26 - 2014-06-21 13:26 - 00467537 _____ () C:\Users\###\Downloads\Odin304.zip
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Copenhagen_Denmark_1972_Full_Concert-1.flv
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Copenhagen_Denmark_1972_Full_Concert.flv
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\AC_DC_-_Greatest_Hits_2011_Full_Completo.flv
2014-06-21 07:58 - 2014-06-21 07:57 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Live_Rockpalast_-_1985_-_Palais_Omnisport_Paris_-_Full.flv
2014-06-21 00:20 - 2014-03-22 01:03 - 00000000 ____D () C:\Users\###\AppData\Local\Windows Live
2014-06-21 00:07 - 2014-06-20 23:41 - 77834736 _____ () C:\Users\###\Downloads\Deep_Purple-Made_In_Japan_1972.flv
2014-06-18 17:56 - 2013-09-24 18:18 - 00004090 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-18 17:56 - 2013-09-24 18:17 - 00003854 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-17 18:29 - 2013-09-22 22:02 - 00006234 _____ () C:\WirelessDiagLog.csv
2014-06-16 10:43 - 2014-06-16 10:39 - 00000000 ____D () C:\Users\###\Documents\_G####t-
2014-06-13 22:41 - 2014-06-11 09:08 - 00000000 ____D () C:\Users\###\Documents\_####r
2014-06-12 08:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-12 07:37 - 2013-10-14 10:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-12 07:30 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-12 07:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-11 21:45 - 2013-09-22 14:37 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-11 21:43 - 2012-11-05 19:14 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 13:02 - 2014-06-11 13:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 12:25 - 2014-05-02 10:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-08 21:44 - 2013-12-24 08:55 - 00000000 ____D () C:\Users\###\Documents\#####
Files to move or delete:
====================
C:\Users\###\AppData\Roaming\CamLayout.ini
C:\Users\###\AppData\Roaming\CamShapes.ini
C:\Users\###\AppData\Roaming\CamStudio.Producer.Data.ini


Some content of TEMP:
====================
C:\Users\###\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\###\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-07 12:25

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---




Soweit das erst einmal. Ich habe jetzt natürlich noch nicht norml am Laptop gearbeitet, weil ich die Test laufen ließ, aber zumindest im Firefox traten diese Supra-Sachen nicht mehr auf. Vielleicht schon mal ein gutes Zeichen. Ich werde aber erst nach dem heutigen Deutschland-Sieg zum Testen kommen :-))))))

Gruß aus dem Regenwald
Kim
P.S. nach dem Veröffentlichen finde ich immer wieder Buchstabendreher, bitte entschuldige, das kommt vom 2-Finger-Gaaaanz-Schnelltippen....

Hallo Schrauber,

Ich habs!!
Ich habe einfach eine ältere Version probiert und geht!

Also SecurityCheck

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.83  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 Adobe Flash Player 	13.0.0.214  
 Mozilla Firefox (30.0) 
 Mozilla Thunderbird (24.6.0) 
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled! 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
Gruß Kim

Geändert von kimberger (08.07.2014 um 16:17 Uhr)

Alt 09.07.2014, 14:12   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Supra Savings im Firefox - Standard

Supra Savings im Firefox



Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen




Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.



Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.07.2014, 09:39   #9
kimberger
 
Supra Savings im Firefox - Standard

Supra Savings im Firefox



Hallo Schrauber, entschuldige die späte Rückmeldung, aber seit dem ersten Punkt, FF deinstallieren, brauche ich immer noch, um meine gesammelten Daten wieder zu restaurieren, denn das von mir benutzte FF-Backup funktionierte wohl nicht :-(((
Also da sitze ich jetzt jede frei Minute dran.

Zwischenmeldung: Supra Savings scheint weg zu sein, aber das Ladetempo von FF ist immer noch extrem träge, auch ohne plugins.

Ich versuche weiter, dann melde ich mich. Bekommst Du dann Nachricht?
Gruß
Kim

Alt 13.07.2014, 09:11   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Supra Savings im Firefox - Standard

Supra Savings im Firefox



ja einfach hier rein schreiben
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.07.2014, 09:34   #11
kimberger
 
Supra Savings im Firefox - Standard

Supra Savings im Firefox



Hallo Schrauber,
hmmmm, also Dir erst einmal vielen Dank für Deine Anleitungen!
So ist zumindest SupraSaving-Problem weg, aber dann tauchte daüfr irgendeine nervige WebSearch-Sache auf, die mich in Anspruch nahm.
Also irgendetwas von Deinen vielen Programmen hat mir geholfen, andere leider wichtige persönliche Einstellungen in diversen Programmen zerstört.
Ich habe aber den Überblick verloren, wann das war. Jedenfalls sitze ich hier nun mit anderen komischen Problemen, wie z.B. dass TB keinen Link mehr öffnet (Ja, habe alle Foren durch - nix) oder viele Programme sehr sehr lange zum Start brauchen, Google-Maps sich kaum aufbauen, wichtige Libre-Office-Eingaben fehlen usw usw. http://www.trojaner-board.de/images/.../glaskugel.gif
Ich weiß, dass das ein ganz anderer Thread wäre: ich weiß aber kein Stichwort, nachdem ich suchen kann. Könntest Du mir da einen Tipp geben?

Dann wäre aber SupraSaving hiermit dankenswerterweise erledigt!
Also dafür nochmls vielen Dank!
Kim

Alt 21.07.2014, 14:40   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Supra Savings im Firefox - Standard

Supra Savings im Firefox



Zitat:
andere leider wichtige persönliche Einstellungen in diversen Programmen zerstört
Halte ich für ein gerücht.
Zitat:
wichtige Libre-Office-Eingaben fehlen
Was denn zb?

Poste mal ein frisches FRST log. In welchem Browser hast Du all diese Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Supra Savings im Firefox
adobe flash player, android/addisplay.airpush.j, android/addisplay.airpush.k, android/addisplay.revmob.a, android/addisplay.youmi.b, android/leadbolt.b, android/leadbolt.e, android/plankton.i, launch, msil/downloadguide.a, newtab, pup.optional.adpeak.a, pup.optional.appsinstaller, pup.optional.conduit.a, pup.optional.koyote.a, pup.optional.opencandy, pup.optional.suprasavings.a, riskware.tool.ck, safer networking, samsung kies, spyware.zbot.vxgen, svchost.exe, tracker, win32/downloadsponsor.a, win32/downware.l, win32/hao123.a, win32/somoto.e, win32/toolbar.conduit, win32/toolbar.searchsuite.p, winlogon.exe



Ähnliche Themen: Supra Savings im Firefox


  1. RR SAVINGS Trojaner
    Plagegeister aller Art und deren Bekämpfung - 28.05.2014 (1)
  2. Jazzed Savings entfernen
    Anleitungen, FAQs & Links - 14.05.2014 (2)
  3. Savings Hen entfernen
    Anleitungen, FAQs & Links - 12.05.2014 (2)
  4. RR savings und Tab's die sich bei Mozilla (Firefox 29.0) öffnen.
    Log-Analyse und Auswertung - 06.05.2014 (8)
  5. Ads By RR Savings
    Log-Analyse und Auswertung - 04.05.2014 (1)
  6. Lightning Savings entfernen
    Anleitungen, FAQs & Links - 11.11.2013 (2)
  7. JustInTime Savings entfernen
    Anleitungen, FAQs & Links - 11.11.2013 (2)
  8. Sharp Savings entfernen
    Anleitungen, FAQs & Links - 11.11.2013 (2)
  9. Find Me Savings entfernen
    Anleitungen, FAQs & Links - 11.11.2013 (2)
  10. SlamDunk Savings entfernen
    Anleitungen, FAQs & Links - 11.11.2013 (2)
  11. Instant Savings in Firefox - Flashplayer Plugin
    Log-Analyse und Auswertung - 19.08.2013 (32)
  12. Instant Savings auf den Internetseiten
    Plagegeister aller Art und deren Bekämpfung - 21.07.2013 (13)
  13. Click Compare, Instant Savings etc. Probleme bei Firefox
    Plagegeister aller Art und deren Bekämpfung - 19.06.2013 (5)
  14. savings sidekicks
    Plagegeister aller Art und deren Bekämpfung - 14.05.2013 (2)
  15. Savings Sidekick
    Plagegeister aller Art und deren Bekämpfung - 28.01.2013 (1)
  16. hilfe savings sidekick
    Log-Analyse und Auswertung - 23.12.2012 (19)
  17. Savings Sidekick entfernen
    Plagegeister aller Art und deren Bekämpfung - 10.12.2012 (1)

Zum Thema Supra Savings im Firefox - und sehr lahme Ladezeiten von z.B. Wetter-Seiten. Aber auch insgesamt sind auf dem Laptop alle Programmstarts sehr langsam. Wie in anderne Foren angegeben habe ich das Programm Supra Savings zwar - Supra Savings im Firefox...
Archiv
Du betrachtest: Supra Savings im Firefox auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.