Win 7 Es gehen bei Browser ständig Werbefenster selbständig auf

carlos69 · 20.06.2014, 12:58

Hallo,

auf meinem Laptop mit Win7 gehen seit Tagen Seiten von selbst auf. Ich habe es schon mit verschiedenen "Aktionen" versucht, aber alle ohne Erfolg:

1.)Virenscanner Kaspersky mehrfach laufen lassen und aktualisiert.
2)
Ich habe hier nun 2 Daten, vielleicht kann mir hier jemand helfen...
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-06-2014
Ran by fivonne (administrator) on IVONNE-PC on 20-06-2014 12:59:08
Running from C:\Users\fivonne\Downloads
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
() C:\Windows\SysWOW64\PSIService.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Acer Group) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Users\fivonne\AppData\Local\ysdxbcha.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dropbox, Inc.) C:\Users\fivonne\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
() C:\Program Files (x86)\MouseDriver\OfficeMouse.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11725928 2010-12-23] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [860040 2010-12-10] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-14] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [iWareV3] => C:\Program Files (x86)\MouseDriver\OfficeMouse.exe [507904 2009-03-27] ()
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2744363527-3643634278-3182256267-1000\...\Run: [Search Protection] => C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1000\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [154144 2010-07-29] ()
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\Run: [Facebook Update] => "C:\Users\fivonne\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\Run: [EPSON PX720WD Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGYE.EXE [224768 2010-01-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\Run: [ysdxbcha] => c:\users\fivonne\appdata\local\ysdxbcha.exe [2854912 2014-06-09] ()
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566984 2014-04-25] (Safer-Networking Ltd.)
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {1aece30b-07b6-11e1-8e1f-b870f47dc548} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {1b4e31f0-ce8b-11e0-b8a8-b870f47dc548} - E:\iStudio.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {28ebbe75-c03a-11e1-827e-b870f47dc548} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {5844ab32-ab0b-11e0-b286-c0f8da46fad8} - E:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {96c06cff-a017-11e0-a750-c0f8da46fad8} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {96c06d30-a017-11e0-a750-001e101f8ed0} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {9869b7a2-1879-11e1-b9eb-b870f47dc548} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {cd5ab2f0-bc7e-11e1-a155-b870f47dc548} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {cd5ab313-bc7e-11e1-a155-b870f47dc548} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {e8336138-d4f9-11e1-8175-b870f47dc548} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {f68f907d-c03c-11e1-8014-b870f47dc548} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {fe11b9ec-92c2-11e0-a8c7-c0f8da46fad8} - E:\AutoRun.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs:  C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: ,C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\Users\fivonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\fivonne\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1401557336&from=tugs&uid=WDCXWD5000BPVT-22HXZT1_WD-WX61A313097230972&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1401557336&from=tugs&uid=WDCXWD5000BPVT-22HXZT1_WD-WX61A313097230972&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1401557336&from=tugs&uid=WDCXWD5000BPVT-22HXZT1_WD-WX61A313097230972&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: [verify-U]_Add-on - {F4552A56-119C-478E-AB3F-2C850F78B72E} - C:\Program Files\[verify-U]_AVS_IE_Add-on\[verify-U]_AVS.dll (Cybits AG)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: [verify-U]_Add-on - {F4552A56-119C-478E-AB3F-2C850F78B72E} - C:\Program Files (x86)\[verify-U]_AVS_IE_Add-on\[verify-U]_AVS.dll (Cybits AG)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\fivonne\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\fivonne\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 - C:\Users\fivonne\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-06]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKLM-x32\...\Firefox\Extensions: [speedanalysis03@SpeedAnalysis.com] - C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com
FF Extension: Speed Analysis 3 - C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com [2013-09-20]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2014-06-09]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-06-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2014-06-09]
FF HKCU\...\Firefox\Extensions: [speedanalysis03@SpeedAnalysis.com] - C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com
FF Extension: Speed Analysis 3 - C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com [2013-09-20]

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-17]
CHR Extension: (Google Drive) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-17]
CHR Extension: (YouTube) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-17]
CHR Extension: (Google-Suche) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-17]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-06-17]
CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-06-17]
CHR Extension: (Virtual Keyboard) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-06-17]
CHR Extension: (Google Wallet) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-17]
CHR Extension: (Google Mail) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-17]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-06-17]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

S4 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [868224 2010-12-10] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [244904 2010-10-28] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SpyroService; C:\Program Files (x86)\FS\Spyro Portal\FlashPortal.exe [48128 2012-01-31] (FS) [File not signed]
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)

==================== Drivers (Whitelisted) ====================

R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-06-09] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-06-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-06-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-06-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-06-09] (Kaspersky Lab ZAO)
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
S3 ZTEusbMB; C:\Windows\System32\DRIVERS\ZTEusbnmeaext2.sys [119680 2011-07-11] (ZTE Incorporated) [File not signed]
S3 ZTEusbmdm6k; C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys [119680 2011-07-11] (ZTE Incorporated) [File not signed]
S3 ZTEusbnet; C:\Windows\System32\DRIVERS\ZTEusbnet.sys [135168 2011-07-11] (ZTE Corporation) [File not signed]
S3 ZTEusbnmea; C:\Windows\System32\DRIVERS\ZTEusbnmea.sys [119680 2011-07-11] (ZTE Incorporated) [File not signed]
S3 ZTEusbnmeaext; C:\Windows\System32\DRIVERS\ZTEusbnmeaext.sys [119680 2011-07-11] (ZTE Incorporated) [File not signed]
S3 ZTEusbser6k; C:\Windows\System32\DRIVERS\ZTEusbser6k.sys [119680 2011-07-11] (ZTE Incorporated) [File not signed]
S3 ZTEWMSD_637; C:\Windows\System32\Drivers\ZTEWMSD_637.sys [19968 2011-07-11] (ZTE Corporation) [File not signed]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S1 [verify-U]_System; system32\drivers\[verify-U]-driver.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-20 12:59 - 2014-06-20 13:00 - 00028446 _____ () C:\Users\fivonne\Downloads\FRST.txt
2014-06-20 12:58 - 2014-06-20 12:59 - 00000000 ____D () C:\FRST
2014-06-20 12:57 - 2014-06-20 12:57 - 02082304 _____ (Farbar) C:\Users\fivonne\Downloads\FRST64.exe
2014-06-20 12:35 - 2014-06-20 12:39 - 00000330 _____ () C:\Windows\Tasks\GlaryInitialize.job
2014-06-20 12:35 - 2014-06-20 12:35 - 00002612 _____ () C:\Windows\System32\Tasks\GlaryInitialize
2014-06-20 12:35 - 2014-06-20 12:35 - 00001042 _____ () C:\Users\fivonne\Desktop\Glary Utilities.lnk
2014-06-20 12:35 - 2014-06-20 12:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
2014-06-20 12:35 - 2014-06-20 12:35 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities
2014-06-20 12:33 - 2014-06-20 12:34 - 06685392 _____ (Glarysoft Ltd ) C:\Users\fivonne\Downloads\gusetup_slim_2.56.exe
2014-06-20 12:15 - 2014-06-20 12:15 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-20 12:15 - 2014-06-20 12:15 - 00000000 ____D () C:\Windows\system32\Macromed
2014-06-18 14:52 - 2014-06-18 15:03 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\.technic
2014-06-18 14:51 - 2014-06-18 14:52 - 02346942 _____ () C:\Users\fivonne\Downloads\TechnicLauncher.exe
2014-06-17 16:07 - 2014-06-17 16:07 - 00002223 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-17 16:07 - 2014-06-17 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-15 15:05 - 2014-06-15 18:04 - 07098161 _____ () C:\Users\fivonne\Documents\Religions Projekt.odp
2014-06-11 18:59 - 2014-06-11 18:59 - 570540083 _____ () C:\Windows\MEMORY.DMP
2014-06-11 18:59 - 2014-06-11 18:59 - 00274544 _____ () C:\Windows\Minidump\061114-22417-01.dmp
2014-06-11 17:55 - 2014-06-11 17:55 - 00000000 _____ () C:\Users\fivonne\Desktop\server.log.lck
2014-06-10 13:52 - 2014-06-10 13:52 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\java
2014-06-09 19:09 - 2014-06-13 23:08 - 00000000 ____D () C:\Users\fivonne\Desktop\tadeos welt
2014-06-09 14:25 - 2014-06-09 15:16 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-09 14:25 - 2014-06-09 14:26 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-09 14:25 - 2014-06-09 14:25 - 00001367 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-09 14:25 - 2014-06-09 14:25 - 00001355 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-09 14:25 - 2014-06-09 14:25 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-06-09 14:25 - 2014-06-09 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-09 14:25 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-06-09 14:13 - 2014-06-09 14:13 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-09 14:13 - 2014-06-09 14:13 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-09 14:13 - 2014-06-09 14:13 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-09 14:13 - 2014-06-09 14:13 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-06-09 14:13 - 2014-06-09 14:13 - 00000000 ____D () C:\Program Files\Java
2014-06-09 12:29 - 2014-06-09 12:29 - 00001061 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-06-09 12:29 - 2014-06-09 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-06-09 12:29 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-06-09 12:28 - 2014-06-09 12:38 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-06-09 12:28 - 2014-06-09 12:38 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-06-09 12:28 - 2014-06-09 12:28 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-06-09 12:28 - 2014-06-09 12:28 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-06-09 12:09 - 2014-06-09 12:09 - 00000227 _____ () C:\ProgramData\DelBackupManager.REG
2014-06-09 11:23 - 2014-06-09 11:23 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-06-09 11:23 - 2014-06-09 11:23 - 00000000 ____D () C:\Windows\system32\NV
2014-06-09 11:03 - 2014-06-09 11:04 - 00001365 _____ () C:\Windows\IE9_main.log
2014-06-09 10:59 - 2014-06-09 10:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01009.Wdf
2014-06-09 08:58 - 2014-06-20 13:00 - 01042171 _____ () C:\Users\fivonne\AppData\Local\ysdxbcha.gss
2014-06-09 08:58 - 2014-06-20 12:57 - 00075776 _____ () C:\Users\fivonne\AppData\Local\ysdxbcha.gdb
2014-06-09 08:58 - 2014-06-09 08:58 - 02854912 _____ () C:\Users\fivonne\AppData\Local\ysdxbcha.exe
2014-06-06 16:14 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-06 16:14 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-06 16:14 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-06 16:14 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-06 16:13 - 2014-06-06 16:14 - 00004638 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-06 15:06 - 2014-06-06 15:19 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\GlarySoft
2014-06-06 15:06 - 2014-06-06 15:06 - 00001082 _____ () C:\Users\fivonne\Desktop\Absolute Uninstaller.lnk
2014-06-06 13:55 - 2014-06-06 13:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-06 13:52 - 2014-06-06 13:52 - 00005296 _____ () C:\sc-cleaner.txt
2014-06-06 13:21 - 2014-06-06 13:21 - 00045795 _____ () C:\Users\fivonne\Desktop\JRT.txt
2014-06-06 13:13 - 2014-06-06 13:13 - 00000000 ____D () C:\Windows\ERUNT
2014-06-06 13:06 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-06 12:54 - 2014-06-20 12:37 - 00000000 ____D () C:\Users\fivonne\Desktop\sicherheit
2014-06-06 11:04 - 2014-06-09 12:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-04 20:55 - 2014-06-20 12:39 - 00075286 _____ () C:\Windows\PFRO.log
2014-06-04 20:55 - 2014-06-20 12:39 - 00001810 _____ () C:\Windows\setupact.log
2014-06-04 20:55 - 2014-06-04 20:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-04 20:18 - 2014-06-04 20:18 - 00003182 _____ () C:\Windows\System32\Tasks\{54B705C5-8594-45D6-9604-7D177BB6803F}
2014-06-04 16:44 - 2014-06-04 16:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-03 14:02 - 2014-06-03 14:02 - 00000000 ____D () C:\Users\fivonne\AppData\Local\Fuze Zip
2014-05-31 19:41 - 2014-05-31 19:40 - 00830792 _____ (Click Me In Limited) C:\Users\fivonne\AppData\Local\nstA8C4.tmp
2014-05-31 19:31 - 2014-06-12 21:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-31 19:30 - 2014-05-31 19:30 - 00000000 ____D () C:\Users\fivonne\AppData\Local\JFileManager
2014-05-31 19:30 - 2014-05-31 19:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JFileManager
2014-05-31 19:30 - 2014-05-31 19:30 - 00000000 ____D () C:\Program Files (x86)\JFileManager
2014-05-31 19:29 - 2014-06-09 08:58 - 00000000 ____D () C:\Users\fivonne\AppData\Local\Genesis_05311729
2014-05-31 19:28 - 2014-06-20 12:39 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-05-28 19:10 - 2014-05-28 19:11 - 00000000 ____D () C:\Users\fivonne\Desktop\Tech_World

==================== One Month Modified Files and Folders =======

2014-06-20 13:00 - 2014-06-20 12:59 - 00028446 _____ () C:\Users\fivonne\Downloads\FRST.txt
2014-06-20 13:00 - 2014-06-09 08:58 - 01042171 _____ () C:\Users\fivonne\AppData\Local\ysdxbcha.gss
2014-06-20 12:59 - 2014-06-20 12:58 - 00000000 ____D () C:\FRST
2014-06-20 12:57 - 2014-06-20 12:57 - 02082304 _____ (Farbar) C:\Users\fivonne\Downloads\FRST64.exe
2014-06-20 12:57 - 2014-06-09 08:58 - 00075776 _____ () C:\Users\fivonne\AppData\Local\ysdxbcha.gdb
2014-06-20 12:55 - 2011-05-23 16:56 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-06-20 12:46 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-20 12:46 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-20 12:43 - 2011-04-29 20:38 - 01066264 _____ () C:\Windows\WindowsUpdate.log
2014-06-20 12:41 - 2013-01-05 14:11 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-20 12:41 - 2013-01-05 14:11 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-20 12:40 - 2014-05-15 18:51 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\DropboxMaster
2014-06-20 12:40 - 2013-11-07 19:00 - 00000000 ___RD () C:\Users\fivonne\Dropbox
2014-06-20 12:40 - 2013-11-07 18:52 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\Dropbox
2014-06-20 12:39 - 2014-06-20 12:35 - 00000330 _____ () C:\Windows\Tasks\GlaryInitialize.job
2014-06-20 12:39 - 2014-06-04 20:55 - 00075286 _____ () C:\Windows\PFRO.log
2014-06-20 12:39 - 2014-06-04 20:55 - 00001810 _____ () C:\Windows\setupact.log
2014-06-20 12:39 - 2014-05-31 19:28 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-20 12:39 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-20 12:37 - 2014-06-06 12:54 - 00000000 ____D () C:\Users\fivonne\Desktop\sicherheit
2014-06-20 12:37 - 2014-02-05 22:50 - 00000000 ____D () C:\Users\fivonne\Desktop\programme
2014-06-20 12:37 - 2013-10-11 13:03 - 00000000 ___RD () C:\Users\fivonne\Desktop\Minecraft
2014-06-20 12:37 - 2012-03-16 20:28 - 00000000 ___RD () C:\Users\fivonne\Desktop\Tadeos Ordner
2014-06-20 12:36 - 2013-01-05 14:11 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 12:36 - 2013-01-05 14:11 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 12:35 - 2014-06-20 12:35 - 00002612 _____ () C:\Windows\System32\Tasks\GlaryInitialize
2014-06-20 12:35 - 2014-06-20 12:35 - 00001042 _____ () C:\Users\fivonne\Desktop\Glary Utilities.lnk
2014-06-20 12:35 - 2014-06-20 12:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
2014-06-20 12:35 - 2014-06-20 12:35 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities
2014-06-20 12:34 - 2014-06-20 12:33 - 06685392 _____ (Glarysoft Ltd ) C:\Users\fivonne\Downloads\gusetup_slim_2.56.exe
2014-06-20 12:15 - 2014-06-20 12:15 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-20 12:15 - 2014-06-20 12:15 - 00000000 ____D () C:\Windows\system32\Macromed
2014-06-20 12:15 - 2011-06-18 21:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-20 12:14 - 2011-07-14 23:01 - 00001124 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2744363527-3643634278-3182256267-1002Core.job
2014-06-18 17:30 - 2011-07-14 23:01 - 00001146 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2744363527-3643634278-3182256267-1002UA.job
2014-06-18 15:45 - 2013-09-17 16:57 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\.minecraft
2014-06-18 15:03 - 2014-06-18 14:52 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\.technic
2014-06-18 14:52 - 2014-06-18 14:51 - 02346942 _____ () C:\Users\fivonne\Downloads\TechnicLauncher.exe
2014-06-18 14:45 - 2011-05-21 07:24 - 00000000 ____D () C:\Users\fivonne\AppData\Local\Google
2014-06-17 16:07 - 2014-06-17 16:07 - 00002223 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-17 16:07 - 2014-06-17 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-17 16:07 - 2012-06-03 22:21 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-17 15:48 - 2012-10-31 21:30 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\Mozilla
2014-06-17 15:28 - 2011-05-20 22:30 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\Skype
2014-06-15 20:00 - 2011-06-07 15:49 - 00000000 ____D () C:\Users\fivonne\AppData\Local\CrashDumps
2014-06-15 18:04 - 2014-06-15 15:05 - 07098161 _____ () C:\Users\fivonne\Documents\Religions Projekt.odp
2014-06-13 23:08 - 2014-06-09 19:09 - 00000000 ____D () C:\Users\fivonne\Desktop\tadeos welt
2014-06-12 21:08 - 2014-05-31 19:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 21:05 - 2011-05-29 21:11 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 13:17 - 2011-07-21 22:02 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\NVIDIA
2014-06-11 18:59 - 2014-06-11 18:59 - 570540083 _____ () C:\Windows\MEMORY.DMP
2014-06-11 18:59 - 2014-06-11 18:59 - 00274544 _____ () C:\Windows\Minidump\061114-22417-01.dmp
2014-06-11 18:59 - 2011-08-02 00:19 - 00000000 ____D () C:\Windows\Minidump
2014-06-11 18:58 - 2014-04-14 14:07 - 00059566 _____ () C:\Users\fivonne\Desktop\server.log
2014-06-11 17:55 - 2014-06-11 17:55 - 00000000 _____ () C:\Users\fivonne\Desktop\server.log.lck
2014-06-11 17:53 - 2014-04-11 18:55 - 00000000 ____D () C:\Users\fivonne\Desktop\authlib
2014-06-10 13:52 - 2014-06-10 13:52 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\java
2014-06-09 15:17 - 2011-09-08 22:50 - 00002502 _____ () C:\Windows\wininit.ini
2014-06-09 15:16 - 2014-06-09 14:25 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-09 14:26 - 2014-06-09 14:25 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-09 14:25 - 2014-06-09 14:25 - 00001367 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-09 14:25 - 2014-06-09 14:25 - 00001355 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-09 14:25 - 2014-06-09 14:25 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-06-09 14:25 - 2014-06-09 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-09 14:13 - 2014-06-09 14:13 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-09 14:13 - 2014-06-09 14:13 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-09 14:13 - 2014-06-09 14:13 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-09 14:13 - 2014-06-09 14:13 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-06-09 14:13 - 2014-06-09 14:13 - 00000000 ____D () C:\Program Files\Java
2014-06-09 14:13 - 2014-02-01 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-09 12:38 - 2014-06-09 12:28 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-06-09 12:38 - 2014-06-09 12:28 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-06-09 12:38 - 2013-10-17 15:47 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-06-09 12:38 - 2013-10-17 15:47 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2014-06-09 12:38 - 2013-06-06 17:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2014-06-09 12:29 - 2014-06-09 12:29 - 00001061 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-06-09 12:29 - 2014-06-09 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-06-09 12:28 - 2014-06-09 12:28 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-06-09 12:28 - 2014-06-09 12:28 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-06-09 12:18 - 2014-06-06 11:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-09 12:17 - 2011-02-25 08:11 - 00000000 ____D () C:\ProgramData\WildTangent
2014-06-09 12:17 - 2011-02-25 08:11 - 00000000 ____D () C:\Program Files (x86)\Packard Bell Games
2014-06-09 12:17 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-09 12:09 - 2014-06-09 12:09 - 00000227 _____ () C:\ProgramData\DelBackupManager.REG
2014-06-09 12:09 - 2011-02-25 08:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support
2014-06-09 12:08 - 2011-02-25 08:18 - 00000000 ____D () C:\ProgramData\BackupManager
2014-06-09 11:23 - 2014-06-09 11:23 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-06-09 11:23 - 2014-06-09 11:23 - 00000000 ____D () C:\Windows\system32\NV
2014-06-09 11:23 - 2011-04-29 20:45 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-09 11:04 - 2014-06-09 11:03 - 00001365 _____ () C:\Windows\IE9_main.log
2014-06-09 11:03 - 2011-04-29 20:45 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-09 11:03 - 2011-04-29 20:45 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-09 10:59 - 2014-06-09 10:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01009.Wdf
2014-06-09 08:58 - 2014-06-09 08:58 - 02854912 _____ () C:\Users\fivonne\AppData\Local\ysdxbcha.exe
2014-06-09 08:58 - 2014-05-31 19:29 - 00000000 ____D () C:\Users\fivonne\AppData\Local\Genesis_05311729
2014-06-09 08:54 - 2014-03-18 10:25 - 00000000 ____D () C:\Users\TEMP
2014-06-09 08:51 - 2011-04-30 06:25 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-06-09 08:51 - 2011-04-30 06:25 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-06-09 08:51 - 2009-07-14 07:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-06 16:15 - 2014-02-01 12:52 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-06 16:14 - 2014-06-06 16:13 - 00004638 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-06 16:14 - 2011-09-06 21:20 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-06 15:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\xxx
2014-06-06 15:19 - 2014-06-06 15:06 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\GlarySoft
2014-06-06 15:13 - 2011-11-28 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disney Interactive
2014-06-06 15:13 - 2011-11-28 17:27 - 00002506 _____ () C:\Windows\disney.ini
2014-06-06 15:13 - 2011-11-05 16:00 - 00000000 ____D () C:\ProgramData\DatacardService
2014-06-06 15:13 - 2011-02-25 07:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-06 15:06 - 2014-06-06 15:06 - 00001082 _____ () C:\Users\fivonne\Desktop\Absolute Uninstaller.lnk
2014-06-06 13:55 - 2014-06-06 13:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-06 13:52 - 2014-06-06 13:52 - 00005296 _____ () C:\sc-cleaner.txt
2014-06-06 13:52 - 2011-05-20 18:17 - 00001321 _____ () C:\Users\fivonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-06-06 13:52 - 2011-05-20 18:16 - 00001202 _____ () C:\Users\fivonne\Desktop\Internet Explorer (No Add-ons).lnk
2014-06-06 13:52 - 2011-05-20 18:16 - 00001146 _____ () C:\Users\fivonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-06 13:21 - 2014-06-06 13:21 - 00045795 _____ () C:\Users\fivonne\Desktop\JRT.txt
2014-06-06 13:13 - 2014-06-06 13:13 - 00000000 ____D () C:\Windows\ERUNT
2014-06-06 13:06 - 2013-11-03 20:58 - 00000000 ____D () C:\AdwCleaner
2014-06-05 05:41 - 2014-04-26 12:31 - 00000000 ____D () C:\Users\le_bus
2014-06-05 05:41 - 2011-06-09 20:06 - 00000000 ____D () C:\Users\Gast
2014-06-05 05:41 - 2011-05-20 18:15 - 00000000 ____D () C:\Users\fivonne
2014-06-05 05:40 - 2014-04-26 12:31 - 00000000 ____D () C:\Users\le_bus\AppData\Local\Google
2014-06-05 05:40 - 2014-01-29 16:15 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-06-05 05:40 - 2014-01-29 16:15 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-06-05 05:40 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-06-05 05:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-06-04 20:55 - 2014-06-04 20:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-04 20:45 - 2013-10-17 16:15 - 00262144 _____ () C:\Windows\system32\config\elam
2014-06-04 20:18 - 2014-06-04 20:18 - 00003182 _____ () C:\Windows\System32\Tasks\{54B705C5-8594-45D6-9604-7D177BB6803F}
2014-06-04 17:25 - 2011-09-21 23:38 - 00000000 ____D () C:\Users\fivonne\Documents\Vegas Movie Studio HD Platinum 11.0 Proyectos
2014-06-04 16:44 - 2014-06-04 16:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-03 14:02 - 2014-06-03 14:02 - 00000000 ____D () C:\Users\fivonne\AppData\Local\Fuze Zip
2014-05-31 19:40 - 2014-05-31 19:41 - 00830792 _____ (Click Me In Limited) C:\Users\fivonne\AppData\Local\nstA8C4.tmp
2014-05-31 19:30 - 2014-05-31 19:30 - 00000000 ____D () C:\Users\fivonne\AppData\Local\JFileManager
2014-05-31 19:30 - 2014-05-31 19:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JFileManager
2014-05-31 19:30 - 2014-05-31 19:30 - 00000000 ____D () C:\Program Files (x86)\JFileManager
2014-05-31 19:28 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-31 19:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-05-28 19:11 - 2014-05-28 19:10 - 00000000 ____D () C:\Users\fivonne\Desktop\Tech_World
2014-05-28 19:07 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-05-27 18:36 - 2013-11-07 18:53 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

Files to move or delete:
====================
C:\ProgramData\DelBackupManager.REG


Some content of TEMP:
====================
C:\Users\fivonne\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgw52ks.dll
C:\Users\Gast\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Gast\AppData\Local\Temp\ResetDevice.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 18:26

==================== End Of Log ============================

--- --- ---

cosinus · 20.06.2014, 13:00

Hi und

Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

carlos69 · 20.06.2014, 13:12

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-06-2014
Ran by fivonne at 2014-06-20 13:00:29
Running from C:\Users\fivonne\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

[verify-U]_AVS_IE_Add-on (HKLM-x32\...\[verify-U]_AVS_IE_Add-on) (Version: 1.0.0.3 - cybits AG)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Absolute Uninstaller 2.9.0.722 (HKLM-x32\...\Absolute Uninstaller_is1) (Version:  - Glarysoft.com)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.6.1.2 - Broadcom Corporation)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.2 - Broadcom Corporation)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.0.1027_32100 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.0.1027_32100 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Disneys Mushus Schneeballschlacht (HKLM-x32\...\Mushus Schneeballschlacht) (Version:  - )
Disneys Rummel im Dschungel (HKLM-x32\...\Tarzan's Jungle Tumble) (Version:  - )
Disneys Über den Dächern von Agrabah (HKLM-x32\...\Über den Dächern von Agrabah) (Version:  - )
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
DVD Architect Studio 5.0 (HKLM-x32\...\{612E74CF-30A0-11E0-A258-005056C00008}) (Version: 5.0.128 - Sony)
Electronic Arts Product Registration (HKLM-x32\...\InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts)
Electronic Arts Product Registration (x32 Version: 1.01.0000 - Electronic Arts) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}) (Version: 2.2.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
EPSON PX720WD Series Manual (HKLM-x32\...\EPSON PX720WD Series Manual) (Version:  - )
EPSON PX720WD Series Printer Uninstall (HKLM\...\EPSON PX720WD Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3a - SEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fraps (x32 Version:  - ) Hidden
FuzeZip (HKCU\...\FuzeZip) (Version: 1.0.0.134605 - Koyote-Lab Inc.) <==== ATTENTION
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Genesis (HKCU\...\ysdxbcha) (Version:  - ) <==== ATTENTION
Glary Utilities 2.56.0.1822 (HKLM-x32\...\Glary Utilities_is1) (Version: 2.56.0.1822 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Harry Potter II (HKLM-x32\...\{7BF68B83-5057-4D4B-0093-28285EEB9EE3}) (Version:  - )
HomeMedia (HKLM-x32\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 2.0.8423 - CyberLink Corporation)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Packard Bell)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Java(TM) 6 Update 27 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216027FF}) (Version: 6.0.270 - Oracle)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
JFileManager (HKLM-x32\...\JFileManager) (Version: v1.10 - TUGUU SL) <==== ATTENTION
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.4 - Packard Bell)
Manual de red de EPSON PX720WD Series (HKLM-x32\...\EPSON PX720WD Series Network Guide) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MouseDriver (HKLM-x32\...\{643E1970-324F-474C-8610-55F3F053BC01}) (Version: 1.00.0000 - )
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{565b3069-c661-4bb2-a17b-902092bd6940}) (Version:  - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.37.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.37.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.27.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.37.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NewBlue VideoFX for Sony Vegas MSPPS (HKLM-x32\...\NewBlue VideoFX for Sony Vegas MSPPS) (Version: 2.0 - NewBlue)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.1.3 - WildTangent)
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3001 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.03.3003 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0811.2010 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 2.0.2211 - CyberLink Corp.)
Packard Bell Social Networks (x32 Version: 2.0.2211 - CyberLink Corp.) Hidden
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Packard Bell)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6276 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version:  - )
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090 - SmartSound Software Inc) Hidden
Sony Vocal Eraser (HKLM-x32\...\Sony Vocal Eraser_is1) (Version: 1.00 - iZotope, Inc.)
Sound Forge Audio Studio 10.0 (HKLM-x32\...\{1FE5F98F-30A4-11E0-8480-005056C00008}) (Version: 10.0.153 - Sony)
SpongeBob Schwammkopf - Film ab! (HKLM-x32\...\{49E2BAED-F6E3-41C9-9FA8-C217F2A67FCA}) (Version: 1.0 - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
SpyroDriver (HKLM-x32\...\{63104E84-532C-4011-A4F4-AD6EDF8CC214}) (Version: 1.07.0000 - Ihr Firmenname)
SpyroPortalDriver (HKLM\...\{B2913230-094D-4F41-9EEF-CE9571C450D8}) (Version: 1.0.0 - FS)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.0 - Synaptics Incorporated)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.0.82.0 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Zip Extractor (HKCU\...\DigitalSite) (Version:  - ) <==== ATTENTION
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vegas Movie Studio HD Platinum 11.0 (HKLM-x32\...\{7F4FC9C0-7F67-11E1-9F9E-F04DA23A5C58}) (Version: 11.0.322 - Sony)
Video Web Camera (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1820 - CyberLink Corp.)
Video Web Camera (x32 Version: 1.0.1820 - CyberLink Corp.) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3007 - Packard Bell)
WildTangent Games App (Packard Bell Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-packardbell) (Version: 4.0.5.14 - WildTangent)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Yahoo! BrowserPlus 2.9.8 (HKCU\...\Yahoo! BrowserPlus) (Version:  - Yahoo! Inc.)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Zip Extractor Packages (HKCU\...\Zip Extractor Packages) (Version:  - ) <==== ATTENTION
Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points  =========================

09-06-2014 12:13:09 Installed Java 8 Update 5 (64-bit)
09-06-2014 13:29:01 Windows Update
09-06-2014 14:40:03 Windows Update
09-06-2014 18:52:31 Windows Update
10-06-2014 10:21:25 Windows Update
10-06-2014 15:13:06 Windows Update
12-06-2014 19:05:28 Windows Update
13-06-2014 19:32:21 Windows Update
13-06-2014 21:08:36 Windows Update
14-06-2014 12:42:35 Windows Update
14-06-2014 15:22:03 Windows Update
15-06-2014 18:06:19 Windows Update
17-06-2014 13:40:01 Windows Update
17-06-2014 13:48:25 Removed Google Talk Plugin
17-06-2014 13:48:55 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
18-06-2014 18:06:41 Windows Update
20-06-2014 10:19:11 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0666D844-E1A5-4392-B07F-CE210BC919CD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2744363527-3643634278-3182256267-1002Core => C:\Users\fivonne\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {0D41C947-11CD-4A68-B8BC-5FBED714E4DE} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2010-10-28] (CyberLink)
Task: {1EE01660-9D6F-4D24-92D2-1D83DFA8B80F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-05] (Google Inc.)
Task: {499B06EE-E441-4E41-BA8F-4793CD011D30} - \Plus-HD-3.8-enabler No Task File <==== ATTENTION
Task: {4BE0EF5D-1DEA-4435-8A7F-B66539764618} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {5015FBC8-2EE6-4219-9A95-10A8A281A25D} - \Plus-HD-3.8-firefoxinstaller No Task File <==== ATTENTION
Task: {5F0D4C75-D7D9-491E-B36E-650A1AA126CD} - \SaveSense No Task File <==== ATTENTION
Task: {65EC2C7A-A2FF-44BA-904D-B47BC884EAAC} - \Plus-HD-3.8-chromeinstaller No Task File <==== ATTENTION
Task: {6F2F300F-0A1E-4248-8DF4-00A7DC60977D} - \Plus-HD-3.8-updater No Task File <==== ATTENTION
Task: {7C41A548-BAEB-45EE-91C7-37B1BFBF306B} - \BonanzaDealsLiveUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {808D5CC6-32FF-4CA2-B44F-12D4C165F223} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {81232D49-3786-4E79-83D3-D50C99EF5B0E} - \DigitalSite No Task File <==== ATTENTION
Task: {89A08DE2-D265-4D95-9D90-45B88144A3E3} - \Plus-HD-3.8-codedownloader No Task File <==== ATTENTION
Task: {8B6FA4CF-B566-497C-97BE-9E86B82E16F2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {90026F5E-F49B-4EF8-B865-7CE7D2DC79DA} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {9601462D-8A18-4A5D-B362-A1B9CD4BB4D7} - \BonanzaDealsLiveUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {ADD52C40-9E19-413A-91CE-A3D594B105DB} - \SpeedUpMyPC No Task File <==== ATTENTION
Task: {AF2507B1-2168-4D7C-B3EB-439273293652} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {C6E4212A-9423-4D45-942A-EAEF94785561} - \spmonitor No Task File <==== ATTENTION
Task: {C860A256-4946-42F0-8CF3-539CF2132CAC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2744363527-3643634278-3182256267-1002UA => C:\Users\fivonne\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {DCDF9E1F-097D-4685-A88D-E49F23E8C009} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe [2013-05-27] (Glarysoft Ltd)
Task: {E4D10D07-FD1F-44B6-862E-EEEE76F0F19D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-05] (Google Inc.)
Task: {F92F33B1-0508-4D24-AAAC-66765C848BA0} - \BonanzaDealsUpdate No Task File <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2744363527-3643634278-3182256267-1002Core.job => C:\Users\fivonne\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2744363527-3643634278-3182256267-1002UA.job => C:\Users\fivonne\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GlaryInitialize.job => C:\Program Files (x86)\Glary Utilities\initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-06-09 11:02 - 2013-08-30 00:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2007-06-05 13:20 - 2007-06-05 13:20 - 00177704 ____N () C:\Windows\SysWOW64\PSIService.exe
2011-02-25 08:31 - 2010-10-28 03:55 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2011-03-31 15:27 - 2011-03-26 02:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-06-09 08:58 - 2014-06-09 08:58 - 02854912 _____ () C:\Users\fivonne\AppData\Local\ysdxbcha.exe
2011-05-25 10:26 - 2009-03-27 20:55 - 00507904 _____ () C:\Program Files (x86)\MouseDriver\OfficeMouse.exe
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kpcengine.2.3.dll
2014-06-09 14:25 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-06-09 14:25 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-06-09 14:25 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-06-09 14:25 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-06-09 14:25 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-06-20 12:40 - 2014-06-20 12:40 - 00043008 _____ () c:\users\fivonne\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgw52ks.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\fivonne\AppData\Roaming\Dropbox\bin\libcef.dll
2011-05-25 10:26 - 2009-03-27 21:09 - 00090112 _____ () C:\Program Files (x86)\MouseDriver\dllset.dll
2012-05-19 11:41 - 2012-05-19 11:41 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\391c08e31ed5afe15aa8e608fe6e3f63\IsdiInterop.ni.dll
2011-02-25 07:58 - 2010-09-14 04:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-06-17 16:07 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-17 16:07 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-17 16:07 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-17 16:07 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-17 16:07 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-06-17 16:07 - 2014-06-05 15:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\fivonne\Desktop\2013-10-30_16.59.50.png:com.dropbox.attributes

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Activision Xbox360 Spyro Portal
Description: Activision Xbox360 Spyro Portal
Class Guid: {4a9c2fa7-d63f-44c5-a247-bb3289a3739f}
Manufacturer: Activision
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/18/2014 06:29:48 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.5592"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.5592"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/18/2014 06:28:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (06/18/2014 06:28:39 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (06/18/2014 03:25:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (06/17/2014 03:52:28 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (06/17/2014 01:29:22 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).

Error: (06/15/2014 08:00:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7600.16768, Zeitstempel: 0x4d688122
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915, Zeitstempel: 0x4ec4b137
Ausnahmecode: 0xc015000f
Fehleroffset: 0x000000000006d9da
ID des fehlerhaften Prozesses: 0xcd4
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (06/15/2014 08:00:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7600.16768, Zeitstempel: 0x4d688122
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7600.16941, Zeitstempel: 0x4f0420b7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004ea86
ID des fehlerhaften Prozesses: 0xcd4
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (06/15/2014 05:31:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.5592"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.5592"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/15/2014 05:29:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.


System errors:
=============
Error: (06/20/2014 00:41:55 PM) (Source: WMPNetworkSvc) (EventID: 14324) (User: )
Description: WMPNetworkSvc0x80004002

Error: (06/20/2014 00:40:44 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/20/2014 00:39:47 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
[verify-U]_System

Error: (06/20/2014 00:16:32 PM) (Source: WMPNetworkSvc) (EventID: 14324) (User: )
Description: WMPNetworkSvc0x80004002

Error: (06/20/2014 00:15:24 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/20/2014 00:14:24 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
[verify-U]_System

Error: (06/16/2014 05:31:54 PM) (Source: WMPNetworkSvc) (EventID: 14324) (User: )
Description: WMPNetworkSvc0x80004002

Error: (06/16/2014 05:30:39 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/16/2014 05:29:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
[verify-U]_System

Error: (06/15/2014 11:17:15 AM) (Source: WMPNetworkSvc) (EventID: 14324) (User: )
Description: WMPNetworkSvc0x80004002


Microsoft Office Sessions:
=========================
Error: (06/18/2014 06:29:48 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.5592"c:\program files (x86)\Yahoo!\messenger\YahooMessenger.exe

Error: (06/18/2014 06:28:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (06/18/2014 06:28:39 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (06/18/2014 03:25:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\$Recycle.Bin\S-1-5-21-2744363527-3643634278-3182256267-1002\$RD6FO7R.exe

Error: (06/17/2014 03:52:28 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\fivonne\Downloads\esetsmartinstaller_enu.exe

Error: (06/17/2014 01:29:22 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101

Error: (06/15/2014 08:00:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7600.167684d688122ntdll.dll6.1.7600.169154ec4b137c015000f000000000006d9dacd401cf887b116ca9ebC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dllf8d7ff68-f4b6-11e3-81c9-b870f47dc548

Error: (06/15/2014 08:00:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7600.167684d688122SHELL32.dll6.1.7600.169414f0420b7c0000005000000000004ea86cd401cf887b116ca9ebC:\Windows\Explorer.EXEC:\Windows\system32\SHELL32.dllf4965db3-f4b6-11e3-81c9-b870f47dc548

Error: (06/15/2014 05:31:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.5592"c:\program files (x86)\Yahoo!\messenger\YahooMessenger.exe

Error: (06/15/2014 05:29:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe


CodeIntegrity Errors:
===================================
  Date: 2014-06-18 18:29:06.294
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-18 18:29:06.294
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-18 18:29:06.284
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-18 18:29:06.264
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-18 18:29:06.264
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-18 18:29:06.254
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-15 17:30:06.483
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-15 17:30:06.483
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-15 17:30:06.473
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-15 17:30:06.413
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 27%
Total physical RAM: 8043.86 MB
Available physical RAM: 5845.52 MB
Total Pagefile: 16085.86 MB
Available Pagefile: 13575.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:450.16 GB) (Free:366.92 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: B8AFB74E)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

cosinus · 20.06.2014, 13:38

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

carlos69 · 20.06.2014, 14:23

Zitat:

Zitat von cosinus

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Hier habe ich gescannt:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 20.06.2014
Scan Time: 14:53:42
Logfile: maleware.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.20.06
Rootkit Database: v2014.06.19.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7
CPU: x64
File System: NTFS
User: fivonne

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 393526
Time Elapsed: 25 min, 52 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 9
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\APPID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, , [bdf9d2a87efdbb7baf8eba8c857d26da],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, , [bdf9d2a87efdbb7baf8eba8c857d26da],
PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, , [bdf9d2a87efdbb7baf8eba8c857d26da],
PUP.Optional.WebSteroids.A, HKLM\SOFTWARE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, , [10a6de9c8af1ea4c6dd1e561709209f7],
PUP.Optional.WebSteroids.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, , [10a6de9c8af1ea4c6dd1e561709209f7],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, , [1f974e2cc1ba2a0cd8349fa7f70baf51],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, , [1f974e2cc1ba2a0cd8349fa7f70baf51],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, , [c5f1dd9d6f0caa8cf8b25f1bbb47c23e],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, , [d2e4f189037810267833205aba481de3],

Registry Values: 3
PUP.Optional.SpeedAnalysis.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|speedanalysis03@SpeedAnalysis.com, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com, , [6a4cadcdb9c2c076beeb881f2cd68779]
PUP.Optional.QuickStart.A, HKU\S-1-5-21-2744363527-3643634278-3182256267-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, quick_start@gmail.com, , [9026d9a12556ab8baa0b2a7ad32f46ba]
PUP.Optional.SpeedAnalysis.A, HKU\S-1-5-21-2744363527-3643634278-3182256267-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|speedanalysis03@SpeedAnalysis.com, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com, , [2e8847333645f44272386542b64c25db]

Registry Data: 0
(No malicious items detected)

Folders: 5
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\mz, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\skin, , [eec83e3c0d6ed75fc1b60b97d72b7888],

Files: 33
PUP.Optional.Superfish.A, C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, , [3b7b8feb16659b9b5cbcaf0045bd9f61],
PUP.Optional.Superfish.A, C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, , [24927dfd93e8c472180009a618ea06fa],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome.manifest, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\icon.png, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\install.rdf, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\background.html, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\bg.js, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\button.xml, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\config.js, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\content.js, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\framework.js, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\framework.png, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\framework.xul, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon128.ico, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon128.png, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon16.ico, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon16.png, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon18.ico, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon18.png, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon24.ico, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon24.png, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon32.ico, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon32.png, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon48.ico, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon48.png, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon64.ico, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon64.png, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\jquery-1.9.1.min.js, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\options.xul, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\settings.json, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\mz\background.js, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\mz\content.js, , [eec83e3c0d6ed75fc1b60b97d72b7888],
PUP.Optional.SpeedAnalysis.A, C:\Users\fivonne\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\skin\framework.css, , [eec83e3c0d6ed75fc1b60b97d72b7888],

Physical Sectors: 0
(No malicious items detected)

(end)

cosinus · 20.06.2014, 19:12

Adware/Junkware/Toolbars entfernen

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

carlos69 · 22.06.2014, 11:25

Hallo,

ich habe die Anweisungen durchgeführt und poste hier die Logs wie folgt:AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.212 - Bericht erstellt am 22/06/2014 um 09:44:46
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzername : fivonne - IVONNE-PC
# Gestartet von : C:\Users\fivonne\Downloads\adwcleaner_3.212.exe
# Option : Lˆschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelˆscht : C:\Users\le_bus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ingolnlcamoheiiladeoecpgdbjjmlaf

***** [ Verkn¸pfungen ] *****

Verkn¸pfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileParade bundle uninstaller\FileParade bundle uninstaller.lnk

***** [ Registrierungsdatenbank ] *****

Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Google\Chrome\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASAPI32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASMANCS
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASAPI32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASMANCS
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchProtectINT_RASAPI32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchProtectINT_RASMANCS
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\SupTab_Setup302_RASAPI32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\SupTab_Setup302_RASMANCS
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\Websteroids_RASAPI32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\Websteroids_RASMANCS
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\WebsteroidsService_RASAPI32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\WebsteroidsService_RASMANCS
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\wpm_RASAPI32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\wpm_RASMANCS
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schl¸ssel Gelˆscht : HKCU\Software\AnyProtect
Schl¸ssel Gelˆscht : HKCU\Software\FreeSoftToday
Schl¸ssel Gelˆscht : HKCU\Software\genesis
Schl¸ssel Gelˆscht : HKCU\Software\Tutorials
Schl¸ssel Gelˆscht : HKCU\Software\TutoTag
Schl¸ssel Gelˆscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schl¸ssel Gelˆscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schl¸ssel Gelˆscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schl¸ssel Gelˆscht : HKLM\Software\SupDp
Schl¸ssel Gelˆscht : HKLM\Software\SupTab
Schl¸ssel Gelˆscht : HKLM\Software\Tutorials
Schl¸ssel Gelˆscht : HKLM\Software\Uniblue
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DigitalSite
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Extractor Packages
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\installedbrowserextensions
Daten Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16421

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v35.0.1916.153

[ Datei : C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelˆscht [Extension] : blbkdnmdcafmfhinpmnlhhddbepgkeaa

*************************

AdwCleaner[R0].txt - [44180 octets] - [03/11/2013 20:58:53]
AdwCleaner[R1].txt - [66747 octets] - [04/06/2014 16:34:53]
AdwCleaner[R2].txt - [14024 octets] - [22/06/2014 09:43:16]
AdwCleaner[S0].txt - [40429 octets] - [03/11/2013 21:05:20]
AdwCleaner[S1].txt - [39601 octets] - [04/06/2014 16:36:25]
AdwCleaner[S2].txt - [12888 octets] - [22/06/2014 09:44:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [12949 octets] ##########

--- --- ---

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014 01
Ran by fivonne (administrator) on IVONNE-PC on 22-06-2014 12:06:19
Running from C:\Users\fivonne\Downloads
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
() C:\Windows\SysWOW64\PSIService.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dropbox, Inc.) C:\Users\fivonne\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
() C:\Program Files (x86)\MouseDriver\OfficeMouse.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Farbar) C:\Users\fivonne\Downloads\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11725928 2010-12-23] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [860040 2010-12-10] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-14] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [iWareV3] => C:\Program Files (x86)\MouseDriver\OfficeMouse.exe [507904 2009-03-27] ()
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2744363527-3643634278-3182256267-1000\...\Run: [Search Protection] => C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1000\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [154144 2010-07-29] ()
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\Run: [Facebook Update] => "C:\Users\fivonne\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\Run: [EPSON PX720WD Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGYE.EXE [224768 2010-01-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566984 2014-04-25] (Safer-Networking Ltd.)
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {1aece30b-07b6-11e1-8e1f-b870f47dc548} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {1b4e31f0-ce8b-11e0-b8a8-b870f47dc548} - E:\iStudio.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {28ebbe75-c03a-11e1-827e-b870f47dc548} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {5844ab32-ab0b-11e0-b286-c0f8da46fad8} - E:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {96c06cff-a017-11e0-a750-c0f8da46fad8} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {96c06d30-a017-11e0-a750-001e101f8ed0} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {9869b7a2-1879-11e1-b9eb-b870f47dc548} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {cd5ab2f0-bc7e-11e1-a155-b870f47dc548} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {cd5ab313-bc7e-11e1-a155-b870f47dc548} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {e8336138-d4f9-11e1-8175-b870f47dc548} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {f68f907d-c03c-11e1-8014-b870f47dc548} - E:\AutoRun.exe
HKU\S-1-5-21-2744363527-3643634278-3182256267-1002\...\MountPoints2: {fe11b9ec-92c2-11e0-a8c7-c0f8da46fad8} - E:\AutoRun.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\Users\fivonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\fivonne\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: [verify-U]_Add-on - {F4552A56-119C-478E-AB3F-2C850F78B72E} - C:\Program Files\[verify-U]_AVS_IE_Add-on\[verify-U]_AVS.dll (Cybits AG)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: [verify-U]_Add-on - {F4552A56-119C-478E-AB3F-2C850F78B72E} - C:\Program Files (x86)\[verify-U]_AVS_IE_Add-on\[verify-U]_AVS.dll (Cybits AG)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\fivonne\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\fivonne\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 - C:\Users\fivonne\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-06]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2014-06-09]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-06-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2014-06-09]

Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Docs) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-17]
CHR Extension: (Google Drive) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-17]
CHR Extension: (YouTube) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-17]
CHR Extension: (Google-Suche) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-17]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-06-17]
CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-06-17]
CHR Extension: (Virtual Keyboard) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-06-17]
CHR Extension: (Skype Click to Call) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-06-20]
CHR Extension: (Google Wallet) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-17]
CHR Extension: (Google Mail) - C:\Users\fivonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-17]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

S4 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [868224 2010-12-10] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [244904 2010-10-28] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SpyroService; C:\Program Files (x86)\FS\Spyro Portal\FlashPortal.exe [48128 2012-01-31] (FS) [File not signed]
S2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)

==================== Drivers (Whitelisted) ====================

R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-06-09] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-06-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-06-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-06-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-06-09] (Kaspersky Lab ZAO)
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
S3 ZTEusbMB; C:\Windows\System32\DRIVERS\ZTEusbnmeaext2.sys [119680 2011-07-11] (ZTE Incorporated) [File not signed]
S3 ZTEusbmdm6k; C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys [119680 2011-07-11] (ZTE Incorporated) [File not signed]
S3 ZTEusbnet; C:\Windows\System32\DRIVERS\ZTEusbnet.sys [135168 2011-07-11] (ZTE Corporation) [File not signed]
S3 ZTEusbnmea; C:\Windows\System32\DRIVERS\ZTEusbnmea.sys [119680 2011-07-11] (ZTE Incorporated) [File not signed]
S3 ZTEusbnmeaext; C:\Windows\System32\DRIVERS\ZTEusbnmeaext.sys [119680 2011-07-11] (ZTE Incorporated) [File not signed]
S3 ZTEusbser6k; C:\Windows\System32\DRIVERS\ZTEusbser6k.sys [119680 2011-07-11] (ZTE Incorporated) [File not signed]
S3 ZTEWMSD_637; C:\Windows\System32\Drivers\ZTEWMSD_637.sys [19968 2011-07-11] (ZTE Corporation) [File not signed]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S1 [verify-U]_System; system32\drivers\[verify-U]-driver.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-22 12:05 - 2014-06-22 12:06 - 02083328 _____ (Farbar) C:\Users\fivonne\Downloads\FRST64 (1).exe
2014-06-22 09:53 - 2014-06-22 09:53 - 01016261 _____ (Thisisu) C:\Users\fivonne\Downloads\JRT.exe
2014-06-22 09:42 - 2014-06-22 09:42 - 01333465 _____ () C:\Users\fivonne\Downloads\adwcleaner_3.212.exe
2014-06-20 14:52 - 2014-06-20 14:53 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-20 14:52 - 2014-06-20 14:52 - 00001078 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-20 14:52 - 2014-06-20 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-20 14:52 - 2014-06-20 14:52 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-20 14:52 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-20 14:52 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-20 14:52 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-20 14:50 - 2014-06-20 14:51 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\fivonne\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-20 13:00 - 2014-06-20 13:00 - 00045104 _____ () C:\Users\fivonne\Downloads\Addition.txt
2014-06-20 12:59 - 2014-06-22 12:06 - 00027052 _____ () C:\Users\fivonne\Downloads\FRST.txt
2014-06-20 12:58 - 2014-06-22 12:06 - 00000000 ____D () C:\FRST
2014-06-20 12:57 - 2014-06-20 12:57 - 02082304 _____ (Farbar) C:\Users\fivonne\Downloads\FRST64.exe
2014-06-20 12:35 - 2014-06-22 09:46 - 00000330 _____ () C:\Windows\Tasks\GlaryInitialize.job
2014-06-20 12:35 - 2014-06-20 12:35 - 00002612 _____ () C:\Windows\System32\Tasks\GlaryInitialize
2014-06-20 12:35 - 2014-06-20 12:35 - 00001042 _____ () C:\Users\fivonne\Desktop\Glary Utilities.lnk
2014-06-20 12:35 - 2014-06-20 12:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
2014-06-20 12:35 - 2014-06-20 12:35 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities
2014-06-20 12:33 - 2014-06-20 12:34 - 06685392 _____ (Glarysoft Ltd ) C:\Users\fivonne\Downloads\gusetup_slim_2.56.exe
2014-06-20 12:15 - 2014-06-20 12:15 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-20 12:15 - 2014-06-20 12:15 - 00000000 ____D () C:\Windows\system32\Macromed
2014-06-18 14:52 - 2014-06-18 15:03 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\.technic
2014-06-17 16:07 - 2014-06-17 16:07 - 00002223 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-17 16:07 - 2014-06-17 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-15 15:05 - 2014-06-15 18:04 - 07098161 _____ () C:\Users\fivonne\Documents\Religions Projekt.odp
2014-06-11 18:59 - 2014-06-11 18:59 - 570540083 _____ () C:\Windows\MEMORY.DMP
2014-06-11 18:59 - 2014-06-11 18:59 - 00274544 _____ () C:\Windows\Minidump\061114-22417-01.dmp
2014-06-11 17:55 - 2014-06-11 17:55 - 00000000 _____ () C:\Users\fivonne\Desktop\server.log.lck
2014-06-10 13:52 - 2014-06-10 13:52 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\java
2014-06-09 19:09 - 2014-06-13 23:08 - 00000000 ____D () C:\Users\fivonne\Desktop\tadeos welt
2014-06-09 14:25 - 2014-06-09 15:16 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-09 14:25 - 2014-06-09 14:26 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-09 14:25 - 2014-06-09 14:25 - 00001367 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-09 14:25 - 2014-06-09 14:25 - 00001355 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-09 14:25 - 2014-06-09 14:25 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-06-09 14:25 - 2014-06-09 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-09 14:25 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-06-09 14:13 - 2014-06-09 14:13 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-09 14:13 - 2014-06-09 14:13 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-09 14:13 - 2014-06-09 14:13 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-09 14:13 - 2014-06-09 14:13 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-06-09 14:13 - 2014-06-09 14:13 - 00000000 ____D () C:\Program Files\Java
2014-06-09 12:29 - 2014-06-09 12:29 - 00001061 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-06-09 12:29 - 2014-06-09 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-06-09 12:29 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-06-09 12:28 - 2014-06-09 12:38 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-06-09 12:28 - 2014-06-09 12:38 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-06-09 12:28 - 2014-06-09 12:28 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-06-09 12:28 - 2014-06-09 12:28 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-06-09 12:09 - 2014-06-09 12:09 - 00000227 _____ () C:\ProgramData\DelBackupManager.REG
2014-06-09 11:23 - 2014-06-09 11:23 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-06-09 11:23 - 2014-06-09 11:23 - 00000000 ____D () C:\Windows\system32\NV
2014-06-09 11:03 - 2014-06-09 11:04 - 00001365 _____ () C:\Windows\IE9_main.log
2014-06-09 10:59 - 2014-06-09 10:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01009.Wdf
2014-06-09 08:58 - 2014-06-20 14:01 - 01042289 _____ () C:\Users\fivonne\AppData\Local\ysdxbcha.gss
2014-06-09 08:58 - 2014-06-20 13:28 - 00076800 _____ () C:\Users\fivonne\AppData\Local\ysdxbcha.gdb
2014-06-06 16:14 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-06 16:14 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-06 16:14 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-06 16:14 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-06 16:13 - 2014-06-06 16:14 - 00004638 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-06 15:06 - 2014-06-06 15:19 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\GlarySoft
2014-06-06 15:06 - 2014-06-06 15:06 - 00001082 _____ () C:\Users\fivonne\Desktop\Absolute Uninstaller.lnk
2014-06-06 13:55 - 2014-06-06 13:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-06 13:52 - 2014-06-06 13:52 - 00005296 _____ () C:\sc-cleaner.txt
2014-06-06 13:13 - 2014-06-06 13:13 - 00000000 ____D () C:\Windows\ERUNT
2014-06-06 13:06 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-06 12:54 - 2014-06-20 12:37 - 00000000 ____D () C:\Users\fivonne\Desktop\sicherheit
2014-06-06 11:04 - 2014-06-09 12:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-04 20:55 - 2014-06-22 09:45 - 00075596 _____ () C:\Windows\PFRO.log
2014-06-04 20:55 - 2014-06-22 09:45 - 00002034 _____ () C:\Windows\setupact.log
2014-06-04 20:55 - 2014-06-04 20:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-04 20:18 - 2014-06-04 20:18 - 00003182 _____ () C:\Windows\System32\Tasks\{54B705C5-8594-45D6-9604-7D177BB6803F}
2014-06-04 16:44 - 2014-06-04 16:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-03 14:02 - 2014-06-03 14:02 - 00000000 ____D () C:\Users\fivonne\AppData\Local\Fuze Zip
2014-05-31 19:41 - 2014-05-31 19:40 - 00830792 _____ (Click Me In Limited) C:\Users\fivonne\AppData\Local\nstA8C4.tmp
2014-05-31 19:31 - 2014-06-12 21:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-31 19:30 - 2014-05-31 19:30 - 00000000 ____D () C:\Users\fivonne\AppData\Local\JFileManager
2014-05-31 19:30 - 2014-05-31 19:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JFileManager
2014-05-31 19:30 - 2014-05-31 19:30 - 00000000 ____D () C:\Program Files (x86)\JFileManager
2014-05-31 19:29 - 2014-06-09 08:58 - 00000000 ____D () C:\Users\fivonne\AppData\Local\Genesis_05311729
2014-05-31 19:28 - 2014-06-20 14:04 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-05-28 19:10 - 2014-05-28 19:11 - 00000000 ____D () C:\Users\fivonne\Desktop\Tech_World

==================== One Month Modified Files and Folders =======

2014-06-22 12:06 - 2014-06-22 12:05 - 02083328 _____ (Farbar) C:\Users\fivonne\Downloads\FRST64 (1).exe
2014-06-22 12:06 - 2014-06-20 12:59 - 00027052 _____ () C:\Users\fivonne\Downloads\FRST.txt
2014-06-22 12:06 - 2014-06-20 12:58 - 00000000 ____D () C:\FRST
2014-06-22 12:02 - 2013-01-05 14:11 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-22 12:02 - 2011-07-14 23:01 - 00001146 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2744363527-3643634278-3182256267-1002UA.job
2014-06-22 12:02 - 2011-05-20 22:30 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\Skype
2014-06-22 09:53 - 2014-06-22 09:53 - 01016261 _____ (Thisisu) C:\Users\fivonne\Downloads\JRT.exe
2014-06-22 09:53 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-22 09:53 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-22 09:50 - 2011-04-30 06:25 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-06-22 09:50 - 2011-04-30 06:25 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-06-22 09:50 - 2009-07-14 07:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-22 09:49 - 2011-04-29 20:38 - 01113374 _____ () C:\Windows\WindowsUpdate.log
2014-06-22 09:46 - 2014-06-20 12:35 - 00000330 _____ () C:\Windows\Tasks\GlaryInitialize.job
2014-06-22 09:46 - 2014-05-15 18:51 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\DropboxMaster
2014-06-22 09:46 - 2013-11-07 19:00 - 00000000 ___RD () C:\Users\fivonne\Dropbox
2014-06-22 09:46 - 2013-11-07 18:52 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\Dropbox
2014-06-22 09:46 - 2013-01-05 14:11 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-22 09:46 - 2011-05-23 16:56 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-06-22 09:45 - 2014-06-04 20:55 - 00075596 _____ () C:\Windows\PFRO.log
2014-06-22 09:45 - 2014-06-04 20:55 - 00002034 _____ () C:\Windows\setupact.log
2014-06-22 09:45 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-22 09:44 - 2013-11-03 20:58 - 00000000 ____D () C:\AdwCleaner
2014-06-22 09:42 - 2014-06-22 09:42 - 01333465 _____ () C:\Users\fivonne\Downloads\adwcleaner_3.212.exe
2014-06-20 14:53 - 2014-06-20 14:52 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-20 14:52 - 2014-06-20 14:52 - 00001078 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-20 14:52 - 2014-06-20 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-20 14:52 - 2014-06-20 14:52 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-20 14:51 - 2014-06-20 14:50 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\fivonne\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-20 14:04 - 2014-05-31 19:28 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-20 14:01 - 2014-06-09 08:58 - 01042289 _____ () C:\Users\fivonne\AppData\Local\ysdxbcha.gss
2014-06-20 13:54 - 2013-10-17 16:15 - 00262144 _____ () C:\Windows\system32\config\elam
2014-06-20 13:28 - 2014-06-09 08:58 - 00076800 _____ () C:\Users\fivonne\AppData\Local\ysdxbcha.gdb
2014-06-20 13:00 - 2014-06-20 13:00 - 00045104 _____ () C:\Users\fivonne\Downloads\Addition.txt
2014-06-20 12:57 - 2014-06-20 12:57 - 02082304 _____ (Farbar) C:\Users\fivonne\Downloads\FRST64.exe
2014-06-20 12:37 - 2014-06-06 12:54 - 00000000 ____D () C:\Users\fivonne\Desktop\sicherheit
2014-06-20 12:37 - 2014-02-05 22:50 - 00000000 ____D () C:\Users\fivonne\Desktop\programme
2014-06-20 12:37 - 2013-10-11 13:03 - 00000000 ___RD () C:\Users\fivonne\Desktop\Minecraft
2014-06-20 12:37 - 2012-03-16 20:28 - 00000000 ___RD () C:\Users\fivonne\Desktop\Tadeos Ordner
2014-06-20 12:36 - 2013-01-05 14:11 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 12:36 - 2013-01-05 14:11 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 12:35 - 2014-06-20 12:35 - 00002612 _____ () C:\Windows\System32\Tasks\GlaryInitialize
2014-06-20 12:35 - 2014-06-20 12:35 - 00001042 _____ () C:\Users\fivonne\Desktop\Glary Utilities.lnk
2014-06-20 12:35 - 2014-06-20 12:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
2014-06-20 12:35 - 2014-06-20 12:35 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities
2014-06-20 12:34 - 2014-06-20 12:33 - 06685392 _____ (Glarysoft Ltd ) C:\Users\fivonne\Downloads\gusetup_slim_2.56.exe
2014-06-20 12:15 - 2014-06-20 12:15 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-20 12:15 - 2014-06-20 12:15 - 00000000 ____D () C:\Windows\system32\Macromed
2014-06-20 12:15 - 2011-06-18 21:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-20 12:14 - 2011-07-14 23:01 - 00001124 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2744363527-3643634278-3182256267-1002Core.job
2014-06-18 15:45 - 2013-09-17 16:57 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\.minecraft
2014-06-18 15:03 - 2014-06-18 14:52 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\.technic
2014-06-18 14:45 - 2011-05-21 07:24 - 00000000 ____D () C:\Users\fivonne\AppData\Local\Google
2014-06-17 16:07 - 2014-06-17 16:07 - 00002223 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-17 16:07 - 2014-06-17 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-17 16:07 - 2012-06-03 22:21 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-17 15:48 - 2012-10-31 21:30 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\Mozilla
2014-06-15 20:00 - 2011-06-07 15:49 - 00000000 ____D () C:\Users\fivonne\AppData\Local\CrashDumps
2014-06-15 18:04 - 2014-06-15 15:05 - 07098161 _____ () C:\Users\fivonne\Documents\Religions Projekt.odp
2014-06-13 23:08 - 2014-06-09 19:09 - 00000000 ____D () C:\Users\fivonne\Desktop\tadeos welt
2014-06-12 21:08 - 2014-05-31 19:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 21:05 - 2011-05-29 21:11 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 13:17 - 2011-07-21 22:02 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\NVIDIA
2014-06-11 18:59 - 2014-06-11 18:59 - 570540083 _____ () C:\Windows\MEMORY.DMP
2014-06-11 18:59 - 2014-06-11 18:59 - 00274544 _____ () C:\Windows\Minidump\061114-22417-01.dmp
2014-06-11 18:59 - 2011-08-02 00:19 - 00000000 ____D () C:\Windows\Minidump
2014-06-11 18:58 - 2014-04-14 14:07 - 00059566 _____ () C:\Users\fivonne\Desktop\server.log
2014-06-11 17:55 - 2014-06-11 17:55 - 00000000 _____ () C:\Users\fivonne\Desktop\server.log.lck
2014-06-11 17:53 - 2014-04-11 18:55 - 00000000 ____D () C:\Users\fivonne\Desktop\authlib
2014-06-10 13:52 - 2014-06-10 13:52 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\java
2014-06-09 15:17 - 2011-09-08 22:50 - 00002502 _____ () C:\Windows\wininit.ini
2014-06-09 15:16 - 2014-06-09 14:25 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-09 14:26 - 2014-06-09 14:25 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-09 14:25 - 2014-06-09 14:25 - 00001367 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-09 14:25 - 2014-06-09 14:25 - 00001355 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-09 14:25 - 2014-06-09 14:25 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-06-09 14:25 - 2014-06-09 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-09 14:13 - 2014-06-09 14:13 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-09 14:13 - 2014-06-09 14:13 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-09 14:13 - 2014-06-09 14:13 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-09 14:13 - 2014-06-09 14:13 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-06-09 14:13 - 2014-06-09 14:13 - 00000000 ____D () C:\Program Files\Java
2014-06-09 14:13 - 2014-02-01 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-09 12:38 - 2014-06-09 12:28 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-06-09 12:38 - 2014-06-09 12:28 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-06-09 12:38 - 2013-10-17 15:47 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-06-09 12:38 - 2013-10-17 15:47 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2014-06-09 12:38 - 2013-06-06 17:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2014-06-09 12:29 - 2014-06-09 12:29 - 00001061 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-06-09 12:29 - 2014-06-09 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-06-09 12:28 - 2014-06-09 12:28 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-06-09 12:28 - 2014-06-09 12:28 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-06-09 12:18 - 2014-06-06 11:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-09 12:17 - 2011-02-25 08:11 - 00000000 ____D () C:\ProgramData\WildTangent
2014-06-09 12:17 - 2011-02-25 08:11 - 00000000 ____D () C:\Program Files (x86)\Packard Bell Games
2014-06-09 12:17 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-09 12:09 - 2014-06-09 12:09 - 00000227 _____ () C:\ProgramData\DelBackupManager.REG
2014-06-09 12:09 - 2011-02-25 08:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support
2014-06-09 12:08 - 2011-02-25 08:18 - 00000000 ____D () C:\ProgramData\BackupManager
2014-06-09 11:23 - 2014-06-09 11:23 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-06-09 11:23 - 2014-06-09 11:23 - 00000000 ____D () C:\Windows\system32\NV
2014-06-09 11:23 - 2011-04-29 20:45 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-09 11:04 - 2014-06-09 11:03 - 00001365 _____ () C:\Windows\IE9_main.log
2014-06-09 11:03 - 2011-04-29 20:45 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-09 11:03 - 2011-04-29 20:45 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-09 10:59 - 2014-06-09 10:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01009.Wdf
2014-06-09 08:58 - 2014-05-31 19:29 - 00000000 ____D () C:\Users\fivonne\AppData\Local\Genesis_05311729
2014-06-09 08:54 - 2014-03-18 10:25 - 00000000 ____D () C:\Users\TEMP
2014-06-06 16:15 - 2014-02-01 12:52 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-06 16:14 - 2014-06-06 16:13 - 00004638 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-06 16:14 - 2011-09-06 21:20 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-06 15:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\xxx
2014-06-06 15:19 - 2014-06-06 15:06 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\GlarySoft
2014-06-06 15:13 - 2011-11-28 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disney Interactive
2014-06-06 15:13 - 2011-11-28 17:27 - 00002506 _____ () C:\Windows\disney.ini
2014-06-06 15:13 - 2011-11-05 16:00 - 00000000 ____D () C:\ProgramData\DatacardService
2014-06-06 15:13 - 2011-02-25 07:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-06 15:06 - 2014-06-06 15:06 - 00001082 _____ () C:\Users\fivonne\Desktop\Absolute Uninstaller.lnk
2014-06-06 13:55 - 2014-06-06 13:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-06 13:52 - 2014-06-06 13:52 - 00005296 _____ () C:\sc-cleaner.txt
2014-06-06 13:52 - 2011-05-20 18:17 - 00001321 _____ () C:\Users\fivonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-06-06 13:52 - 2011-05-20 18:16 - 00001202 _____ () C:\Users\fivonne\Desktop\Internet Explorer (No Add-ons).lnk
2014-06-06 13:52 - 2011-05-20 18:16 - 00001146 _____ () C:\Users\fivonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-06 13:13 - 2014-06-06 13:13 - 00000000 ____D () C:\Windows\ERUNT
2014-06-05 05:41 - 2014-04-26 12:31 - 00000000 ____D () C:\Users\le_bus
2014-06-05 05:41 - 2011-06-09 20:06 - 00000000 ____D () C:\Users\Gast
2014-06-05 05:41 - 2011-05-20 18:15 - 00000000 ____D () C:\Users\fivonne
2014-06-05 05:40 - 2014-04-26 12:31 - 00000000 ____D () C:\Users\le_bus\AppData\Local\Google
2014-06-05 05:40 - 2014-01-29 16:15 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-06-05 05:40 - 2014-01-29 16:15 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-06-05 05:40 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-06-05 05:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-06-04 20:55 - 2014-06-04 20:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-04 20:18 - 2014-06-04 20:18 - 00003182 _____ () C:\Windows\System32\Tasks\{54B705C5-8594-45D6-9604-7D177BB6803F}
2014-06-04 17:25 - 2011-09-21 23:38 - 00000000 ____D () C:\Users\fivonne\Documents\Vegas Movie Studio HD Platinum 11.0 Proyectos
2014-06-04 16:44 - 2014-06-04 16:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-03 14:02 - 2014-06-03 14:02 - 00000000 ____D () C:\Users\fivonne\AppData\Local\Fuze Zip
2014-05-31 19:40 - 2014-05-31 19:41 - 00830792 _____ (Click Me In Limited) C:\Users\fivonne\AppData\Local\nstA8C4.tmp
2014-05-31 19:30 - 2014-05-31 19:30 - 00000000 ____D () C:\Users\fivonne\AppData\Local\JFileManager
2014-05-31 19:30 - 2014-05-31 19:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JFileManager
2014-05-31 19:30 - 2014-05-31 19:30 - 00000000 ____D () C:\Program Files (x86)\JFileManager
2014-05-31 19:28 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-31 19:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-05-28 19:11 - 2014-05-28 19:10 - 00000000 ____D () C:\Users\fivonne\Desktop\Tech_World
2014-05-28 19:07 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-05-27 18:36 - 2013-11-07 18:53 - 00000000 ____D () C:\Users\fivonne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

Files to move or delete:
====================
C:\ProgramData\DelBackupManager.REG


Some content of TEMP:
====================
C:\Users\fivonne\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpphopq4.dll
C:\Users\fivonne\AppData\Local\Temp\Quarantine.exe
C:\Users\Gast\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Gast\AppData\Local\Temp\ResetDevice.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 18:26

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by fivonne on 22.06.2014 at 9:54:03,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.06.2014 at 10:05:00,29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cosinus · 22.06.2014, 20:01

Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Scan klicken.

carlos69 · 23.06.2014, 08:31

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2014
Ran by fivonne at 2014-06-23 09:25:57
Running from C:\Users\fivonne\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

[verify-U]_AVS_IE_Add-on (HKLM-x32\...\[verify-U]_AVS_IE_Add-on) (Version: 1.0.0.3 - cybits AG)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Absolute Uninstaller 2.9.0.722 (HKLM-x32\...\Absolute Uninstaller_is1) (Version:  - Glarysoft.com)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.6.1.2 - Broadcom Corporation)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.2 - Broadcom Corporation)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.0.1027_32100 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.0.1027_32100 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Disneys Mushus Schneeballschlacht (HKLM-x32\...\Mushus Schneeballschlacht) (Version:  - )
Disneys Rummel im Dschungel (HKLM-x32\...\Tarzan's Jungle Tumble) (Version:  - )
Disneys Über den Dächern von Agrabah (HKLM-x32\...\Über den Dächern von Agrabah) (Version:  - )
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
DVD Architect Studio 5.0 (HKLM-x32\...\{612E74CF-30A0-11E0-A258-005056C00008}) (Version: 5.0.128 - Sony)
Electronic Arts Product Registration (HKLM-x32\...\InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts)
Electronic Arts Product Registration (x32 Version: 1.01.0000 - Electronic Arts) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}) (Version: 2.2.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
EPSON PX720WD Series Manual (HKLM-x32\...\EPSON PX720WD Series Manual) (Version:  - )
EPSON PX720WD Series Printer Uninstall (HKLM\...\EPSON PX720WD Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3a - SEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fraps (x32 Version:  - ) Hidden
FuzeZip (HKCU\...\FuzeZip) (Version: 1.0.0.134605 - Koyote-Lab Inc.) <==== ATTENTION
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Genesis (HKCU\...\ysdxbcha) (Version:  - ) <==== ATTENTION
Glary Utilities 2.56.0.1822 (HKLM-x32\...\Glary Utilities_is1) (Version: 2.56.0.1822 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Harry Potter II (HKLM-x32\...\{7BF68B83-5057-4D4B-0093-28285EEB9EE3}) (Version:  - )
HomeMedia (HKLM-x32\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 2.0.8423 - CyberLink Corporation)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Packard Bell)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Java(TM) 6 Update 27 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216027FF}) (Version: 6.0.270 - Oracle)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
JFileManager (HKLM-x32\...\JFileManager) (Version: v1.10 - TUGUU SL) <==== ATTENTION
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.4 - Packard Bell)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Manual de red de EPSON PX720WD Series (HKLM-x32\...\EPSON PX720WD Series Network Guide) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MouseDriver (HKLM-x32\...\{643E1970-324F-474C-8610-55F3F053BC01}) (Version: 1.00.0000 - )
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{565b3069-c661-4bb2-a17b-902092bd6940}) (Version:  - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.37.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.37.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.27.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.37.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NewBlue VideoFX for Sony Vegas MSPPS (HKLM-x32\...\NewBlue VideoFX for Sony Vegas MSPPS) (Version: 2.0 - NewBlue)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.1.3 - WildTangent)
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3001 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.03.3003 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0811.2010 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 2.0.2211 - CyberLink Corp.)
Packard Bell Social Networks (x32 Version: 2.0.2211 - CyberLink Corp.) Hidden
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Packard Bell)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6276 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version:  - )
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090 - SmartSound Software Inc) Hidden
Sony Vocal Eraser (HKLM-x32\...\Sony Vocal Eraser_is1) (Version: 1.00 - iZotope, Inc.)
Sound Forge Audio Studio 10.0 (HKLM-x32\...\{1FE5F98F-30A4-11E0-8480-005056C00008}) (Version: 10.0.153 - Sony)
SpongeBob Schwammkopf - Film ab! (HKLM-x32\...\{49E2BAED-F6E3-41C9-9FA8-C217F2A67FCA}) (Version: 1.0 - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
SpyroDriver (HKLM-x32\...\{63104E84-532C-4011-A4F4-AD6EDF8CC214}) (Version: 1.07.0000 - Ihr Firmenname)
SpyroPortalDriver (HKLM\...\{B2913230-094D-4F41-9EEF-CE9571C450D8}) (Version: 1.0.0 - FS)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.0 - Synaptics Incorporated)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.0.82.0 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vegas Movie Studio HD Platinum 11.0 (HKLM-x32\...\{7F4FC9C0-7F67-11E1-9F9E-F04DA23A5C58}) (Version: 11.0.322 - Sony)
Video Web Camera (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1820 - CyberLink Corp.)
Video Web Camera (x32 Version: 1.0.1820 - CyberLink Corp.) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3007 - Packard Bell)
WildTangent Games App (Packard Bell Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-packardbell) (Version: 4.0.5.14 - WildTangent)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Yahoo! BrowserPlus 2.9.8 (HKCU\...\Yahoo! BrowserPlus) (Version:  - Yahoo! Inc.)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points  =========================

10-06-2014 15:13:06 Windows Update
12-06-2014 19:05:28 Windows Update
13-06-2014 19:32:21 Windows Update
13-06-2014 21:08:36 Windows Update
14-06-2014 12:42:35 Windows Update
14-06-2014 15:22:03 Windows Update
15-06-2014 18:06:19 Windows Update
17-06-2014 13:40:01 Windows Update
17-06-2014 13:48:25 Removed Google Talk Plugin
17-06-2014 13:48:55 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
18-06-2014 18:06:41 Windows Update
20-06-2014 10:19:11 Windows Update
20-06-2014 13:25:48 Windows Update
23-06-2014 07:22:44 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0666D844-E1A5-4392-B07F-CE210BC919CD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2744363527-3643634278-3182256267-1002Core => C:\Users\fivonne\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {0D41C947-11CD-4A68-B8BC-5FBED714E4DE} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2010-10-28] (CyberLink)
Task: {1EE01660-9D6F-4D24-92D2-1D83DFA8B80F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-05] (Google Inc.)
Task: {499B06EE-E441-4E41-BA8F-4793CD011D30} - \Plus-HD-3.8-enabler No Task File <==== ATTENTION
Task: {4BE0EF5D-1DEA-4435-8A7F-B66539764618} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {5015FBC8-2EE6-4219-9A95-10A8A281A25D} - \Plus-HD-3.8-firefoxinstaller No Task File <==== ATTENTION
Task: {5F0D4C75-D7D9-491E-B36E-650A1AA126CD} - \SaveSense No Task File <==== ATTENTION
Task: {65EC2C7A-A2FF-44BA-904D-B47BC884EAAC} - \Plus-HD-3.8-chromeinstaller No Task File <==== ATTENTION
Task: {6F2F300F-0A1E-4248-8DF4-00A7DC60977D} - \Plus-HD-3.8-updater No Task File <==== ATTENTION
Task: {7C41A548-BAEB-45EE-91C7-37B1BFBF306B} - \BonanzaDealsLiveUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {808D5CC6-32FF-4CA2-B44F-12D4C165F223} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {81232D49-3786-4E79-83D3-D50C99EF5B0E} - \DigitalSite No Task File <==== ATTENTION
Task: {89A08DE2-D265-4D95-9D90-45B88144A3E3} - \Plus-HD-3.8-codedownloader No Task File <==== ATTENTION
Task: {8B6FA4CF-B566-497C-97BE-9E86B82E16F2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {90026F5E-F49B-4EF8-B865-7CE7D2DC79DA} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {9601462D-8A18-4A5D-B362-A1B9CD4BB4D7} - \BonanzaDealsLiveUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {ADD52C40-9E19-413A-91CE-A3D594B105DB} - \SpeedUpMyPC No Task File <==== ATTENTION
Task: {AF2507B1-2168-4D7C-B3EB-439273293652} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {C6E4212A-9423-4D45-942A-EAEF94785561} - \spmonitor No Task File <==== ATTENTION
Task: {C860A256-4946-42F0-8CF3-539CF2132CAC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2744363527-3643634278-3182256267-1002UA => C:\Users\fivonne\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {DCDF9E1F-097D-4685-A88D-E49F23E8C009} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe [2013-05-27] (Glarysoft Ltd)
Task: {E4D10D07-FD1F-44B6-862E-EEEE76F0F19D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-05] (Google Inc.)
Task: {F92F33B1-0508-4D24-AAAC-66765C848BA0} - \BonanzaDealsUpdate No Task File <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2744363527-3643634278-3182256267-1002Core.job => C:\Users\fivonne\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2744363527-3643634278-3182256267-1002UA.job => C:\Users\fivonne\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GlaryInitialize.job => C:\Program Files (x86)\Glary Utilities\initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-06-09 11:02 - 2013-08-30 00:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2007-06-05 13:20 - 2007-06-05 13:20 - 00177704 ____N () C:\Windows\SysWOW64\PSIService.exe
2011-02-25 08:31 - 2010-10-28 03:55 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2011-03-31 15:27 - 2011-03-26 02:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-05-25 10:26 - 2009-03-27 20:55 - 00507904 _____ () C:\Program Files (x86)\MouseDriver\OfficeMouse.exe
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kpcengine.2.3.dll
2014-06-09 14:25 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-06-09 14:25 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-06-09 14:25 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-06-09 14:25 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-06-09 14:25 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-06-22 09:46 - 2014-06-22 09:46 - 00043008 _____ () c:\users\fivonne\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpphopq4.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\fivonne\AppData\Roaming\Dropbox\bin\libcef.dll
2011-05-25 10:26 - 2009-03-27 21:09 - 00090112 _____ () C:\Program Files (x86)\MouseDriver\dllset.dll
2012-05-19 11:41 - 2012-05-19 11:41 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\391c08e31ed5afe15aa8e608fe6e3f63\IsdiInterop.ni.dll
2011-02-25 07:58 - 2010-09-14 04:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\fivonne\Desktop\2013-10-30_16.59.50.png:com.dropbox.attributes

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Activision Xbox360 Spyro Portal
Description: Activision Xbox360 Spyro Portal
Class Guid: {4a9c2fa7-d63f-44c5-a247-bb3289a3739f}
Manufacturer: Activision
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/22/2014 01:56:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.5592"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.5592"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/22/2014 01:55:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (06/22/2014 01:54:59 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (06/22/2014 00:16:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7600.16768, Zeitstempel: 0x4d688122
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7600.16941, Zeitstempel: 0x4f0420b7
Ausnahmecode: 0xc000041d
Fehleroffset: 0x000000000004ea86
ID des fehlerhaften Prozesses: 0x2a70
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (06/22/2014 00:10:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64 (1).exe, Version 21.6.2014.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2938

Startzeit: 01cf8e0199862774

Endzeit: 0

Anwendungspfad: C:\Users\fivonne\Downloads\FRST64 (1).exe

Berichts-ID:


System errors:
=============
Error: (06/22/2014 00:02:28 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (06/22/2014 01:56:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.5592"c:\program files (x86)\Yahoo!\messenger\YahooMessenger.exe

Error: (06/22/2014 01:55:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (06/22/2014 01:54:59 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (06/22/2014 00:16:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7600.167684d688122SHELL32.dll6.1.7600.169414f0420b7c000041d000000000004ea862a7001cf8defa2b27b12C:\Windows\explorer.exeC:\Windows\system32\SHELL32.dll4da50d62-f9f6-11e3-b7fc-b870f47dc548

Error: (06/22/2014 00:10:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64 (1).exe21.6.2014.1293801cf8e01998627740C:\Users\fivonne\Downloads\FRST64 (1).exe


CodeIntegrity Errors:
===================================
  Date: 2014-06-22 13:55:52.909
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-22 13:55:52.909
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-22 13:55:52.909
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-22 13:55:52.879
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-22 13:55:52.879
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-22 13:55:52.879
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-18 18:29:06.294
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-18 18:29:06.294
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-18 18:29:06.284
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-18 18:29:06.264
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 30%
Total physical RAM: 8043.86 MB
Available physical RAM: 5608.45 MB
Total Pagefile: 16085.86 MB
Available Pagefile: 13372.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:450.16 GB) (Free:369.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: B8AFB74E)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

22.06.2014, 20:01	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Win 7 Es gehen bei Browser ständig Werbefenster selbständig auf Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Scan klicken. __________________ Logfiles bitte immer in CODE-Tags posten

Win 7 Es gehen bei Browser ständig Werbefenster selbständig auf

Log-Analyse und Auswertung: Win 7 Es gehen bei Browser ständig Werbefenster selbständig auf