Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Virus: Ständige Popups und Redirects (asrv-a-akamaihd.org) (https://www.trojaner-board.de/153834-virus-staendige-popups-redirects-asrv-a-akamaihd-org.html)

ryan77 13.05.2014 21:27
Virus: Ständige Popups und Redirects (asrv-a-akamaihd.org)
 
Hallo!
Ich habe seit letzter Woche ein Problem, vermutlich einen Virus. Bei jedem Klick - egal auf welcher Seite - öffnet sich ein Popup oder die Seite wird redirected, meist über asrv-a-akamaihd.org oder srv123.com. Dabei sind alle Browser betroffen (IE, Firefox, Chrome). Betriebssystem ist Windows 7. Habe Ad-Aware scannen lassen, aber der konnte nichts finden, die Browser neu zu installieren hat auch nichts gebracht. Ich bin leider nicht so fit was Viren und Trojaner angeht, daher hoffe ich, dass mir hier jemand helfen kann..
Vielen Dank schonmal
Greets
Ryan

schrauber 14.05.2014 06:10
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


ryan77 14.05.2014 21:24
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-05-2014
Ran by FLOPPY (administrator) on FLOPPY-PC on 14-05-2014 22:19:01
Running from C:\Users\FLOPPY\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
() C:\Program Files\RrFilter\RrFilterService64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Hercules®) C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Spotify Ltd) C:\Users\FLOPPY\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Users\FLOPPY\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\cpl2\HDJSeries2CPL.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Google Inc.) C:\Users\FLOPPY\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Dropbox, Inc.) C:\Users\FLOPPY\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [Power Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [OOTag] => C:\Program Files (x86)\Packard Bell\OOBEOffer\ootag.exe [13856 2010-02-23] (Microsoft)
HKLM\...\Run: [Hercules DJ Series TrayAgent] => C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe [3572048 2013-05-10] (Hercules®)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe [4114264 2014-01-23] ()
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [OOTag] => C:\Program Files (x86)\Packard Bell\OOBEOffer\OOTag.exe [13856 2010-02-23] (Microsoft)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\Run: [Spotify] => C:\Users\FLOPPY\AppData\Roaming\Spotify\Spotify.exe [5951488 2013-12-22] (Spotify Ltd)
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\Run: [Spotify Web Helper] => C:\Users\FLOPPY\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-22] (Spotify Ltd)
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\Run: [Amazon Cloud Player] => C:\Users\FLOPPY\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\Run: [Google Update] => C:\Users\FLOPPY\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-19] (Google Inc.)
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\Run: [GoogleChromeAutoLaunch_B730D1ADEAF585236182F5039200F418] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\MountPoints2: {01faf0e0-52f3-11e3-ae4e-dc0ea11dad83} - F:\LaunchU3.exe -a
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [202560 2014-05-03] (Client Connect LTD)
AppInit_DLLs:  C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [241984 2011-11-27] (NVIDIA Corporation)
AppInit_DLLs:  C:\PROGRA~2\SW-BOO~1\ASSIST~2.DLL => C:\Program Files (x86)\SW-Booster\Assistant_x64.dll [4210176 2014-04-27] ()
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [171840 2014-05-03] (Client Connect LTD)
AppInit_DLLs-x32:  c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [203072 2011-11-27] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\FLOPPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\FLOPPY\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=M2E93ADB8-E83F-48CB-A3B8-EEB07BCD9A6A&SearchSource=55&CUI=&UM=5&UP=SP359BB479-5022-4142-9A4B-12CD81A52285&SSPV=
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=2832&r=2014/04/27&hid=5828101733941526718&lg=EN&cc=DE&unqvl=51
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=2832&r=2014/04/27&hid=5828101733941526718&lg=EN&cc=DE&unqvl=51
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=M2E93ADB8-E83F-48CB-A3B8-EEB07BCD9A6A&SearchSource=58&CUI=&UM=5&UP=SP359BB479-5022-4142-9A4B-12CD81A52285&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=M2E93ADB8-E83F-48CB-A3B8-EEB07BCD9A6A&SearchSource=58&CUI=&UM=5&UP=SP359BB479-5022-4142-9A4B-12CD81A52285&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=2832&r=2014/04/27&hid=5828101733941526718&lg=EN&cc=DE&unqvl=51
BHO: YoutubeAdblocker - {52DDF580-D0EF-8CF1-7BA8-59F7803F50BC} - C:\Program Files (x86)\YoutubeAdblocker\YSclJr.x64.dll ()
BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: sAve! net - {94CB3B6C-CB46-9C69-21A3-E9D62B9E883A} - C:\Program Files (x86)\sAve! net\WyfjwWMh.x64.dll ()
BHO: SNT - {B0765BAF-01FA-D611-1400-F990DD2A1083} - C:\Program Files (x86)\SNT\lEF2YHHs.x64.dll ()
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: RrSavings - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\Rr Savings\RrSavings.dll ()
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: YoutubeAdblocker - {52DDF580-D0EF-8CF1-7BA8-59F7803F50BC} - C:\Program Files (x86)\YoutubeAdblocker\YSclJr.dll ()
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: BiTSaver - {943FAC62-AB90-B9A8-94D1-FC1F7E932064} - C:\ProgramData\BiTSaver\WYMfDocwZ.dll ()
BHO-x32: sAve! net - {94CB3B6C-CB46-9C69-21A3-E9D62B9E883A} - C:\Program Files (x86)\sAve! net\WyfjwWMh.dll ()
BHO-x32: SNT - {B0765BAF-01FA-D611-1400-F990DD2A1083} - C:\Program Files (x86)\SNT\lEF2YHHs.dll ()
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://webzugang.brnet.de/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\FLOPPY\AppData\Roaming\Mozilla\Firefox\Profiles\xl13wikb.default
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Keyword.URL: hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_8&idate=__installtime__&hsimp=yhs-lavasoft&ent=bs&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\FLOPPY\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\FLOPPY\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\FLOPPY\AppData\Roaming\Mozilla\Firefox\Profiles\xl13wikb.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Ad-Aware Security Add-on - C:\Users\FLOPPY\AppData\Roaming\Mozilla\Firefox\Profiles\xl13wikb.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2014-05-12]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\IPSFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-04-27]

Chrome:
=======
CHR HomePage: https://www.google.de/
CHR StartupUrls: "hxxp://google.de/"
CHR DefaultSearchKeyword: trovi.search
CHR DefaultSearchProvider: Trovi search
CHR DefaultSearchURL: hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=M2E93ADB8-E83F-48CB-A3B8-EEB07BCD9A6A&SearchSource=58&CUI=&UM=5&UP=SP359BB479-5022-4142-9A4B-12CD81A52285&q={searchTerms}&SSPV=
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-07]
CHR Extension: (Google Drive) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-07]
CHR Extension: (YouTube) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-07]
CHR Extension: (Google Cast) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-04-19]
CHR Extension: (YoutubeAdblocker) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\bogkibnlaccdnmncohleiojlonaniedk [2014-04-27]
CHR Extension: (McAfee Security Scan+) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-21]
CHR Extension: (Google-Suche) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-07]
CHR Extension: (SNT) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehdjabpeiljihoefbmgkcmhoafnldain [2014-04-27]
CHR Extension: (RrSavings) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofjjfgnmnjmoihhmjpafcllkhinmboe [2014-04-25]
CHR Extension: (Norton Identity Protection) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-05-07]
CHR Extension: (Google Wallet) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13]
CHR Extension: (savE Noet) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhfmobpmbmamakmailbgpehikbcgmnj [2014-04-27]
CHR Extension: (Context Menu Search) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2014-04-27]
CHR Extension: (DeealExpiresss) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\onpkgljkhkcgmepgbiknanhgmmecfgbo [2014-05-05]
CHR Extension: (Google Mail) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-07]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\Exts\Chrome.crx [2013-04-28]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2496320 2014-05-03] (Client Connect LTD)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-08-02] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [36456 2011-05-30] (Acer Incorporated)
R2 HerculesDJControlMP3; C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [47104 2013-05-21] (Hercules®)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [702744 2014-01-23] ()
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 RrFilterService64; c:\Program Files\RrFilter\RrFilterService64.exe [171008 2014-03-06] ()

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20130531.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [258352 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-04-17] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-04-17] (Symantec Corporation)
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [274736 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20130618.001\IDSvia64.sys [513184 2013-04-17] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20130618.022\ENG64.SYS [126040 2013-05-22] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20130618.022\EX64.SYS [2098776 2013-05-22] (Symantec Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61736 2014-02-28] (NetFilterSDK.com)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-05-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2013-04-20] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [329800 2013-07-17] (BitDefender S.R.L.)
S3 X86BDA; C:\Windows\System32\DRIVERS\OEMDrv.sys [268416 2011-06-08] ( )
S3 PCDSRVC{D368CD8C-F99229C4-06020200}_0; \??\c:\users\admini~1\appdata\local\temp\8h8grf8pg9jx\pcdrdiag\bin\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-14 22:19 - 2014-05-14 22:19 - 00028937 _____ () C:\Users\FLOPPY\Downloads\FRST.txt
2014-05-14 22:18 - 2014-05-14 22:19 - 00000000 ____D () C:\FRST
2014-05-14 22:17 - 2014-05-14 22:17 - 02066944 _____ (Farbar) C:\Users\FLOPPY\Downloads\FRST64.exe
2014-05-13 23:23 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-13 23:23 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-13 23:23 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-13 23:22 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-13 23:22 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-13 23:22 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-13 21:02 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-13 21:02 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-13 21:02 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-13 21:02 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-13 21:00 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-13 21:00 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-13 21:00 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-13 21:00 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-13 21:00 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-13 21:00 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-13 21:00 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-13 21:00 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-13 21:00 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-13 21:00 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-13 21:00 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-13 21:00 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-13 21:00 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-13 21:00 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 20:59 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-13 20:59 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-13 20:59 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-13 20:59 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-13 20:59 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-13 20:59 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-13 20:59 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-13 20:59 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-13 20:59 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-13 20:59 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-13 20:59 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-13 20:59 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-12 22:09 - 2014-05-12 22:09 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Lavasoft
2014-05-12 22:04 - 2014-05-12 22:04 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\LavasoftStatistics
2014-05-12 21:40 - 2014-05-14 22:14 - 00002317 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-05-12 21:40 - 2014-05-14 22:11 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\adawarebp
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\Program Files\Lavasoft
2014-05-12 21:39 - 2014-05-12 21:39 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-05-12 21:39 - 2014-05-12 21:39 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-05-12 21:37 - 2014-05-12 21:37 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-05-12 21:36 - 2014-05-12 21:36 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-12 21:35 - 2014-05-12 21:35 - 01727624 _____ () C:\Users\FLOPPY\Downloads\Adaware_Installer_11.1.5354.exe
2014-05-12 21:33 - 2014-05-12 21:34 - 01325827 _____ () C:\Users\FLOPPY\Downloads\adwcleaner08.exe
2014-05-12 20:42 - 2014-05-12 20:42 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00001159 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 20:41 - 2014-05-12 20:41 - 28852416 _____ (Mozilla) C:\Users\FLOPPY\Downloads\Firefox_Setup_de29.0.1.exe
2014-05-08 10:17 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-08 10:17 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-08 10:17 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-08 10:17 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-08 10:16 - 2014-05-14 22:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-08 10:16 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-08 10:16 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-08 10:16 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-08 10:16 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-08 10:16 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-08 10:16 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-08 10:16 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-08 10:16 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-08 10:16 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-08 10:16 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-08 10:16 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-08 10:16 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-08 10:16 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-08 10:16 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-08 10:16 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-08 10:16 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-08 10:16 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-08 10:16 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-08 10:16 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-08 10:16 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-08 10:16 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-08 10:16 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-08 10:16 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-08 10:16 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-08 10:16 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-08 10:16 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-08 10:16 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-08 10:16 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-08 10:16 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-08 10:16 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-08 10:16 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-08 10:16 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-08 10:16 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-08 10:16 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-08 10:16 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-08 10:16 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-08 10:16 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-08 10:16 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-08 10:16 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-08 10:16 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-06 19:57 - 2014-05-06 20:05 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Windows Live
2014-05-06 19:57 - 2014-05-06 20:00 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\{11ADAE97-4CB8-400F-A992-A920B627BCA2}
2014-05-06 19:57 - 2014-05-06 19:57 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\{590EB2D2-819A-4CF9-92A2-F9E88F96E148}
2014-05-06 19:53 - 2014-05-06 20:07 - 00000000 ____D () C:\Users\FLOPPY\Documents\06-05-2014
2014-05-05 22:56 - 2014-05-12 21:52 - 00000000 ____D () C:\ProgramData\BiTSaver
2014-04-29 23:42 - 2014-04-29 23:44 - 00000000 ____D () C:\Users\FLOPPY\Desktop\SOUND#33
2014-04-27 13:34 - 2014-04-27 13:34 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\EZDownloader
2014-04-27 13:32 - 2014-05-14 22:09 - 00000434 ____H () C:\Windows\Tasks\SW-Booster-S-584836823.job
2014-04-27 13:32 - 2014-05-12 22:03 - 00000000 ____D () C:\Program Files (x86)\SW-Booster
2014-04-27 13:32 - 2014-04-27 13:32 - 00002680 _____ () C:\Windows\System32\Tasks\SW-Booster-S-584836823
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Torch
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\ProgramData\YoutubeAdblocker
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\ProgramData\SNT
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Program Files (x86)\YoutubeAdblocker
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Program Files (x86)\SNT
2014-04-27 13:31 - 2014-05-05 22:56 - 00000000 ____D () C:\ProgramData\fd55f1f9fbdbfd0a
2014-04-27 13:31 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-27 13:31 - 2014-04-27 13:31 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Packages
2014-04-27 13:31 - 2014-04-27 13:31 - 00000000 ____D () C:\ProgramData\sAve! net
2014-04-27 13:31 - 2014-04-27 13:31 - 00000000 ____D () C:\Program Files (x86)\sAve! net
2014-04-27 13:30 - 2014-04-27 13:32 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-25 23:51 - 2014-05-14 22:16 - 00000000 ____D () C:\Program Files\RrFilter
2014-04-25 23:50 - 2014-04-25 23:50 - 00000000 ____D () C:\Program Files\rrsavings
2014-04-25 23:50 - 2014-04-25 23:50 - 00000000 ____D () C:\Program Files (x86)\Rr Savings
2014-04-25 23:49 - 2014-05-12 21:58 - 00000000 ____D () C:\Program Files\002
2014-04-25 23:49 - 2014-05-12 20:36 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-04-25 23:49 - 2014-04-25 23:49 - 00001175 _____ () C:\Users\Public\Desktop\SoundCloud Downloader.lnk
2014-04-25 23:49 - 2014-04-25 23:49 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\SearchProtect
2014-04-25 23:49 - 2014-04-25 23:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundCloud Downloader
2014-04-25 23:49 - 2014-04-25 23:49 - 00000000 ____D () C:\Program Files (x86)\SoundCloud Downloader
2014-04-25 23:48 - 2014-04-25 23:48 - 00929416 _____ (CNET Download.com) C:\Users\FLOPPY\Downloads\cbsidlm-cbsi188-SoundYum_SoundCloud_Downloader-BP-75992700.exe
2014-04-25 23:43 - 2014-04-25 23:43 - 00000000 ____D () C:\Users\FLOPPY\Documents\Verfügbarkeiten
2014-04-25 23:35 - 2014-04-25 23:35 - 01071360 _____ (Solid State Networks) C:\Users\FLOPPY\Downloads\install_flashplayer13x32axau_ltr5x64d_awc_aih(2).exe
2014-04-19 23:36 - 2014-04-19 23:38 - 01071360 _____ (Solid State Networks) C:\Users\FLOPPY\Downloads\install_flashplayer13x32axau_ltr5x64d_awc_aih(1).exe
2014-04-19 23:28 - 2014-05-12 20:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-19 17:19 - 2014-04-19 17:19 - 00001222 _____ () C:\Users\FLOPPY\Desktop\Chromecast.lnk
2014-04-19 17:18 - 2014-05-13 23:23 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002UA.job
2014-04-19 17:18 - 2014-05-05 22:30 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002Core.job
2014-04-19 17:18 - 2014-04-19 17:18 - 00884608 _____ (Google Inc.) C:\Users\FLOPPY\Downloads\chromecastinstaller.exe
2014-04-19 17:18 - 2014-04-19 17:18 - 00003884 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002UA
2014-04-19 17:18 - 2014-04-19 17:18 - 00003488 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002Core
2014-04-19 17:18 - 2014-04-19 17:18 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2014-04-15 17:05 - 2014-04-15 17:05 - 01071360 _____ (Solid State Networks) C:\Users\FLOPPY\Downloads\install_flashplayer13x32axau_ltr5x64d_awc_aih.exe
2014-04-14 17:00 - 2014-04-14 17:00 - 00000000 ____D () C:\Users\FLOPPY\Desktop\Report München
2014-04-14 17:00 - 2014-04-14 17:00 - 00000000 ____D () C:\Users\FLOPPY\Desktop\Freundeskreis
2014-04-14 16:59 - 2014-04-18 12:29 - 00000000 ____D () C:\Users\FLOPPY\Desktop\ARTE Tracks

==================== One Month Modified Files and Folders =======

2014-05-14 22:19 - 2014-05-14 22:19 - 00028937 _____ () C:\Users\FLOPPY\Downloads\FRST.txt
2014-05-14 22:19 - 2014-05-14 22:18 - 00000000 ____D () C:\FRST
2014-05-14 22:19 - 2013-04-17 23:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-14 22:17 - 2014-05-14 22:17 - 02066944 _____ (Farbar) C:\Users\FLOPPY\Downloads\FRST64.exe
2014-05-14 22:16 - 2014-04-25 23:51 - 00000000 ____D () C:\Program Files\RrFilter
2014-05-14 22:16 - 2013-04-11 08:59 - 01391738 _____ () C:\Windows\WindowsUpdate.log
2014-05-14 22:15 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-14 22:15 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-14 22:14 - 2014-05-12 21:40 - 00002317 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-05-14 22:13 - 2013-07-09 23:04 - 00000000 ___RD () C:\Users\FLOPPY\Dropbox
2014-05-14 22:13 - 2013-07-09 23:01 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Dropbox
2014-05-14 22:12 - 2013-04-17 22:51 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Spotify
2014-05-14 22:11 - 2014-05-12 21:40 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-05-14 22:10 - 2013-06-12 22:54 - 00000000 ____D () C:\ProgramData\Kodak
2014-05-14 22:10 - 2013-04-17 21:47 - 00000000 ___RD () C:\Users\FLOPPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 22:10 - 2013-04-17 21:47 - 00000000 ___RD () C:\Users\FLOPPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 22:09 - 2014-04-27 13:32 - 00000434 ____H () C:\Windows\Tasks\SW-Booster-S-584836823.job
2014-05-14 22:09 - 2013-05-05 14:49 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-14 22:08 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-14 22:07 - 2009-07-14 06:51 - 00069226 _____ () C:\Windows\setupact.log
2014-05-14 22:05 - 2014-05-08 10:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-13 23:23 - 2014-04-19 17:18 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002UA.job
2014-05-13 23:22 - 2013-04-18 08:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-13 23:21 - 2013-09-25 17:42 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-13 23:20 - 2013-05-05 14:49 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-13 23:19 - 2013-09-25 17:42 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 22:20 - 2013-04-17 23:29 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 22:20 - 2013-04-17 23:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 22:20 - 2012-03-29 16:55 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 21:20 - 2013-04-11 18:52 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-05-13 21:20 - 2013-04-11 18:52 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-05-13 21:20 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-12 22:09 - 2014-05-12 22:09 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Lavasoft
2014-05-12 22:05 - 2010-11-21 05:47 - 00191050 _____ () C:\Windows\PFRO.log
2014-05-12 22:04 - 2014-05-12 22:04 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\LavasoftStatistics
2014-05-12 22:03 - 2014-04-27 13:32 - 00000000 ____D () C:\Program Files (x86)\SW-Booster
2014-05-12 21:58 - 2014-04-25 23:49 - 00000000 ____D () C:\Program Files\002
2014-05-12 21:52 - 2014-05-05 22:56 - 00000000 ____D () C:\ProgramData\BiTSaver
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\adawarebp
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\Program Files\Lavasoft
2014-05-12 21:39 - 2014-05-12 21:39 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-05-12 21:39 - 2014-05-12 21:39 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-05-12 21:37 - 2014-05-12 21:37 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-05-12 21:36 - 2014-05-12 21:36 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-12 21:35 - 2014-05-12 21:35 - 01727624 _____ () C:\Users\FLOPPY\Downloads\Adaware_Installer_11.1.5354.exe
2014-05-12 21:34 - 2014-05-12 21:33 - 01325827 _____ () C:\Users\FLOPPY\Downloads\adwcleaner08.exe
2014-05-12 20:43 - 2013-04-17 22:25 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Mozilla
2014-05-12 20:42 - 2014-05-12 20:42 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00001159 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 20:42 - 2014-04-19 23:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-12 20:41 - 2014-05-12 20:41 - 28852416 _____ (Mozilla) C:\Users\FLOPPY\Downloads\Firefox_Setup_de29.0.1.exe
2014-05-12 20:36 - 2014-04-25 23:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-05-12 20:31 - 2013-04-17 21:53 - 00000000 ____D () C:\Users\FLOPPY\Documents\On3On3On3
2014-05-09 08:14 - 2014-05-13 21:02 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-13 21:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 12:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-06 20:07 - 2014-05-06 19:53 - 00000000 ____D () C:\Users\FLOPPY\Documents\06-05-2014
2014-05-06 20:05 - 2014-05-06 19:57 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Windows Live
2014-05-06 20:00 - 2014-05-06 19:57 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\{11ADAE97-4CB8-400F-A992-A920B627BCA2}
2014-05-06 19:57 - 2014-05-06 19:57 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\{590EB2D2-819A-4CF9-92A2-F9E88F96E148}
2014-05-06 06:40 - 2014-05-13 23:23 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-13 23:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-13 23:22 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-13 23:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-13 23:23 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-13 23:23 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 22:56 - 2014-04-27 13:31 - 00000000 ____D () C:\ProgramData\fd55f1f9fbdbfd0a
2014-05-05 22:30 - 2014-04-19 17:18 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002Core.job
2014-05-05 22:16 - 2013-04-22 22:52 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Skype
2014-04-29 23:44 - 2014-04-29 23:42 - 00000000 ____D () C:\Users\FLOPPY\Desktop\SOUND#33
2014-04-28 09:08 - 2013-06-04 20:26 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\CrashDumps
2014-04-27 13:34 - 2014-04-27 13:34 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\EZDownloader
2014-04-27 13:32 - 2014-04-27 13:32 - 00002680 _____ () C:\Windows\System32\Tasks\SW-Booster-S-584836823
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Torch
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\ProgramData\YoutubeAdblocker
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\ProgramData\SNT
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Program Files (x86)\YoutubeAdblocker
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Program Files (x86)\SNT
2014-04-27 13:32 - 2014-04-27 13:31 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:30 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-27 13:32 - 2013-05-05 14:49 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Google
2014-04-27 13:31 - 2014-04-27 13:31 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Packages
2014-04-27 13:31 - 2014-04-27 13:31 - 00000000 ____D () C:\ProgramData\sAve! net
2014-04-27 13:31 - 2014-04-27 13:31 - 00000000 ____D () C:\Program Files (x86)\sAve! net
2014-04-27 13:31 - 2013-07-30 23:00 - 00000000 ____D () C:\Users\Administrator
2014-04-25 23:50 - 2014-04-25 23:50 - 00000000 ____D () C:\Program Files\rrsavings
2014-04-25 23:50 - 2014-04-25 23:50 - 00000000 ____D () C:\Program Files (x86)\Rr Savings
2014-04-25 23:49 - 2014-04-25 23:49 - 00001175 _____ () C:\Users\Public\Desktop\SoundCloud Downloader.lnk
2014-04-25 23:49 - 2014-04-25 23:49 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\SearchProtect
2014-04-25 23:49 - 2014-04-25 23:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundCloud Downloader
2014-04-25 23:49 - 2014-04-25 23:49 - 00000000 ____D () C:\Program Files (x86)\SoundCloud Downloader
2014-04-25 23:48 - 2014-04-25 23:48 - 00929416 _____ (CNET Download.com) C:\Users\FLOPPY\Downloads\cbsidlm-cbsi188-SoundYum_SoundCloud_Downloader-BP-75992700.exe
2014-04-25 23:43 - 2014-04-25 23:43 - 00000000 ____D () C:\Users\FLOPPY\Documents\Verfügbarkeiten
2014-04-25 23:35 - 2014-04-25 23:35 - 01071360 _____ (Solid State Networks) C:\Users\FLOPPY\Downloads\install_flashplayer13x32axau_ltr5x64d_awc_aih(2).exe
2014-04-25 10:07 - 2013-05-05 14:50 - 00002187 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-19 23:38 - 2014-04-19 23:36 - 01071360 _____ (Solid State Networks) C:\Users\FLOPPY\Downloads\install_flashplayer13x32axau_ltr5x64d_awc_aih(1).exe
2014-04-19 17:19 - 2014-04-19 17:19 - 00001222 _____ () C:\Users\FLOPPY\Desktop\Chromecast.lnk
2014-04-19 17:18 - 2014-04-19 17:18 - 00884608 _____ (Google Inc.) C:\Users\FLOPPY\Downloads\chromecastinstaller.exe
2014-04-19 17:18 - 2014-04-19 17:18 - 00003884 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002UA
2014-04-19 17:18 - 2014-04-19 17:18 - 00003488 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002Core
2014-04-19 17:18 - 2014-04-19 17:18 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2014-04-18 13:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-18 12:29 - 2014-04-14 16:59 - 00000000 ____D () C:\Users\FLOPPY\Desktop\ARTE Tracks
2014-04-15 17:05 - 2014-04-15 17:05 - 01071360 _____ (Solid State Networks) C:\Users\FLOPPY\Downloads\install_flashplayer13x32axau_ltr5x64d_awc_aih.exe
2014-04-14 17:00 - 2014-04-14 17:00 - 00000000 ____D () C:\Users\FLOPPY\Desktop\Report München
2014-04-14 17:00 - 2014-04-14 17:00 - 00000000 ____D () C:\Users\FLOPPY\Desktop\Freundeskreis

Some content of TEMP:
====================
C:\Users\FLOPPY\AppData\Local\Temp\140d64a9-ce21-4c16-9507-f0b0241bcda1.exe
C:\Users\FLOPPY\AppData\Local\Temp\djuced.exe
C:\Users\FLOPPY\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\FLOPPY\AppData\Local\Temp\nsiA930.exe
C:\Users\FLOPPY\AppData\Local\Temp\nsnA558.exe
C:\Users\FLOPPY\AppData\Local\Temp\nssA1CE.exe
C:\Users\FLOPPY\AppData\Local\Temp\nsxCB63.exe
C:\Users\FLOPPY\AppData\Local\Temp\nsxCFA8.exe
C:\Users\FLOPPY\AppData\Local\Temp\nsxD351.exe
C:\Users\FLOPPY\AppData\Local\Temp\ose00000.exe
C:\Users\FLOPPY\AppData\Local\Temp\setup.exe
C:\Users\FLOPPY\AppData\Local\Temp\SkypeSetup.exe
C:\Users\FLOPPY\AppData\Local\Temp\SPSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-13 21:00] - [2014-03-04 11:43] - 0455168 ____A (Microsoft Corporation) 88AB9B72B4BF3963A0DE0820B4B0B06C

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-02 22:21

==================== End Of Log ============================
--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2014
Ran by FLOPPY at 2014-05-14 22:20:14
Running from C:\Users\FLOPPY\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

 VIDEO DVR (HKLM-x32\...\{EBD0EE76-2CFC-4EE5-AFE6-7EEAA3B14332}) (Version: 2012.04.17 - -)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Ad-Aware Antivirus (HKLM\...\{6A16ADA5-0B30-4893-84AB-961B1340D14A}_AdAwareUpdater) (Version: 11.1.5354.0 - Lavasoft)
Ad-Aware Security Add-on (HKLM-x32\...\adawaretb) (Version: 3.8.0.11 - Lavasoft)
AdAwareInstaller (Version: 11.1.5354.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.1.5354.0 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.2.1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 2.1.0 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 2.1.0 - Amazon Services LLC) Hidden
AntimalwareEngine (Version: 2.6.0.0 - Lavasoft) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation)
BiTSaver (HKLM-x32\...\{A3FC46A0-9B62-0EF3-B475-743B3A2762B1}) (Version:  - BiutSAver) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
Celtx (2.7) (HKLM-x32\...\Celtx (2.7)) (Version: 2.7 (de) - Greyfirst)
center (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden
ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.316.0 - Google Inc.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1720_38230 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1720_38230 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DiskAid 5.46 (HKLM-x32\...\DiskAid_is1) (Version: 5.46 - DigiDNA)
DJ Control MP3 LE (HKLM-x32\...\{E3F1D02D-F48B-4854-AD02-B7F8903A8BCA}) (Version: 1.00.0000 - Guillemot)
DJUCED 18° (HKLM-x32\...\{34F730A3-77BA-4741-A02A-D40762FEF274}) (Version: 1.0.84 - Guillemot)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Drv (HKLM-x32\...\{DA71A94B-3617-4935-8BBE-1566B2174C95}) (Version: 1.00.0000 - My Company Name)
eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.0.13587 - Landesfinanzdirektion Thüringen)
essentials (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fooz Kids (HKLM-x32\...\FoozKids) (Version: 3.0.8 - FUHU, Inc.)
Fooz Kids (x32 Version: 3.0.8 - FUHU, Inc.) Hidden
Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hercules DJ Products Series drivers (HKLM-x32\...\{33999F1F-EA46-4E55-A239-1BA803235396}) (Version: 2.HDJS.2013 - Hercules)
HomeMedia (HKLM-x32\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 2.0.8920 - CyberLink Corporation)
honestech VHS to DVD 2.0 SE (HKLM-x32\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 2.0 - honestech)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Packard Bell)
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.4.2.34169 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
KODAK All-in-One Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.7.6.0 - Eastman Kodak Company)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Packard Bell)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.11000.8.100 - Nero AG)
Nero BackItUp 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.6.12700.0.7 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.19900.9.11 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{68AFA3A7-9265-4ABD-994A-ACA413E3715C}) (Version: 10.6.10300 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10900.31.0 - Nero AG)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 19.9.1.14 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA Grafiktreiber 285.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 285.90 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.48.261 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.5.21 (Version: 1.5.21 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Systemsteuerung 285.90 (Version: 285.90 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.5.21 - NVIDIA Corporation) Hidden
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.04.3505 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0915.2011 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)
Packard Bell Social Networks (x32 Version: 3.0.3106 - CyberLink Corp.) Hidden
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Packard Bell)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6339 - Realtek Semiconductor Corp.)
RrFilter (Version: 1.0.0.0 - RrFilter) Hidden
RrSavings (x32 Version: 1.0.0.0 - RrSavings) Hidden <==== ATTENTION
sAve! net (HKLM-x32\...\{7DD5E91C-3864-77EC-7635-D14910C2A03E}) (Version: 4.3.0.1667 - save. net)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.13.1.47 - Client Connect LTD) <==== ATTENTION
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SNT (HKLM-x32\...\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}) (Version: 2.1.0.1426 - SNT) <==== ATTENTION
SoundCloud Downloader version 1.01 (HKLM-x32\...\{288752BF-0B61-4219-ABD7-A205A3F44158}_is1) (Version: 1.01 - SoundYum)
Spotify (HKCU\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Video Web Camera (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Video Web Camera (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3505 - Packard Bell)
WildTangent Games App (Packard Bell Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
YoutubeAdblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: 4.0.0.1634 - YoutubeAdblocker) <==== ATTENTION
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

12-04-2014 15:23:21 Windows Update
18-04-2014 09:59:27 Windows Update
23-04-2014 20:57:06 Windows Update
29-04-2014 21:03:21 Windows Update
05-05-2014 21:48:56 Windows Update
08-05-2014 08:15:03 Windows Update
12-05-2014 18:38:29 Windows Update
12-05-2014 19:36:33 AA11
12-05-2014 20:25:56 Windows Update
13-05-2014 21:17:07 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00D6B526-5E1D-4A6A-8EAD-57A6DA79AAE0} - System32\Tasks\AdobeAAMUpdater-1.0-FLOPPY-PC-FLOPPY => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {135AC248-587B-4089-9D92-304EB58BE333} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-07-06] (Nero AG)
Task: {252551DA-CE94-467D-86E4-AB2672ED5D3B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-05] (Google Inc.)
Task: {3C883678-3B29-418F-B133-45404D81E2DC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002UA => C:\Users\FLOPPY\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-19] (Google Inc.)
Task: {42FFD094-0D30-4DA7-9DD5-E255A53A979F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation)
Task: {6D787CD4-09EA-40C2-867E-0D8EC898EE3C} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-05-20] (CyberLink)
Task: {89835EA3-7EC0-4530-8025-F3247153FC4F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002Core => C:\Users\FLOPPY\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-19] (Google Inc.)
Task: {A653FA83-B90F-46C0-B80D-62AC0243A024} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {A95755C3-DA65-4DEE-B663-CB38F2D841B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-05] (Google Inc.)
Task: {AA8BAEDC-EDC9-4377-A714-999207392B41} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {BEA74C3E-B688-48ED-846B-AFBDCCCAED06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DD254F56-B11E-49D7-A065-A52C8B8BB447} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {F7B15BBB-058D-4A39-B057-F7F7701AC01D} - System32\Tasks\SW-Booster-S-584836823 => c:\programdata\myapps\sw-booster\SW-Booster.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002Core.job => C:\Users\FLOPPY\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002UA.job => C:\Users\FLOPPY\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SW-Booster-S-584836823.job => c:\programdata\myapps\sw-booster\SW-Booster.exe

==================== Loaded Modules (whitelisted) =============

2014-01-23 16:09 - 2014-01-23 16:09 - 00702744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
2014-01-23 16:30 - 2014-01-23 16:30 - 00103800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_thread-vc100-mt-1_55.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00024440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_system-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00033656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_chrono-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00055680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_date_time-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00123776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_filesystem-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 03720040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareServiceKernel.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00685904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SQLite.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00158032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\pugixml.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 02595144 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\RCF.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00788856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_regex-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00602984 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareActivation.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00291192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareApplicationUpdater.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00142696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareGamingMode.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00098648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareReset.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00120152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTime.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00268152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdater.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00198024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00417128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIgnoreList.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00253800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareQuarantine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00293744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiMalwareEngine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00212336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiRootkitEngine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00509808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerHistory.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00607584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScanner.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00035192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_timer-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00325488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerScheduler.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00333688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareRealTimeProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00227688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIncompatibles.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00219488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiSpam.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00129896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiPhishing.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00599920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareParentalControl.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 01926504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareWebProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00263536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareEmailProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00650608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareNetworkProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00490848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareInstaller.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00106824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\zlib.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00149840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\libssh2.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00358744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwarePromo.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00291680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareFeedback.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00154464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SecurityCenter.dll
2013-07-17 17:10 - 2013-07-17 17:10 - 00777296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\BDSmartDB.dll
2014-03-06 15:52 - 2014-03-06 15:52 - 00171008 _____ () c:\Program Files\RrFilter\RrFilterService64.exe
2014-03-04 13:25 - 2014-03-04 13:25 - 00110080 _____ () c:\Program Files\RrFilter\nfapi.dll
2014-03-04 13:25 - 2014-03-04 13:25 - 00317952 _____ () c:\Program Files\RrFilter\ProtocolFilters.dll
2012-03-29 16:39 - 2011-06-10 19:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 04114264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
2014-01-23 16:29 - 2014-01-23 16:29 - 00500088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_locale-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00361824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\HtmlFramework.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00066904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\DllStorage.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00788848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTrayDefaultSkin.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00139608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\Localization.dll
2013-12-22 15:49 - 2014-03-07 22:39 - 03168576 _____ () C:\Users\FLOPPY\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-25 10:07 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\FLOPPY\AppData\Roaming\Dropbox\bin\libcef.dll
2014-04-25 10:07 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-25 10:07 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-25 10:07 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-25 10:07 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-25 10:07 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-02-16 19:43 - 2014-02-16 19:43 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ae685719bd599604bdf031cdad0ba38a\IsdiInterop.ni.dll
2013-04-11 09:08 - 2011-04-30 00:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-05-12 20:42 - 2014-05-07 04:27 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-13 22:20 - 2014-05-13 22:20 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/14/2014 10:09:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/14/2014 10:08:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding  17 21.178.168.192.in-addr.arpa. PTR FLOPPY-PC.local.

Error: (05/14/2014 10:08:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.21:5353  19 21.178.168.192.in-addr.arpa. PTR FLOPPY-PC-2.local.

Error: (05/13/2014 08:16:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/13/2014 08:14:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding  17 21.178.168.192.in-addr.arpa. PTR FLOPPY-PC.local.

Error: (05/13/2014 08:14:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.21:5353  19 21.178.168.192.in-addr.arpa. PTR FLOPPY-PC-2.local.

Error: (05/12/2014 10:06:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/12/2014 10:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding  17 21.178.168.192.in-addr.arpa. PTR FLOPPY-PC.local.

Error: (05/12/2014 10:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.21:5353  19 21.178.168.192.in-addr.arpa. PTR FLOPPY-PC-2.local.

Error: (05/12/2014 09:23:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 68266


System errors:
=============
Error: (05/12/2014 10:03:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "yewimmxqbs64" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3

Error: (05/12/2014 09:58:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "yewimmxqbs64" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/12/2014 09:57:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SW-Sustainer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/08/2014 00:17:13 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (05/01/2014 06:09:56 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst EFS erreicht.

Error: (04/27/2014 05:46:33 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (04/25/2014 11:51:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/15/2014 04:47:27 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (04/15/2014 04:47:27 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {88F5E7B2-09B9-471E-895A-25247585905C}

Error: (04/15/2014 04:46:13 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 71%
Total physical RAM: 3947.86 MB
Available physical RAM: 1124.51 MB
Total Pagefile: 7893.9 MB
Available Pagefile: 4566.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:222.73 GB) (Free:8.46 GB) NTFS
Drive d: (DATA) (Fixed) (Total:223.4 GB) (Free:223.27 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 2DA261E3)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=223 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 15.05.2014 19:43
Adware & Co. deinstallieren

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

ryan77 16.05.2014 17:51
Code:
ComboFix 14-05-16.01 - FLOPPY 16.05.2014  18:32:15.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.3948.873 [GMT 2:00]
ausgeführt von:: c:\users\FLOPPY\Desktop\ComboFix.exe
AV: Ad-Aware Antivirus *Disabled/Outdated* {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Ad-Aware Firewall *Disabled* {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Ad-Aware Antivirus *Disabled/Outdated* {631A84A5-349B-D564-3A83-A0F22C2DF32B}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\YoutubeAdblocker
c:\programdata\BiTSaver
c:\programdata\BiTSaver\WYMfDocwZ.exe
C:\UNWISE.EXE
c:\users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\onpkgljkhkcgmepgbiknanhgmmecfgbo
c:\users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\onpkgljkhkcgmepgbiknanhgmmecfgbo\2.1\background.html
c:\users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\onpkgljkhkcgmepgbiknanhgmmecfgbo\2.1\content.js
c:\users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\onpkgljkhkcgmepgbiknanhgmmecfgbo\2.1\lsdb.js
c:\users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\onpkgljkhkcgmepgbiknanhgmmecfgbo\2.1\manifest.json
c:\users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\onpkgljkhkcgmepgbiknanhgmmecfgbo\2.1\Msn7r.js
c:\users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Preferences
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-04-16 bis 2014-05-16  ))))))))))))))))))))))))))))))
.
.
2014-05-16 16:43 . 2014-05-16 16:43        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-05-16 16:43 . 2014-05-16 16:43        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp
2014-05-16 16:17 . 2014-05-16 16:17        --------        d-----w-        c:\program files (x86)\BiTSaver
2014-05-16 16:11 . 2014-05-16 16:11        75888        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{F96791CA-F1F5-4789-B389-B8980B377B63}\offreg.dll
2014-05-16 16:06 . 2014-05-16 16:06        --------        d-----w-        c:\program files (x86)\VS Revo Group
2014-05-16 14:57 . 2014-04-17 03:31        10651704        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{F96791CA-F1F5-4789-B389-B8980B377B63}\mpengine.dll
2014-05-16 14:48 . 2014-05-16 14:48        --------        d-----w-        c:\users\FLOPPY\AppData\Roaming\DropboxMaster
2014-05-14 20:18 . 2014-05-14 20:21        --------        d-----w-        C:\FRST
2014-05-13 21:23 . 2014-05-06 04:40        23544320        ----a-w-        c:\windows\system32\mshtml.dll
2014-05-13 21:23 . 2014-05-06 03:00        84992        ----a-w-        c:\windows\system32\mshtmled.dll
2014-05-13 21:22 . 2014-05-06 04:17        2724864        ----a-w-        c:\windows\system32\mshtml.tlb
2014-05-13 21:22 . 2014-05-06 03:07        2724864        ----a-w-        c:\windows\SysWow64\mshtml.tlb
2014-05-13 19:02 . 2014-03-25 02:43        14175744        ----a-w-        c:\windows\system32\shell32.dll
2014-05-13 19:02 . 2014-05-09 06:14        477184        ----a-w-        c:\windows\system32\aepdu.dll
2014-05-13 19:02 . 2014-05-09 06:11        424448        ----a-w-        c:\windows\system32\aeinv.dll
2014-05-13 18:59 . 2014-04-12 02:22        95680        ----a-w-        c:\windows\system32\drivers\ksecdd.sys
2014-05-13 18:59 . 2014-04-12 02:19        136192        ----a-w-        c:\windows\system32\sspicli.dll
2014-05-13 18:59 . 2014-04-12 02:19        31232        ----a-w-        c:\windows\system32\lsass.exe
2014-05-13 18:59 . 2014-03-04 09:44        39936        ----a-w-        c:\windows\system32\wincredprovider.dll
2014-05-13 18:59 . 2014-03-04 09:43        22016        ----a-w-        c:\windows\system32\credssp.dll
2014-05-13 18:59 . 2014-03-04 09:17        35328        ----a-w-        c:\windows\SysWow64\wincredprovider.dll
2014-05-13 18:59 . 2014-03-04 09:17        47616        ----a-w-        c:\windows\SysWow64\dpapiprovider.dll
2014-05-13 18:59 . 2014-04-12 02:19        29184        ----a-w-        c:\windows\system32\sspisrv.dll
2014-05-13 18:59 . 2014-04-12 02:19        28160        ----a-w-        c:\windows\system32\secur32.dll
2014-05-13 18:59 . 2014-04-12 02:12        22016        ----a-w-        c:\windows\SysWow64\secur32.dll
2014-05-13 18:59 . 2014-04-12 02:10        96768        ----a-w-        c:\windows\SysWow64\sspicli.dll
2014-05-13 18:59 . 2014-03-04 09:17        17408        ----a-w-        c:\windows\SysWow64\credssp.dll
2014-05-12 20:09 . 2014-05-12 20:09        --------        d-----w-        c:\users\FLOPPY\AppData\Roaming\Lavasoft
2014-05-12 19:40 . 2014-05-12 19:40        --------        d-----w-        c:\program files\Lavasoft
2014-05-12 19:40 . 2014-05-12 19:40        --------        d-----w-        c:\users\FLOPPY\AppData\Local\adawarebp
2014-05-12 19:40 . 2014-05-16 14:44        --------        d-----w-        c:\programdata\Ad-Aware Browsing Protection
2014-05-12 19:39 . 2014-05-12 19:39        --------        d-----w-        c:\program files (x86)\Toolbar Cleaner
2014-05-12 19:39 . 2014-05-12 19:39        --------        d-----w-        c:\program files (x86)\Lavasoft
2014-05-12 19:37 . 2014-05-12 19:37        --------        d-----w-        c:\program files\Common Files\Lavasoft
2014-05-12 19:36 . 2014-05-12 19:36        --------        d-----w-        c:\programdata\Lavasoft
2014-05-12 18:42 . 2014-05-12 18:42        --------        d-----w-        c:\program files (x86)\Mozilla Maintenance Service
2014-05-08 13:48 . 2014-05-08 13:48        227704        ----a-w-        c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-05-08 08:17 . 2014-03-06 06:00        359936        ----a-w-        c:\program files\Internet Explorer\IEShims.dll
2014-05-08 08:17 . 2014-03-06 05:50        257536        ----a-w-        c:\program files (x86)\Internet Explorer\IEShims.dll
2014-05-08 08:17 . 2014-03-06 08:32        574976        ----a-w-        c:\windows\system32\ieui.dll
2014-05-08 08:17 . 2014-03-06 08:57        548352        ----a-w-        c:\windows\system32\vbscript.dll
2014-05-08 08:17 . 2014-03-06 08:02        455168        ----a-w-        c:\windows\SysWow64\vbscript.dll
2014-05-08 08:17 . 2014-03-08 02:34        293072        ----a-w-        c:\program files\Internet Explorer\sqmapi.dll
2014-05-08 08:17 . 2014-03-08 01:59        235216        ----a-w-        c:\program files (x86)\Internet Explorer\sqmapi.dll
2014-05-08 08:17 . 2014-03-06 08:36        222720        ----a-w-        c:\program files\Internet Explorer\ielowutil.exe
2014-05-08 08:17 . 2014-03-06 07:44        482816        ----a-w-        c:\program files\Internet Explorer\ieinstal.exe
2014-05-08 08:17 . 2014-03-06 07:44        222720        ----a-w-        c:\program files (x86)\Internet Explorer\ielowutil.exe
2014-05-08 08:17 . 2014-03-06 07:03        470016        ----a-w-        c:\program files (x86)\Internet Explorer\ieinstal.exe
2014-05-06 17:57 . 2014-05-06 18:05        --------        d-----w-        c:\users\FLOPPY\AppData\Local\Windows Live
2014-04-27 11:34 . 2014-04-27 11:34        --------        d-----w-        c:\users\FLOPPY\AppData\Roaming\EZDownloader
2014-04-27 11:32 . 2014-05-16 16:21        --------        d-----w-        c:\programdata\SNT
2014-04-27 11:32 . 2014-05-16 16:21        --------        d-----w-        c:\program files (x86)\SNT
2014-04-27 11:32 . 2014-04-27 11:32        --------        d-----w-        c:\programdata\MyApps
2014-04-27 11:32 . 2014-05-12 20:03        --------        d-----w-        c:\program files (x86)\SW-Booster
2014-04-27 11:32 . 2014-05-16 16:25        --------        d-----w-        c:\programdata\YoutubeAdblocker
2014-04-25 21:51 . 2014-05-16 16:10        --------        d-----w-        c:\program files\RrFilter
2014-04-25 21:50 . 2014-04-25 21:50        --------        d-----w-        c:\program files (x86)\Rr Savings
2014-04-25 21:50 . 2014-05-05 20:57        --------        d-----w-        C:\temp
2014-04-25 21:50 . 2014-04-25 21:50        --------        d-----w-        c:\program files\rrsavings
2014-04-25 21:49 . 2014-05-12 19:58        --------        d-----w-        c:\program files\002
2014-04-25 21:49 . 2014-04-25 21:49        --------        d-----w-        c:\program files (x86)\SoundCloud Downloader
2014-04-25 21:49 . 2014-05-16 16:24        --------        d-----w-        c:\program files (x86)\SearchProtect
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-13 21:19 . 2013-09-25 15:42        93223848        ----a-w-        c:\windows\system32\MRT.exe
2014-05-13 20:20 . 2013-04-17 21:29        692400        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-13 20:20 . 2012-03-29 14:55        70832        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-31 20:46 . 2014-03-31 20:46        130712        ----a-w-        c:\windows\SysWow64\MSSTDFMT.DLL
2014-03-31 20:46 . 2014-03-31 20:46        1070232        ----a-w-        c:\windows\SysWow64\MSCOMCTL.OCX
2014-03-31 07:35 . 2010-11-21 03:27        270496        ------w-        c:\windows\system32\MpSigStub.exe
2014-03-04 09:44 . 2014-04-10 17:45        362496        ----a-w-        c:\windows\system32\wow64win.dll
2014-03-04 09:44 . 2014-04-10 17:45        243712        ----a-w-        c:\windows\system32\wow64.dll
2014-03-04 09:44 . 2014-04-10 17:45        13312        ----a-w-        c:\windows\system32\wow64cpu.dll
2014-03-04 09:44 . 2014-04-10 17:45        16384        ----a-w-        c:\windows\system32\ntvdm64.dll
2014-03-04 09:44 . 2014-04-10 17:45        1163264        ----a-w-        c:\windows\system32\kernel32.dll
2014-03-04 09:17 . 2014-04-10 17:45        14336        ----a-w-        c:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17 . 2014-04-10 17:45        44032        ----a-w-        c:\windows\apppatch\acwow64.dll
2014-03-04 09:16 . 2014-04-10 17:45        25600        ----a-w-        c:\windows\SysWow64\setup16.exe
2014-03-04 09:16 . 2014-04-10 17:45        5120        ----a-w-        c:\windows\SysWow64\wow32.dll
2014-03-04 08:09 . 2014-04-10 17:45        7680        ----a-w-        c:\windows\SysWow64\instnm.exe
2014-03-04 08:09 . 2014-04-10 17:45        2048        ----a-w-        c:\windows\SysWow64\user.exe
2014-02-28 13:16 . 2014-02-28 13:16        61736        ----a-w-        c:\windows\system32\drivers\netfilter64.sys
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}]
2014-04-15 14:56        87048        ----a-w-        c:\program files (x86)\Rr Savings\RrSavings.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
2014-05-02 18:36        116248        ----a-w-        c:\program files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{94CB3B6C-CB46-9C69-21A3-E9D62B9E883A}]
2014-04-27 11:31        423936        ----a-w-        c:\program files (x86)\sAve! net\WyfjwWMh.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll" [2014-05-02 116248]
.
[HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09        131248        ----a-w-        c:\users\FLOPPY\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09        131248        ----a-w-        c:\users\FLOPPY\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09        131248        ----a-w-        c:\users\FLOPPY\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify"="c:\users\FLOPPY\AppData\Roaming\Spotify\Spotify.exe" [2013-12-22 5951488]
"Spotify Web Helper"="c:\users\FLOPPY\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-12-22 1168896]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"Amazon Cloud Player"="c:\users\FLOPPY\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe" [2014-03-07 3168576]
"GoogleChromeAutoLaunch_B730D1ADEAF585236182F5039200F418"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-04-24 841032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"OOTag"="c:\program files (x86)\Packard Bell\OOBEOffer\OOTag.exe" [2010-02-23 13856]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-07-01 1103440]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-12 43848]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"EKStatusMonitor"="c:\program files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2013-01-15 2750840]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-02-21 152392]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2013-09-27 559696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"SpUninstallCleanUp"="REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect" [X]
.
c:\users\FLOPPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\FLOPPY\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-8 32668056]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.141\SSScheduler.exe [2014-1-16 329944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 Bulk;HDJBulk;c:\windows\system32\Drivers\HDJBulk.sys;c:\windows\SYSNATIVE\Drivers\HDJBulk.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 HDJMidi;DJ Control MP3 e2 MIDI;c:\windows\system32\DRIVERS\HDJMidi.sys;c:\windows\SYSNATIVE\DRIVERS\HDJMidi.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe [x]
R3 PCDSRVC{D368CD8C-F99229C4-06020200}_0;PCDSRVC{D368CD8C-F99229C4-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\users\admini~1\appdata\local\temp\8h8grf8pg9jx\pcdrdiag\bin\pcdsrvc_x64.pkms;c:\users\admini~1\appdata\local\temp\8h8grf8pg9jx\pcdrdiag\bin\pcdsrvc_x64.pkms [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 X86BDA;OEM Capture;c:\windows\system32\DRIVERS\OEMDrv.sys;c:\windows\SYSNATIVE\DRIVERS\OEMDrv.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20130531.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20130531.001\BHDrvx64.sys [x]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20130618.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20130618.001\IDSvia64.sys [x]
S1 netfilter64;netfilter64;c:\windows\system32\drivers\netfilter64.sys;c:\windows\SYSNATIVE\drivers\netfilter64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1309010.00E\SYMNETS.SYS [x]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
S2 HerculesDJControlMP3;Hercules DJ Control MP3;c:\program files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE;c:\program files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [x]
S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [x]
S2 LavasoftAdAwareService11;Ad-Aware Service 11;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
S2 RrFilterService64;RrFilterService64;c:\program files\RrFilter\RrFilterService64.exe;c:\program files\RrFilter\RrFilterService64.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-25 08:05        1078088        ----a-w-        c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-17 20:20]
.
2014-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-05 12:49]
.
2014-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-05 12:49]
.
2014-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002Core.job
- c:\users\FLOPPY\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-19 15:18]
.
2014-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002UA.job
- c:\users\FLOPPY\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-19 15:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
2014-05-02 18:36        132264        ----a-w-        c:\program files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{94CB3B6C-CB46-9C69-21A3-E9D62B9E883A}]
2014-04-27 11:31        472064        ----a-w-        c:\program files (x86)\sAve! net\WyfjwWMh.x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll" [2014-05-02 132264]
.
[HKEY_CLASSES_ROOT\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09        164016        ----a-w-        c:\users\FLOPPY\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09        164016        ----a-w-        c:\users\FLOPPY\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09        164016        ----a-w-        c:\users\FLOPPY\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09        164016        ----a-w-        c:\users\FLOPPY\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-21 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-21 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-21 416024]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-28 11786344]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-28 497648]
"Power Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2011-08-02 1831016]
"OOTag"="c:\program files (x86)\Packard Bell\OOBEOffer\ootag.exe" [2010-02-23 13856]
"Hercules DJ Series TrayAgent"="c:\program files\Guillemot\HDJTray\HDJSeries2TrayBar.exe" [2013-05-10 3572048]
"AdAwareTray"="c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe" [2014-01-23 4114264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=M2E93ADB8-E83F-48CB-A3B8-EEB07BCD9A6A&SearchSource=55&CUI=&UM=5&UP=SP359BB479-5022-4142-9A4B-12CD81A52285&SSPV=
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\FLOPPY\AppData\Roaming\Mozilla\Firefox\Profiles\xl13wikb.default\
FF - prefs.js: browser.search.selectedEngine - Trovi search
FF - prefs.js: keyword.URL - hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_8&idate=__installtime__&hsimp=yhs-lavasoft&ent=bs&q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-Conime - c:\windows\system32\conime.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{D368CD8C-F99229C4-06020200}_0]
"ImagePath"="\??\c:\users\admini~1\appdata\local\temp\8h8grf8pg9jx\pcdrdiag\bin\pcdsrvc_x64.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-05-16  18:47:25
ComboFix-quarantined-files.txt  2014-05-16 16:47
.
Vor Suchlauf: 10 Verzeichnis(se), 23.700.865.024 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 23.813.324.800 Bytes frei
.
- - End Of File - - 819412AC3AE323B5BD1B279391490B70
Hi! Vielen Dank schonmal für alles bisher, ich glaube aber leider, es hat noch nicht ganz geholfen Ich werde immer noch redirected...

schrauber 17.05.2014 14:36
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

ryan77 19.05.2014 20:11
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 19.05.2014
Suchlauf-Zeit: 20:22:49
Logdatei: mbam-scan-19-05-2014.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.05.19.09
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: FLOPPY

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 348283
Verstrichene Zeit: 26 Min, 59 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 1
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\RrFilterService64.exe, 2612, Löschen bei Neustart, [69dc2f247cff2610958b8af4887ad62a]

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 26
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{94CB3B6C-CB46-9C69-21A3-E9D62B9E883A}, In Quarantäne, [fa4b440f3546bd793dce3515b54ca957],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{94CB3B6C-CB46-9C69-21A3-E9D62B9E883A}, In Quarantäne, [fa4b440f3546bd793dce3515b54ca957],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{94CB3B6C-CB46-9C69-21A3-E9D62B9E883A}, In Quarantäne, [fa4b440f3546bd793dce3515b54ca957],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\net, In Quarantäne, [fa4b440f3546bd793dce3515b54ca957],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\net.5.14, In Quarantäne, [fa4b440f3546bd793dce3515b54ca957],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\net, In Quarantäne, [fa4b440f3546bd793dce3515b54ca957],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\net.5.14, In Quarantäne, [fa4b440f3546bd793dce3515b54ca957],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{94CB3B6C-CB46-9C69-21A3-E9D62B9E883A}, In Quarantäne, [fa4b440f3546bd793dce3515b54ca957],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-3435828442-162049101-3775305515-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{94CB3B6C-CB46-9C69-21A3-E9D62B9E883A}, In Quarantäne, [fa4b440f3546bd793dce3515b54ca957],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-3435828442-162049101-3775305515-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{94CB3B6C-CB46-9C69-21A3-E9D62B9E883A}, In Quarantäne, [fa4b440f3546bd793dce3515b54ca957],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{94CB3B6C-CB46-9C69-21A3-E9D62B9E883A}, In Quarantäne, [fa4b440f3546bd793dce3515b54ca957],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{94CB3B6C-CB46-9C69-21A3-E9D62B9E883A}, In Quarantäne, [fa4b440f3546bd793dce3515b54ca957],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{94CB3B6C-CB46-9C69-21A3-E9D62B9E883A}\INPROCSERVER32, In Quarantäne, [fa4b440f3546bd793dce3515b54ca957],
PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [dc69b1a2e4973afceb8a77b02ed43cc4],
PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [dc69b1a2e4973afceb8a77b02ed43cc4],
PUP.Optional.CouponDownloader.A, HKU\S-1-5-21-3435828442-162049101-3775305515-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [dc69b1a2e4973afceb8a77b02ed43cc4],
PUP.Optional.CouponDownloader.A, HKU\S-1-5-21-3435828442-162049101-3775305515-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [dc69b1a2e4973afceb8a77b02ed43cc4],
PUP.Optional.RRSavings.A, HKLM\SOFTWARE\Rr Savings, In Quarantäne, [65e0391a7ffc69cd53b6dab10af8639d],
PUP.Optional.RRSavings.A, HKLM\SOFTWARE\rrsavings, In Quarantäne, [59ec1340f487f93daf5b0b80867cc43c],
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{813BA625-B0FA-48D8-9B75-59759C88C219}, In Quarantäne, [fb4a183b3843999db3bd6522ac569d63],
PUP.Optional.RRSavings.A, HKU\S-1-5-21-3435828442-162049101-3775305515-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\RrSavings, In Quarantäne, [f74e0d4683f83afc5fad6427649e09f7],
PUP.Optional.RRSavings.A, HKU\S-1-5-21-3435828442-162049101-3775305515-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Rr Savings, In Quarantäne, [61e45af9ccafd16522eeaae1748e3fc1],
PUP.Optional.RRSavings.A, HKU\S-1-5-21-3435828442-162049101-3775305515-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\rrsavings, In Quarantäne, [430288cb26553ef83ad5276428da38c8],
PUP.Optional.WebSearchInfo, HKU\S-1-5-21-3435828442-162049101-3775305515-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, In Quarantäne, [bb8aa3b0c4b790a634974181b35040c0],
PUP.Optional.Softonic.A, HKU\S-1-5-21-3435828442-162049101-3775305515-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [e560d281562544f2ab4f96f66a98e41c],
PUP.Optional.RRSavings.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RrFilterService64, In Quarantäne, [69dc2f247cff2610958b8af4887ad62a],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 1
PUP.Optional.Conduit.A, HKU\S-1-5-21-3435828442-162049101-3775305515-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://search.conduit.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=M2E93ADB8-E83F-48CB-A3B8-EEB07BCD9A6A&SearchSource=55&CUI=&UM=5&UP=SP359BB479-5022-4142-9A4B-12CD81A52285&SSPV=, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.conduit.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=M2E93ADB8-E83F-48CB-A3B8-EEB07BCD9A6A&SearchSource=55&CUI=&UM=5&UP=SP359BB479-5022-4142-9A4B-12CD81A52285&SSPV=),Ersetzt,[53f275de2d4e1026a3f679cbfb09f10f]

Ordner: 4
PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker, In Quarantäne, [c97c5201e398e056a0010d6951b1a957],
PUP.Optional.RRSavings.A, C:\Program Files\rrsavings, In Quarantäne, [d76e2c271269d561908f94ea976b8b75],
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter, Löschen bei Neustart, [69dc2f247cff2610958b8af4887ad62a],
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\SSL, In Quarantäne, [69dc2f247cff2610958b8af4887ad62a],

Dateien: 21
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\sAve! net\WyfjwWMh.x64.dll, In Quarantäne, [fa4b440f3546bd793dce3515b54ca957],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\sAve! net\WyfjwWMh.dll, In Quarantäne, [fa4b440f3546bd793dce3515b54ca957],
PUP.Optional.CouponDownloader.A, C:\Program Files (x86)\Rr Savings\RrSavings.dll, In Quarantäne, [dc69b1a2e4973afceb8a77b02ed43cc4],
PUP.Optional.RegCleanPro, C:\Users\FLOPPY\Downloads\rcpsetup_matomyil_myil442191.exe, In Quarantäne, [8bbab0a3601b0432a6e4231137c94ab6],
PUP.Optional.LiveLyrics.A, C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.livelyrics00.live-lyrics.com_0.localstorage, In Quarantäne, [b590391abdbeb680c15c87fcee1411ef],
PUP.Optional.LiveLyrics.A, C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.livelyrics00.live-lyrics.com_0.localstorage-journal, In Quarantäne, [7fc6163d1c5f7cba7f9e7a09ef131fe1],
PUP.Optional.Trovi.A, C:\Users\FLOPPY\AppData\Roaming\Mozilla\Firefox\Profiles\xl13wikb.default\searchplugins\trovi-search.xml, In Quarantäne, [7dc8e76c7407b87e9ec22560d82af10f],
PUP.Optional.LiveLyrics.A, C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.livelyrics00.live-lyrics.com_0.localstorage, In Quarantäne, [c2833f14b8c3ca6c8bd77d081de5fe02],
PUP.Optional.LiveLyrics.A, C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.livelyrics00.live-lyrics.com_0.localstorage-journal, In Quarantäne, [ac994b08017ab1852141dbaa91718a76],
PUP.Optional.Superfish.A, C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, In Quarantäne, [6ed75201de9d35019dc6f78e45bded13],
PUP.Optional.Superfish.A, C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, In Quarantäne, [56ef143faad124127ae91075a0620ef2],
PUP.Optional.Conduit.A, C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage, In Quarantäne, [f055d1826a11cf67ba99d6b0ff03f010],
PUP.Optional.Conduit.A, C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage-journal, In Quarantäne, [93b2ff547308c373f85be89eeb1758a8],
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\Installbat64.dll, In Quarantäne, [69dc2f247cff2610958b8af4887ad62a],
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\Microsoft.Deployment.WindowsInstaller.dll, In Quarantäne, [69dc2f247cff2610958b8af4887ad62a],
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\Microsoft.Deployment.WindowsInstaller.xml, In Quarantäne, [69dc2f247cff2610958b8af4887ad62a],
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\nfapi.dll, Löschen bei Neustart, [69dc2f247cff2610958b8af4887ad62a],
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\ProtocolFilters.dll, Löschen bei Neustart, [69dc2f247cff2610958b8af4887ad62a],
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\RrFilterService64.exe, Löschen bei Neustart, [69dc2f247cff2610958b8af4887ad62a],
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\sample.dll, In Quarantäne, [69dc2f247cff2610958b8af4887ad62a],
PUP.Optional.Conduit.A, C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (      "search_url": "hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=M2E93ADB8-E83F-48CB-A3B8-EEB07BCD9A6A&SearchSource=58&CUI=&UM=5&UP=SP359BB479-5022-4142-9A4B-12CD81A52285&q={searchTerms}&SSPV=",), Ersetzt,[9ea76ce7bdbebd790187cab19173e61a]

Physische Sektoren: 0
(No malicious items detected)


(end)
Code:
# AdwCleaner v3.210 - Bericht erstellt am 19/05/2014 um 20:43:36
# Aktualisiert 19/05/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : FLOPPY - FLOPPY-PC
# Gestartet von : C:\Users\FLOPPY\Downloads\adwcleaner_3.210.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\SNT
Ordner Gelöscht : C:\Program Files (x86)\Rr Savings
Ordner Gelöscht : C:\Program Files (x86)\SNT
Ordner Gelöscht : C:\Program Files (x86)\SW-Booster
Ordner Gelöscht : C:\Program Files (x86)\Toolbar Cleaner
Ordner Gelöscht : C:\Windows\Installer\{813BA625-B0FA-48D8-9B75-59759C88C219}
Ordner Gelöscht : C:\Program Files\002
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\torch
Ordner Gelöscht : C:\Users\FLOPPY\AppData\Local\torch
Ordner Gelöscht : C:\Users\FLOPPY\AppData\LocalLow\adawaretb
Ordner Gelöscht : C:\Users\FLOPPY\AppData\Roaming\EZDownloader
Ordner Gelöscht : C:\Users\FLOPPY\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Gast\AppData\Local\torch
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\torch
Ordner Gelöscht : C:\Users\UpdatusUser\AppData\Local\torch
Ordner Gelöscht : C:\Users\FLOPPY\AppData\Roaming\Mozilla\Firefox\Profiles\xl13wikb.default\adawaretb
Ordner Gelöscht : C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bogkibnlaccdnmncohleiojlonaniedk
Ordner Gelöscht : C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\bogkibnlaccdnmncohleiojlonaniedk
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bogkibnlaccdnmncohleiojlonaniedk
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bogkibnlaccdnmncohleiojlonaniedk
Ordner Gelöscht : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\bogkibnlaccdnmncohleiojlonaniedk
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhfmobpmbmamakmailbgpehikbcgmnj
Ordner Gelöscht : C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhfmobpmbmamakmailbgpehikbcgmnj
Ordner Gelöscht : C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofjjfgnmnjmoihhmjpafcllkhinmboe

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_7-zip_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_7-zip_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Schlüssel Gelöscht : HKCU\Software\RegisteredApplicationsEx
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\adawarebp
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\adawaretb
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Schlüssel Gelöscht : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Schlüssel Gelöscht : HKLM\Software\adawaretb
Schlüssel Gelöscht : HKLM\Software\SW-Booster
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Toolbar Cleaner
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3566FB70-E722-4182-8266-815EAE862998}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\07BF6653227E2814286618E5EA689289
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\526AB318AF0B8D84B9579557C9882C91
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\07BF6653227E2814286618E5EA689289
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\526AB318AF0B8D84B9579557C9882C91

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\FLOPPY\AppData\Roaming\Mozilla\Firefox\Profiles\xl13wikb.default\prefs.js ]


-\\ Google Chrome v34.0.1847.131

[ Datei : C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=M2E93ADB8-E83F-48CB-A3B8-EEB07BCD9A6A&SearchSource=58&CUI=&UM=5&UP=SP359BB479-5022-4142-9A4B-12CD81A52285&q={searchTerms}&SSPV=
Gelöscht [Search Provider] : hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=2832&r=2014/04/27&hid=5828101733941526718&lg=EN&cc=DE&unqvl=51
Gelöscht [Extension] : bogkibnlaccdnmncohleiojlonaniedk
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gelöscht [Extension] : kofjjfgnmnjmoihhmjpafcllkhinmboe
Gelöscht [Extension] : obhfmobpmbmamakmailbgpehikbcgmnj

*************************

AdwCleaner[R0].txt - [8431 octets] - [19/05/2014 20:37:43]
AdwCleaner[S0].txt - [7955 octets] - [19/05/2014 20:43:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8015 octets] ##########
Code:
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by FLOPPY on 19.05.2014 at 20:53:06,80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\FLOPPY\appdata\local\{11ADAE97-4CB8-400F-A992-A920B627BCA2}
Successfully deleted: [Empty Folder] C:\Users\FLOPPY\appdata\local\{590EB2D2-819A-4CF9-92A2-F9E88F96E148}



~~~ FireFox

Successfully deleted: [Folder] C:\Users\FLOPPY\AppData\Roaming\mozilla\firefox\profiles\xl13wikb.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
Successfully deleted the following from C:\Users\FLOPPY\AppData\Roaming\mozilla\firefox\profiles\xl13wikb.default\prefs.js

user_pref("keyword.URL", "hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_8&idate=__installtime__&hsimp=yhs-lavasoft&ent=bs&q=");
Emptied folder: C:\Users\FLOPPY\AppData\Roaming\mozilla\firefox\profiles\xl13wikb.default\minidumps [2 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.05.2014 at 21:04:35,09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Und hier noch die FRST. Schaut gut aus!!


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by FLOPPY (administrator) on FLOPPY-PC on 19-05-2014 21:09:29
Running from C:\Users\FLOPPY\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Hercules®) C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Spotify Ltd) C:\Users\FLOPPY\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Users\FLOPPY\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Dropbox, Inc.) C:\Users\FLOPPY\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\cpl2\HDJSeries2CPL.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [Power Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [OOTag] => C:\Program Files (x86)\Packard Bell\OOBEOffer\ootag.exe [13856 2010-02-23] (Microsoft)
HKLM\...\Run: [Hercules DJ Series TrayAgent] => C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe [3572048 2013-05-10] (Hercules®)
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe [4114264 2014-01-23] ()
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [OOTag] => C:\Program Files (x86)\Packard Bell\OOBEOffer\OOTag.exe [13856 2010-02-23] (Microsoft)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\Run: [Spotify] => C:\Users\FLOPPY\AppData\Roaming\Spotify\Spotify.exe [5951488 2013-12-22] (Spotify Ltd)
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\Run: [Spotify Web Helper] => C:\Users\FLOPPY\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-22] (Spotify Ltd)
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\Run: [Amazon Cloud Player] => C:\Users\FLOPPY\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\Run: [GoogleChromeAutoLaunch_B730D1ADEAF585236182F5039200F418] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [241984 2011-11-27] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [203072 2011-11-27] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\FLOPPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\FLOPPY\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://webzugang.brnet.de/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\FLOPPY\AppData\Roaming\Mozilla\Firefox\Profiles\xl13wikb.default
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\FLOPPY\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\FLOPPY\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\IPSFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-04-27]

Chrome:
=======
CHR HomePage: https://www.google.de/
CHR StartupUrls: "hxxp://google.de/"
CHR DefaultSearchKeyword: trovi.search
CHR DefaultSearchProvider: Trovi search
CHR DefaultSearchURL: hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=M2E93ADB8-E83F-48CB-A3B8-EEB07BCD9A6A&SearchSource=58&CUI=&UM=5&UP=SP359BB479-5022-4142-9A4B-12CD81A52285&q={searchTerms}&SSPV=
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-07]
CHR Extension: (Google Drive) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-07]
CHR Extension: (YouTube) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-07]
CHR Extension: (Google Cast) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-04-19]
CHR Extension: (No Name) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\bogkibnlaccdnmncohleiojlonaniedk [2014-04-27]
CHR Extension: (No Name) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-21]
CHR Extension: (Google-Suche) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-07]
CHR Extension: (SNT) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehdjabpeiljihoefbmgkcmhoafnldain [2014-04-27]
CHR Extension: (No Name) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofjjfgnmnjmoihhmjpafcllkhinmboe [2014-04-25]
CHR Extension: (Norton Identity Protection) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-05-07]
CHR Extension: (Google Wallet) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13]
CHR Extension: (No Name) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhfmobpmbmamakmailbgpehikbcgmnj [2014-04-27]
CHR Extension: (Context Menu Search) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2014-04-27]
CHR Extension: (Google Mail) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-07]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\Exts\Chrome.crx [2013-04-28]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-08-02] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [36456 2011-05-30] (Acer Incorporated)
R2 HerculesDJControlMP3; C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [47104 2013-05-21] (Hercules®)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [702744 2014-01-23] ()
S2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20130531.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [258352 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-04-17] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-04-17] (Symantec Corporation)
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [274736 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20130618.001\IDSvia64.sys [513184 2013-04-17] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-19] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20130618.022\ENG64.SYS [126040 2013-05-22] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20130618.022\EX64.SYS [2098776 2013-05-22] (Symantec Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61736 2014-02-28] (NetFilterSDK.com)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-05-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2013-04-20] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [329800 2013-07-17] (BitDefender S.R.L.)
S3 X86BDA; C:\Windows\System32\DRIVERS\OEMDrv.sys [268416 2011-06-08] ( )
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 PCDSRVC{D368CD8C-F99229C4-06020200}_0; \??\c:\users\admini~1\appdata\local\temp\8h8grf8pg9jx\pcdrdiag\bin\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-19 21:08 - 2014-05-19 21:08 - 00000000 ____D () C:\Users\FLOPPY\Downloads\FRST-OlderVersion
2014-05-19 21:04 - 2014-05-19 21:04 - 00001641 _____ () C:\Users\FLOPPY\Desktop\JRT.txt
2014-05-19 20:53 - 2014-05-19 20:53 - 00000000 ____D () C:\Windows\ERUNT
2014-05-19 20:38 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-19 20:37 - 2014-05-19 20:43 - 00000000 ____D () C:\AdwCleaner
2014-05-19 20:35 - 2014-05-19 20:35 - 00010691 _____ () C:\Users\FLOPPY\Desktop\mbam-scan-19-05-2014.txt
2014-05-19 20:11 - 2014-05-19 20:11 - 01326389 _____ () C:\Users\FLOPPY\Downloads\adwcleaner_3.210.exe
2014-05-19 20:11 - 2014-05-19 20:11 - 01016261 _____ (Thisisu) C:\Users\FLOPPY\Downloads\JRT.exe
2014-05-19 19:55 - 2014-05-19 20:50 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-19 19:54 - 2014-05-19 19:54 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-19 19:54 - 2014-05-19 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-19 19:54 - 2014-05-19 19:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-19 19:54 - 2014-05-19 19:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-19 19:54 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-19 19:54 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-19 19:54 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-19 19:52 - 2014-05-19 19:52 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\FLOPPY\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-16 18:51 - 2014-05-16 18:51 - 00000000 __SHD () C:\Users\FLOPPY\AppData\Local\EmieUserList
2014-05-16 18:51 - 2014-05-16 18:51 - 00000000 __SHD () C:\Users\FLOPPY\AppData\Local\EmieSiteList
2014-05-16 18:47 - 2014-05-16 18:47 - 00033242 _____ () C:\ComboFix.txt
2014-05-16 18:29 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-16 18:29 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-16 18:29 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-16 18:29 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-16 18:29 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-16 18:29 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-16 18:29 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-16 18:29 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-16 18:28 - 2014-05-16 18:47 - 00000000 ____D () C:\Qoobox
2014-05-16 18:28 - 2014-05-16 18:45 - 00000000 ____D () C:\Windows\erdnt
2014-05-16 18:27 - 2014-05-16 18:27 - 05200990 ____R (Swearware) C:\Users\FLOPPY\Desktop\ComboFix.exe
2014-05-16 18:17 - 2014-05-16 18:17 - 00000000 ____D () C:\Program Files (x86)\BiTSaver
2014-05-16 18:06 - 2014-05-16 18:06 - 00001276 _____ () C:\Users\FLOPPY\Desktop\Revo Uninstaller.lnk
2014-05-16 18:06 - 2014-05-16 18:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-16 18:05 - 2014-05-16 18:05 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\FLOPPY\Downloads\revosetup95.exe
2014-05-16 16:48 - 2014-05-16 16:48 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\DropboxMaster
2014-05-14 22:20 - 2014-05-14 22:21 - 00046504 _____ () C:\Users\FLOPPY\Downloads\Addition.txt
2014-05-14 22:19 - 2014-05-19 21:09 - 00023291 _____ () C:\Users\FLOPPY\Downloads\FRST.txt
2014-05-14 22:18 - 2014-05-19 21:09 - 00000000 ____D () C:\FRST
2014-05-14 22:17 - 2014-05-19 21:08 - 02067456 _____ (Farbar) C:\Users\FLOPPY\Downloads\FRST64.exe
2014-05-13 23:23 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-13 23:23 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-13 23:23 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-13 23:22 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-13 23:22 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-13 23:22 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-13 21:02 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-13 21:02 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-13 21:02 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-13 21:02 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-13 21:00 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-13 21:00 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-13 21:00 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-13 21:00 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-13 21:00 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-13 21:00 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-13 21:00 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-13 21:00 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-13 21:00 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-13 21:00 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-13 21:00 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-13 21:00 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-13 21:00 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-13 21:00 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 20:59 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-13 20:59 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-13 20:59 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-13 20:59 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-13 20:59 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-13 20:59 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-13 20:59 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-13 20:59 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-13 20:59 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-13 20:59 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-13 20:59 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-13 20:59 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-12 22:09 - 2014-05-12 22:09 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Lavasoft
2014-05-12 22:04 - 2014-05-12 22:04 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\LavasoftStatistics
2014-05-12 21:40 - 2014-05-19 20:49 - 00002317 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-05-12 21:40 - 2014-05-19 20:47 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\adawarebp
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\Program Files\Lavasoft
2014-05-12 21:39 - 2014-05-12 21:39 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-05-12 21:37 - 2014-05-12 21:37 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-05-12 21:36 - 2014-05-12 21:36 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-12 21:35 - 2014-05-12 21:35 - 01727624 _____ () C:\Users\FLOPPY\Downloads\Adaware_Installer_11.1.5354.exe
2014-05-12 21:33 - 2014-05-12 21:34 - 01325827 _____ () C:\Users\FLOPPY\Downloads\adwcleaner08.exe
2014-05-12 20:42 - 2014-05-12 20:42 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00001159 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 20:41 - 2014-05-12 20:41 - 28852416 _____ (Mozilla) C:\Users\FLOPPY\Downloads\Firefox_Setup_de29.0.1.exe
2014-05-08 10:17 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-08 10:17 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-08 10:17 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-08 10:17 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-08 10:16 - 2014-05-14 22:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-08 10:16 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-08 10:16 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-08 10:16 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-08 10:16 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-08 10:16 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-08 10:16 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-08 10:16 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-08 10:16 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-08 10:16 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-08 10:16 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-08 10:16 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-08 10:16 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-08 10:16 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-08 10:16 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-08 10:16 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-08 10:16 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-08 10:16 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-08 10:16 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-08 10:16 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-08 10:16 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-08 10:16 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-08 10:16 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-08 10:16 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-08 10:16 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-08 10:16 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-08 10:16 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-08 10:16 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-08 10:16 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-08 10:16 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-08 10:16 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-08 10:16 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-08 10:16 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-08 10:16 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-08 10:16 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-08 10:16 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-08 10:16 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-08 10:16 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-08 10:16 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-08 10:16 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-08 10:16 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-06 19:57 - 2014-05-06 20:05 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Windows Live
2014-05-06 19:53 - 2014-05-06 20:07 - 00000000 ____D () C:\Users\FLOPPY\Documents\06-05-2014
2014-04-29 23:42 - 2014-04-29 23:44 - 00000000 ____D () C:\Users\FLOPPY\Desktop\SOUND#33
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-04-27 13:31 - 2014-05-19 20:22 - 00000000 ____D () C:\Program Files (x86)\sAve! net
2014-04-27 13:31 - 2014-05-19 19:56 - 00000000 ____D () C:\ProgramData\sAve! net
2014-04-27 13:31 - 2014-05-16 18:25 - 00000000 ____D () C:\ProgramData\fd55f1f9fbdbfd0a
2014-04-27 13:31 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-27 13:31 - 2014-04-27 13:31 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Packages
2014-04-27 13:30 - 2014-04-27 13:32 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-25 23:49 - 2014-04-25 23:49 - 00001175 _____ () C:\Users\Public\Desktop\SoundCloud Downloader.lnk
2014-04-25 23:49 - 2014-04-25 23:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundCloud Downloader
2014-04-25 23:49 - 2014-04-25 23:49 - 00000000 ____D () C:\Program Files (x86)\SoundCloud Downloader
2014-04-25 23:48 - 2014-04-25 23:48 - 00929416 _____ (CNET Download.com) C:\Users\FLOPPY\Downloads\cbsidlm-cbsi188-SoundYum_SoundCloud_Downloader-BP-75992700.exe
2014-04-25 23:43 - 2014-04-25 23:43 - 00000000 ____D () C:\Users\FLOPPY\Documents\Verfügbarkeiten
2014-04-25 23:35 - 2014-04-25 23:35 - 01071360 _____ (Solid State Networks) C:\Users\FLOPPY\Downloads\install_flashplayer13x32axau_ltr5x64d_awc_aih(2).exe
2014-04-19 23:36 - 2014-04-19 23:38 - 01071360 _____ (Solid State Networks) C:\Users\FLOPPY\Downloads\install_flashplayer13x32axau_ltr5x64d_awc_aih(1).exe
2014-04-19 23:28 - 2014-05-12 20:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-19 17:19 - 2014-04-19 17:19 - 00001222 _____ () C:\Users\FLOPPY\Desktop\Chromecast.lnk
2014-04-19 17:18 - 2014-05-19 20:23 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002UA.job
2014-04-19 17:18 - 2014-05-16 17:23 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002Core.job
2014-04-19 17:18 - 2014-04-19 17:18 - 00884608 _____ (Google Inc.) C:\Users\FLOPPY\Downloads\chromecastinstaller.exe
2014-04-19 17:18 - 2014-04-19 17:18 - 00003884 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002UA
2014-04-19 17:18 - 2014-04-19 17:18 - 00003488 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002Core
2014-04-19 17:18 - 2014-04-19 17:18 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast

==================== One Month Modified Files and Folders =======

2014-05-19 21:09 - 2014-05-14 22:19 - 00023291 _____ () C:\Users\FLOPPY\Downloads\FRST.txt
2014-05-19 21:09 - 2014-05-14 22:18 - 00000000 ____D () C:\FRST
2014-05-19 21:08 - 2014-05-19 21:08 - 00000000 ____D () C:\Users\FLOPPY\Downloads\FRST-OlderVersion
2014-05-19 21:08 - 2014-05-14 22:17 - 02067456 _____ (Farbar) C:\Users\FLOPPY\Downloads\FRST64.exe
2014-05-19 21:04 - 2014-05-19 21:04 - 00001641 _____ () C:\Users\FLOPPY\Desktop\JRT.txt
2014-05-19 20:56 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-19 20:56 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-19 20:53 - 2014-05-19 20:53 - 00000000 ____D () C:\Windows\ERUNT
2014-05-19 20:50 - 2014-05-19 19:55 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-19 20:49 - 2014-05-12 21:40 - 00002317 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-05-19 20:49 - 2013-07-09 23:04 - 00000000 ___RD () C:\Users\FLOPPY\Dropbox
2014-05-19 20:49 - 2013-07-09 23:01 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Dropbox
2014-05-19 20:48 - 2013-04-17 22:51 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Spotify
2014-05-19 20:47 - 2014-05-12 21:40 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-05-19 20:47 - 2013-06-12 22:54 - 00000000 ____D () C:\ProgramData\Kodak
2014-05-19 20:46 - 2013-05-05 14:49 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-19 20:46 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-19 20:46 - 2009-07-14 06:51 - 00069450 _____ () C:\Windows\setupact.log
2014-05-19 20:45 - 2010-11-21 05:47 - 00199878 _____ () C:\Windows\PFRO.log
2014-05-19 20:44 - 2013-04-11 08:59 - 01460429 _____ () C:\Windows\WindowsUpdate.log
2014-05-19 20:43 - 2014-05-19 20:37 - 00000000 ____D () C:\AdwCleaner
2014-05-19 20:35 - 2014-05-19 20:35 - 00010691 _____ () C:\Users\FLOPPY\Desktop\mbam-scan-19-05-2014.txt
2014-05-19 20:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-05-19 20:23 - 2014-04-19 17:18 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002UA.job
2014-05-19 20:22 - 2014-04-27 13:31 - 00000000 ____D () C:\Program Files (x86)\sAve! net
2014-05-19 20:20 - 2013-05-05 14:49 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-19 20:19 - 2013-04-17 23:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-19 20:11 - 2014-05-19 20:11 - 01326389 _____ () C:\Users\FLOPPY\Downloads\adwcleaner_3.210.exe
2014-05-19 20:11 - 2014-05-19 20:11 - 01016261 _____ (Thisisu) C:\Users\FLOPPY\Downloads\JRT.exe
2014-05-19 19:56 - 2014-04-27 13:31 - 00000000 ____D () C:\ProgramData\sAve! net
2014-05-19 19:54 - 2014-05-19 19:54 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-19 19:54 - 2014-05-19 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-19 19:54 - 2014-05-19 19:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-19 19:54 - 2014-05-19 19:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-19 19:52 - 2014-05-19 19:52 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\FLOPPY\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-16 18:51 - 2014-05-16 18:51 - 00000000 __SHD () C:\Users\FLOPPY\AppData\Local\EmieUserList
2014-05-16 18:51 - 2014-05-16 18:51 - 00000000 __SHD () C:\Users\FLOPPY\AppData\Local\EmieSiteList
2014-05-16 18:47 - 2014-05-16 18:47 - 00033242 _____ () C:\ComboFix.txt
2014-05-16 18:47 - 2014-05-16 18:28 - 00000000 ____D () C:\Qoobox
2014-05-16 18:47 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-05-16 18:45 - 2014-05-16 18:28 - 00000000 ____D () C:\Windows\erdnt
2014-05-16 18:44 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-16 18:27 - 2014-05-16 18:27 - 05200990 ____R (Swearware) C:\Users\FLOPPY\Desktop\ComboFix.exe
2014-05-16 18:25 - 2014-04-27 13:31 - 00000000 ____D () C:\ProgramData\fd55f1f9fbdbfd0a
2014-05-16 18:17 - 2014-05-16 18:17 - 00000000 ____D () C:\Program Files (x86)\BiTSaver
2014-05-16 18:06 - 2014-05-16 18:06 - 00001276 _____ () C:\Users\FLOPPY\Desktop\Revo Uninstaller.lnk
2014-05-16 18:06 - 2014-05-16 18:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-16 18:05 - 2014-05-16 18:05 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\FLOPPY\Downloads\revosetup95.exe
2014-05-16 17:23 - 2014-04-19 17:18 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002Core.job
2014-05-16 16:50 - 2013-04-21 14:30 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-16 16:48 - 2014-05-16 16:48 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\DropboxMaster
2014-05-16 16:48 - 2013-07-09 23:04 - 00001033 _____ () C:\Users\FLOPPY\Desktop\Dropbox.lnk
2014-05-16 16:48 - 2013-07-09 23:03 - 00001024 _____ () C:\Windows\wininit.ini
2014-05-16 16:48 - 2013-07-09 23:02 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-16 16:48 - 2013-04-17 21:47 - 00000000 ___RD () C:\Users\FLOPPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 22:21 - 2014-05-14 22:20 - 00046504 _____ () C:\Users\FLOPPY\Downloads\Addition.txt
2014-05-14 22:10 - 2013-04-17 21:47 - 00000000 ___RD () C:\Users\FLOPPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 22:05 - 2014-05-08 10:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-13 23:22 - 2013-04-18 08:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-13 23:21 - 2013-09-25 17:42 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-13 23:19 - 2013-09-25 17:42 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 22:20 - 2013-04-17 23:29 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 22:20 - 2013-04-17 23:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 22:20 - 2012-03-29 16:55 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 21:20 - 2013-04-11 18:52 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-05-13 21:20 - 2013-04-11 18:52 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-05-13 21:20 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-12 22:09 - 2014-05-12 22:09 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Lavasoft
2014-05-12 22:04 - 2014-05-12 22:04 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\LavasoftStatistics
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\adawarebp
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\Program Files\Lavasoft
2014-05-12 21:39 - 2014-05-12 21:39 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-05-12 21:37 - 2014-05-12 21:37 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-05-12 21:36 - 2014-05-12 21:36 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-12 21:35 - 2014-05-12 21:35 - 01727624 _____ () C:\Users\FLOPPY\Downloads\Adaware_Installer_11.1.5354.exe
2014-05-12 21:34 - 2014-05-12 21:33 - 01325827 _____ () C:\Users\FLOPPY\Downloads\adwcleaner08.exe
2014-05-12 20:43 - 2013-04-17 22:25 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Mozilla
2014-05-12 20:42 - 2014-05-12 20:42 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00001159 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 20:42 - 2014-04-19 23:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-12 20:41 - 2014-05-12 20:41 - 28852416 _____ (Mozilla) C:\Users\FLOPPY\Downloads\Firefox_Setup_de29.0.1.exe
2014-05-12 20:31 - 2013-04-17 21:53 - 00000000 ____D () C:\Users\FLOPPY\Documents\On3On3On3
2014-05-09 08:14 - 2014-05-13 21:02 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-13 21:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 12:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-06 20:07 - 2014-05-06 19:53 - 00000000 ____D () C:\Users\FLOPPY\Documents\06-05-2014
2014-05-06 20:05 - 2014-05-06 19:57 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Windows Live
2014-05-06 06:40 - 2014-05-13 23:23 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-13 23:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-13 23:22 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-13 23:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-13 23:23 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-13 23:23 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 22:16 - 2013-04-22 22:52 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Skype
2014-04-29 23:44 - 2014-04-29 23:42 - 00000000 ____D () C:\Users\FLOPPY\Desktop\SOUND#33
2014-04-28 09:08 - 2013-06-04 20:26 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\CrashDumps
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:31 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:30 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-27 13:32 - 2013-05-05 14:49 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Google
2014-04-27 13:31 - 2014-04-27 13:31 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Packages
2014-04-27 13:31 - 2013-07-30 23:00 - 00000000 ____D () C:\Users\Administrator
2014-04-25 23:49 - 2014-04-25 23:49 - 00001175 _____ () C:\Users\Public\Desktop\SoundCloud Downloader.lnk
2014-04-25 23:49 - 2014-04-25 23:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundCloud Downloader
2014-04-25 23:49 - 2014-04-25 23:49 - 00000000 ____D () C:\Program Files (x86)\SoundCloud Downloader
2014-04-25 23:48 - 2014-04-25 23:48 - 00929416 _____ (CNET Download.com) C:\Users\FLOPPY\Downloads\cbsidlm-cbsi188-SoundYum_SoundCloud_Downloader-BP-75992700.exe
2014-04-25 23:43 - 2014-04-25 23:43 - 00000000 ____D () C:\Users\FLOPPY\Documents\Verfügbarkeiten
2014-04-25 23:35 - 2014-04-25 23:35 - 01071360 _____ (Solid State Networks) C:\Users\FLOPPY\Downloads\install_flashplayer13x32axau_ltr5x64d_awc_aih(2).exe
2014-04-25 10:07 - 2013-05-05 14:50 - 00002187 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-19 23:38 - 2014-04-19 23:36 - 01071360 _____ (Solid State Networks) C:\Users\FLOPPY\Downloads\install_flashplayer13x32axau_ltr5x64d_awc_aih(1).exe
2014-04-19 17:19 - 2014-04-19 17:19 - 00001222 _____ () C:\Users\FLOPPY\Desktop\Chromecast.lnk
2014-04-19 17:18 - 2014-04-19 17:18 - 00884608 _____ (Google Inc.) C:\Users\FLOPPY\Downloads\chromecastinstaller.exe
2014-04-19 17:18 - 2014-04-19 17:18 - 00003884 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002UA
2014-04-19 17:18 - 2014-04-19 17:18 - 00003488 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002Core
2014-04-19 17:18 - 2014-04-19 17:18 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast

Some content of TEMP:
====================
C:\Users\FLOPPY\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpa_rsgb.dll
C:\Users\FLOPPY\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-13 21:00] - [2014-03-04 11:43] - 0455168 ____A (Microsoft Corporation) 88AB9B72B4BF3963A0DE0820B4B0B06C

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-02 22:21

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 20.05.2014 12:28

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

ryan77 25.05.2014 09:58
Sorry, hat ein bisschen gedauert:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=bb0a965626d2b54683a380c40bc03fe6
# engine=18342
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-21 08:02:51
# local_time=2014-05-21 10:02:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 95 32138965 163299156 0 0
# compatibility_mode=5893 16776573 100 94 89707 152332421 0 0
# scanned=122615
# found=9
# cleaned=0
# scan_time=1544
sh=AE4B3ECB491AEF6D1594361E820A6FCC8EF44E3E ft=1 fh=c71c0011d35ff60a vn="Variante von Win64/SProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SW-Booster\Assistant_x64.dll.vir"
sh=A57D81ECC6EC0F2472521463CF7AF370A79C83AE ft=1 fh=70e6f2a2b02f116f vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll"
sh=93726F317FFF4013C580FBC9D12F75468A8C1EF9 ft=1 fh=a547f944c4c4d942 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawaretb.dll"
sh=14618DA31EA7699542DFD99B1487535861F69F31 ft=1 fh=1887bac1b6dd0f0b vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe"
sh=078786A455720521670D54E1335EB54361CAB21F ft=1 fh=c71c001198f425ea vn="Win32/InstalleRex.M evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\InstallMate\{A93EDA10-0DA9-434F-A1A4-458B72DDF8E6}\Custom.dll"
sh=70622B1220013C8A7EF9B55FA2C840B4D3CF5A8D ft=1 fh=c71c0011adaa876f vn="Variante von Win32/AdWare.MultiPlug.K.gen Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\ProgramData\BiTSaver\WYMfDocwZ.exe.vir"
sh=078786A455720521670D54E1335EB54361CAB21F ft=1 fh=c71c001198f425ea vn="Win32/InstalleRex.M evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{A93EDA10-0DA9-434F-A1A4-458B72DDF8E6}\Custom.dll"
sh=05D1370984F61B46779F06DCCB1916054EB2EA1D ft=1 fh=4c0f1cbadc2ac215 vn="Win32/AdWare.1ClickDownload.AR Anwendung" ac=I fn="C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000"
sh=F184ECD8DE06110666B676F7220EA42FD4A72F7D ft=1 fh=044abef029e39beb vn="Variante von Win32/InstalleRex.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=bb0a965626d2b54683a380c40bc03fe6
# engine=18396
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-25 12:01:35
# local_time=2014-05-25 02:01:35 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 95 32412489 163572680 0 0
# compatibility_mode=5893 16776573 100 94 96759 152605945 0 0
# scanned=367222
# found=19
# cleaned=0
# scan_time=28926
sh=AE4B3ECB491AEF6D1594361E820A6FCC8EF44E3E ft=1 fh=c71c0011d35ff60a vn="Variante von Win64/SProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SW-Booster\Assistant_x64.dll.vir"
sh=A57D81ECC6EC0F2472521463CF7AF370A79C83AE ft=1 fh=70e6f2a2b02f116f vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll"
sh=93726F317FFF4013C580FBC9D12F75468A8C1EF9 ft=1 fh=a547f944c4c4d942 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawaretb.dll"
sh=14618DA31EA7699542DFD99B1487535861F69F31 ft=1 fh=1887bac1b6dd0f0b vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe"
sh=078786A455720521670D54E1335EB54361CAB21F ft=1 fh=c71c001198f425ea vn="Win32/InstalleRex.M evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\InstallMate\{A93EDA10-0DA9-434F-A1A4-458B72DDF8E6}\Custom.dll"
sh=70622B1220013C8A7EF9B55FA2C840B4D3CF5A8D ft=1 fh=c71c0011adaa876f vn="Variante von Win32/AdWare.MultiPlug.K.gen Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\ProgramData\BiTSaver\WYMfDocwZ.exe.vir"
sh=078786A455720521670D54E1335EB54361CAB21F ft=1 fh=c71c001198f425ea vn="Win32/InstalleRex.M evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{A93EDA10-0DA9-434F-A1A4-458B72DDF8E6}\Custom.dll"
sh=05D1370984F61B46779F06DCCB1916054EB2EA1D ft=1 fh=4c0f1cbadc2ac215 vn="Win32/AdWare.1ClickDownload.AR Anwendung" ac=I fn="C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000"
sh=F184ECD8DE06110666B676F7220EA42FD4A72F7D ft=1 fh=044abef029e39beb vn="Variante von Win32/InstalleRex.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000"
sh=8C1A270A3E81D7518139BD46DB8A43CCAEF3DDD1 ft=1 fh=d9bd99f6bd59a735 vn="Variante von Win32/InstallIQ.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\FLOPPY\Documents\Programme\FinalMediaPlayer2011Setup.exe"
sh=8B25544C22C8325419510237FEBBEDA48B9782C9 ft=1 fh=77b67014d1f9f560 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\FLOPPY\Documents\Programme\media.player.codec.pack.v3.9.6.setup.exe"
sh=D0357617961BF3D526BEFAAB0048CBB983EA4DF9 ft=1 fh=c604c933e8b9509f vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\FLOPPY\Documents\Programme\PDFCreator-1_7_0_setup.exe"
sh=F559791CA0E986B703345AF29199BC44D8CE4588 ft=1 fh=da4c4dc80b2cd28d vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\FLOPPY\Documents\Programme\SoftonicDownloader_fuer_7-zip.exe"
sh=6E45431B698CDB7BE8F1A41266BE7B327F33AD38 ft=1 fh=e5f91a3476785862 vn="Win32/Adware.ADON evtl. unerwünschte Anwendung" ac=I fn="C:\Users\FLOPPY\Documents\Programme\Unlocker1.9.1.exe"
sh=19876B0C21073CE7AC4725124851FC36B7EA7301 ft=1 fh=31b372839de59c7b vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\FLOPPY\Downloads\cbsidlm-cbsi188-SoundYum_SoundCloud_Downloader-BP-75992700.exe"
sh=8C1A270A3E81D7518139BD46DB8A43CCAEF3DDD1 ft=1 fh=d9bd99f6bd59a735 vn="Variante von Win32/InstallIQ.A evtl. unerwünschte Anwendung" ac=I fn="F:\Dokumente\Programme\FinalMediaPlayer2011Setup.exe"
sh=8B25544C22C8325419510237FEBBEDA48B9782C9 ft=1 fh=77b67014d1f9f560 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="F:\Dokumente\Programme\media.player.codec.pack.v3.9.6.setup.exe"
sh=F559791CA0E986B703345AF29199BC44D8CE4588 ft=1 fh=da4c4dc80b2cd28d vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="F:\Dokumente\Programme\SoftonicDownloader_fuer_7-zip.exe"
sh=6E45431B698CDB7BE8F1A41266BE7B327F33AD38 ft=1 fh=e5f91a3476785862 vn="Win32/Adware.ADON evtl. unerwünschte Anwendung" ac=I fn="F:\Dokumente\Programme\Unlocker1.9.1.exe"
Code:
Results of screen317's Security Check version 0.99.83 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Ad-Aware Antivirus       
Norton Internet Security 
 Antivirus out of date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Flash Player 13.0.0.214 
 Adobe Reader XI 
 Mozilla Firefox (29.0.1)
 Google Chrome 34.0.1847.116 
 Google Chrome 34.0.1847.131 
````````Process Check: objlist.exe by Laurent```````` 
 Norton ccSvcHst.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.1.5354.0\AdAwareTray.exe
 Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.1.5354.0\AdAwareService.exe
 Malwarebytes Anti-Malware mbamscheduler.exe 
 Symantec Norton Online Backup NOBuAgent.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
Und das FRST:


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014
Ran by FLOPPY (administrator) on FLOPPY-PC on 25-05-2014 10:57:00
Running from C:\Users\FLOPPY\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Hercules®) C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Spotify Ltd) C:\Users\FLOPPY\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
() C:\Users\FLOPPY\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dropbox, Inc.) C:\Users\FLOPPY\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\cpl2\HDJSeries2CPL.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\FLOPPY\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [Power Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [OOTag] => C:\Program Files (x86)\Packard Bell\OOBEOffer\ootag.exe [13856 2010-02-23] (Microsoft)
HKLM\...\Run: [Hercules DJ Series TrayAgent] => C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe [3572048 2013-05-10] (Hercules®)
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe [4114264 2014-01-23] ()
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [OOTag] => C:\Program Files (x86)\Packard Bell\OOBEOffer\OOTag.exe [13856 2010-02-23] (Microsoft)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\Run: [Spotify] => C:\Users\FLOPPY\AppData\Roaming\Spotify\Spotify.exe [5951488 2013-12-22] (Spotify Ltd)
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\Run: [Spotify Web Helper] => C:\Users\FLOPPY\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-22] (Spotify Ltd)
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\Run: [Amazon Cloud Player] => C:\Users\FLOPPY\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\Run: [GoogleChromeAutoLaunch_B730D1ADEAF585236182F5039200F418] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [241984 2011-11-27] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [203072 2011-11-27] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\FLOPPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\FLOPPY\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://webzugang.brnet.de/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\FLOPPY\AppData\Roaming\Mozilla\Firefox\Profiles\xl13wikb.default
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\FLOPPY\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\FLOPPY\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\IPSFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-04-27]

Chrome:
=======
CHR HomePage: https://www.google.de/
CHR StartupUrls: "hxxp://google.de/"
CHR Extension: (Google Docs) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-07]
CHR Extension: (Google Drive) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-07]
CHR Extension: (YouTube) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-07]
CHR Extension: (Google Cast) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-04-19]
CHR Extension: (Google-Suche) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-07]
CHR Extension: (SNT) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehdjabpeiljihoefbmgkcmhoafnldain [2014-04-27]
CHR Extension: (Google Wallet) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13]
CHR Extension: (Context Menu Search) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2014-04-27]
CHR Extension: (Google Mail) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-07]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\Exts\Chrome.crx [2013-04-28]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-08-02] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [36456 2011-05-30] (Acer Incorporated)
R2 HerculesDJControlMP3; C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [47104 2013-05-21] (Hercules®)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [702744 2014-01-23] ()
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20130531.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [258352 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-04-17] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-04-17] (Symantec Corporation)
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [274736 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20130618.001\IDSvia64.sys [513184 2013-04-17] (Symantec Corporation)
U0 kuanuhb; C:\Windows\System32\drivers\rhdarp.sys [79064 2014-05-25] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20130618.022\ENG64.SYS [126040 2013-05-22] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20130618.022\EX64.SYS [2098776 2013-05-22] (Symantec Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61736 2014-02-28] (NetFilterSDK.com)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-05-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2013-04-20] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [329800 2013-07-17] (BitDefender S.R.L.)
S3 X86BDA; C:\Windows\System32\DRIVERS\OEMDrv.sys [268416 2011-06-08] ( )
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 PCDSRVC{D368CD8C-F99229C4-06020200}_0; \??\c:\users\admini~1\appdata\local\temp\8h8grf8pg9jx\pcdrdiag\bin\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-25 02:59 - 2014-05-25 02:59 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\rhdarp.sys
2014-05-21 22:01 - 2014-05-21 22:04 - 00854367 _____ () C:\Users\FLOPPY\Downloads\SecurityCheck.exe
2014-05-20 21:30 - 2014-05-20 21:30 - 02347384 _____ (ESET) C:\Users\FLOPPY\Downloads\esetsmartinstaller_deu.exe
2014-05-19 21:08 - 2014-05-25 10:56 - 00000000 ____D () C:\Users\FLOPPY\Downloads\FRST-OlderVersion
2014-05-19 21:04 - 2014-05-19 21:04 - 00001641 _____ () C:\Users\FLOPPY\Desktop\JRT.txt
2014-05-19 20:53 - 2014-05-19 20:53 - 00000000 ____D () C:\Windows\ERUNT
2014-05-19 20:38 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-19 20:37 - 2014-05-19 20:43 - 00000000 ____D () C:\AdwCleaner
2014-05-19 20:35 - 2014-05-19 20:35 - 00010691 _____ () C:\Users\FLOPPY\Desktop\mbam-scan-19-05-2014.txt
2014-05-19 20:11 - 2014-05-19 20:11 - 01326389 _____ () C:\Users\FLOPPY\Downloads\adwcleaner_3.210.exe
2014-05-19 20:11 - 2014-05-19 20:11 - 01016261 _____ (Thisisu) C:\Users\FLOPPY\Downloads\JRT.exe
2014-05-19 19:55 - 2014-05-25 10:42 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-19 19:54 - 2014-05-19 19:54 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-19 19:54 - 2014-05-19 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-19 19:54 - 2014-05-19 19:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-19 19:54 - 2014-05-19 19:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-19 19:54 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-19 19:54 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-19 19:54 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-19 19:52 - 2014-05-19 19:52 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\FLOPPY\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-16 18:51 - 2014-05-16 18:51 - 00000000 __SHD () C:\Users\FLOPPY\AppData\Local\EmieUserList
2014-05-16 18:51 - 2014-05-16 18:51 - 00000000 __SHD () C:\Users\FLOPPY\AppData\Local\EmieSiteList
2014-05-16 18:47 - 2014-05-16 18:47 - 00033242 _____ () C:\ComboFix.txt
2014-05-16 18:29 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-16 18:29 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-16 18:29 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-16 18:29 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-16 18:29 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-16 18:29 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-16 18:29 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-16 18:29 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-16 18:28 - 2014-05-16 18:47 - 00000000 ____D () C:\Qoobox
2014-05-16 18:28 - 2014-05-16 18:45 - 00000000 ____D () C:\Windows\erdnt
2014-05-16 18:27 - 2014-05-16 18:27 - 05200990 ____R (Swearware) C:\Users\FLOPPY\Desktop\ComboFix.exe
2014-05-16 18:17 - 2014-05-16 18:17 - 00000000 ____D () C:\Program Files (x86)\BiTSaver
2014-05-16 18:06 - 2014-05-16 18:06 - 00001276 _____ () C:\Users\FLOPPY\Desktop\Revo Uninstaller.lnk
2014-05-16 18:06 - 2014-05-16 18:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-16 18:05 - 2014-05-16 18:05 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\FLOPPY\Downloads\revosetup95.exe
2014-05-16 16:48 - 2014-05-16 16:48 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\DropboxMaster
2014-05-14 22:20 - 2014-05-14 22:21 - 00046504 _____ () C:\Users\FLOPPY\Downloads\Addition.txt
2014-05-14 22:19 - 2014-05-25 10:57 - 00023252 _____ () C:\Users\FLOPPY\Downloads\FRST.txt
2014-05-14 22:18 - 2014-05-25 10:57 - 00000000 ____D () C:\FRST
2014-05-14 22:17 - 2014-05-25 10:56 - 02066432 _____ (Farbar) C:\Users\FLOPPY\Downloads\FRST64.exe
2014-05-13 23:23 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-13 23:23 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-13 23:23 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-13 23:22 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-13 23:22 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-13 23:22 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-13 21:02 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-13 21:02 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-13 21:02 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-13 21:02 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-13 21:00 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-13 21:00 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-13 21:00 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-13 21:00 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-13 21:00 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-13 21:00 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-13 21:00 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-13 21:00 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-13 21:00 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-13 21:00 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-13 21:00 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-13 21:00 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-13 21:00 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-13 21:00 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 20:59 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-13 20:59 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-13 20:59 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-13 20:59 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-13 20:59 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-13 20:59 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-13 20:59 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-13 20:59 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-13 20:59 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-13 20:59 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-13 20:59 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-13 20:59 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-12 22:09 - 2014-05-12 22:09 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Lavasoft
2014-05-12 22:04 - 2014-05-12 22:04 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\LavasoftStatistics
2014-05-12 21:40 - 2014-05-23 23:00 - 00002317 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-05-12 21:40 - 2014-05-23 22:59 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\adawarebp
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\Program Files\Lavasoft
2014-05-12 21:39 - 2014-05-12 21:39 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-05-12 21:37 - 2014-05-12 21:37 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-05-12 21:36 - 2014-05-12 21:36 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-12 21:35 - 2014-05-12 21:35 - 01727624 _____ () C:\Users\FLOPPY\Downloads\Adaware_Installer_11.1.5354.exe
2014-05-12 21:33 - 2014-05-12 21:34 - 01325827 _____ () C:\Users\FLOPPY\Downloads\adwcleaner08.exe
2014-05-12 20:42 - 2014-05-12 20:42 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00001159 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 20:41 - 2014-05-12 20:41 - 28852416 _____ (Mozilla) C:\Users\FLOPPY\Downloads\Firefox_Setup_de29.0.1.exe
2014-05-08 10:17 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-08 10:17 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-08 10:17 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-08 10:17 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-08 10:16 - 2014-05-14 22:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-08 10:16 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-08 10:16 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-08 10:16 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-08 10:16 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-08 10:16 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-08 10:16 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-08 10:16 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-08 10:16 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-08 10:16 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-08 10:16 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-08 10:16 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-08 10:16 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-08 10:16 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-08 10:16 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-08 10:16 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-08 10:16 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-08 10:16 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-08 10:16 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-08 10:16 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-08 10:16 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-08 10:16 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-08 10:16 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-08 10:16 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-08 10:16 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-08 10:16 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-08 10:16 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-08 10:16 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-08 10:16 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-08 10:16 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-08 10:16 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-08 10:16 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-08 10:16 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-08 10:16 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-08 10:16 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-08 10:16 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-08 10:16 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-08 10:16 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-08 10:16 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-08 10:16 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-08 10:16 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-06 19:57 - 2014-05-06 20:05 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Windows Live
2014-05-06 19:53 - 2014-05-06 20:07 - 00000000 ____D () C:\Users\FLOPPY\Documents\06-05-2014
2014-04-29 23:42 - 2014-04-29 23:44 - 00000000 ____D () C:\Users\FLOPPY\Desktop\SOUND#33
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-04-27 13:31 - 2014-05-19 20:22 - 00000000 ____D () C:\Program Files (x86)\sAve! net
2014-04-27 13:31 - 2014-05-19 19:56 - 00000000 ____D () C:\ProgramData\sAve! net
2014-04-27 13:31 - 2014-05-16 18:25 - 00000000 ____D () C:\ProgramData\fd55f1f9fbdbfd0a
2014-04-27 13:31 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-27 13:31 - 2014-04-27 13:31 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Packages
2014-04-27 13:30 - 2014-04-27 13:32 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-25 23:49 - 2014-04-25 23:49 - 00001175 _____ () C:\Users\Public\Desktop\SoundCloud Downloader.lnk
2014-04-25 23:49 - 2014-04-25 23:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundCloud Downloader
2014-04-25 23:49 - 2014-04-25 23:49 - 00000000 ____D () C:\Program Files (x86)\SoundCloud Downloader
2014-04-25 23:48 - 2014-04-25 23:48 - 00929416 _____ (CNET Download.com) C:\Users\FLOPPY\Downloads\cbsidlm-cbsi188-SoundYum_SoundCloud_Downloader-BP-75992700.exe
2014-04-25 23:43 - 2014-04-25 23:43 - 00000000 ____D () C:\Users\FLOPPY\Documents\Verfügbarkeiten
2014-04-25 23:35 - 2014-04-25 23:35 - 01071360 _____ (Solid State Networks) C:\Users\FLOPPY\Downloads\install_flashplayer13x32axau_ltr5x64d_awc_aih(2).exe

==================== One Month Modified Files and Folders =======

2014-05-25 10:57 - 2014-05-14 22:19 - 00023252 _____ () C:\Users\FLOPPY\Downloads\FRST.txt
2014-05-25 10:57 - 2014-05-14 22:18 - 00000000 ____D () C:\FRST
2014-05-25 10:56 - 2014-05-19 21:08 - 00000000 ____D () C:\Users\FLOPPY\Downloads\FRST-OlderVersion
2014-05-25 10:56 - 2014-05-14 22:17 - 02066432 _____ (Farbar) C:\Users\FLOPPY\Downloads\FRST64.exe
2014-05-25 10:42 - 2014-05-19 19:55 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-25 10:42 - 2014-04-19 17:18 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002UA.job
2014-05-25 10:42 - 2013-05-05 14:49 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-25 10:42 - 2013-05-05 14:49 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-25 10:42 - 2013-04-17 23:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-25 03:00 - 2013-04-11 08:59 - 01542596 _____ () C:\Windows\WindowsUpdate.log
2014-05-25 02:59 - 2014-05-25 02:59 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\rhdarp.sys
2014-05-25 02:59 - 2012-03-29 16:37 - 00000000 ____D () C:\Windows\ru
2014-05-25 01:45 - 2013-06-12 22:54 - 00000000 ____D () C:\ProgramData\Kodak
2014-05-25 01:43 - 2013-04-22 22:52 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Skype
2014-05-24 17:52 - 2013-06-04 20:26 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\CrashDumps
2014-05-24 17:50 - 2014-04-19 17:18 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002Core.job
2014-05-23 23:08 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-23 23:08 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-23 23:01 - 2013-07-09 23:04 - 00000000 ___RD () C:\Users\FLOPPY\Dropbox
2014-05-23 23:01 - 2013-07-09 23:01 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Dropbox
2014-05-23 23:00 - 2014-05-12 21:40 - 00002317 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-05-23 22:59 - 2014-05-12 21:40 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-05-23 22:59 - 2013-04-17 22:51 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Spotify
2014-05-23 22:57 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-23 22:57 - 2009-07-14 06:51 - 00069618 _____ () C:\Windows\setupact.log
2014-05-21 22:04 - 2014-05-21 22:01 - 00854367 _____ () C:\Users\FLOPPY\Downloads\SecurityCheck.exe
2014-05-20 21:31 - 2013-04-11 18:52 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-05-20 21:31 - 2013-04-11 18:52 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-05-20 21:31 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-20 21:30 - 2014-05-20 21:30 - 02347384 _____ (ESET) C:\Users\FLOPPY\Downloads\esetsmartinstaller_deu.exe
2014-05-19 21:04 - 2014-05-19 21:04 - 00001641 _____ () C:\Users\FLOPPY\Desktop\JRT.txt
2014-05-19 20:53 - 2014-05-19 20:53 - 00000000 ____D () C:\Windows\ERUNT
2014-05-19 20:45 - 2010-11-21 05:47 - 00199878 _____ () C:\Windows\PFRO.log
2014-05-19 20:43 - 2014-05-19 20:37 - 00000000 ____D () C:\AdwCleaner
2014-05-19 20:35 - 2014-05-19 20:35 - 00010691 _____ () C:\Users\FLOPPY\Desktop\mbam-scan-19-05-2014.txt
2014-05-19 20:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-05-19 20:22 - 2014-04-27 13:31 - 00000000 ____D () C:\Program Files (x86)\sAve! net
2014-05-19 20:11 - 2014-05-19 20:11 - 01326389 _____ () C:\Users\FLOPPY\Downloads\adwcleaner_3.210.exe
2014-05-19 20:11 - 2014-05-19 20:11 - 01016261 _____ (Thisisu) C:\Users\FLOPPY\Downloads\JRT.exe
2014-05-19 19:56 - 2014-04-27 13:31 - 00000000 ____D () C:\ProgramData\sAve! net
2014-05-19 19:54 - 2014-05-19 19:54 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-19 19:54 - 2014-05-19 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-19 19:54 - 2014-05-19 19:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-19 19:54 - 2014-05-19 19:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-19 19:52 - 2014-05-19 19:52 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\FLOPPY\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-16 18:51 - 2014-05-16 18:51 - 00000000 __SHD () C:\Users\FLOPPY\AppData\Local\EmieUserList
2014-05-16 18:51 - 2014-05-16 18:51 - 00000000 __SHD () C:\Users\FLOPPY\AppData\Local\EmieSiteList
2014-05-16 18:47 - 2014-05-16 18:47 - 00033242 _____ () C:\ComboFix.txt
2014-05-16 18:47 - 2014-05-16 18:28 - 00000000 ____D () C:\Qoobox
2014-05-16 18:47 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-05-16 18:45 - 2014-05-16 18:28 - 00000000 ____D () C:\Windows\erdnt
2014-05-16 18:44 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-16 18:27 - 2014-05-16 18:27 - 05200990 ____R (Swearware) C:\Users\FLOPPY\Desktop\ComboFix.exe
2014-05-16 18:25 - 2014-04-27 13:31 - 00000000 ____D () C:\ProgramData\fd55f1f9fbdbfd0a
2014-05-16 18:17 - 2014-05-16 18:17 - 00000000 ____D () C:\Program Files (x86)\BiTSaver
2014-05-16 18:06 - 2014-05-16 18:06 - 00001276 _____ () C:\Users\FLOPPY\Desktop\Revo Uninstaller.lnk
2014-05-16 18:06 - 2014-05-16 18:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-16 18:05 - 2014-05-16 18:05 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\FLOPPY\Downloads\revosetup95.exe
2014-05-16 16:50 - 2013-04-21 14:30 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-16 16:48 - 2014-05-16 16:48 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\DropboxMaster
2014-05-16 16:48 - 2013-07-09 23:04 - 00001033 _____ () C:\Users\FLOPPY\Desktop\Dropbox.lnk
2014-05-16 16:48 - 2013-07-09 23:03 - 00001024 _____ () C:\Windows\wininit.ini
2014-05-16 16:48 - 2013-07-09 23:02 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-16 16:48 - 2013-04-17 21:47 - 00000000 ___RD () C:\Users\FLOPPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 22:21 - 2014-05-14 22:20 - 00046504 _____ () C:\Users\FLOPPY\Downloads\Addition.txt
2014-05-14 22:10 - 2013-04-17 21:47 - 00000000 ___RD () C:\Users\FLOPPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 22:05 - 2014-05-08 10:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-13 23:22 - 2013-04-18 08:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-13 23:21 - 2013-09-25 17:42 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-13 23:19 - 2013-09-25 17:42 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 22:20 - 2013-04-17 23:29 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 22:20 - 2013-04-17 23:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 22:20 - 2012-03-29 16:55 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-12 22:09 - 2014-05-12 22:09 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Lavasoft
2014-05-12 22:04 - 2014-05-12 22:04 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\LavasoftStatistics
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\adawarebp
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\Program Files\Lavasoft
2014-05-12 21:39 - 2014-05-12 21:39 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-05-12 21:37 - 2014-05-12 21:37 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-05-12 21:36 - 2014-05-12 21:36 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-12 21:35 - 2014-05-12 21:35 - 01727624 _____ () C:\Users\FLOPPY\Downloads\Adaware_Installer_11.1.5354.exe
2014-05-12 21:34 - 2014-05-12 21:33 - 01325827 _____ () C:\Users\FLOPPY\Downloads\adwcleaner08.exe
2014-05-12 20:43 - 2013-04-17 22:25 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Mozilla
2014-05-12 20:42 - 2014-05-12 20:42 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00001159 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 20:42 - 2014-04-19 23:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-12 20:41 - 2014-05-12 20:41 - 28852416 _____ (Mozilla) C:\Users\FLOPPY\Downloads\Firefox_Setup_de29.0.1.exe
2014-05-12 20:31 - 2013-04-17 21:53 - 00000000 ____D () C:\Users\FLOPPY\Documents\On3On3On3
2014-05-09 08:14 - 2014-05-13 21:02 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-13 21:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 12:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-06 20:07 - 2014-05-06 19:53 - 00000000 ____D () C:\Users\FLOPPY\Documents\06-05-2014
2014-05-06 20:05 - 2014-05-06 19:57 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Windows Live
2014-05-06 06:40 - 2014-05-13 23:23 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-13 23:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-13 23:22 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-13 23:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-13 23:23 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-13 23:23 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-29 23:44 - 2014-04-29 23:42 - 00000000 ____D () C:\Users\FLOPPY\Desktop\SOUND#33
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:31 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:30 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-27 13:32 - 2013-05-05 14:49 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Google
2014-04-27 13:31 - 2014-04-27 13:31 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Packages
2014-04-27 13:31 - 2013-07-30 23:00 - 00000000 ____D () C:\Users\Administrator
2014-04-25 23:49 - 2014-04-25 23:49 - 00001175 _____ () C:\Users\Public\Desktop\SoundCloud Downloader.lnk
2014-04-25 23:49 - 2014-04-25 23:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundCloud Downloader
2014-04-25 23:49 - 2014-04-25 23:49 - 00000000 ____D () C:\Program Files (x86)\SoundCloud Downloader
2014-04-25 23:48 - 2014-04-25 23:48 - 00929416 _____ (CNET Download.com) C:\Users\FLOPPY\Downloads\cbsidlm-cbsi188-SoundYum_SoundCloud_Downloader-BP-75992700.exe
2014-04-25 23:43 - 2014-04-25 23:43 - 00000000 ____D () C:\Users\FLOPPY\Documents\Verfügbarkeiten
2014-04-25 23:35 - 2014-04-25 23:35 - 01071360 _____ (Solid State Networks) C:\Users\FLOPPY\Downloads\install_flashplayer13x32axau_ltr5x64d_awc_aih(2).exe
2014-04-25 10:07 - 2013-05-05 14:50 - 00002187 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

Some content of TEMP:
====================
C:\Users\FLOPPY\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphkiorg.dll
C:\Users\FLOPPY\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-02 22:21

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 26.05.2014 11:25
Öffne mal bitte FRST, setz nen Haken bei Addition und scanne, poste beide Logfiles.

ryan77 26.05.2014 20:27
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by FLOPPY (administrator) on FLOPPY-PC on 26-05-2014 21:21:49
Running from C:\Users\FLOPPY\Downloads\FRST-OlderVersion
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Hercules®) C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Spotify Ltd) C:\Users\FLOPPY\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Users\FLOPPY\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\cpl2\HDJSeries2CPL.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Dropbox, Inc.) C:\Users\FLOPPY\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Users\FLOPPY\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\FLOPPY\AppData\Roaming\Spotify\spotify.exe
() C:\Users\FLOPPY\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\FLOPPY\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\FLOPPY\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\FLOPPY\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\FLOPPY\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\FLOPPY\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\FLOPPY\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\FLOPPY\AppData\Roaming\Spotify\Data\SpotifyHelper.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [Power Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [OOTag] => C:\Program Files (x86)\Packard Bell\OOBEOffer\ootag.exe [13856 2010-02-23] (Microsoft)
HKLM\...\Run: [Hercules DJ Series TrayAgent] => C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe [3572048 2013-05-10] (Hercules®)
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe [4114264 2014-01-23] ()
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [OOTag] => C:\Program Files (x86)\Packard Bell\OOBEOffer\OOTag.exe [13856 2010-02-23] (Microsoft)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\Run: [Spotify] => C:\Users\FLOPPY\AppData\Roaming\Spotify\Spotify.exe [5951488 2013-12-22] (Spotify Ltd)
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\Run: [Spotify Web Helper] => C:\Users\FLOPPY\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-22] (Spotify Ltd)
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\Run: [Amazon Cloud Player] => C:\Users\FLOPPY\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-3435828442-162049101-3775305515-1002\...\Run: [GoogleChromeAutoLaunch_B730D1ADEAF585236182F5039200F418] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [241984 2011-11-27] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [203072 2011-11-27] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\FLOPPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\FLOPPY\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://webzugang.brnet.de/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\FLOPPY\AppData\Roaming\Mozilla\Firefox\Profiles\xl13wikb.default
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\FLOPPY\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\FLOPPY\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\IPSFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-04-27]

Chrome:
=======
CHR HomePage: https://www.google.de/
CHR StartupUrls: "hxxp://google.de/"
CHR Extension: (Google Docs) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-07]
CHR Extension: (Google Drive) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-07]
CHR Extension: (YouTube) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-07]
CHR Extension: (Google Cast) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-04-19]
CHR Extension: (Google-Suche) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-07]
CHR Extension: (SNT) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehdjabpeiljihoefbmgkcmhoafnldain [2014-04-27]
CHR Extension: (Google Wallet) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13]
CHR Extension: (Context Menu Search) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2014-04-27]
CHR Extension: (Google Mail) - C:\Users\FLOPPY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-07]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\Exts\Chrome.crx [2013-04-28]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-08-02] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [36456 2011-05-30] (Acer Incorporated)
R2 HerculesDJControlMP3; C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [47104 2013-05-21] (Hercules®)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [702744 2014-01-23] ()
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20130531.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [258352 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-04-17] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-04-17] (Symantec Corporation)
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [274736 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20130618.001\IDSvia64.sys [513184 2013-04-17] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20130618.022\ENG64.SYS [126040 2013-05-22] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20130618.022\EX64.SYS [2098776 2013-05-22] (Symantec Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61736 2014-02-28] (NetFilterSDK.com)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-05-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2013-04-20] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [329800 2013-07-17] (BitDefender S.R.L.)
S3 X86BDA; C:\Windows\System32\DRIVERS\OEMDrv.sys [268416 2011-06-08] ( )
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 PCDSRVC{D368CD8C-F99229C4-06020200}_0; \??\c:\users\admini~1\appdata\local\temp\8h8grf8pg9jx\pcdrdiag\bin\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-21 22:01 - 2014-05-21 22:04 - 00854367 _____ () C:\Users\FLOPPY\Downloads\SecurityCheck.exe
2014-05-20 21:30 - 2014-05-20 21:30 - 02347384 _____ (ESET) C:\Users\FLOPPY\Downloads\esetsmartinstaller_deu.exe
2014-05-19 21:08 - 2014-05-26 21:21 - 00000000 ____D () C:\Users\FLOPPY\Downloads\FRST-OlderVersion
2014-05-19 20:53 - 2014-05-19 20:53 - 00000000 ____D () C:\Windows\ERUNT
2014-05-19 20:38 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-19 20:37 - 2014-05-19 20:43 - 00000000 ____D () C:\AdwCleaner
2014-05-19 20:11 - 2014-05-19 20:11 - 01326389 _____ () C:\Users\FLOPPY\Downloads\adwcleaner_3.210.exe
2014-05-19 20:11 - 2014-05-19 20:11 - 01016261 _____ (Thisisu) C:\Users\FLOPPY\Downloads\JRT.exe
2014-05-19 19:55 - 2014-05-26 18:57 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-19 19:54 - 2014-05-19 19:54 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-19 19:54 - 2014-05-19 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-19 19:54 - 2014-05-19 19:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-19 19:54 - 2014-05-19 19:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-19 19:54 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-19 19:54 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-19 19:54 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-19 19:52 - 2014-05-19 19:52 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\FLOPPY\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-16 18:51 - 2014-05-16 18:51 - 00000000 __SHD () C:\Users\FLOPPY\AppData\Local\EmieUserList
2014-05-16 18:51 - 2014-05-16 18:51 - 00000000 __SHD () C:\Users\FLOPPY\AppData\Local\EmieSiteList
2014-05-16 18:47 - 2014-05-16 18:47 - 00033242 _____ () C:\ComboFix.txt
2014-05-16 18:29 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-16 18:29 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-16 18:29 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-16 18:29 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-16 18:29 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-16 18:29 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-16 18:29 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-16 18:29 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-16 18:28 - 2014-05-16 18:47 - 00000000 ____D () C:\Qoobox
2014-05-16 18:28 - 2014-05-16 18:45 - 00000000 ____D () C:\Windows\erdnt
2014-05-16 18:27 - 2014-05-16 18:27 - 05200990 ____R (Swearware) C:\Users\FLOPPY\Desktop\ComboFix.exe
2014-05-16 18:17 - 2014-05-16 18:17 - 00000000 ____D () C:\Program Files (x86)\BiTSaver
2014-05-16 18:06 - 2014-05-16 18:06 - 00001276 _____ () C:\Users\FLOPPY\Desktop\Revo Uninstaller.lnk
2014-05-16 18:06 - 2014-05-16 18:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-16 18:05 - 2014-05-16 18:05 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\FLOPPY\Downloads\revosetup95.exe
2014-05-16 16:48 - 2014-05-25 20:00 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\DropboxMaster
2014-05-14 22:20 - 2014-05-14 22:21 - 00046504 _____ () C:\Users\FLOPPY\Downloads\Addition.txt
2014-05-14 22:19 - 2014-05-25 10:57 - 00056051 _____ () C:\Users\FLOPPY\Downloads\FRST.txt
2014-05-14 22:18 - 2014-05-26 21:21 - 00000000 ____D () C:\FRST
2014-05-14 22:17 - 2014-05-25 10:56 - 02066432 _____ (Farbar) C:\Users\FLOPPY\Downloads\FRST64.exe
2014-05-13 23:23 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-13 23:23 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-13 23:23 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-13 23:22 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-13 23:22 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-13 23:22 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-13 21:02 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-13 21:02 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-13 21:02 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-13 21:02 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-13 21:00 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-13 21:00 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-13 21:00 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-13 21:00 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-13 21:00 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-13 21:00 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-13 21:00 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-13 21:00 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-13 21:00 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-13 21:00 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-13 21:00 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-13 21:00 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-13 21:00 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-13 21:00 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-13 21:00 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-13 21:00 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 20:59 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-13 20:59 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-13 20:59 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-13 20:59 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-13 20:59 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-13 20:59 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-13 20:59 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-13 20:59 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-13 20:59 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-13 20:59 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-13 20:59 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-13 20:59 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-12 22:09 - 2014-05-12 22:09 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Lavasoft
2014-05-12 22:04 - 2014-05-12 22:04 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\LavasoftStatistics
2014-05-12 21:40 - 2014-05-25 19:59 - 00002317 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-05-12 21:40 - 2014-05-25 19:57 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\adawarebp
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\Program Files\Lavasoft
2014-05-12 21:39 - 2014-05-12 21:39 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-05-12 21:37 - 2014-05-12 21:37 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-05-12 21:36 - 2014-05-12 21:36 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-12 21:35 - 2014-05-12 21:35 - 01727624 _____ () C:\Users\FLOPPY\Downloads\Adaware_Installer_11.1.5354.exe
2014-05-12 21:33 - 2014-05-12 21:34 - 01325827 _____ () C:\Users\FLOPPY\Downloads\adwcleaner08.exe
2014-05-12 20:42 - 2014-05-12 20:42 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00001159 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 20:41 - 2014-05-12 20:41 - 28852416 _____ (Mozilla) C:\Users\FLOPPY\Downloads\Firefox_Setup_de29.0.1.exe
2014-05-08 10:17 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-08 10:17 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-08 10:17 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-08 10:17 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-08 10:16 - 2014-05-14 22:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-08 10:16 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-08 10:16 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-08 10:16 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-08 10:16 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-08 10:16 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-08 10:16 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-08 10:16 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-08 10:16 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-08 10:16 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-08 10:16 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-08 10:16 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-08 10:16 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-08 10:16 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-08 10:16 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-08 10:16 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-08 10:16 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-08 10:16 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-08 10:16 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-08 10:16 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-08 10:16 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-08 10:16 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-08 10:16 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-08 10:16 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-08 10:16 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-08 10:16 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-08 10:16 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-08 10:16 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-08 10:16 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-08 10:16 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-08 10:16 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-08 10:16 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-08 10:16 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-08 10:16 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-08 10:16 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-08 10:16 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-08 10:16 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-08 10:16 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-08 10:16 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-08 10:16 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-08 10:16 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-06 19:57 - 2014-05-06 20:05 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Windows Live
2014-05-06 19:53 - 2014-05-06 20:07 - 00000000 ____D () C:\Users\FLOPPY\Documents\06-05-2014
2014-04-29 23:42 - 2014-04-29 23:44 - 00000000 ____D () C:\Users\FLOPPY\Desktop\SOUND#33
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-04-27 13:31 - 2014-05-19 20:22 - 00000000 ____D () C:\Program Files (x86)\sAve! net
2014-04-27 13:31 - 2014-05-19 19:56 - 00000000 ____D () C:\ProgramData\sAve! net
2014-04-27 13:31 - 2014-05-16 18:25 - 00000000 ____D () C:\ProgramData\fd55f1f9fbdbfd0a
2014-04-27 13:31 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-27 13:31 - 2014-04-27 13:31 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Packages
2014-04-27 13:30 - 2014-04-27 13:32 - 00000000 ____D () C:\ProgramData\InstallMate

==================== One Month Modified Files and Folders =======

2014-05-26 21:21 - 2014-05-19 21:08 - 00000000 ____D () C:\Users\FLOPPY\Downloads\FRST-OlderVersion
2014-05-26 21:21 - 2014-05-14 22:18 - 00000000 ____D () C:\FRST
2014-05-26 21:21 - 2013-04-11 08:59 - 01575121 _____ () C:\Windows\WindowsUpdate.log
2014-05-26 21:20 - 2013-05-05 14:49 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-26 21:19 - 2013-04-17 23:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-26 21:06 - 2013-04-17 22:51 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Spotify
2014-05-26 20:57 - 2013-04-17 22:51 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Spotify
2014-05-26 20:23 - 2014-04-19 17:18 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002UA.job
2014-05-26 19:01 - 2013-06-12 22:54 - 00000000 ____D () C:\ProgramData\Kodak
2014-05-26 18:57 - 2014-05-19 19:55 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-26 18:56 - 2014-04-19 17:18 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002Core.job
2014-05-26 18:56 - 2013-05-05 14:49 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-25 20:06 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-25 20:06 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-25 20:00 - 2014-05-16 16:48 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\DropboxMaster
2014-05-25 20:00 - 2013-07-09 23:04 - 00000000 ___RD () C:\Users\FLOPPY\Dropbox
2014-05-25 20:00 - 2013-07-09 23:03 - 00001202 _____ () C:\Windows\wininit.ini
2014-05-25 20:00 - 2013-07-09 23:01 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Dropbox
2014-05-25 20:00 - 2013-04-17 21:47 - 00000000 ___RD () C:\Users\FLOPPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-25 19:59 - 2014-05-12 21:40 - 00002317 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-05-25 19:59 - 2013-07-09 23:04 - 00001033 _____ () C:\Users\FLOPPY\Desktop\Dropbox.lnk
2014-05-25 19:59 - 2013-07-09 23:02 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-25 19:59 - 2013-06-04 20:26 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\CrashDumps
2014-05-25 19:57 - 2014-05-12 21:40 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-05-25 19:56 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-25 19:56 - 2009-07-14 06:51 - 00069674 _____ () C:\Windows\setupact.log
2014-05-25 19:55 - 2010-11-21 05:47 - 00201362 _____ () C:\Windows\PFRO.log
2014-05-25 19:54 - 2012-03-29 16:37 - 00000000 ____D () C:\Windows\ru
2014-05-25 11:37 - 2013-12-22 15:49 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Amazon Cloud Player
2014-05-25 10:57 - 2014-05-14 22:19 - 00056051 _____ () C:\Users\FLOPPY\Downloads\FRST.txt
2014-05-25 10:56 - 2014-05-14 22:17 - 02066432 _____ (Farbar) C:\Users\FLOPPY\Downloads\FRST64.exe
2014-05-25 01:43 - 2013-04-22 22:52 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Skype
2014-05-21 22:04 - 2014-05-21 22:01 - 00854367 _____ () C:\Users\FLOPPY\Downloads\SecurityCheck.exe
2014-05-20 21:31 - 2013-04-11 18:52 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-05-20 21:31 - 2013-04-11 18:52 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-05-20 21:31 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-20 21:30 - 2014-05-20 21:30 - 02347384 _____ (ESET) C:\Users\FLOPPY\Downloads\esetsmartinstaller_deu.exe
2014-05-19 20:53 - 2014-05-19 20:53 - 00000000 ____D () C:\Windows\ERUNT
2014-05-19 20:43 - 2014-05-19 20:37 - 00000000 ____D () C:\AdwCleaner
2014-05-19 20:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-05-19 20:22 - 2014-04-27 13:31 - 00000000 ____D () C:\Program Files (x86)\sAve! net
2014-05-19 20:11 - 2014-05-19 20:11 - 01326389 _____ () C:\Users\FLOPPY\Downloads\adwcleaner_3.210.exe
2014-05-19 20:11 - 2014-05-19 20:11 - 01016261 _____ (Thisisu) C:\Users\FLOPPY\Downloads\JRT.exe
2014-05-19 19:56 - 2014-04-27 13:31 - 00000000 ____D () C:\ProgramData\sAve! net
2014-05-19 19:54 - 2014-05-19 19:54 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-19 19:54 - 2014-05-19 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-19 19:54 - 2014-05-19 19:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-19 19:54 - 2014-05-19 19:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-19 19:52 - 2014-05-19 19:52 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\FLOPPY\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-16 18:51 - 2014-05-16 18:51 - 00000000 __SHD () C:\Users\FLOPPY\AppData\Local\EmieUserList
2014-05-16 18:51 - 2014-05-16 18:51 - 00000000 __SHD () C:\Users\FLOPPY\AppData\Local\EmieSiteList
2014-05-16 18:47 - 2014-05-16 18:47 - 00033242 _____ () C:\ComboFix.txt
2014-05-16 18:47 - 2014-05-16 18:28 - 00000000 ____D () C:\Qoobox
2014-05-16 18:47 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-05-16 18:45 - 2014-05-16 18:28 - 00000000 ____D () C:\Windows\erdnt
2014-05-16 18:44 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-16 18:27 - 2014-05-16 18:27 - 05200990 ____R (Swearware) C:\Users\FLOPPY\Desktop\ComboFix.exe
2014-05-16 18:25 - 2014-04-27 13:31 - 00000000 ____D () C:\ProgramData\fd55f1f9fbdbfd0a
2014-05-16 18:17 - 2014-05-16 18:17 - 00000000 ____D () C:\Program Files (x86)\BiTSaver
2014-05-16 18:06 - 2014-05-16 18:06 - 00001276 _____ () C:\Users\FLOPPY\Desktop\Revo Uninstaller.lnk
2014-05-16 18:06 - 2014-05-16 18:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-16 18:05 - 2014-05-16 18:05 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\FLOPPY\Downloads\revosetup95.exe
2014-05-16 16:50 - 2013-04-21 14:30 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-14 22:21 - 2014-05-14 22:20 - 00046504 _____ () C:\Users\FLOPPY\Downloads\Addition.txt
2014-05-14 22:10 - 2013-04-17 21:47 - 00000000 ___RD () C:\Users\FLOPPY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 22:05 - 2014-05-08 10:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-13 23:22 - 2013-04-18 08:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-13 23:21 - 2013-09-25 17:42 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-13 23:19 - 2013-09-25 17:42 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 22:20 - 2013-04-17 23:29 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 22:20 - 2013-04-17 23:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 22:20 - 2012-03-29 16:55 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-12 22:09 - 2014-05-12 22:09 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Lavasoft
2014-05-12 22:04 - 2014-05-12 22:04 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\LavasoftStatistics
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\adawarebp
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-05-12 21:40 - 2014-05-12 21:40 - 00000000 ____D () C:\Program Files\Lavasoft
2014-05-12 21:39 - 2014-05-12 21:39 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-05-12 21:37 - 2014-05-12 21:37 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-05-12 21:36 - 2014-05-12 21:36 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-12 21:35 - 2014-05-12 21:35 - 01727624 _____ () C:\Users\FLOPPY\Downloads\Adaware_Installer_11.1.5354.exe
2014-05-12 21:34 - 2014-05-12 21:33 - 01325827 _____ () C:\Users\FLOPPY\Downloads\adwcleaner08.exe
2014-05-12 20:43 - 2013-04-17 22:25 - 00000000 ____D () C:\Users\FLOPPY\AppData\Roaming\Mozilla
2014-05-12 20:42 - 2014-05-12 20:42 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00001159 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 20:42 - 2014-04-19 23:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-12 20:41 - 2014-05-12 20:41 - 28852416 _____ (Mozilla) C:\Users\FLOPPY\Downloads\Firefox_Setup_de29.0.1.exe
2014-05-12 20:31 - 2013-04-17 21:53 - 00000000 ____D () C:\Users\FLOPPY\Documents\On3On3On3
2014-05-09 08:14 - 2014-05-13 21:02 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-13 21:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 12:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-06 20:07 - 2014-05-06 19:53 - 00000000 ____D () C:\Users\FLOPPY\Documents\06-05-2014
2014-05-06 20:05 - 2014-05-06 19:57 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Windows Live
2014-05-06 06:40 - 2014-05-13 23:23 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-13 23:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-13 23:22 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-13 23:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-13 23:23 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-13 23:23 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-29 23:44 - 2014-04-29 23:42 - 00000000 ____D () C:\Users\FLOPPY\Desktop\SOUND#33
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Gast
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-04-27 13:32 - 2014-04-27 13:31 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-27 13:32 - 2014-04-27 13:30 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-27 13:32 - 2013-05-05 14:49 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Google
2014-04-27 13:31 - 2014-04-27 13:31 - 00000000 ____D () C:\Users\FLOPPY\AppData\Local\Packages
2014-04-27 13:31 - 2013-07-30 23:00 - 00000000 ____D () C:\Users\Administrator

Some content of TEMP:
====================
C:\Users\FLOPPY\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2i7twg.dll
C:\Users\FLOPPY\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-02 22:21

==================== End Of Log ============================
--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by FLOPPY at 2014-05-26 21:22:29
Running from C:\Users\FLOPPY\Downloads\FRST-OlderVersion
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

 VIDEO DVR (HKLM-x32\...\{EBD0EE76-2CFC-4EE5-AFE6-7EEAA3B14332}) (Version: 2012.04.17 - -)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Ad-Aware Antivirus (HKLM\...\{6A16ADA5-0B30-4893-84AB-961B1340D14A}_AdAwareUpdater) (Version: 11.1.5354.0 - Lavasoft)
AdAwareInstaller (Version: 11.1.5354.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.1.5354.0 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.2.1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 2.1.0 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 2.1.0 - Amazon Services LLC) Hidden
AntimalwareEngine (Version: 2.6.0.0 - Lavasoft) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
Celtx (2.7) (HKLM-x32\...\Celtx (2.7)) (Version: 2.7 (de) - Greyfirst)
center (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden
ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.316.0 - Google Inc.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1720_38230 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1720_38230 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DiskAid 5.46 (HKLM-x32\...\DiskAid_is1) (Version: 5.46 - DigiDNA)
DJ Control MP3 LE (HKLM-x32\...\{E3F1D02D-F48B-4854-AD02-B7F8903A8BCA}) (Version: 1.00.0000 - Guillemot)
DJUCED 18° (HKLM-x32\...\{34F730A3-77BA-4741-A02A-D40762FEF274}) (Version: 1.0.84 - Guillemot)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Drv (HKLM-x32\...\{DA71A94B-3617-4935-8BBE-1566B2174C95}) (Version: 1.00.0000 - My Company Name)
eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.0.13587 - Landesfinanzdirektion Thüringen)
essentials (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fooz Kids (HKLM-x32\...\FoozKids) (Version: 3.0.8 - FUHU, Inc.)
Fooz Kids (x32 Version: 3.0.8 - FUHU, Inc.) Hidden
Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hercules DJ Products Series drivers (HKLM-x32\...\{33999F1F-EA46-4E55-A239-1BA803235396}) (Version: 2.HDJS.2013 - Hercules)
HomeMedia (HKLM-x32\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 2.0.8920 - CyberLink Corporation)
honestech VHS to DVD 2.0 SE (HKLM-x32\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 2.0 - honestech)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Packard Bell)
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.4.2.34169 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
KODAK All-in-One Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.7.6.0 - Eastman Kodak Company)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Packard Bell)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.11000.8.100 - Nero AG)
Nero BackItUp 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.6.12700.0.7 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.19900.9.11 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{68AFA3A7-9265-4ABD-994A-ACA413E3715C}) (Version: 10.6.10300 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10900.31.0 - Nero AG)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 19.9.1.14 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA Grafiktreiber 285.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 285.90 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.48.261 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.5.21 (Version: 1.5.21 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Systemsteuerung 285.90 (Version: 285.90 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.5.21 - NVIDIA Corporation) Hidden
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.04.3505 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0915.2011 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)
Packard Bell Social Networks (x32 Version: 3.0.3106 - CyberLink Corp.) Hidden
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Packard Bell)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6339 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SoundCloud Downloader version 1.01 (HKLM-x32\...\{288752BF-0B61-4219-ABD7-A205A3F44158}_is1) (Version: 1.01 - SoundYum)
Spotify (HKCU\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Video Web Camera (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Video Web Camera (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3505 - Packard Bell)
WildTangent Games App (Packard Bell Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

12-05-2014 18:38:29 Windows Update
12-05-2014 19:36:33 AA11
12-05-2014 20:25:56 Windows Update
13-05-2014 21:17:07 Windows Update
16-05-2014 16:16:26 Revo Uninstaller's restore point - BiTSaver
16-05-2014 16:21:08 Revo Uninstaller's restore point - SNT
16-05-2014 16:23:42 Revo Uninstaller's restore point - Search Protect
16-05-2014 16:25:18 Revo Uninstaller's restore point - YoutubeAdblocker
20-05-2014 19:06:13 Windows Update
23-05-2014 21:07:41 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-05-16 18:44 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {00D6B526-5E1D-4A6A-8EAD-57A6DA79AAE0} - System32\Tasks\AdobeAAMUpdater-1.0-FLOPPY-PC-FLOPPY => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {135AC248-587B-4089-9D92-304EB58BE333} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-07-06] (Nero AG)
Task: {252551DA-CE94-467D-86E4-AB2672ED5D3B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-05] (Google Inc.)
Task: {3C883678-3B29-418F-B133-45404D81E2DC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002UA => C:\Users\FLOPPY\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-19] (Google Inc.)
Task: {42FFD094-0D30-4DA7-9DD5-E255A53A979F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation)
Task: {6D787CD4-09EA-40C2-867E-0D8EC898EE3C} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-05-20] (CyberLink)
Task: {89835EA3-7EC0-4530-8025-F3247153FC4F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002Core => C:\Users\FLOPPY\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-19] (Google Inc.)
Task: {A653FA83-B90F-46C0-B80D-62AC0243A024} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {A95755C3-DA65-4DEE-B663-CB38F2D841B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-05] (Google Inc.)
Task: {AA8BAEDC-EDC9-4377-A714-999207392B41} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {BEA74C3E-B688-48ED-846B-AFBDCCCAED06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DD254F56-B11E-49D7-A065-A52C8B8BB447} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002Core.job => C:\Users\FLOPPY\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3435828442-162049101-3775305515-1002UA.job => C:\Users\FLOPPY\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-03-29 16:39 - 2011-06-10 19:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 04114264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
2014-01-23 16:30 - 2014-01-23 16:30 - 00158032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\pugixml.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 02595144 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\RCF.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00123776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_filesystem-vc100-mt-1_55.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00024440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_system-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00055680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_date_time-vc100-mt-1_55.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00103800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_thread-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00033656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_chrono-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00500088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_locale-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00361824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\HtmlFramework.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00149840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\libssh2.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00106824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\zlib.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00066904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\DllStorage.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00788848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTrayDefaultSkin.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00139608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\Localization.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00685904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SQLite.dll
2013-12-22 15:49 - 2014-05-08 19:26 - 03145536 _____ () C:\Users\FLOPPY\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-01-23 16:09 - 2014-01-23 16:09 - 00702744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
2014-01-23 16:29 - 2014-01-23 16:29 - 03720040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareServiceKernel.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00788856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_regex-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00602984 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareActivation.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00291192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareApplicationUpdater.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00142696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareGamingMode.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00098648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareReset.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00120152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTime.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00268152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdater.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00198024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00417128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIgnoreList.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00253800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareQuarantine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00293744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiMalwareEngine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00212336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiRootkitEngine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00509808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerHistory.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00607584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScanner.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00035192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_timer-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00325488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerScheduler.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00333688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareRealTimeProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00227688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIncompatibles.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00219488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiSpam.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00129896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiPhishing.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00599920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareParentalControl.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 01926504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareWebProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00263536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareEmailProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00650608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareNetworkProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00490848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareInstaller.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00358744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwarePromo.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00291680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareFeedback.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00154464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SecurityCenter.dll
2013-07-17 17:10 - 2013-07-17 17:10 - 00777296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\BDSmartDB.dll
2013-10-08 16:26 - 2013-12-22 10:12 - 00610304 _____ () C:\Users\FLOPPY\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-25 20:00 - 2014-05-25 20:00 - 00043008 _____ () c:\users\floppy\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2i7twg.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\FLOPPY\AppData\Roaming\Dropbox\bin\libcef.dll
2014-02-16 19:43 - 2014-02-16 19:43 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ae685719bd599604bdf031cdad0ba38a\IsdiInterop.ni.dll
2013-04-11 09:08 - 2011-04-30 00:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2014-04-25 10:07 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-25 10:07 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-25 10:07 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-25 10:07 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-25 10:07 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-25 10:07 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2013-04-17 22:51 - 2013-12-22 10:12 - 36967424 _____ () C:\Users\FLOPPY\AppData\Roaming\Spotify\Data\libcef.dll
2014-05-13 22:20 - 2014-05-13 22:20 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/26/2014 07:33:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13385

Error: (05/26/2014 07:33:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13385

Error: (05/26/2014 07:33:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/26/2014 07:33:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12386

Error: (05/26/2014 07:33:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12386

Error: (05/26/2014 07:33:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/26/2014 07:33:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11357

Error: (05/26/2014 07:33:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11357

Error: (05/26/2014 07:33:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/26/2014 07:33:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10312


System errors:
=============
Error: (05/25/2014 08:00:38 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (05/25/2014 10:43:23 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (05/25/2014 10:43:22 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (05/24/2014 05:51:34 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst NIS erreicht.

Error: (05/23/2014 10:55:42 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (05/22/2014 10:05:22 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (05/22/2014 10:05:21 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (05/21/2014 10:54:44 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (05/21/2014 10:54:43 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (05/20/2014 09:21:57 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-05-16 18:42:54.330
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-16 18:42:54.258
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 76%
Total physical RAM: 3947.86 MB
Available physical RAM: 912.8 MB
Total Pagefile: 7893.9 MB
Available Pagefile: 4552.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:222.73 GB) (Free:20.55 GB) NTFS
Drive d: (DATA) (Fixed) (Total:223.4 GB) (Free:223.27 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 2DA261E3)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=223 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 27.05.2014 18:12
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\ProgramData\InstallMate

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

ryan77 28.05.2014 16:25
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-05-2014 02
Ran by FLOPPY at 2014-05-28 17:14:17 Run:1
Running from C:\Users\FLOPPY\Downloads\FRST-OlderVersion
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\ProgramData\InstallMate
*****************

C:\ProgramData\InstallMate => Moved successfully.

==== End of Fixlog ====
Großartig, vielen Dank für alles!!
Kann man sich irgendwie erkenntlich zeigen?

schrauber 29.05.2014 16:01
Schau mal in meine Signatur, du kannst gerne was spenden :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:02 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131