Malwarebytes Anti-Malware meldet beim Scan Funde!

doxter · 24.11.2014, 17:28

Wertes Team,

ich überprüfe meine HDD regelmäßig mit dem, einst von Euch empfohlene Tool " Malwarebytes Anti-Malware ". Dieses meldet neuerdings Probleme, bzw. Funde von Schadsoftware auf meinem Rechner. Diese werden anschließend in Quarantäne verschoben.
Wie bekomme ich mein System endgültig bereinigt, dass mögliche Angriffe von Außen völlig beseitigt werden? Für einen Vorschlag oder Lösungsweg bedanke ich mich im Voraus!

Ich wünsche allen eine Stress freie Woche! ;-)

vg.
Frank alias doxter

schrauber · 24.11.2014, 17:37

Hi,

Logfile von MBAM?

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

doxter · 25.11.2014, 11:49

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2014 01
Ran by Frank at 2014-11-25 11:44:40
Running from C:\Users\Frank\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
ACDSee Foto-Manager 12 (HKLM-x32\...\{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}) (Version: 12.0.342 - ACD Systems International Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Photoshop 6.0 (HKLM-x32\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe SVG Viewer (HKLM-x32\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.04 - ASUSTeK Computer Inc.)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.6.117.02247 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.6.117.02247 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft TV 5.0 (HKLM-x32\...\{94ED52E0-24A0-4AD8-9BFD-0560CA680A80}) (Version: 5.0.7.128 - ArcSoft)
ASUS Ai Charger (HKLM-x32\...\{7FB64E72-9B0E-4460-A821-040C341E414A}) (Version: 1.03.00 - ASUSTeK Computer Inc.)
ASUS Easy Update (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 2.00.28 - ASUSTeK Computer Inc)
ASUS Key Suite (HKLM-x32\...\{71E2F4D6-191A-4A36-8A5C-8AFEA92729C9}) (Version: 1.00.03 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.7 - ASUS)
ASUS MX Suite (HKLM-x32\...\MAGIX_{E2053DE3-D33E-4152-B99F-7F43AF0FF434}) (Version: 1.13.0.121 - MAGIX AG)
ASUS MX Suite (Version: 1.13.0.121 - MAGIX AG) Hidden
ASUS Video easy (HKLM-x32\...\MAGIX_{4899C92E-4141-4877-83E6-87ED0AC2F458}) (Version: 3.0.1.42 - MAGIX AG)
ASUS Video easy (Version: 3.0.1.42 - MAGIX AG) Hidden
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.26 - ASUS)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
Avira (HKLM-x32\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
Avira SearchFree Toolbar plus Web Protection (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0202}) (Version: 12.2.2.663 - Ask Partner Network)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cashcrawler Surfbar (HKLM-x32\...\Cashcrawler Surfbar) (Version: 1.1.0 - LKTechnik.ch)
CIB image (HKLM-x32\...\{78E3B995-CF3C-4982-AD9E-C32D1772F7C0}) (Version: 0.9.18 - CIB software GmbH)
CIB pdf brewer (HKLM\...\{3B88F2B3-B0CA-4564-BFB9-00151AB1742C}) (Version: 2.6.0049 - CIB software GmbH)
Corel Graphics Suite 11 (HKLM-x32\...\InstallShield_{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}) (Version: 11 - Corel Corporation)
Corel Graphics Suite 11 (x32 Version: 11 - Corel Corporation) Hidden
Cut Out 3.0 (HKLM-x32\...\Cut Out_is1) (Version:  - Franzis.de)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dropbox (HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Druckerdeinstallation für EPSON BX635FWD Series (HKLM\...\EPSON BX635FWD Series) (Version:  - SEIKO EPSON Corporation)
Druckstudio FotoKalender (HKLM-x32\...\{447E63B1-507A-45FF-A6FE-E8A5B960E7FD}) (Version:  - )
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.01 - ASUSTeK Computer Inc.)
ENE CIR Receiver Driver (HKLM\...\418374E8BD1F08FCA12E6AEC5F8FD985D836DC4B) (Version: 4.0.0.0 - ENE)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX230 Series Printer Uninstall (HKLM\...\EPSON SX230 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.5.0 - SEIKO EPSON CORPORATION)
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
FinePrint pdfFactory Pro (HKLM-x32\...\FinePrint pdfFactory Pro) (Version:  - )
Fingertapps Instruments (HKLM-x32\...\{B94FE4D5-FDAD-4F5E-9B5D-7DC33086661B}) (Version: 2.0.142.0 - Fingertapps)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GLS Vereinsmeister 6.1 (HKLM-x32\...\{2C75A885-9B73-4BC4-BB4E-974CDBB37F3C}_is1) (Version: 6.1 - GLS Software & Systeme)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
HDR Projects elements (64-Bit) (HKLM\...\HDR Projects elements_is1) (Version: 1.22 - Franzis Verlag GmbH)
InCD (HKLM-x32\...\InCD!UninstallKey) (Version:  - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{23D486D4-FBE0-40F3-A245-E4D56D094764}) (Version: 3.5.41.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{99FDAE3B-6905-45A6-8F73-595363AAD3D1}) (Version: 15.05.1000.1411 - Intel Corporation)
IPaid-Surfbar (HKLM-x32\...\IPaid-Surfbar) (Version:  - )
iSpy (64 bit) (HKLM\...\{DF67AA1F-C870-47C8-A2A5-F8E727EDDE46}) (Version: 5.8.6 - iSpy)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Lidl-Fotos (HKLM-x32\...\Lidl-Fotos_is1) (Version:  - )
MAGIX Burn routines (HKLM-x32\...\{7F2B12E7-2302-4A86-AE26-33DDD84E478A}) (Version: 9.0.0.193 - MAGIX AG)
MAGIX Foto & Grafik Designer 2013 (HKLM-x32\...\MAGIX_{1C31E60A-3953-42C0-8D01-F223916E3214}) (Version: 8.1.2.22581 - MAGIX AG)
MAGIX Foto & Grafik Designer 2013 (Version: 8.1.2.22581 - MAGIX AG) Hidden
MAGIX Foto & Grafik Designer 2013 Content Pack (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker Touch (HKLM-x32\...\MAGIX_{D4CD63D9-77ED-4333-9FDD-83EDE82B888E}) (Version: 16.9.1.34 - MAGIX AG)
MAGIX Music Maker Touch (Version: 16.9.1.34 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\{B1FEBE01-42BB-4D05-8180-6C5ABD91E97E}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{1B46FA48-1BEA-4398-BF8A-0F606A9EA782}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 17 Plus (HKLM-x32\...\MAGIX_MSI_Videodeluxe17_plus) (Version: 10.0.0.32 - MAGIX AG)
MAGIX Video deluxe 17 Plus (x32 Version: 10.0.0.32 - MAGIX AG) Hidden
MAGIX Video deluxe 17 Plus Video Plugins (HKLM-x32\...\{5CA78D8C-2CE0-40AB-AE3C-5F4CA3959D08}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 2015 Plus (Demo) (HKLM\...\MX.{1623D5B2-80FE-4313-9C71-CFC5B03C166C}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Plus (Demo) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Plus (Designelemente) (HKLM\...\MX.{3BB6A2B6-71B3-4521-8244-892BAEFC96D2}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Plus (Designelemente) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Plus (Filmvorlagen 1) (HKLM\...\MX.{D3A51C6F-FBF8-4422-8577-B3590180D448}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Plus (Filmvorlagen 1) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Plus (Filmvorlagen 2) (HKLM\...\MX.{ED8366FC-D6B3-4127-A787-AE388EAA14B1}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Plus (Filmvorlagen 2) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Plus (Filmvorlagen 3) (HKLM\...\MX.{70960812-EEA6-4A49-9232-C09DA2E41D96}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Plus (Filmvorlagen 3) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Plus (Filmvorlagen 4) (HKLM\...\MX.{ACEC275C-A84F-44D5-B022-E29BF6E4ECB8}) (Version: 1.0.1.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Plus (Filmvorlagen 4) (Version: 1.0.1.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Plus (Filmvorlagen 5) (HKLM\...\MX.{0DB366D7-CE56-4742-921C-3106E4683C2A}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Plus (Filmvorlagen 5) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Plus (Filmvorlagen 6) (HKLM\...\MX.{7FECA957-81CA-469E-9782-4BC3DA27AB30}) (Version: 1.0.1.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Plus (Filmvorlagen 6) (Version: 1.0.1.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Plus (Filmvorlagen) (HKLM\...\MX.{8C97CB9C-0888-45F9-9F12-7CFC507F2E14}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Plus (Filmvorlagen) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Plus (Fotoshow Maker-Stile 1) (HKLM\...\MX.{04E043F1-75CA-4707-8F4D-75718B5465F2}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Plus (Fotoshow Maker-Stile 1) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Plus (Fotoshow Maker-Stile 2) (HKLM\...\MX.{7515F99A-DA87-4E5F-A355-FCEB31A82575}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Plus (Fotoshow Maker-Stile 2) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Plus (HKLM\...\MX.{B50BBED4-5101-45A1-BA9D-93AEF3A638E3}) (Version: 14.0.0.159 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Plus (Individuelle Menüvorlagen) (HKLM\...\MX.{8601765B-E2A4-4C8C-ABCF-A59A7BA52C89}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Plus (Individuelle Menüvorlagen) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Plus (Menüvorlagen 1) (HKLM\...\MX.{FCD0B75D-DFE6-47A3-BF0C-5C21CE7F7E0D}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Plus (Menüvorlagen 1) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Plus (Menüvorlagen 2) (HKLM\...\MX.{1252DDC0-9B03-40C2-A0A5-E3804542B82B}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Plus (Menüvorlagen 2) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Plus (Soundtrack Maker-Stile) (HKLM\...\MX.{459FC192-A17E-44F8-AD05-DA6743B39349}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Plus (Soundtrack Maker-Stile) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Plus (Titeleffekte) (HKLM\...\MX.{EFE9386A-0757-44EC-AA67-5A059A300C2B}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Plus (Titeleffekte) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Plus (Überblendeffekte) (HKLM\...\MX.{84BF9044-5AAB-4537-8683-5D6524238F47}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Plus (Überblendeffekte) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Plus (Version: 14.0.0.159 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Plus Update (Version: 14.0.0.162 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MEDION NAS TOOL (HKLM-x32\...\MEDION NAS TOOL) (Version:  - MEDION)
Microsoft Money 2000 (HKLM-x32\...\MSMONEYV80) (Version:  - )
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
MOBackup - Datensicherung für Outlook (Testversion) (HKLM-x32\...\MOBackup-DatensicherungfürOutlook) (Version: 7.91 - Heiko Schröder)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero Media Player (HKLM-x32\...\NMPUninstallKey) (Version:  - )
NeroVision Express 2 (HKLM-x32\...\NeroVision!UninstallKey) (Version:  - )
NewBlue Titler EX for MAGIX (HKLM-x32\...\NewBlue Titler EX for MAGIX) (Version: 1.0 - NewBlue)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA 3D Vision Treiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
PC Auto Backup (HKLM-x32\...\InstallShield_{662548BC-3506-4843-B7AA-F44D352F76A8}) (Version: 1.1.1.19 - Samsung Electronics Co,. Ltd.)
PC Auto Backup (x32 Version: 1.1.1.19 - Samsung Electronics Co,. Ltd.) Hidden
Photo & Graphic Designer 2013 Update (Version: 8.1.5.31094 - MAGIX AG) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
proDAD Heroglyph 2.5 (HKLM-x32\...\proDAD-Heroglyph-2.5) (Version: 2.6.32 - proDAD GmbH)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
REALTEK DTV USB DEVICE (HKLM-x32\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6738 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rossmann Fotowelt Software 4.13 (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.13 - ORWO Net)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SPRx32 SmartCard Reader (HKLM-x32\...\{647A5148-4981-4AD1-9295-2CD85EC221EC}) (Version: 1.63.0001 - SCM Microsystems Inc.)
StarMoney (x32 Version: 3.0.3.19 - StarFinanz) Hidden
StarMoney (x32 Version: 4.0.1.51 - StarFinanz) Hidden
StarMoney 8.0 S-Edition (HKLM-x32\...\{D3C1AE75-B0CC-4CF0-81AE-710378804ACA}) (Version: 8.0 - Star Finanz GmbH)
StarMoney 9.0  (HKLM-x32\...\{4CC263F7-6223-4B79-BFBA-06B7B632F8D6}) (Version: 9.0 - Star Finanz GmbH)
SteuerSparErklärung 2014 (HKLM-x32\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.09.86 - Akademische Arbeitsgemeinschaft)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Logo Creator v3 (HKLM-x32\...\The Logo Creator v3) (Version:  - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Ulead Photo Explorer 8.6 (HKLM-x32\...\{025C3792-E9C6-432A-92C1-661F99D021CA}) (Version: 8.6 - Ulead Systems, Inc.)
Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
Unity Web Player (HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Remote Service (HKLM\...\{82D197EB-E66F-41F1-887C-B6EFC09DBF7F}_is1) (Version: 1.2.9 - Banamalon)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.2-5 - Bitnami)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-348412604-1390753195-2502655749-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Frank\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-348412604-1390753195-2502655749-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-348412604-1390753195-2502655749-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Frank\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-348412604-1390753195-2502655749-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Frank\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-348412604-1390753195-2502655749-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Frank\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-348412604-1390753195-2502655749-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Frank\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-348412604-1390753195-2502655749-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Frank\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-348412604-1390753195-2502655749-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-348412604-1390753195-2502655749-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-348412604-1390753195-2502655749-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-348412604-1390753195-2502655749-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-348412604-1390753195-2502655749-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-348412604-1390753195-2502655749-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-348412604-1390753195-2502655749-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-348412604-1390753195-2502655749-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Frank\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

23-11-2014 08:29:45 DirectX wurde installiert

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {335B309C-9357-446A-A788-0ACE5412D0D3} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {43262E00-A4C1-47E6-8178-CB44F44B3A6C} - \RegClean Pro No Task File <==== ATTENTION
Task: {5384856F-2F77-4B62-8437-2885F54E1466} - System32\Tasks\simplitec Power Suite => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe
Task: {57FA7380-6C1B-4302-A7FD-388963B9B914} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {6E44B3B6-D4CD-4759-9E47-2E41231F1EFB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-11-18] (Microsoft Corporation)
Task: {84E245D1-A115-43E8-9844-2511162E0059} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2012-09-27] ()
Task: {8BBC307D-0401-4A24-9CE9-9608F5E09D92} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {B06736F2-AEE3-44AB-AAC8-D8A3059521E5} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {B7C1E236-DBBC-4F45-B6A3-4FF34E5A1A9F} - System32\Tasks\ASUS\ASUS Key Suite Helper => C:\Program Files (x86)\ASUS\ASUS Key Suite\AsKeySuite.exe [2012-08-02] (ASUSTeK Computer Inc.)
Task: {D64A1F14-7E0B-4BFB-87C3-2C6DD2EC1A6E} - \Advanced System Protector_startup No Task File <==== ATTENTION
Task: {DE4BD8FC-8DE5-4564-8538-31E4B6ECDA2D} - \DealPly No Task File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\simplitec Power Suite.job => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe

==================== Loaded Modules (whitelisted) =============

2013-09-12 10:51 - 2014-09-11 07:06 - 00020240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2008-10-24 16:35 - 2008-10-24 16:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2010-09-03 12:11 - 2010-09-03 12:11 - 00520295 _____ () C:\Program Files (x86)\Samsung\PC Auto Backup\http_ss_win_pro.exe
2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () d:\Program Files (x86)\Tools\FileZilla FTP Client\fzshellext_64.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-02 10:12 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll
2010-04-30 13:02 - 2010-04-30 13:02 - 00057344 _____ () C:\Program Files (x86)\Samsung\PC Auto Backup\lang.dll
2014-10-16 11:31 - 2014-10-16 11:31 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\80a14cd14e9579821dba2282b4349fef\PSIClient.ni.dll
2012-12-04 07:33 - 2012-06-26 02:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-11-08 05:36 - 2011-07-12 18:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2012-11-08 05:36 - 2010-10-05 07:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2012-11-08 05:36 - 2012-10-08 16:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2012-11-08 05:36 - 2012-06-19 21:56 - 01305600 ____N () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2012-11-08 05:36 - 2011-09-19 19:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2012-11-08 05:36 - 2011-07-21 08:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2012-11-08 05:36 - 2012-08-29 17:09 - 00875520 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2012-11-08 05:36 - 2010-10-05 07:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2012-11-08 05:37 - 2012-05-24 19:27 - 00050688 _____ () C:\Program Files (x86)\ASUS\ASUS Easy Update\AsMultiLang.dll
2014-11-24 08:44 - 2014-11-24 08:44 - 00043008 _____ () c:\users\frank\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdlwegv.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Frank\AppData\Roaming\Dropbox\bin\libcef.dll
2014-11-11 09:01 - 2014-11-11 09:01 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-10-16 10:15 - 2014-10-16 10:15 - 00035328 _____ () d:\Program Files (x86)\Tools\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () d:\Program Files (x86)\Tools\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () d:\Program Files (x86)\Tools\FileZilla FTP Client\libstdc++-6.dll
2006-10-26 20:30 - 2006-10-26 20:30 - 00065312 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2006-10-27 14:35 - 2006-10-27 14:35 - 00436512 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2006-10-26 12:56 - 2006-10-26 12:56 - 00757008 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2005-07-13 14:55 - 2005-07-13 14:55 - 00024064 ____R () D:\Programme\ACDSee12\ACDSee\12.0\XalanMessages_1_9.dll
2010-03-17 15:51 - 2010-03-17 15:51 - 00014672 _____ () D:\Programme\ACDSee12\ACDSee\12.0\Win7API.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:5666C445
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\Frank\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "PC Auto Backup.lnk"
HKLM\...\StartupApproved\Run32: => "IR_SERVER"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "Ulead AutoDetector v2"
HKLM\...\StartupApproved\Run32: => "TrayServer"
HKLM\...\StartupApproved\Run32: => "InCD"
HKLM\...\StartupApproved\Run32: => "NeroFilterCheck"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Cashcrawler_Surfbar"
HKLM\...\StartupApproved\Run32: => "mobilegeni daemon"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\StartupApproved\StartupFolder: => "cashcrawler.exe"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\StartupApproved\StartupFolder: => "2013-09-09.log"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\StartupApproved\StartupFolder: => "2013-09-13.log"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\StartupApproved\StartupFolder: => "2013-09-14.log"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\StartupApproved\StartupFolder: => "2013-09-16.log"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\StartupApproved\StartupFolder: => "2013-09-18.log"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\StartupApproved\StartupFolder: => "2013-09-19.log"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\StartupApproved\StartupFolder: => "MyPC Backup.lnk"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\StartupApproved\StartupFolder: => "2013-09-20.log"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\StartupApproved\StartupFolder: => "GLS Reminder.LNK"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\StartupApproved\StartupFolder: => "OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\StartupApproved\Run: => "Device Detector"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\StartupApproved\Run: => "Windows Remote Service"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\StartupApproved\Run: => "icq"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "cashcrawler.exe"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "2013-09-09.log"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "2013-09-13.log"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "2013-09-14.log"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "2013-09-16.log"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "2013-09-18.log"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "2013-09-19.log"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "MyPC Backup.lnk"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "2013-09-20.log"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "GLS Reminder.LNK"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Device Detector"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Windows Remote Service"
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "icq"

========================= Accounts: ==========================

Administrator (S-1-5-21-348412604-1390753195-2502655749-500 - Administrator - Disabled)
Frank (S-1-5-21-348412604-1390753195-2502655749-1002 - Administrator - Enabled) => C:\Users\Frank
Gast (S-1-5-21-348412604-1390753195-2502655749-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-348412604-1390753195-2502655749-1010 - Limited - Enabled)
UpdatusUser (S-1-5-21-348412604-1390753195-2502655749-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/25/2014 06:56:53 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20605 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3f8

Startzeit: 01d0081735a1c8d8

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: da0d9516-7467-11e4-bf12-08606e07ad67

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (11/25/2014 06:56:49 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20605 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3f8

Startzeit: 01d0081735a1c8d8

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: d728af0d-7467-11e4-bf12-08606e07ad67

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (11/24/2014 10:49:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21922

Error: (11/24/2014 10:49:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21922

Error: (11/24/2014 10:49:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/24/2014 10:49:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20844

Error: (11/24/2014 10:49:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20844

Error: (11/24/2014 10:49:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/24/2014 10:49:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19735

Error: (11/24/2014 10:49:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19735


System errors:
=============
Error: (11/24/2014 07:48:17 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/24/2014 04:33:50 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (11/24/2014 04:31:22 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (11/24/2014 04:30:49 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (11/24/2014 04:24:52 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (11/24/2014 04:24:37 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (11/24/2014 04:22:30 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (11/24/2014 04:22:01 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (11/24/2014 04:09:48 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (11/24/2014 04:09:48 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.


Microsoft Office Sessions:
=========================
Error: (11/09/2014 11:18:55 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 9142 seconds with 7920 seconds of active time.  This session ended with a crash.

Error: (10/01/2014 06:34:33 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 55433 seconds with 180 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-09-15 09:37:09.339
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-09-13 12:15:51.668
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-09-12 10:47:20.998
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-09-11 19:40:54.878
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3330 CPU @ 3.00GHz
Percentage of memory in use: 95%
Total physical RAM: 3784.83 MB
Available physical RAM: 188.88 MB
Total Pagefile: 7919.33 MB
Available Pagefile: 1310.52 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:149.66 GB) (Free:35.75 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:764.55 GB) (Free:643.75 GB) NTFS
Drive f: (SAMSUNG HDD) (Fixed) (Total:596 GB) (Free:269.38 GB) FAT32
Drive g: (HDD-1TB) (Fixed) (Total:931.48 GB) (Free:128.57 GB) NTFS
Drive i: (Volume) (Fixed) (Total:931.51 GB) (Free:60.63 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 01441BB9)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 05FEA898)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 4F89CA3E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 596.2 GB) (Disk ID: FA4F37B5)
Partition 1: (Active) - (Size=596.2 GB) - (Type=0C)

==================== End Of Log ============================

--- --- ---

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014 01
Ran by Frank (administrator) on ASUS-PC on 25-11-2014 11:43:13
Running from C:\Users\Frank\Downloads
Loaded Profiles: Frank &  (Available profiles: UpdatusUser & Frank)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Samsung) C:\Program Files (x86)\Samsung\PC Auto Backup\WiselinkPro.exe
() C:\Program Files (x86)\Samsung\PC Auto Backup\http_ss_win_pro.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Key Suite\AsKeySuite.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHVE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHVE.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
(Dropbox, Inc.) C:\Users\Frank\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(LKTechnik & Michael Dewitz) C:\Program Files (x86)\Cashcrawler_Surfbar\Cashcrawler_Surfbar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ACD Systems International Inc.) D:\Programme\ACDSee12\ACDSee\12.0\ACDSee12.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\UpdateManager.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6839952 2012-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1218704 2012-09-26] (Realtek Semiconductor)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [ASUS Easy Update] => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [195200 2012-05-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-08] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [547984 2012-08-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [TrayServer] => D:\Program Files (x86)\MAGIX\Video_deluxe_17_Plus\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [Ulead AutoDetector v2] => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe [90112 2004-11-26] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [NeroFilterCheck] => C:\WINDOWS\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [InCD] => d:\Program Files (x86)\Ahead\InCD\InCD.exe [1237042 2003-12-05] (Ahead Software AG)
HKLM-x32\...\Run: [IR_SERVER] => C:\PROGRA~1\Realtek\REALTE~1\IR_SERVER.exe
HKLM-x32\...\Run: [Cashcrawler_Surfbar] => D:\Program Files (x86)\Tools\cc\Cashcrawler_Surfbar.exe [1994752 2014-02-16] (LKTechnik & Michael Dewitz)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-348412604-1390753195-2502655749-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-348412604-1390753195-2502655749-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\Run: [EPLTarget\P0000000000000003] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\MountPoints2: {93f7af59-14b1-11e3-be7d-08606e07ad67} - "G:\iLinker.exe" 
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000003] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {93f7af59-14b1-11e3-be7d-08606e07ad67} - "G:\iLinker.exe" 
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs: , C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit64.dll [18856 2012-10-02] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CIB image Speedlauncher.lnk
ShortcutTarget: CIB image Speedlauncher.lnk -> C:\Program Files (x86)\CIB software GmbH\CIB image\CibImage.exe (CIB Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PC Auto Backup.lnk
ShortcutTarget: PC Auto Backup.lnk -> C:\Program Files (x86)\Samsung\PC Auto Backup\AutoBackup.exe (Samsung)
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-13.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-14.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-16.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-18.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-19.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-20.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cashcrawler.exe ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Frank\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GLS Reminder.lnk
ShortcutTarget: GLS Reminder.lnk -> D:\Program Files (x86)\GLS Vereinsmeister\BIN32\vminder.exe (GLS Software & Systeme)
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-348412604-1390753195-2502655749-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-348412604-1390753195-2502655749-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\Software\Microsoft\Internet Explorer\Main,Start Page = klamm.de :: Geld. News. Promotion!
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = klamm.de :: Geld. News. Promotion!
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKU\S-1-5-21-348412604-1390753195-2502655749-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-348412604-1390753195-2502655749-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {41564952-412D-5637-00A7-7A786E7484D7} ->  No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-348412604-1390753195-2502655749-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKU\S-1-5-21-348412604-1390753195-2502655749-1002 -> No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default
FF DefaultSearchEngine: benefind
FF SelectedSearchEngine: benefind
FF Homepage: hxxp://www.klamm.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @cib.de/CibImage -> C:\Program Files (x86)\CIB software GmbH\CIB image\npCibImageFirefox32.dll (CIB software GmbH, München)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-348412604-1390753195-2502655749-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Frank\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Frank\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default\searchplugins\avira-safesearch.xml
FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default\searchplugins\benefind.xml
FF Extension: Avira Browser Safety - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default\Extensions\abs@avira.com [2014-11-19]
FF Extension: German Dictionary - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-10-08]
FF Extension: No Name - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default\Extensions\de82a7c2-f70c-45c4-bbb5-65be9d6b051f@00347366-3e23-4ef1-9f33-b4e42aefcd6a.com [2014-11-24]
FF Extension: Gooding Toolbar - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default\Extensions\gooding-toolbar@gooding.de [2014-09-01]
FF Extension: benefind-shop-addon - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default\Extensions\kontakt@benefind.de.xpi [2014-06-26]

Chrome: 
=======
CHR Profile: C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2013-07-26]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Frank\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2013-12-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [995064 2014-11-18] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
S2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WiselinkPro; C:\Program Files (x86)\Samsung\PC Auto Backup\WiselinkPro.exe [7278657 2013-02-08] (Samsung) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-23] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43064 2014-10-09] (Avira Operations GmbH & Co. KG)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-11-24] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
S3 S332x64; C:\Windows\system32\DRIVERS\S332x64.sys [78080 2012-02-27] (Identive                                                    )
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2014-03-19] (Seiko Epson Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-11-29] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-10] (Windows (R) Win 7 DDK provider)
S3 NTIDrvr; \??\C:\Program Files (x86)\Common Files\muvee Technologies\071203\NTIDrvr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-25 11:43 - 2014-11-25 11:44 - 00026300 _____ () C:\Users\Frank\Downloads\FRST.txt
2014-11-25 11:42 - 2014-11-25 11:43 - 00000000 ____D () C:\FRST
2014-11-25 11:40 - 2014-11-25 11:40 - 02118144 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe
2014-11-23 09:30 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2014-11-23 09:28 - 2014-11-23 10:04 - 00000000 ____D () C:\Users\Frank\AppData\Local\PhotoGenie
2014-11-23 09:14 - 2014-11-23 09:14 - 00000867 _____ () C:\Users\Frank\Desktop\Lidl-Fotos.lnk
2014-11-23 09:14 - 2014-11-23 09:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lidl-Fotos
2014-11-23 09:13 - 2014-11-23 09:13 - 00000000 ____D () C:\ProgramData\PhotoGenie
2014-11-23 09:06 - 2014-11-23 09:12 - 191698064 _____ ( ) C:\Users\Frank\Downloads\Lidl_Fotos_Setup.exe
2014-11-22 15:09 - 2014-11-22 15:13 - 91561567 _____ () C:\Users\Frank\Downloads\ElLiOrGrHiiVoTw.rar
2014-11-22 15:02 - 2014-11-22 15:02 - 00000000 ____D () C:\Users\Frank\Downloads\BeGeBeOf
2014-11-22 14:50 - 2014-11-22 14:51 - 00000000 ____D () C:\Users\Frank\Downloads\Santana_20-_20Borboletta_20_281974%29
2014-11-22 14:44 - 2014-11-22 14:51 - 108869278 _____ () C:\Users\Frank\Downloads\BeGeBeOf.rar
2014-11-22 14:40 - 2014-11-22 14:51 - 203121010 _____ () C:\Users\Frank\Downloads\Carlos_Santana--Original_Album_Classics-3CD-2010-OMA-CannaPower.rar
2014-11-22 14:38 - 2014-11-22 14:44 - 111040551 _____ () C:\Users\Frank\Downloads\Santana%20-%20Borboletta%20%281974%29.rar
2014-11-21 10:06 - 2014-11-21 10:07 - 10995296 _____ (Deutsche Telekom AG, Marmiko IT-Solutions GmbH ) C:\Users\Frank\Downloads\netzmanager_setup(1).exe
2014-11-19 12:04 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-19 12:04 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-19 12:04 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-19 12:04 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-11-19 09:35 - 2014-11-19 09:36 - 00000000 ____D () C:\Users\Frank\Downloads\fck
2014-11-19 09:35 - 2014-11-19 09:35 - 00000000 ____D () C:\Users\Frank\Downloads\Eric_Clapton-Unplugged-_28Deluxe_Edition%29-2CD-2013-404
2014-11-19 09:34 - 2014-11-19 09:37 - 00000000 ____D () C:\Users\Frank\Downloads\Chopin-PianoConcerto
2014-11-19 09:34 - 2014-11-19 09:36 - 00000000 ____D () C:\Users\Frank\Downloads\Manfred_20Manns_20Earthband_1992_20_20Years_20_281971-1991%29
2014-11-17 13:15 - 2014-11-17 13:21 - 185873472 _____ () C:\Users\Frank\Downloads\Eric_Clapton-Unplugged-%28Deluxe_Edition%29-2CD-2013-404.rar
2014-11-17 13:09 - 2014-11-17 13:14 - 52922197 _____ () C:\Users\Frank\Downloads\Manfred%20Manns%20Earthband_1992_20%20Years%20%281971-1991%29.rar
2014-11-17 13:08 - 2014-11-17 13:13 - 60941943 _____ () C:\Users\Frank\Downloads\Chopin-PianoConcerto-CannaPower.zip
2014-11-17 13:04 - 2014-11-17 13:14 - 207739751 _____ () C:\Users\Frank\Downloads\fck.rar
2014-11-17 12:23 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-17 12:23 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-17 12:23 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-17 12:23 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-11-17 12:23 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-17 12:22 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-11-17 12:22 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-11-17 12:22 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-17 12:22 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-17 12:22 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-11-17 12:22 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-17 12:22 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-17 12:22 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-11-17 12:21 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-11-17 12:21 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-17 12:21 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-11-17 12:21 - 2014-09-07 23:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-17 12:21 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-11-17 12:21 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-11-17 12:21 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-17 12:21 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-11-17 12:21 - 2014-08-31 01:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-11-17 12:21 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-17 12:21 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-17 12:21 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-17 12:21 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-17 12:21 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-11-17 12:21 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-17 12:21 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-17 12:21 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-17 12:21 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-11-17 12:20 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-11-17 12:20 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-17 12:20 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-17 12:20 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-11-17 12:20 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-17 12:20 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-17 12:20 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-17 12:20 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-17 12:20 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-11-17 12:20 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-17 12:20 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-11-17 12:20 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-17 12:20 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-11-17 12:20 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2014-11-17 12:20 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2014-11-17 12:19 - 2014-10-31 06:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-17 12:19 - 2014-10-31 04:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-17 12:19 - 2014-10-07 07:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-11-17 12:19 - 2014-10-07 07:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-11-17 12:19 - 2014-10-07 07:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-17 12:19 - 2014-10-07 07:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-11-17 12:19 - 2014-10-07 07:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-17 12:19 - 2014-10-07 04:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-17 12:19 - 2014-10-07 04:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-17 12:19 - 2014-10-07 04:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-17 12:19 - 2014-10-07 02:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-17 12:19 - 2014-10-07 02:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-17 12:19 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-17 12:19 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-17 12:18 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-11-17 12:18 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-11-17 12:18 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-11-17 12:18 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-11-17 12:18 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-11-17 12:18 - 2014-10-31 06:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-11-17 12:18 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-11-17 12:18 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-17 12:18 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-17 12:18 - 2014-10-31 06:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-17 12:18 - 2014-10-31 06:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-11-17 12:18 - 2014-10-31 06:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-11-17 12:18 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-17 12:18 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-17 12:18 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-11-17 12:18 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-11-17 12:18 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-11-17 12:18 - 2014-10-31 05:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-17 12:18 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-11-17 12:18 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-11-17 12:18 - 2014-10-31 05:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-17 12:18 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-11-17 12:18 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-11-17 12:18 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-17 12:18 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-17 12:18 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-17 12:18 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-11-17 12:18 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-11-17 12:18 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-17 12:18 - 2014-10-31 05:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-17 12:18 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-11-17 12:18 - 2014-10-31 05:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-11-17 12:18 - 2014-10-31 05:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-17 12:18 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-11-17 12:18 - 2014-10-31 05:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-11-17 12:18 - 2014-10-31 05:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-11-17 12:18 - 2014-10-31 05:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-17 12:18 - 2014-10-31 05:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-17 12:18 - 2014-10-31 05:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-17 12:18 - 2014-10-31 05:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-17 12:18 - 2014-10-31 04:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-17 12:18 - 2014-10-31 04:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-17 12:18 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-17 12:18 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-11-17 12:18 - 2014-10-31 04:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-17 12:18 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-11-17 12:18 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-11-17 12:18 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-17 12:18 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-17 12:18 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-17 12:18 - 2014-10-31 04:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-11-17 12:18 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-11-17 12:18 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-17 12:18 - 2014-10-31 04:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-11-17 12:18 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-17 12:18 - 2014-10-31 04:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-11-17 12:18 - 2014-10-31 04:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-11-17 12:18 - 2014-10-31 04:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-17 12:18 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-17 12:18 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-17 12:18 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-17 12:18 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-11-17 12:18 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-11-17 12:18 - 2014-10-31 04:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-17 12:18 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-17 12:18 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-17 12:18 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-17 12:18 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-17 12:18 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-17 12:18 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-11-17 12:18 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-17 12:18 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-11-17 12:18 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-17 12:18 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-17 12:18 - 2014-10-31 03:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-17 12:18 - 2014-10-31 03:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-11-17 12:18 - 2014-10-31 03:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-17 12:18 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-11-17 12:18 - 2014-10-31 03:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-17 12:18 - 2014-10-31 03:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-11-17 12:18 - 2014-10-31 03:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-11-17 12:18 - 2014-10-31 03:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-17 12:18 - 2014-10-31 03:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-17 12:18 - 2014-10-31 03:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-17 12:18 - 2014-10-31 03:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-17 12:18 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-17 12:18 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-17 12:18 - 2014-10-31 03:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-17 12:18 - 2014-10-31 03:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-17 12:18 - 2014-10-31 03:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-11-17 12:18 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-17 12:18 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-17 12:18 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-17 12:18 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-17 12:18 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-17 12:18 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-11-17 12:18 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-17 12:18 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-17 12:18 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-17 12:18 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-11-17 12:18 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-11-17 12:18 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-17 12:18 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-17 12:18 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-17 12:18 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-17 12:18 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-17 12:18 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-17 12:18 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-17 12:17 - 2014-10-18 10:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-11-17 12:17 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-11-17 12:17 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-11-17 12:17 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-11-17 12:17 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-11-17 12:17 - 2014-10-18 07:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-11-17 12:17 - 2014-10-18 07:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-11-17 12:17 - 2014-10-18 07:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-11-17 12:17 - 2014-10-18 07:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-17 12:17 - 2014-10-18 07:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-11-17 12:17 - 2014-10-18 07:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-11-17 12:17 - 2014-10-18 07:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-11-17 12:17 - 2014-10-18 07:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-11-17 12:17 - 2014-10-18 07:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-11-17 12:17 - 2014-10-18 07:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-11-17 12:17 - 2014-10-18 07:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-11-15 19:18 - 2014-11-15 19:18 - 00017388 _____ () C:\Users\Frank\Downloads\Formular(1).zip
2014-11-15 16:49 - 2014-11-17 11:30 - 00000000 ____D () C:\ProgramData\Intel.sav
2014-11-15 16:43 - 2014-11-15 16:43 - 00664768 _____ (Copyright© 2012-2013 Intel Corporation. All rights reserved.) C:\Users\Frank\Downloads\Intel(R) WiDi Update Tool(1).exe
2014-11-15 16:41 - 2014-11-15 16:41 - 05353024 _____ () C:\Users\Frank\Downloads\SETUP_Win81_Updater_02(1).exe
2014-11-11 09:01 - 2014-11-11 09:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 10:37 - 2014-11-10 10:37 - 11666104 _____ () C:\Users\Frank\Downloads\moziloCMS_Backup_Include_catpage_layouts_plugins_docu_2014_11_10_10-37-11.zip
2014-11-10 10:36 - 2014-11-10 10:36 - 02361037 _____ () C:\Users\Frank\Downloads\moziloCMS_Backup_Include_layouts_2014_11_10_10-36-49.zip
2014-11-09 18:17 - 2014-11-09 18:52 - 176370030 _____ () C:\Users\Frank\Downloads\Kamera-Uploads.zip
2014-11-08 11:21 - 2014-11-08 11:22 - 00001734 _____ () C:\Users\Frank\Desktop\BVB.lnk
2014-11-07 14:32 - 2014-11-07 14:32 - 00000000 ____D () C:\Users\Frank\AppData\Local\GHISLER
2014-11-07 14:30 - 2014-11-07 17:06 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\GHISLER
2014-11-07 14:30 - 2014-11-07 14:30 - 00000811 _____ () C:\Users\Public\Desktop\Total Commander 64 bit.lnk
2014-11-07 14:30 - 2014-11-07 14:30 - 00000799 _____ () C:\Users\Public\Desktop\Total Commander.lnk
2014-11-07 14:30 - 2014-11-07 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2014-11-07 14:27 - 2014-11-07 14:27 - 01125200 _____ () C:\Users\Frank\Downloads\Total Commander - CHIP-Installer.exe
2014-11-06 17:52 - 2014-11-06 17:52 - 00000000 ____D () C:\Users\Frank\Downloads\1.12_collektion(1)
2014-11-06 17:51 - 2014-11-06 17:52 - 04519421 _____ () C:\Users\Frank\Downloads\1.12_collektion(1).zip
2014-11-06 09:34 - 2014-11-06 09:34 - 00007269 _____ () C:\Users\Frank\Downloads\jQbackstretch.zip
2014-11-05 11:45 - 2014-11-05 11:45 - 10995296 _____ (Deutsche Telekom AG, Marmiko IT-Solutions GmbH ) C:\Users\Frank\Downloads\netzmanager_setup.exe
2014-11-04 16:36 - 2014-11-04 16:36 - 00000000 ____D () C:\Users\Frank\Documents\NewBlueFX
2014-11-04 16:36 - 2014-11-04 16:36 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Titler
2014-11-04 09:54 - 2014-11-04 09:54 - 00000000 ____D () C:\WINDOWS\system32\config\RegBack 2014-11-04 09-30-30
2014-11-04 09:54 - 2014-11-04 09:54 - 00000000 ____D () C:\Users\UpdatusUser\RegBack 2014-11-04 09-30-30
2014-11-04 09:54 - 2014-11-04 09:54 - 00000000 ____D () C:\Users\Frank\RegBack 2014-11-04 09-30-30
2014-11-04 09:48 - 2014-11-04 09:48 - 00070152 _____ (simplitec GmbH) C:\WINDOWS\system32\RegDefragNT.exe
2014-11-04 09:25 - 2014-11-04 09:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2014-11-03 18:33 - 2014-11-03 18:38 - 139167091 _____ () C:\Users\Frank\Downloads\Mit dem Rollstuhl duch den Harz_ Teil 1 - Torfhaus.mp4
2014-11-03 16:45 - 2014-11-03 16:45 - 00000000 ____D () C:\Users\Public\Documents\MAGIX
2014-11-03 15:40 - 2014-11-03 15:40 - 03033136 _____ (MAGIX Software GmbH) C:\Users\Frank\Downloads\videodeluxe2015plus_dlm.exe
2014-10-31 12:01 - 2014-10-31 12:02 - 06126536 _____ (Tim Kosse) C:\Users\Frank\Downloads\FileZilla_3.9.0.6_win32-setup.exe
2014-10-30 17:27 - 2014-10-30 17:27 - 00000000 ____D () C:\Program Files\Common Files\MAGIX Shared
2014-10-30 17:02 - 2014-11-06 08:37 - 00000376 _____ () C:\WINDOWS\Tasks\simplitec Power Suite.job
2014-10-30 17:02 - 2014-10-30 17:02 - 00002746 _____ () C:\WINDOWS\System32\Tasks\simplitec Power Suite
2014-10-30 17:02 - 2014-10-30 17:02 - 00000000 ____D () C:\ProgramData\simplitec
2014-10-30 13:48 - 2014-10-30 13:49 - 00000000 ____D () C:\Users\Frank\Downloads\Video_Deluxe_2015_Plus_x86_x64
2014-10-30 12:54 - 2014-10-30 13:22 - 851036253 _____ () C:\Users\Frank\Downloads\Video_Deluxe_2015_Plus_x86_x64.zip
2014-10-30 11:07 - 2014-10-30 11:07 - 05425008 _____ (MAGIX AG) C:\Users\Frank\Downloads\vdx17plus_videoplugins_de.exe
2014-10-30 09:05 - 2014-10-30 09:09 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-10-30 09:02 - 2014-10-30 09:02 - 01125200 _____ () C:\Users\Frank\Downloads\PSPad - CHIP-Installer.exe
2014-10-29 18:23 - 2014-10-29 18:26 - 91670064 _____ (The GIMP Team ) C:\Users\Frank\Downloads\gimp-2.8.14-setup.exe
2014-10-29 18:18 - 2014-10-29 18:18 - 01125200 _____ () C:\Users\Frank\Downloads\Facebook Timeline PSD Template - CHIP-Installer.exe
2014-10-29 16:41 - 2014-10-29 20:09 - 00000000 ____D () C:\Users\Frank\Downloads\IBP-Facebook-Titelbild-Vorlage.psd_
2014-10-29 16:35 - 2014-10-29 16:35 - 03572237 _____ () C:\Users\Frank\Downloads\IBP-Facebook-Titelbild-Vorlage.psd_.zip
2014-10-29 13:55 - 2014-10-29 13:55 - 00162770 _____ () C:\Users\Frank\Downloads\HTMLTag_plugin_v0.50_unicode.zip
2014-10-27 18:32 - 2014-10-27 18:32 - 00000000 ____D () C:\Users\Frank\Documents\Speedport
2014-10-26 10:59 - 2014-10-26 11:08 - 00000000 ____D () C:\Users\Frank\fdrprojects
2014-10-26 10:59 - 2014-10-26 11:01 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\fdrtools.com
2014-10-26 10:59 - 2014-10-26 10:59 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\fltk.org
2014-10-26 10:59 - 2014-10-26 10:59 - 00000000 ____D () C:\ProgramData\fltk.org
2014-10-26 10:49 - 2014-10-26 10:50 - 08168448 _____ () C:\Users\Frank\Downloads\FDRToolsBasic32261.msi
2014-10-26 10:13 - 2014-10-26 10:14 - 00001426 _____ () C:\Users\Frank\Desktop\start-backup-bav.bat.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-25 11:40 - 2013-07-14 07:48 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-25 11:15 - 2013-07-18 09:29 - 00033792 _____ () C:\Users\Frank\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-25 11:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-25 10:10 - 2013-07-13 18:09 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-348412604-1390753195-2502655749-1002
2014-11-25 08:22 - 2013-12-29 13:30 - 01065886 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-25 07:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-24 18:22 - 2014-01-07 18:43 - 00000000 ____D () C:\Users\Frank\Documents\2014
2014-11-24 17:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-11-24 16:49 - 2014-08-23 11:34 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-24 16:30 - 2013-11-14 08:27 - 01789004 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-24 16:30 - 2013-11-14 08:11 - 00768888 _____ () C:\WINDOWS\system32\perfh007.dat
2014-11-24 16:30 - 2013-11-14 08:11 - 00160706 _____ () C:\WINDOWS\system32\perfc007.dat
2014-11-24 16:29 - 2013-08-22 15:46 - 00362370 _____ () C:\WINDOWS\setupact.log
2014-11-24 10:02 - 2013-07-18 10:50 - 04205568 ___SH () C:\Users\Frank\Downloads\Thumbs.db
2014-11-24 08:44 - 2014-03-12 17:39 - 00000000 ___DO () C:\Users\Frank\SkyDrive
2014-11-24 08:44 - 2013-08-02 10:44 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Dropbox
2014-11-23 13:25 - 2013-07-19 11:07 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\FileZilla
2014-11-23 11:38 - 2013-07-21 10:40 - 00000000 ____D () C:\Users\Frank\Documents\2012
2014-11-23 09:30 - 2012-11-08 05:49 - 00038350 _____ () C:\WINDOWS\DirectX.log
2014-11-23 08:51 - 2013-12-29 13:30 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-23 08:51 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-22 20:15 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-21 13:04 - 2013-09-26 15:00 - 00000000 ____D () C:\Program Files (x86)\StarMoney 9.0
2014-11-21 12:11 - 2013-07-17 08:45 - 00000000 ____D () C:\Users\Frank\Documents\1 Exel Tabellen
2014-11-20 09:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-20 09:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-11-19 20:09 - 2013-12-29 13:34 - 00000000 ____D () C:\Users\Frank
2014-11-19 19:00 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-19 16:17 - 2013-11-13 23:18 - 00093102 _____ () C:\WINDOWS\PFRO.log
2014-11-19 12:22 - 2013-07-17 17:32 - 00000000 ____D () C:\Users\Frank\Documents\BVB
2014-11-19 08:42 - 2013-08-22 15:44 - 00761792 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-18 20:09 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-18 20:09 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-18 20:09 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-18 20:09 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-18 20:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-18 20:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-18 20:08 - 2013-07-19 09:25 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-18 20:05 - 2013-07-14 07:53 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-18 12:04 - 2013-09-27 08:45 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\GLS Vereinsmeister
2014-11-17 13:45 - 2013-07-25 16:00 - 00005607 _____ () C:\WirelessDiagLog.csv
2014-11-17 11:33 - 2014-08-23 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-17 11:31 - 2012-11-08 05:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-11-17 11:30 - 2014-08-23 11:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-17 11:30 - 2013-12-23 18:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-17 11:30 - 2013-07-31 18:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2014-11-17 11:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\registration
2014-11-17 11:19 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-11-17 11:16 - 2014-08-06 11:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-17 11:16 - 2012-11-08 05:33 - 00000000 ____D () C:\ProgramData\Intel
2014-11-17 11:16 - 2012-11-08 05:33 - 00000000 ____D () C:\Program Files\Intel
2014-11-15 16:50 - 2013-08-30 18:59 - 00000000 ____D () C:\Users\RYU
2014-11-15 16:50 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2014-11-15 16:49 - 2012-11-08 05:33 - 00025958 _____ () C:\WINDOWS\DPINST.LOG
2014-11-12 11:40 - 2013-07-14 07:48 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-11-09 08:39 - 2012-12-04 07:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-11-09 08:39 - 2012-12-04 07:45 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-11-08 11:21 - 2013-07-31 13:57 - 00045568 ___SH () C:\Users\Frank\Desktop\Thumbs.db
2014-11-08 11:19 - 2014-07-07 16:33 - 00000000 ____D () C:\Users\Frank\AppData\Local\Adobe
2014-11-07 19:34 - 2014-08-06 11:20 - 00001160 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-07 19:34 - 2013-07-14 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-07 19:34 - 2013-07-14 17:33 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-06 10:58 - 2013-07-15 10:24 - 00247632 _____ () C:\Users\Frank\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-05 10:07 - 2013-07-14 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-11-05 10:07 - 2013-07-14 15:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-04 17:43 - 2013-07-18 09:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2014-11-04 11:50 - 2012-07-26 06:26 - 00000167 _____ () C:\WINDOWS\win.ini
2014-11-04 09:55 - 2013-08-22 14:25 - 91750400 _____ () C:\WINDOWS\system32\config\SOFTWARE.bak
2014-11-04 09:55 - 2013-08-22 14:25 - 13893632 _____ () C:\WINDOWS\system32\config\SYSTEM.bak
2014-11-04 09:55 - 2013-08-22 14:25 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2014-11-04 09:53 - 2013-08-22 14:25 - 00524288 _____ () C:\WINDOWS\system32\config\DEFAULT.bak
2014-11-04 09:53 - 2013-08-22 14:25 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.bak
2014-11-04 09:30 - 2013-07-19 12:32 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\MAGIX
2014-11-04 09:30 - 2012-12-04 07:41 - 00000000 ____D () C:\ProgramData\MAGIX
2014-11-03 16:45 - 2013-07-19 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-10-31 12:02 - 2013-07-19 11:07 - 00001074 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-10-30 17:51 - 2013-07-19 13:00 - 00000000 ___RD () C:\Users\Frank\Documents\MAGIX
2014-10-30 17:27 - 2013-08-05 10:05 - 00000000 ____D () C:\Users\Frank\AppData\Local\MAGIX
2014-10-30 17:03 - 2013-07-19 12:19 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-10-30 09:09 - 2014-08-19 11:36 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Abelssoft
2014-10-30 01:55 - 2013-08-22 16:38 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-10-30 01:55 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-29 14:01 - 2014-07-12 12:32 - 00000901 _____ () C:\Users\UpdatusUser\Desktop\Notepad++.lnk
2014-10-29 14:01 - 2014-07-12 12:32 - 00000901 _____ () C:\Users\Frank\Desktop\Notepad++.lnk
2014-10-29 14:01 - 2013-11-25 19:06 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Notepad++
2014-10-27 15:26 - 2013-07-13 18:01 - 00000000 ____D () C:\Users\Frank\AppData\Local\VirtualStore

Some content of TEMP:
====================
C:\Users\Frank\AppData\Local\Temp\avgnt.exe
C:\Users\Frank\AppData\Local\Temp\ChangeIcon.exe
C:\Users\Frank\AppData\Local\Temp\CIB6CC4.tmp.exe
C:\Users\Frank\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdlwegv.dll
C:\Users\Frank\AppData\Local\Temp\icqsetup.exe
C:\Users\Frank\AppData\Local\Temp\mpam-54ba7f35.exe
C:\Users\Frank\AppData\Local\Temp\npp.6.5.4.Installer.exe
C:\Users\Frank\AppData\Local\Temp\npp.6.5.5.Installer.exe
C:\Users\Frank\AppData\Local\Temp\npp.6.6.6.Installer.exe
C:\Users\Frank\AppData\Local\Temp\npp.6.6.7.Installer.exe
C:\Users\Frank\AppData\Local\Temp\npp.6.6.9.Installer.exe
C:\Users\Frank\AppData\Local\Temp\Update_Simplitec_PowerSuite_1.5.2.2de_DE.exe
C:\Users\Frank\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Frank\AppData\Local\Temp\_is84C7.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-23 10:09

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 25.11.2014, 21:07

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

doxter · 26.11.2014, 10:23

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v4.102 - Bericht erstellt am 26/11/2014 um 10:03:04
# Aktualisiert 23/11/2014 von Xplode
# Database : 2014-11-25.1 [Live]
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Frank - ASUS-PC
# Gestartet von : C:\Users\Frank\Downloads\AdwCleaner_4.102.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : APNMCP

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\AskPartnerNetwork
Ordner Gelöscht : C:\ProgramData\simplitec
Ordner Gelöscht : C:\ProgramData\Systweak
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\Program Files (x86)\AskPartnerNetwork
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Users\Frank\AppData\Local\AskPartnerNetwork
Ordner Gelöscht : C:\Users\Frank\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Frank\AppData\Local\Temp\webget
Ordner Gelöscht : C:\Users\Frank\AppData\Roaming\Systweak
Datei Gelöscht : C:\WINDOWS\System32\roboot64.exe
Datei Gelöscht : C:\Users\Frank\daemonprocess.txt

***** [ Tasks ] *****

Task Gelöscht : Advanced System Protector
Task Gelöscht : Advanced System Protector_startup
Task Gelöscht : Dealply
Task Gelöscht : DealPlyUpdate
Task Gelöscht : RegClean Pro

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{41564952-412D-5637-00A7-7A786E7484D7}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{41564952-412D-5637-00A7-7A786E7484D7}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKCU\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\UpdateStar
Schlüssel Gelöscht : HKLM\SOFTWARE\AskPartnerNetwork
Schlüssel Gelöscht : HKLM\SOFTWARE\simplitec
Schlüssel Gelöscht : HKLM\SOFTWARE\SupTab
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Wpm
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cashcrawler.de
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.cashcrawler.de

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v33.1 (x86 de)

[0huhfyxc.default\prefs.js] - Zeile gelöscht : user_pref("extensions.ade82a7c2f70c45c4bbb565be9d6b051f003473663e234ef19f33b4e42aefcd6acom58374.58374.internaldb.Resources_meta.value", "%7B%22css/iframe.css%22%3A%7B%22id%22%3A857465%2C%22ver%22%3A61[...]
[0huhfyxc.default\prefs.js] - Zeile gelöscht : user_pref("extensions.ade82a7c2f70c45c4bbb565be9d6b051f003473663e234ef19f33b4e42aefcd6acom58374.58374.internaldb.Resources_resource_857471.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEU[...]
[0huhfyxc.default\prefs.js] - Zeile gelöscht : user_pref("extensions.ade82a7c2f70c45c4bbb565be9d6b051f003473663e234ef19f33b4e42aefcd6acom58374.58374.internaldb.Resources_resource_857476.value", "%22data%3Aimage/png%3Bbase64%2CiVBORw0KGgoAAAANSUhEU[...]
[0huhfyxc.default\prefs.js] - Zeile gelöscht : user_pref("extensions.crossrider.bic", "146ce5a55a25c22aab37880e42527116");
[0huhfyxc.default\prefs.js] - Zeile gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[0huhfyxc.default\prefs.js] - Zeile gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[0huhfyxc.default\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.MP_DISTINCT_ID", "\"147aad7216e110-0123818a1ed7ae-42504336-0-147aad7216f35e\"");
[0huhfyxc.default\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.SAUTH_expires_at", "1408288332");
[0huhfyxc.default\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.SAUTH_rndsnr", "\"2b3ccea98e50f96133e8cbc489d6b9eaab6c3cd2\"");
[0huhfyxc.default\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.SAUTH_userid", "4238876723");
[0huhfyxc.default\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.SAUTH_utoken", "\"cbc43c98e82b92125790a486d5ba3e9d6e7e5472\"");
[0huhfyxc.default\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.install", "1407320531327");

-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [6546 octets] - [26/11/2014 09:58:01]
AdwCleaner[S0].txt - [6357 octets] - [26/11/2014 10:03:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6417 octets] ##########

--- --- ---

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 8.1 x64
Ran by Frank on 26.11.2014 at 10:12:02,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util webget

~~~ Files

~~~ Folders

~~~ FireFox

Successfully deleted: [File] C:\Users\Frank\AppData\Roaming\mozilla\firefox\profiles\0huhfyxc.default\searchplugins\avira-safesearch.xml
Successfully deleted the following from C:\Users\Frank\AppData\Roaming\mozilla\firefox\profiles\0huhfyxc.default\prefs.js

user_pref("avira.safe_search.search_was_active", "false");
user_pref("extensions.ade82a7c2f70c45c4bbb565be9d6b051f003473663e234ef19f33b4e42aefcd6acom58374.58374.internaldb.Resources_resource_857468.value", "%22data%3Aimage/png%3Bbase6
user_pref("extensions.ade82a7c2f70c45c4bbb565be9d6b051f003473663e234ef19f33b4e42aefcd6acom58374.58374.internaldb.Resources_resource_857469.value", "%22data%3Aimage/png%3Bbase6
user_pref("extensions.ade82a7c2f70c45c4bbb565be9d6b051f003473663e234ef19f33b4e42aefcd6acom58374.58374.internaldb.Resources_resource_857470.value", "%22data%3Aimage/png%3Bbase6
user_pref("extensions.ade82a7c2f70c45c4bbb565be9d6b051f003473663e234ef19f33b4e42aefcd6acom58374.58374.internaldb.Resources_resource_857472.value", "%22data%3Aimage/png%3Bbase6
user_pref("extensions.ade82a7c2f70c45c4bbb565be9d6b051f003473663e234ef19f33b4e42aefcd6acom58374.58374.internaldb.Resources_resource_857473.value", "%22data%3Aimage/png%3Bbase6
user_pref("extensions.ade82a7c2f70c45c4bbb565be9d6b051f003473663e234ef19f33b4e42aefcd6acom58374.58374.internaldb.Resources_resource_857474.value", "%22data%3Aimage/png%3Bbase6
user_pref("extensions.ade82a7c2f70c45c4bbb565be9d6b051f003473663e234ef19f33b4e42aefcd6acom58374.58374.internaldb.Resources_resource_857475.value", "%22data%3Aimage/png%3Bbase6
user_pref("extensions.ade82a7c2f70c45c4bbb565be9d6b051f003473663e234ef19f33b4e42aefcd6acom58374.58374.internaldb.Resources_resource_857477.value", "%22data%3Aimage/png%3Bbase6
Emptied folder: C:\Users\Frank\AppData\Roaming\mozilla\firefox\profiles\0huhfyxc.default\minidumps [89 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.11.2014 at 10:13:45,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014 01
Ran by Frank (administrator) on ASUS-PC on 26-11-2014 10:20:14
Running from C:\Users\Frank\Downloads
Loaded Profile: Frank (Available profiles: UpdatusUser & Frank)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Samsung) C:\Program Files (x86)\Samsung\PC Auto Backup\WiselinkPro.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() C:\Program Files (x86)\Samsung\PC Auto Backup\http_ss_win_pro.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Key Suite\AsKeySuite.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHVE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHVE.EXE
(Dropbox, Inc.) C:\Users\Frank\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6839952 2012-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1218704 2012-09-26] (Realtek Semiconductor)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [ASUS Easy Update] => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [195200 2012-05-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-08] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [547984 2012-08-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [TrayServer] => D:\Program Files (x86)\MAGIX\Video_deluxe_17_Plus\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [Ulead AutoDetector v2] => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe [90112 2004-11-26] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [NeroFilterCheck] => C:\WINDOWS\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [InCD] => d:\Program Files (x86)\Ahead\InCD\InCD.exe [1237042 2003-12-05] (Ahead Software AG)
HKLM-x32\...\Run: [IR_SERVER] => C:\PROGRA~1\Realtek\REALTE~1\IR_SERVER.exe
HKLM-x32\...\Run: [Cashcrawler_Surfbar] => D:\Program Files (x86)\Tools\cc\Cashcrawler_Surfbar.exe [1994752 2014-02-16] (LKTechnik & Michael Dewitz)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\Run: [EPLTarget\P0000000000000003] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\MountPoints2: {93f7af59-14b1-11e3-be7d-08606e07ad67} - "G:\iLinker.exe" 
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs: , C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit64.dll [18856 2012-10-02] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CIB image Speedlauncher.lnk
ShortcutTarget: CIB image Speedlauncher.lnk -> C:\Program Files (x86)\CIB software GmbH\CIB image\CibImage.exe (CIB Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PC Auto Backup.lnk
ShortcutTarget: PC Auto Backup.lnk -> C:\Program Files (x86)\Samsung\PC Auto Backup\AutoBackup.exe (Samsung)
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-13.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-14.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-16.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-18.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-19.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-20.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cashcrawler.exe ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Frank\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GLS Reminder.lnk
ShortcutTarget: GLS Reminder.lnk -> D:\Program Files (x86)\GLS Vereinsmeister\BIN32\vminder.exe (GLS Software & Systeme)
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-348412604-1390753195-2502655749-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.klamm.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKU\S-1-5-21-348412604-1390753195-2502655749-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-348412604-1390753195-2502655749-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default
FF DefaultSearchEngine: benefind
FF SelectedSearchEngine: benefind
FF Homepage: hxxp://www.klamm.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @cib.de/CibImage -> C:\Program Files (x86)\CIB software GmbH\CIB image\npCibImageFirefox32.dll (CIB software GmbH, München)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-348412604-1390753195-2502655749-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Frank\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default\searchplugins\benefind.xml
FF Extension: Avira Browser Safety - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default\Extensions\abs@avira.com [2014-11-19]
FF Extension: German Dictionary - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-10-08]
FF Extension: No Name - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default\Extensions\de82a7c2-f70c-45c4-bbb5-65be9d6b051f@00347366-3e23-4ef1-9f33-b4e42aefcd6a.com [2014-11-26]
FF Extension: Gooding Toolbar - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default\Extensions\gooding-toolbar@gooding.de [2014-09-01]
FF Extension: benefind-shop-addon - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default\Extensions\kontakt@benefind.de.xpi [2014-06-26]

Chrome: 
=======
CHR Profile: C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [995064 2014-11-18] (Avira Operations GmbH & Co. KG)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
S2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WiselinkPro; C:\Program Files (x86)\Samsung\PC Auto Backup\WiselinkPro.exe [7278657 2013-02-08] (Samsung) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-23] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43064 2014-10-09] (Avira Operations GmbH & Co. KG)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 S332x64; C:\Windows\system32\DRIVERS\S332x64.sys [78080 2012-02-27] (Identive                                                    )
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2014-03-19] (Seiko Epson Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-11-29] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-10] (Windows (R) Win 7 DDK provider)
S3 NTIDrvr; \??\C:\Program Files (x86)\Common Files\muvee Technologies\071203\NTIDrvr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-26 10:13 - 2014-11-26 10:13 - 00002611 _____ () C:\Users\Frank\Desktop\JRT.txt
2014-11-26 10:10 - 2014-11-26 10:10 - 01707532 _____ (Thisisu) C:\Users\Frank\Downloads\JRT.exe
2014-11-26 09:57 - 2014-11-26 10:03 - 00000000 ____D () C:\AdwCleaner
2014-11-26 09:35 - 2014-11-26 09:35 - 02148864 _____ () C:\Users\Frank\Downloads\AdwCleaner_4.102.exe
2014-11-25 11:43 - 2014-11-26 10:20 - 00021940 _____ () C:\Users\Frank\Downloads\FRST.txt
2014-11-25 11:42 - 2014-11-26 10:20 - 00000000 ____D () C:\FRST
2014-11-25 11:40 - 2014-11-25 11:40 - 02118144 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe
2014-11-23 09:30 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2014-11-23 09:28 - 2014-11-23 10:04 - 00000000 ____D () C:\Users\Frank\AppData\Local\PhotoGenie
2014-11-23 09:14 - 2014-11-23 09:14 - 00000867 _____ () C:\Users\Frank\Desktop\Lidl-Fotos.lnk
2014-11-23 09:14 - 2014-11-23 09:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lidl-Fotos
2014-11-23 09:13 - 2014-11-23 09:13 - 00000000 ____D () C:\ProgramData\PhotoGenie
2014-11-23 09:06 - 2014-11-23 09:12 - 191698064 _____ ( ) C:\Users\Frank\Downloads\Lidl_Fotos_Setup.exe
2014-11-22 15:09 - 2014-11-22 15:13 - 91561567 _____ () C:\Users\Frank\Downloads\ElLiOrGrHiiVoTw.rar
2014-11-22 15:02 - 2014-11-22 15:02 - 00000000 ____D () C:\Users\Frank\Downloads\BeGeBeOf
2014-11-22 14:50 - 2014-11-22 14:51 - 00000000 ____D () C:\Users\Frank\Downloads\Santana_20-_20Borboletta_20_281974%29
2014-11-22 14:44 - 2014-11-22 14:51 - 108869278 _____ () C:\Users\Frank\Downloads\BeGeBeOf.rar
2014-11-22 14:40 - 2014-11-22 14:51 - 203121010 _____ () C:\Users\Frank\Downloads\Carlos_Santana--Original_Album_Classics-3CD-2010-OMA-CannaPower.rar
2014-11-22 14:38 - 2014-11-22 14:44 - 111040551 _____ () C:\Users\Frank\Downloads\Santana%20-%20Borboletta%20%281974%29.rar
2014-11-21 10:06 - 2014-11-21 10:07 - 10995296 _____ (Deutsche Telekom AG, Marmiko IT-Solutions GmbH ) C:\Users\Frank\Downloads\netzmanager_setup(1).exe
2014-11-19 12:04 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-19 12:04 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-19 12:04 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-19 12:04 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-11-19 09:35 - 2014-11-19 09:36 - 00000000 ____D () C:\Users\Frank\Downloads\fck
2014-11-19 09:35 - 2014-11-19 09:35 - 00000000 ____D () C:\Users\Frank\Downloads\Eric_Clapton-Unplugged-_28Deluxe_Edition%29-2CD-2013-404
2014-11-19 09:34 - 2014-11-19 09:37 - 00000000 ____D () C:\Users\Frank\Downloads\Chopin-PianoConcerto
2014-11-19 09:34 - 2014-11-19 09:36 - 00000000 ____D () C:\Users\Frank\Downloads\Manfred_20Manns_20Earthband_1992_20_20Years_20_281971-1991%29
2014-11-17 13:15 - 2014-11-17 13:21 - 185873472 _____ () C:\Users\Frank\Downloads\Eric_Clapton-Unplugged-%28Deluxe_Edition%29-2CD-2013-404.rar
2014-11-17 13:09 - 2014-11-17 13:14 - 52922197 _____ () C:\Users\Frank\Downloads\Manfred%20Manns%20Earthband_1992_20%20Years%20%281971-1991%29.rar
2014-11-17 13:08 - 2014-11-17 13:13 - 60941943 _____ () C:\Users\Frank\Downloads\Chopin-PianoConcerto-CannaPower.zip
2014-11-17 13:04 - 2014-11-17 13:14 - 207739751 _____ () C:\Users\Frank\Downloads\fck.rar
2014-11-17 12:23 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-17 12:23 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-17 12:23 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-17 12:23 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-11-17 12:23 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-17 12:22 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-11-17 12:22 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-11-17 12:22 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-17 12:22 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-17 12:22 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-11-17 12:22 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-17 12:22 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-17 12:22 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-11-17 12:21 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-11-17 12:21 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-17 12:21 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-11-17 12:21 - 2014-09-07 23:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-17 12:21 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-11-17 12:21 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-11-17 12:21 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-17 12:21 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-11-17 12:21 - 2014-08-31 01:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-11-17 12:21 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-17 12:21 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-17 12:21 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-17 12:21 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-17 12:21 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-11-17 12:21 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-17 12:21 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-17 12:21 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-17 12:21 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-11-17 12:20 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-11-17 12:20 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-17 12:20 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-17 12:20 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-11-17 12:20 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-17 12:20 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-17 12:20 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-17 12:20 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-17 12:20 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-11-17 12:20 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-17 12:20 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-11-17 12:20 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-17 12:20 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-11-17 12:20 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2014-11-17 12:20 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2014-11-17 12:19 - 2014-10-31 06:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-17 12:19 - 2014-10-31 04:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-17 12:19 - 2014-10-07 07:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-11-17 12:19 - 2014-10-07 07:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-11-17 12:19 - 2014-10-07 07:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-17 12:19 - 2014-10-07 07:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-11-17 12:19 - 2014-10-07 07:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-17 12:19 - 2014-10-07 04:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-17 12:19 - 2014-10-07 04:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-17 12:19 - 2014-10-07 04:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-17 12:19 - 2014-10-07 02:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-17 12:19 - 2014-10-07 02:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-17 12:19 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-17 12:19 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-17 12:18 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-11-17 12:18 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-11-17 12:18 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-11-17 12:18 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-11-17 12:18 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-11-17 12:18 - 2014-10-31 06:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-11-17 12:18 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-11-17 12:18 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-17 12:18 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-17 12:18 - 2014-10-31 06:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-17 12:18 - 2014-10-31 06:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-11-17 12:18 - 2014-10-31 06:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-11-17 12:18 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-17 12:18 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-17 12:18 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-11-17 12:18 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-11-17 12:18 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-11-17 12:18 - 2014-10-31 05:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-17 12:18 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-11-17 12:18 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-11-17 12:18 - 2014-10-31 05:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-17 12:18 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-11-17 12:18 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-11-17 12:18 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-17 12:18 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-17 12:18 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-17 12:18 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-11-17 12:18 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-11-17 12:18 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-17 12:18 - 2014-10-31 05:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-17 12:18 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-11-17 12:18 - 2014-10-31 05:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-11-17 12:18 - 2014-10-31 05:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-17 12:18 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-11-17 12:18 - 2014-10-31 05:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-11-17 12:18 - 2014-10-31 05:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-11-17 12:18 - 2014-10-31 05:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-17 12:18 - 2014-10-31 05:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-17 12:18 - 2014-10-31 05:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-17 12:18 - 2014-10-31 05:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-17 12:18 - 2014-10-31 04:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-17 12:18 - 2014-10-31 04:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-17 12:18 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-17 12:18 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-11-17 12:18 - 2014-10-31 04:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-17 12:18 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-11-17 12:18 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-11-17 12:18 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-17 12:18 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-17 12:18 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-17 12:18 - 2014-10-31 04:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-11-17 12:18 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-11-17 12:18 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-17 12:18 - 2014-10-31 04:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-11-17 12:18 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-17 12:18 - 2014-10-31 04:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-11-17 12:18 - 2014-10-31 04:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-11-17 12:18 - 2014-10-31 04:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-17 12:18 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-17 12:18 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-17 12:18 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-17 12:18 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-11-17 12:18 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-11-17 12:18 - 2014-10-31 04:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-17 12:18 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-17 12:18 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-17 12:18 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-17 12:18 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-17 12:18 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-17 12:18 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-11-17 12:18 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-17 12:18 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-11-17 12:18 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-17 12:18 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-17 12:18 - 2014-10-31 03:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-17 12:18 - 2014-10-31 03:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-11-17 12:18 - 2014-10-31 03:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-17 12:18 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-11-17 12:18 - 2014-10-31 03:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-17 12:18 - 2014-10-31 03:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-11-17 12:18 - 2014-10-31 03:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-11-17 12:18 - 2014-10-31 03:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-17 12:18 - 2014-10-31 03:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-17 12:18 - 2014-10-31 03:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-17 12:18 - 2014-10-31 03:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-17 12:18 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-17 12:18 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-17 12:18 - 2014-10-31 03:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-17 12:18 - 2014-10-31 03:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-17 12:18 - 2014-10-31 03:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-11-17 12:18 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-17 12:18 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-17 12:18 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-17 12:18 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-17 12:18 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-17 12:18 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-11-17 12:18 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-17 12:18 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-17 12:18 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-17 12:18 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-11-17 12:18 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-11-17 12:18 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-17 12:18 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-17 12:18 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-17 12:18 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-17 12:18 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-17 12:18 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-17 12:18 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-17 12:17 - 2014-10-18 10:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-11-17 12:17 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-11-17 12:17 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-11-17 12:17 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-11-17 12:17 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-11-17 12:17 - 2014-10-18 07:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-11-17 12:17 - 2014-10-18 07:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-11-17 12:17 - 2014-10-18 07:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-11-17 12:17 - 2014-10-18 07:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-17 12:17 - 2014-10-18 07:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-11-17 12:17 - 2014-10-18 07:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-11-17 12:17 - 2014-10-18 07:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-11-17 12:17 - 2014-10-18 07:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-11-17 12:17 - 2014-10-18 07:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-11-17 12:17 - 2014-10-18 07:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-11-17 12:17 - 2014-10-18 07:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-11-15 19:18 - 2014-11-15 19:18 - 00017388 _____ () C:\Users\Frank\Downloads\Formular(1).zip
2014-11-15 16:49 - 2014-11-17 11:30 - 00000000 ____D () C:\ProgramData\Intel.sav
2014-11-15 16:43 - 2014-11-15 16:43 - 00664768 _____ (Copyright© 2012-2013 Intel Corporation. All rights reserved.) C:\Users\Frank\Downloads\Intel(R) WiDi Update Tool(1).exe
2014-11-15 16:41 - 2014-11-15 16:41 - 05353024 _____ () C:\Users\Frank\Downloads\SETUP_Win81_Updater_02(1).exe
2014-11-11 09:01 - 2014-11-11 09:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 10:37 - 2014-11-10 10:37 - 11666104 _____ () C:\Users\Frank\Downloads\moziloCMS_Backup_Include_catpage_layouts_plugins_docu_2014_11_10_10-37-11.zip
2014-11-10 10:36 - 2014-11-10 10:36 - 02361037 _____ () C:\Users\Frank\Downloads\moziloCMS_Backup_Include_layouts_2014_11_10_10-36-49.zip
2014-11-09 18:17 - 2014-11-09 18:52 - 176370030 _____ () C:\Users\Frank\Downloads\Kamera-Uploads.zip
2014-11-08 11:21 - 2014-11-08 11:22 - 00001734 _____ () C:\Users\Frank\Desktop\BVB.lnk
2014-11-07 14:32 - 2014-11-07 14:32 - 00000000 ____D () C:\Users\Frank\AppData\Local\GHISLER
2014-11-07 14:30 - 2014-11-07 17:06 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\GHISLER
2014-11-07 14:30 - 2014-11-07 14:30 - 00000811 _____ () C:\Users\Public\Desktop\Total Commander 64 bit.lnk
2014-11-07 14:30 - 2014-11-07 14:30 - 00000799 _____ () C:\Users\Public\Desktop\Total Commander.lnk
2014-11-07 14:30 - 2014-11-07 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2014-11-07 14:27 - 2014-11-07 14:27 - 01125200 _____ () C:\Users\Frank\Downloads\Total Commander - CHIP-Installer.exe
2014-11-06 17:52 - 2014-11-06 17:52 - 00000000 ____D () C:\Users\Frank\Downloads\1.12_collektion(1)
2014-11-06 17:51 - 2014-11-06 17:52 - 04519421 _____ () C:\Users\Frank\Downloads\1.12_collektion(1).zip
2014-11-06 09:34 - 2014-11-06 09:34 - 00007269 _____ () C:\Users\Frank\Downloads\jQbackstretch.zip
2014-11-05 11:45 - 2014-11-05 11:45 - 10995296 _____ (Deutsche Telekom AG, Marmiko IT-Solutions GmbH ) C:\Users\Frank\Downloads\netzmanager_setup.exe
2014-11-04 16:36 - 2014-11-04 16:36 - 00000000 ____D () C:\Users\Frank\Documents\NewBlueFX
2014-11-04 16:36 - 2014-11-04 16:36 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Titler
2014-11-04 09:54 - 2014-11-04 09:54 - 00000000 ____D () C:\WINDOWS\system32\config\RegBack 2014-11-04 09-30-30
2014-11-04 09:54 - 2014-11-04 09:54 - 00000000 ____D () C:\Users\UpdatusUser\RegBack 2014-11-04 09-30-30
2014-11-04 09:54 - 2014-11-04 09:54 - 00000000 ____D () C:\Users\Frank\RegBack 2014-11-04 09-30-30
2014-11-04 09:48 - 2014-11-04 09:48 - 00070152 _____ (simplitec GmbH) C:\WINDOWS\system32\RegDefragNT.exe
2014-11-04 09:25 - 2014-11-04 09:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2014-11-03 18:33 - 2014-11-03 18:38 - 139167091 _____ () C:\Users\Frank\Downloads\Mit dem Rollstuhl duch den Harz_ Teil 1 - Torfhaus.mp4
2014-11-03 16:45 - 2014-11-03 16:45 - 00000000 ____D () C:\Users\Public\Documents\MAGIX
2014-11-03 15:40 - 2014-11-03 15:40 - 03033136 _____ (MAGIX Software GmbH) C:\Users\Frank\Downloads\videodeluxe2015plus_dlm.exe
2014-10-31 12:01 - 2014-10-31 12:02 - 06126536 _____ (Tim Kosse) C:\Users\Frank\Downloads\FileZilla_3.9.0.6_win32-setup.exe
2014-10-30 17:27 - 2014-10-30 17:27 - 00000000 ____D () C:\Program Files\Common Files\MAGIX Shared
2014-10-30 17:02 - 2014-11-06 08:37 - 00000376 _____ () C:\WINDOWS\Tasks\simplitec Power Suite.job
2014-10-30 17:02 - 2014-10-30 17:02 - 00002746 _____ () C:\WINDOWS\System32\Tasks\simplitec Power Suite
2014-10-30 13:48 - 2014-10-30 13:49 - 00000000 ____D () C:\Users\Frank\Downloads\Video_Deluxe_2015_Plus_x86_x64
2014-10-30 12:54 - 2014-10-30 13:22 - 851036253 _____ () C:\Users\Frank\Downloads\Video_Deluxe_2015_Plus_x86_x64.zip
2014-10-30 11:07 - 2014-10-30 11:07 - 05425008 _____ (MAGIX AG) C:\Users\Frank\Downloads\vdx17plus_videoplugins_de.exe
2014-10-30 09:05 - 2014-10-30 09:09 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-10-30 09:02 - 2014-10-30 09:02 - 01125200 _____ () C:\Users\Frank\Downloads\PSPad - CHIP-Installer.exe
2014-10-29 18:23 - 2014-10-29 18:26 - 91670064 _____ (The GIMP Team ) C:\Users\Frank\Downloads\gimp-2.8.14-setup.exe
2014-10-29 18:18 - 2014-10-29 18:18 - 01125200 _____ () C:\Users\Frank\Downloads\Facebook Timeline PSD Template - CHIP-Installer.exe
2014-10-29 16:41 - 2014-10-29 20:09 - 00000000 ____D () C:\Users\Frank\Downloads\IBP-Facebook-Titelbild-Vorlage.psd_
2014-10-29 16:35 - 2014-10-29 16:35 - 03572237 _____ () C:\Users\Frank\Downloads\IBP-Facebook-Titelbild-Vorlage.psd_.zip
2014-10-29 13:55 - 2014-10-29 13:55 - 00162770 _____ () C:\Users\Frank\Downloads\HTMLTag_plugin_v0.50_unicode.zip
2014-10-27 18:32 - 2014-10-27 18:32 - 00000000 ____D () C:\Users\Frank\Documents\Speedport

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-26 10:11 - 2013-12-29 13:30 - 01305999 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-26 10:08 - 2014-03-12 17:39 - 00000000 ___DO () C:\Users\Frank\SkyDrive
2014-11-26 10:08 - 2013-08-02 10:44 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Dropbox
2014-11-26 10:06 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-26 10:06 - 2013-07-14 07:48 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-26 10:05 - 2013-12-29 13:30 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-26 10:05 - 2013-11-13 23:18 - 00093416 _____ () C:\WINDOWS\PFRO.log
2014-11-26 10:05 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-26 10:03 - 2013-12-29 13:34 - 00000000 ____D () C:\Users\Frank
2014-11-26 10:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-26 09:56 - 2014-01-07 18:43 - 00000000 ____D () C:\Users\Frank\Documents\2014
2014-11-26 09:40 - 2013-07-14 07:48 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-11-26 08:48 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-26 08:47 - 2013-11-14 08:27 - 01789004 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-26 08:47 - 2013-11-14 08:11 - 00768888 _____ () C:\WINDOWS\system32\perfh007.dat
2014-11-26 08:47 - 2013-11-14 08:11 - 00160706 _____ () C:\WINDOWS\system32\perfc007.dat
2014-11-26 08:47 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-25 18:57 - 2013-07-17 08:45 - 00000000 ____D () C:\Users\Frank\Documents\1 Exel Tabellen
2014-11-25 17:55 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-11-25 14:59 - 2013-09-26 15:00 - 00000000 ____D () C:\Program Files (x86)\StarMoney 9.0
2014-11-25 12:31 - 2013-07-21 11:43 - 00000000 ____D () C:\Users\Frank\Documents\PDF
2014-11-25 11:15 - 2013-07-18 09:29 - 00033792 _____ () C:\Users\Frank\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-25 10:10 - 2013-07-13 18:09 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-348412604-1390753195-2502655749-1002
2014-11-24 16:49 - 2014-08-23 11:34 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-24 16:29 - 2013-08-22 15:46 - 00362370 _____ () C:\WINDOWS\setupact.log
2014-11-24 10:02 - 2013-07-18 10:50 - 04205568 ___SH () C:\Users\Frank\Downloads\Thumbs.db
2014-11-23 13:25 - 2013-07-19 11:07 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\FileZilla
2014-11-23 11:38 - 2013-07-21 10:40 - 00000000 ____D () C:\Users\Frank\Documents\2012
2014-11-23 09:30 - 2012-11-08 05:49 - 00038350 _____ () C:\WINDOWS\DirectX.log
2014-11-20 09:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-20 09:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-11-19 12:22 - 2013-07-17 17:32 - 00000000 ____D () C:\Users\Frank\Documents\BVB
2014-11-19 08:42 - 2013-08-22 15:44 - 00761792 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-18 20:09 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-18 20:09 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-18 20:09 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-18 20:09 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-18 20:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-18 20:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-18 20:08 - 2013-07-19 09:25 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-18 20:05 - 2013-07-14 07:53 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-18 12:04 - 2013-09-27 08:45 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\GLS Vereinsmeister
2014-11-17 13:45 - 2013-07-25 16:00 - 00005607 _____ () C:\WirelessDiagLog.csv
2014-11-17 11:33 - 2014-08-23 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-17 11:31 - 2012-11-08 05:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-11-17 11:30 - 2014-08-23 11:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-17 11:30 - 2013-12-23 18:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-17 11:30 - 2013-07-31 18:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2014-11-17 11:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\registration
2014-11-17 11:19 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-11-17 11:16 - 2014-08-06 11:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-17 11:16 - 2012-11-08 05:33 - 00000000 ____D () C:\ProgramData\Intel
2014-11-17 11:16 - 2012-11-08 05:33 - 00000000 ____D () C:\Program Files\Intel
2014-11-15 16:50 - 2013-08-30 18:59 - 00000000 ____D () C:\Users\RYU
2014-11-15 16:50 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2014-11-15 16:49 - 2012-11-08 05:33 - 00025958 _____ () C:\WINDOWS\DPINST.LOG
2014-11-09 08:39 - 2012-12-04 07:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-11-09 08:39 - 2012-12-04 07:45 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-11-08 11:21 - 2013-07-31 13:57 - 00045568 ___SH () C:\Users\Frank\Desktop\Thumbs.db
2014-11-08 11:19 - 2014-07-07 16:33 - 00000000 ____D () C:\Users\Frank\AppData\Local\Adobe
2014-11-07 19:34 - 2014-08-06 11:20 - 00001160 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-07 19:34 - 2013-07-14 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-07 19:34 - 2013-07-14 17:33 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-06 10:58 - 2013-07-15 10:24 - 00247632 _____ () C:\Users\Frank\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-05 10:07 - 2013-07-14 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-11-05 10:07 - 2013-07-14 15:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-04 17:43 - 2013-07-18 09:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2014-11-04 11:50 - 2012-07-26 06:26 - 00000167 _____ () C:\WINDOWS\win.ini
2014-11-04 09:55 - 2013-08-22 14:25 - 91750400 _____ () C:\WINDOWS\system32\config\SOFTWARE.bak
2014-11-04 09:55 - 2013-08-22 14:25 - 13893632 _____ () C:\WINDOWS\system32\config\SYSTEM.bak
2014-11-04 09:55 - 2013-08-22 14:25 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2014-11-04 09:53 - 2013-08-22 14:25 - 00524288 _____ () C:\WINDOWS\system32\config\DEFAULT.bak
2014-11-04 09:53 - 2013-08-22 14:25 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.bak
2014-11-04 09:30 - 2013-07-19 12:32 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\MAGIX
2014-11-04 09:30 - 2012-12-04 07:41 - 00000000 ____D () C:\ProgramData\MAGIX
2014-11-03 16:45 - 2013-07-19 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-10-31 12:02 - 2013-07-19 11:07 - 00001074 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-10-30 17:51 - 2013-07-19 13:00 - 00000000 ___RD () C:\Users\Frank\Documents\MAGIX
2014-10-30 17:27 - 2013-08-05 10:05 - 00000000 ____D () C:\Users\Frank\AppData\Local\MAGIX
2014-10-30 17:03 - 2013-07-19 12:19 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-10-30 09:09 - 2014-08-19 11:36 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Abelssoft
2014-10-30 01:55 - 2013-08-22 16:38 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-10-30 01:55 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-29 14:01 - 2014-07-12 12:32 - 00000901 _____ () C:\Users\UpdatusUser\Desktop\Notepad++.lnk
2014-10-29 14:01 - 2014-07-12 12:32 - 00000901 _____ () C:\Users\Frank\Desktop\Notepad++.lnk
2014-10-29 14:01 - 2013-11-25 19:06 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Notepad++
2014-10-27 15:26 - 2013-07-13 18:01 - 00000000 ____D () C:\Users\Frank\AppData\Local\VirtualStore

Some content of TEMP:
====================
C:\Users\Frank\AppData\Local\Temp\avgnt.exe
C:\Users\Frank\AppData\Local\Temp\ChangeIcon.exe
C:\Users\Frank\AppData\Local\Temp\CIB6CC4.tmp.exe
C:\Users\Frank\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpeyxbgv.dll
C:\Users\Frank\AppData\Local\Temp\icqsetup.exe
C:\Users\Frank\AppData\Local\Temp\mpam-54ba7f35.exe
C:\Users\Frank\AppData\Local\Temp\npp.6.5.4.Installer.exe
C:\Users\Frank\AppData\Local\Temp\npp.6.5.5.Installer.exe
C:\Users\Frank\AppData\Local\Temp\npp.6.6.6.Installer.exe
C:\Users\Frank\AppData\Local\Temp\npp.6.6.7.Installer.exe
C:\Users\Frank\AppData\Local\Temp\npp.6.6.9.Installer.exe
C:\Users\Frank\AppData\Local\Temp\Quarantine.exe
C:\Users\Frank\AppData\Local\Temp\sqlite3.dll
C:\Users\Frank\AppData\Local\Temp\Update_Simplitec_PowerSuite_1.5.2.2de_DE.exe
C:\Users\Frank\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Frank\AppData\Local\Temp\_is84C7.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-23 10:09

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 27.11.2014, 08:09

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

doxter · 27.11.2014, 13:20

Im Eset Programm Ordner befinden sich nur 3 Dateien, kein log.txt

Es wurden 10 Bedrohungen gefunden und deinstalliert.

Wo finde ich nun die log.txt?

Results of screen317's Security Check version 0.99.90
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Windows Defender
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 55
Java version out of Date!
Adobe Flash Player 15.0.0.239
Adobe Reader 10.1.12 Adobe Reader out of Date!
Mozilla Firefox (33.1)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
ESET ESET Online Scanner OnlineScannerApp.exe
StarMoney 9.0 ouservice StarMoneyOnlineUpdate.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01
Ran by Frank (administrator) on ASUS-PC on 27-11-2014 13:19:05
Running from C:\Users\Frank\Downloads
Loaded Profile: Frank (Available profiles: UpdatusUser & Frank)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Samsung) C:\Program Files (x86)\Samsung\PC Auto Backup\WiselinkPro.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() C:\Program Files (x86)\Samsung\PC Auto Backup\http_ss_win_pro.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Key Suite\AsKeySuite.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHVE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHVE.EXE
(Dropbox, Inc.) C:\Users\Frank\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(ACD Systems International Inc.) D:\Programme\ACDSee12\ACDSee\12.0\ACDSee12.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6839952 2012-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1218704 2012-09-26] (Realtek Semiconductor)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [ASUS Easy Update] => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [195200 2012-05-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-08] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [547984 2012-08-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [TrayServer] => D:\Program Files (x86)\MAGIX\Video_deluxe_17_Plus\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [Ulead AutoDetector v2] => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe [90112 2004-11-26] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [NeroFilterCheck] => C:\WINDOWS\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [InCD] => d:\Program Files (x86)\Ahead\InCD\InCD.exe [1237042 2003-12-05] (Ahead Software AG)
HKLM-x32\...\Run: [IR_SERVER] => C:\PROGRA~1\Realtek\REALTE~1\IR_SERVER.exe
HKLM-x32\...\Run: [Cashcrawler_Surfbar] => D:\Program Files (x86)\Tools\cc\Cashcrawler_Surfbar.exe [1994752 2014-02-16] (LKTechnik & Michael Dewitz)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\Run: [EPLTarget\P0000000000000003] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\MountPoints2: {93f7af59-14b1-11e3-be7d-08606e07ad67} - "G:\iLinker.exe" 
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs: , C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit64.dll [18856 2012-10-02] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CIB image Speedlauncher.lnk
ShortcutTarget: CIB image Speedlauncher.lnk -> C:\Program Files (x86)\CIB software GmbH\CIB image\CibImage.exe (CIB Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PC Auto Backup.lnk
ShortcutTarget: PC Auto Backup.lnk -> C:\Program Files (x86)\Samsung\PC Auto Backup\AutoBackup.exe (Samsung)
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-13.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-14.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-16.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-18.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-19.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-20.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cashcrawler.exe ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Frank\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GLS Reminder.lnk
ShortcutTarget: GLS Reminder.lnk -> D:\Program Files (x86)\GLS Vereinsmeister\BIN32\vminder.exe (GLS Software & Systeme)
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-348412604-1390753195-2502655749-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.klamm.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKU\S-1-5-21-348412604-1390753195-2502655749-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-348412604-1390753195-2502655749-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default
FF DefaultSearchEngine: benefind
FF SelectedSearchEngine: benefind
FF Homepage: hxxp://www.klamm.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @cib.de/CibImage -> C:\Program Files (x86)\CIB software GmbH\CIB image\npCibImageFirefox32.dll (CIB software GmbH, München)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-348412604-1390753195-2502655749-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Frank\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default\searchplugins\benefind.xml
FF Extension: Avira Browser Safety - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default\Extensions\abs@avira.com [2014-11-19]
FF Extension: German Dictionary - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-10-08]
FF Extension: No Name - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default\Extensions\de82a7c2-f70c-45c4-bbb5-65be9d6b051f@00347366-3e23-4ef1-9f33-b4e42aefcd6a.com [2014-11-27]
FF Extension: Gooding Toolbar - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default\Extensions\gooding-toolbar@gooding.de [2014-09-01]
FF Extension: benefind-shop-addon - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default\Extensions\kontakt@benefind.de.xpi [2014-06-26]

Chrome: 
=======
CHR Profile: C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [995064 2014-11-18] (Avira Operations GmbH & Co. KG)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
S2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WiselinkPro; C:\Program Files (x86)\Samsung\PC Auto Backup\WiselinkPro.exe [7278657 2013-02-08] (Samsung) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-23] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43064 2014-10-09] (Avira Operations GmbH & Co. KG)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 S332x64; C:\Windows\system32\DRIVERS\S332x64.sys [78080 2012-02-27] (Identive                                                    )
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2014-03-19] (Seiko Epson Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-11-29] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-10] (Windows (R) Win 7 DDK provider)
S3 NTIDrvr; \??\C:\Program Files (x86)\Common Files\muvee Technologies\071203\NTIDrvr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-27 13:19 - 2014-11-27 13:19 - 00022213 _____ () C:\Users\Frank\Downloads\FRST.txt
2014-11-27 13:18 - 2014-11-27 13:18 - 00000000 ____D () C:\Users\Frank\Downloads\FRST-OlderVersion
2014-11-27 12:32 - 2014-11-27 12:32 - 00854414 _____ () C:\Users\Frank\Downloads\SecurityCheck.exe
2014-11-27 09:34 - 2014-11-27 09:34 - 02347384 _____ (ESET) C:\Users\Frank\Downloads\esetsmartinstaller_deu.exe
2014-11-26 10:21 - 2014-11-26 10:22 - 00037660 _____ () C:\Users\Frank\Downloads\Addition.txt
2014-11-26 10:13 - 2014-11-26 10:13 - 00002611 _____ () C:\Users\Frank\Desktop\JRT.txt
2014-11-26 10:10 - 2014-11-26 10:10 - 01707532 _____ (Thisisu) C:\Users\Frank\Downloads\JRT.exe
2014-11-26 09:57 - 2014-11-26 10:03 - 00000000 ____D () C:\AdwCleaner
2014-11-26 09:35 - 2014-11-26 09:35 - 02148864 _____ () C:\Users\Frank\Downloads\AdwCleaner_4.102.exe
2014-11-25 11:42 - 2014-11-27 13:19 - 00000000 ____D () C:\FRST
2014-11-25 11:40 - 2014-11-27 13:18 - 02117632 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe
2014-11-23 09:30 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2014-11-23 09:28 - 2014-11-23 10:04 - 00000000 ____D () C:\Users\Frank\AppData\Local\PhotoGenie
2014-11-23 09:14 - 2014-11-23 09:14 - 00000867 _____ () C:\Users\Frank\Desktop\Lidl-Fotos.lnk
2014-11-23 09:14 - 2014-11-23 09:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lidl-Fotos
2014-11-23 09:13 - 2014-11-23 09:13 - 00000000 ____D () C:\ProgramData\PhotoGenie
2014-11-23 09:06 - 2014-11-23 09:12 - 191698064 _____ ( ) C:\Users\Frank\Downloads\Lidl_Fotos_Setup.exe
2014-11-22 15:09 - 2014-11-22 15:13 - 91561567 _____ () C:\Users\Frank\Downloads\ElLiOrGrHiiVoTw.rar
2014-11-22 15:02 - 2014-11-22 15:02 - 00000000 ____D () C:\Users\Frank\Downloads\BeGeBeOf
2014-11-22 14:50 - 2014-11-22 14:51 - 00000000 ____D () C:\Users\Frank\Downloads\Santana_20-_20Borboletta_20_281974%29
2014-11-22 14:44 - 2014-11-22 14:51 - 108869278 _____ () C:\Users\Frank\Downloads\BeGeBeOf.rar
2014-11-22 14:40 - 2014-11-22 14:51 - 203121010 _____ () C:\Users\Frank\Downloads\Carlos_Santana--Original_Album_Classics-3CD-2010-OMA-CannaPower.rar
2014-11-22 14:38 - 2014-11-22 14:44 - 111040551 _____ () C:\Users\Frank\Downloads\Santana%20-%20Borboletta%20%281974%29.rar
2014-11-21 10:06 - 2014-11-21 10:07 - 10995296 _____ (Deutsche Telekom AG, Marmiko IT-Solutions GmbH ) C:\Users\Frank\Downloads\netzmanager_setup(1).exe
2014-11-19 12:04 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-19 12:04 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-19 12:04 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-19 12:04 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-11-19 09:35 - 2014-11-19 09:36 - 00000000 ____D () C:\Users\Frank\Downloads\fck
2014-11-19 09:35 - 2014-11-19 09:35 - 00000000 ____D () C:\Users\Frank\Downloads\Eric_Clapton-Unplugged-_28Deluxe_Edition%29-2CD-2013-404
2014-11-19 09:34 - 2014-11-19 09:37 - 00000000 ____D () C:\Users\Frank\Downloads\Chopin-PianoConcerto
2014-11-19 09:34 - 2014-11-19 09:36 - 00000000 ____D () C:\Users\Frank\Downloads\Manfred_20Manns_20Earthband_1992_20_20Years_20_281971-1991%29
2014-11-17 13:15 - 2014-11-17 13:21 - 185873472 _____ () C:\Users\Frank\Downloads\Eric_Clapton-Unplugged-%28Deluxe_Edition%29-2CD-2013-404.rar
2014-11-17 13:09 - 2014-11-17 13:14 - 52922197 _____ () C:\Users\Frank\Downloads\Manfred%20Manns%20Earthband_1992_20%20Years%20%281971-1991%29.rar
2014-11-17 13:08 - 2014-11-17 13:13 - 60941943 _____ () C:\Users\Frank\Downloads\Chopin-PianoConcerto-CannaPower.zip
2014-11-17 13:04 - 2014-11-17 13:14 - 207739751 _____ () C:\Users\Frank\Downloads\fck.rar
2014-11-17 12:23 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-17 12:23 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-17 12:23 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-17 12:23 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-11-17 12:23 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-17 12:22 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-11-17 12:22 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-11-17 12:22 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-17 12:22 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-17 12:22 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-11-17 12:22 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-17 12:22 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-17 12:22 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-11-17 12:21 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-11-17 12:21 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-17 12:21 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-11-17 12:21 - 2014-09-07 23:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-17 12:21 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-11-17 12:21 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-11-17 12:21 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-17 12:21 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-11-17 12:21 - 2014-08-31 01:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-11-17 12:21 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-17 12:21 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-17 12:21 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-17 12:21 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-17 12:21 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-11-17 12:21 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-17 12:21 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-17 12:21 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-17 12:21 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-11-17 12:20 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-11-17 12:20 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-17 12:20 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-17 12:20 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-11-17 12:20 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-17 12:20 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-17 12:20 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-17 12:20 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-17 12:20 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-11-17 12:20 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-17 12:20 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-11-17 12:20 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-17 12:20 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-11-17 12:20 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2014-11-17 12:20 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2014-11-17 12:19 - 2014-10-31 06:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-17 12:19 - 2014-10-31 04:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-17 12:19 - 2014-10-07 07:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-11-17 12:19 - 2014-10-07 07:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-11-17 12:19 - 2014-10-07 07:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-17 12:19 - 2014-10-07 07:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-11-17 12:19 - 2014-10-07 07:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-17 12:19 - 2014-10-07 04:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-17 12:19 - 2014-10-07 04:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-17 12:19 - 2014-10-07 04:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-17 12:19 - 2014-10-07 02:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-17 12:19 - 2014-10-07 02:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-17 12:19 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-17 12:19 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-17 12:18 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-11-17 12:18 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-11-17 12:18 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-11-17 12:18 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-11-17 12:18 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-11-17 12:18 - 2014-10-31 06:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-11-17 12:18 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-11-17 12:18 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-17 12:18 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-17 12:18 - 2014-10-31 06:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-17 12:18 - 2014-10-31 06:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-11-17 12:18 - 2014-10-31 06:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-11-17 12:18 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-17 12:18 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-17 12:18 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-11-17 12:18 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-11-17 12:18 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-11-17 12:18 - 2014-10-31 05:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-17 12:18 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-11-17 12:18 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-11-17 12:18 - 2014-10-31 05:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-17 12:18 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-11-17 12:18 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-11-17 12:18 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-17 12:18 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-17 12:18 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-17 12:18 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-11-17 12:18 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-11-17 12:18 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-17 12:18 - 2014-10-31 05:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-17 12:18 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-11-17 12:18 - 2014-10-31 05:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-11-17 12:18 - 2014-10-31 05:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-17 12:18 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-11-17 12:18 - 2014-10-31 05:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-11-17 12:18 - 2014-10-31 05:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-11-17 12:18 - 2014-10-31 05:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-17 12:18 - 2014-10-31 05:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-17 12:18 - 2014-10-31 05:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-17 12:18 - 2014-10-31 05:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-17 12:18 - 2014-10-31 04:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-17 12:18 - 2014-10-31 04:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-17 12:18 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-17 12:18 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-11-17 12:18 - 2014-10-31 04:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-17 12:18 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-11-17 12:18 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-11-17 12:18 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-17 12:18 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-17 12:18 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-17 12:18 - 2014-10-31 04:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-11-17 12:18 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-11-17 12:18 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-17 12:18 - 2014-10-31 04:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-11-17 12:18 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-17 12:18 - 2014-10-31 04:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-11-17 12:18 - 2014-10-31 04:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-11-17 12:18 - 2014-10-31 04:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-17 12:18 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-17 12:18 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-17 12:18 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-17 12:18 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-11-17 12:18 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-11-17 12:18 - 2014-10-31 04:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-17 12:18 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-17 12:18 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-17 12:18 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-17 12:18 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-17 12:18 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-17 12:18 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-11-17 12:18 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-17 12:18 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-11-17 12:18 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-17 12:18 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-17 12:18 - 2014-10-31 03:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-17 12:18 - 2014-10-31 03:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-11-17 12:18 - 2014-10-31 03:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-17 12:18 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-11-17 12:18 - 2014-10-31 03:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-17 12:18 - 2014-10-31 03:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-11-17 12:18 - 2014-10-31 03:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-11-17 12:18 - 2014-10-31 03:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-17 12:18 - 2014-10-31 03:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-17 12:18 - 2014-10-31 03:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-17 12:18 - 2014-10-31 03:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-17 12:18 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-17 12:18 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-17 12:18 - 2014-10-31 03:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-17 12:18 - 2014-10-31 03:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-17 12:18 - 2014-10-31 03:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-11-17 12:18 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-17 12:18 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-17 12:18 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-17 12:18 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-17 12:18 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-17 12:18 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-11-17 12:18 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-17 12:18 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-17 12:18 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-17 12:18 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-11-17 12:18 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-11-17 12:18 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-17 12:18 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-17 12:18 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-17 12:18 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-17 12:18 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-17 12:18 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-17 12:18 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-17 12:17 - 2014-10-18 10:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-11-17 12:17 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-11-17 12:17 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-11-17 12:17 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-11-17 12:17 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-11-17 12:17 - 2014-10-18 07:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-11-17 12:17 - 2014-10-18 07:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-11-17 12:17 - 2014-10-18 07:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-11-17 12:17 - 2014-10-18 07:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-17 12:17 - 2014-10-18 07:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-11-17 12:17 - 2014-10-18 07:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-11-17 12:17 - 2014-10-18 07:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-11-17 12:17 - 2014-10-18 07:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-11-17 12:17 - 2014-10-18 07:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-11-17 12:17 - 2014-10-18 07:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-11-17 12:17 - 2014-10-18 07:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-11-15 19:18 - 2014-11-15 19:18 - 00017388 _____ () C:\Users\Frank\Downloads\Formular(1).zip
2014-11-15 16:49 - 2014-11-17 11:30 - 00000000 ____D () C:\ProgramData\Intel.sav
2014-11-15 16:43 - 2014-11-15 16:43 - 00664768 _____ (Copyright© 2012-2013 Intel Corporation. All rights reserved.) C:\Users\Frank\Downloads\Intel(R) WiDi Update Tool(1).exe
2014-11-15 16:41 - 2014-11-15 16:41 - 05353024 _____ () C:\Users\Frank\Downloads\SETUP_Win81_Updater_02(1).exe
2014-11-11 09:01 - 2014-11-11 09:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 10:37 - 2014-11-10 10:37 - 11666104 _____ () C:\Users\Frank\Downloads\moziloCMS_Backup_Include_catpage_layouts_plugins_docu_2014_11_10_10-37-11.zip
2014-11-10 10:36 - 2014-11-10 10:36 - 02361037 _____ () C:\Users\Frank\Downloads\moziloCMS_Backup_Include_layouts_2014_11_10_10-36-49.zip
2014-11-09 18:17 - 2014-11-09 18:52 - 176370030 _____ () C:\Users\Frank\Downloads\Kamera-Uploads.zip
2014-11-08 11:21 - 2014-11-08 11:22 - 00001734 _____ () C:\Users\Frank\Desktop\BVB.lnk
2014-11-07 14:32 - 2014-11-07 14:32 - 00000000 ____D () C:\Users\Frank\AppData\Local\GHISLER
2014-11-07 14:30 - 2014-11-07 17:06 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\GHISLER
2014-11-07 14:30 - 2014-11-07 14:30 - 00000811 _____ () C:\Users\Public\Desktop\Total Commander 64 bit.lnk
2014-11-07 14:30 - 2014-11-07 14:30 - 00000799 _____ () C:\Users\Public\Desktop\Total Commander.lnk
2014-11-07 14:30 - 2014-11-07 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2014-11-07 14:27 - 2014-11-07 14:27 - 01125200 _____ () C:\Users\Frank\Downloads\Total Commander - CHIP-Installer.exe
2014-11-06 17:52 - 2014-11-06 17:52 - 00000000 ____D () C:\Users\Frank\Downloads\1.12_collektion(1)
2014-11-06 17:51 - 2014-11-06 17:52 - 04519421 _____ () C:\Users\Frank\Downloads\1.12_collektion(1).zip
2014-11-06 09:34 - 2014-11-06 09:34 - 00007269 _____ () C:\Users\Frank\Downloads\jQbackstretch.zip
2014-11-05 11:45 - 2014-11-05 11:45 - 10995296 _____ (Deutsche Telekom AG, Marmiko IT-Solutions GmbH ) C:\Users\Frank\Downloads\netzmanager_setup.exe
2014-11-04 16:36 - 2014-11-04 16:36 - 00000000 ____D () C:\Users\Frank\Documents\NewBlueFX
2014-11-04 16:36 - 2014-11-04 16:36 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Titler
2014-11-04 09:54 - 2014-11-04 09:54 - 00000000 ____D () C:\WINDOWS\system32\config\RegBack 2014-11-04 09-30-30
2014-11-04 09:54 - 2014-11-04 09:54 - 00000000 ____D () C:\Users\UpdatusUser\RegBack 2014-11-04 09-30-30
2014-11-04 09:54 - 2014-11-04 09:54 - 00000000 ____D () C:\Users\Frank\RegBack 2014-11-04 09-30-30
2014-11-04 09:48 - 2014-11-04 09:48 - 00070152 _____ (simplitec GmbH) C:\WINDOWS\system32\RegDefragNT.exe
2014-11-04 09:25 - 2014-11-04 09:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2014-11-03 18:33 - 2014-11-03 18:38 - 139167091 _____ () C:\Users\Frank\Downloads\Mit dem Rollstuhl duch den Harz_ Teil 1 - Torfhaus.mp4
2014-11-03 16:45 - 2014-11-03 16:45 - 00000000 ____D () C:\Users\Public\Documents\MAGIX
2014-11-03 15:40 - 2014-11-03 15:40 - 03033136 _____ (MAGIX Software GmbH) C:\Users\Frank\Downloads\videodeluxe2015plus_dlm.exe
2014-10-31 12:01 - 2014-10-31 12:02 - 06126536 _____ (Tim Kosse) C:\Users\Frank\Downloads\FileZilla_3.9.0.6_win32-setup.exe
2014-10-30 17:27 - 2014-10-30 17:27 - 00000000 ____D () C:\Program Files\Common Files\MAGIX Shared
2014-10-30 17:02 - 2014-11-06 08:37 - 00000376 _____ () C:\WINDOWS\Tasks\simplitec Power Suite.job
2014-10-30 17:02 - 2014-10-30 17:02 - 00002746 _____ () C:\WINDOWS\System32\Tasks\simplitec Power Suite
2014-10-30 13:48 - 2014-10-30 13:49 - 00000000 ____D () C:\Users\Frank\Downloads\Video_Deluxe_2015_Plus_x86_x64
2014-10-30 12:54 - 2014-10-30 13:22 - 851036253 _____ () C:\Users\Frank\Downloads\Video_Deluxe_2015_Plus_x86_x64.zip
2014-10-30 11:07 - 2014-10-30 11:07 - 05425008 _____ (MAGIX AG) C:\Users\Frank\Downloads\vdx17plus_videoplugins_de.exe
2014-10-30 09:05 - 2014-10-30 09:09 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-10-30 09:02 - 2014-10-30 09:02 - 01125200 _____ () C:\Users\Frank\Downloads\PSPad - CHIP-Installer.exe
2014-10-29 18:23 - 2014-10-29 18:26 - 91670064 _____ (The GIMP Team ) C:\Users\Frank\Downloads\gimp-2.8.14-setup.exe
2014-10-29 18:18 - 2014-10-29 18:18 - 01125200 _____ () C:\Users\Frank\Downloads\Facebook Timeline PSD Template - CHIP-Installer.exe
2014-10-29 16:41 - 2014-10-29 20:09 - 00000000 ____D () C:\Users\Frank\Downloads\IBP-Facebook-Titelbild-Vorlage.psd_
2014-10-29 16:35 - 2014-10-29 16:35 - 03572237 _____ () C:\Users\Frank\Downloads\IBP-Facebook-Titelbild-Vorlage.psd_.zip
2014-10-29 13:55 - 2014-10-29 13:55 - 00162770 _____ () C:\Users\Frank\Downloads\HTMLTag_plugin_v0.50_unicode.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-27 13:06 - 2013-12-29 13:30 - 01477530 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-27 13:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-27 12:40 - 2013-07-14 07:48 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-27 10:53 - 2014-03-12 17:39 - 00000000 ___DO () C:\Users\Frank\SkyDrive
2014-11-27 10:53 - 2013-08-02 10:44 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Dropbox
2014-11-27 10:51 - 2013-12-29 13:30 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-27 10:51 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-27 10:50 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-27 10:47 - 2013-07-21 11:43 - 00000000 ____D () C:\Users\Frank\Documents\PDF
2014-11-27 09:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-27 09:21 - 2013-09-26 15:00 - 00000000 ____D () C:\Program Files (x86)\StarMoney 9.0
2014-11-26 18:37 - 2014-01-07 18:43 - 00000000 ____D () C:\Users\Frank\Documents\2014
2014-11-26 18:34 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-11-26 10:47 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-26 10:05 - 2013-11-13 23:18 - 00093416 _____ () C:\WINDOWS\PFRO.log
2014-11-26 10:03 - 2013-12-29 13:34 - 00000000 ____D () C:\Users\Frank
2014-11-26 09:40 - 2013-07-14 07:48 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-11-26 08:47 - 2013-11-14 08:27 - 01789004 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-26 08:47 - 2013-11-14 08:11 - 00768888 _____ () C:\WINDOWS\system32\perfh007.dat
2014-11-26 08:47 - 2013-11-14 08:11 - 00160706 _____ () C:\WINDOWS\system32\perfc007.dat
2014-11-25 18:57 - 2013-07-17 08:45 - 00000000 ____D () C:\Users\Frank\Documents\1 Exel Tabellen
2014-11-25 11:15 - 2013-07-18 09:29 - 00033792 _____ () C:\Users\Frank\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-25 10:10 - 2013-07-13 18:09 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-348412604-1390753195-2502655749-1002
2014-11-24 16:49 - 2014-08-23 11:34 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-24 16:29 - 2013-08-22 15:46 - 00362370 _____ () C:\WINDOWS\setupact.log
2014-11-24 10:02 - 2013-07-18 10:50 - 04205568 ___SH () C:\Users\Frank\Downloads\Thumbs.db
2014-11-23 13:25 - 2013-07-19 11:07 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\FileZilla
2014-11-23 11:38 - 2013-07-21 10:40 - 00000000 ____D () C:\Users\Frank\Documents\2012
2014-11-23 09:30 - 2012-11-08 05:49 - 00038350 _____ () C:\WINDOWS\DirectX.log
2014-11-20 21:51 - 2013-08-22 16:38 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-20 21:51 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-20 09:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-20 09:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-11-19 12:22 - 2013-07-17 17:32 - 00000000 ____D () C:\Users\Frank\Documents\BVB
2014-11-19 08:42 - 2013-08-22 15:44 - 00761792 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-18 20:09 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-18 20:09 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-18 20:09 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-18 20:09 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-18 20:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-18 20:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-18 20:08 - 2013-07-19 09:25 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-18 20:05 - 2013-07-14 07:53 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-18 12:04 - 2013-09-27 08:45 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\GLS Vereinsmeister
2014-11-17 13:45 - 2013-07-25 16:00 - 00005607 _____ () C:\WirelessDiagLog.csv
2014-11-17 11:33 - 2014-08-23 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-17 11:31 - 2012-11-08 05:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-11-17 11:30 - 2014-08-23 11:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-17 11:30 - 2013-12-23 18:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-17 11:30 - 2013-07-31 18:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2014-11-17 11:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\registration
2014-11-17 11:19 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-11-17 11:16 - 2014-08-06 11:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-17 11:16 - 2012-11-08 05:33 - 00000000 ____D () C:\ProgramData\Intel
2014-11-17 11:16 - 2012-11-08 05:33 - 00000000 ____D () C:\Program Files\Intel
2014-11-15 16:50 - 2013-08-30 18:59 - 00000000 ____D () C:\Users\RYU
2014-11-15 16:50 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2014-11-15 16:49 - 2012-11-08 05:33 - 00025958 _____ () C:\WINDOWS\DPINST.LOG
2014-11-09 08:39 - 2012-12-04 07:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-11-09 08:39 - 2012-12-04 07:45 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-11-08 11:21 - 2013-07-31 13:57 - 00045568 ___SH () C:\Users\Frank\Desktop\Thumbs.db
2014-11-08 11:19 - 2014-07-07 16:33 - 00000000 ____D () C:\Users\Frank\AppData\Local\Adobe
2014-11-07 19:34 - 2014-08-06 11:20 - 00001160 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-07 19:34 - 2013-07-14 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-07 19:34 - 2013-07-14 17:33 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-06 10:58 - 2013-07-15 10:24 - 00247632 _____ () C:\Users\Frank\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-05 10:07 - 2013-07-14 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-11-05 10:07 - 2013-07-14 15:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-04 17:43 - 2013-07-18 09:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2014-11-04 11:50 - 2012-07-26 06:26 - 00000167 _____ () C:\WINDOWS\win.ini
2014-11-04 09:55 - 2013-08-22 14:25 - 91750400 _____ () C:\WINDOWS\system32\config\SOFTWARE.bak
2014-11-04 09:55 - 2013-08-22 14:25 - 13893632 _____ () C:\WINDOWS\system32\config\SYSTEM.bak
2014-11-04 09:55 - 2013-08-22 14:25 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2014-11-04 09:53 - 2013-08-22 14:25 - 00524288 _____ () C:\WINDOWS\system32\config\DEFAULT.bak
2014-11-04 09:53 - 2013-08-22 14:25 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.bak
2014-11-04 09:30 - 2013-07-19 12:32 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\MAGIX
2014-11-04 09:30 - 2012-12-04 07:41 - 00000000 ____D () C:\ProgramData\MAGIX
2014-11-03 16:45 - 2013-07-19 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-10-31 12:02 - 2013-07-19 11:07 - 00001074 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-10-30 17:51 - 2013-07-19 13:00 - 00000000 ___RD () C:\Users\Frank\Documents\MAGIX
2014-10-30 17:27 - 2013-08-05 10:05 - 00000000 ____D () C:\Users\Frank\AppData\Local\MAGIX
2014-10-30 17:03 - 2013-07-19 12:19 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-10-30 09:09 - 2014-08-19 11:36 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Abelssoft
2014-10-29 14:01 - 2014-07-12 12:32 - 00000901 _____ () C:\Users\UpdatusUser\Desktop\Notepad++.lnk
2014-10-29 14:01 - 2014-07-12 12:32 - 00000901 _____ () C:\Users\Frank\Desktop\Notepad++.lnk
2014-10-29 14:01 - 2013-11-25 19:06 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Notepad++

Some content of TEMP:
====================
C:\Users\Frank\AppData\Local\Temp\avgnt.exe
C:\Users\Frank\AppData\Local\Temp\ChangeIcon.exe
C:\Users\Frank\AppData\Local\Temp\CIB6CC4.tmp.exe
C:\Users\Frank\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpge0edb.dll
C:\Users\Frank\AppData\Local\Temp\icqsetup.exe
C:\Users\Frank\AppData\Local\Temp\mpam-54ba7f35.exe
C:\Users\Frank\AppData\Local\Temp\npp.6.5.4.Installer.exe
C:\Users\Frank\AppData\Local\Temp\npp.6.5.5.Installer.exe
C:\Users\Frank\AppData\Local\Temp\npp.6.6.6.Installer.exe
C:\Users\Frank\AppData\Local\Temp\npp.6.6.7.Installer.exe
C:\Users\Frank\AppData\Local\Temp\npp.6.6.9.Installer.exe
C:\Users\Frank\AppData\Local\Temp\Quarantine.exe
C:\Users\Frank\AppData\Local\Temp\sqlite3.dll
C:\Users\Frank\AppData\Local\Temp\Update_Simplitec_PowerSuite_1.5.2.2de_DE.exe
C:\Users\Frank\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Frank\AppData\Local\Temp\_is84C7.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-26 10:45

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 28.11.2014, 08:46

Java und Adobe updaten. Das Log von ESET sollte genau dort zu finden sein. Was wurde denn gefunden?

doxter · 28.11.2014, 16:39

Es war komischer weise nur 3 Dateien im Ordner und nicht mehrere, wie auf dem Screen.
Mittlerweile habe ich Eset wieder gelöscht, werde dieses aber wiederholen.
Gerde eben habe ich erneut mit Malwarebytes überprüft, erneut Meldungen. Anbei nun das Logfile.

Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 28.11.2014
Suchlauf-Zeit: 10:09:59
Logdatei: logfile-amb.txt
Administrator: Ja

Version: 2.00.3.1025
Malware Datenbank: v2014.11.28.03
Rootkit Datenbank: v2014.11.22.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Frank

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 399521
Verstrichene Zeit: 16 Min, 30 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 2
PUP.Optional.CrossRider.A, C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default\extensions\de82a7c2-f70c-45c4-bbb5-65be9d6b051f@00347366-3e23-4ef1-9f33-b4e42aefcd6a.com, , [9192ad942953f93de59ea56f788b9868],
PUP.Optional.CrossRider.A, C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\0huhfyxc.default\extensions\de82a7c2-f70c-45c4-bbb5-65be9d6b051f@00347366-3e23-4ef1-9f33-b4e42aefcd6a.com\extensionData, , [9192ad942953f93de59ea56f788b9868],

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)

(end)

Nun hat es geklapt, 8 Bedrohingen gefunden obwohl bereits nach letztem Scan 10 glöscht wurden.

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=1716a6ae32f839419a06e4f8256d0ca6
# engine=21308
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-28 01:48:59
# local_time=2014-11-28 02:48:59 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 21717 43363037 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 844794 8569475 0 0
# scanned=659860
# found=8
# cleaned=0
# scan_time=14551
sh=E176D7F68E9CC6D03E8555B51565423033CDF6A9 ft=0 fh=0000000000000000 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Frank\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.2.5.zip.vir"
sh=CD814F8CAC8880831029BCA4568031141FFE8534 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Frank\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir"
sh=DBA5072E532B0A5E0BC080C99DBD1DDB45A489E0 ft=0 fh=0000000000000000 vn="Win32/Adware.ADON evtl. unerwünschte Anwendung" ac=I fn="F:\NB-FRANK\Backup Set 2013-01-01 180009\Backup Files 2013-01-01 180009\Backup files 1.zip"
sh=2831F89D60291A135AC445384CDCACAB60A244DB ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="F:\NB-FRANK\Backup Set 2013-01-01 180009\Backup Files 2013-01-01 180009\Backup files 6.zip"
sh=7A16E6A672C0A99A386564DE5ACCA7AF2D2A4DE0 ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="F:\NB-FRANK\Backup Set 2013-01-01 180009\Backup Files 2013-06-01 180004\Backup files 1.zip"
sh=4FBD905B6906A188A08B41B26A81CE66F4A66041 ft=0 fh=0000000000000000 vn="Win32/Somoto.A evtl. unerwünschte Anwendung" ac=I fn="F:\NB-FRANK\Backup Set 2013-01-01 180009\Backup Files 2013-06-01 180004\Backup files 8.zip"
sh=507F018682B79CEACB2CCDF127021ACAC38FE591 ft=0 fh=0000000000000000 vn="Win32/Adware.ADON evtl. unerwünschte Anwendung" ac=I fn="F:\NB-FRANK\Backup Set 2013-01-01 180009\Backup Files 2013-07-01 180004\Backup files 1.zip"
sh=9BD8248F8E135B625BAD2B129724E5B8C3FBF81E ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="F:\NB-FRANK\Backup Set 2013-01-01 180009\Backup Files 2013-07-01 180004\Backup files 5.zip"

schrauber · 29.11.2014, 12:23

Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen

Frisches FRST Log bitte. Noch PRobleme?

doxter · 30.11.2014, 13:36

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01
Ran by Frank (administrator) on ASUS-PC on 30-11-2014 12:51:43
Running from C:\Users\Frank\Downloads
Loaded Profiles: Frank &  (Available profiles: UpdatusUser & Frank)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Samsung) C:\Program Files (x86)\Samsung\PC Auto Backup\WiselinkPro.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() C:\Program Files (x86)\Samsung\PC Auto Backup\http_ss_win_pro.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\CIB software GmbH\CIB pdf brewer\CIBnotifier64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Key Suite\AsKeySuite.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHVE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHVE.EXE
(Dropbox, Inc.) C:\Users\Frank\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ACD Systems International Inc.) D:\Programme\ACDSee12\ACDSee\12.0\ACDSee12.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6839952 2012-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1218704 2012-09-26] (Realtek Semiconductor)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [ASUS Easy Update] => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [195200 2012-05-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-08] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [547984 2012-08-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [TrayServer] => D:\Program Files (x86)\MAGIX\Video_deluxe_17_Plus\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [Ulead AutoDetector v2] => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe [90112 2004-11-26] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [NeroFilterCheck] => C:\WINDOWS\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [InCD] => d:\Program Files (x86)\Ahead\InCD\InCD.exe [1237042 2003-12-05] (Ahead Software AG)
HKLM-x32\...\Run: [IR_SERVER] => C:\PROGRA~1\Realtek\REALTE~1\IR_SERVER.exe
HKLM-x32\...\Run: [Cashcrawler_Surfbar] => D:\Program Files (x86)\Tools\cc\Cashcrawler_Surfbar.exe [1994752 2014-02-16] (LKTechnik & Michael Dewitz)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-348412604-1390753195-2502655749-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-348412604-1390753195-2502655749-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\Run: [EPLTarget\P0000000000000003] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\...\MountPoints2: {93f7af59-14b1-11e3-be7d-08606e07ad67} - "G:\iLinker.exe" 
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000003] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {93f7af59-14b1-11e3-be7d-08606e07ad67} - "G:\iLinker.exe" 
HKU\User-3\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKU\User-3\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON CORPORATION)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs: , C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit64.dll [18856 2012-10-02] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CIB image Speedlauncher.lnk
ShortcutTarget: CIB image Speedlauncher.lnk -> C:\Program Files (x86)\CIB software GmbH\CIB image\CibImage.exe (CIB Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PC Auto Backup.lnk
ShortcutTarget: PC Auto Backup.lnk -> C:\Program Files (x86)\Samsung\PC Auto Backup\AutoBackup.exe (Samsung)
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-13.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-14.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-16.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-18.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-19.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2013-09-20.log ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cashcrawler.exe ()
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Frank\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GLS Reminder.lnk
ShortcutTarget: GLS Reminder.lnk -> D:\Program Files (x86)\GLS Vereinsmeister\BIN32\vminder.exe (GLS Software & Systeme)
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-348412604-1390753195-2502655749-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-348412604-1390753195-2502655749-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-348412604-1390753195-2502655749-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.klamm.de/
HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.klamm.de/
HKU\User-3\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\User-3\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKU\S-1-5-21-348412604-1390753195-2502655749-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-348412604-1390753195-2502655749-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-348412604-1390753195-2502655749-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKU\User-3 -> No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\09kkd97l.default-1417346077585
FF Homepage: hxxp://www.klamm.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @cib.de/CibImage -> C:\Program Files (x86)\CIB software GmbH\CIB image\npCibImageFirefox32.dll (CIB software GmbH, München)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-348412604-1390753195-2502655749-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Frank\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-348412604-1390753195-2502655749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Frank\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

Chrome: 
=======
CHR Profile: C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [995064 2014-11-18] (Avira Operations GmbH & Co. KG)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
S2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WiselinkPro; C:\Program Files (x86)\Samsung\PC Auto Backup\WiselinkPro.exe [7278657 2013-02-08] (Samsung) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-23] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43064 2014-10-09] (Avira Operations GmbH & Co. KG)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-11-30] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 S332x64; C:\Windows\system32\DRIVERS\S332x64.sys [78080 2012-02-27] (Identive                                                    )
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2014-03-19] (Seiko Epson Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-11-29] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-10] (Windows (R) Win 7 DDK provider)
S3 NTIDrvr; \??\C:\Program Files (x86)\Common Files\muvee Technologies\071203\NTIDrvr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-30 12:14 - 2014-11-30 12:14 - 00000000 ____D () C:\Users\Frank\Desktop\Alte Firefox-Daten
2014-11-30 11:53 - 2014-11-30 11:53 - 00001507 _____ () C:\Users\Frank\Desktop\firefox.exe - Verknüpfung.lnk
2014-11-30 11:40 - 2014-11-30 11:50 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-30 11:40 - 2014-11-30 11:50 - 00001166 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-30 11:40 - 2014-11-30 11:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-30 11:38 - 2014-11-30 11:47 - 00244392 _____ () C:\Users\Frank\Downloads\Firefox Setup Stub 33.1.1.exe
2014-11-30 11:21 - 2014-11-30 11:21 - 00000000 __SHD () C:\Users\Frank\AppData\Local\EmieBrowserModeList
2014-11-30 11:00 - 2014-11-30 11:00 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Frank\Downloads\revosetup95.exe
2014-11-28 19:57 - 2014-11-30 12:42 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-28 19:57 - 2014-11-28 19:57 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-11-28 16:42 - 2014-11-28 16:42 - 00001191 _____ () C:\Users\Frank\Downloads\eset-found-bedohungen.txt
2014-11-28 10:42 - 2014-11-28 10:42 - 02347384 _____ (ESET) C:\Users\Frank\Downloads\esetsmartinstaller_deu(1).exe
2014-11-27 13:19 - 2014-11-30 12:51 - 00023688 _____ () C:\Users\Frank\Downloads\FRST.txt
2014-11-27 13:18 - 2014-11-27 13:18 - 00000000 ____D () C:\Users\Frank\Downloads\FRST-OlderVersion
2014-11-27 12:32 - 2014-11-27 12:32 - 00854414 _____ () C:\Users\Frank\Downloads\SecurityCheck.exe
2014-11-27 09:34 - 2014-11-27 09:34 - 02347384 _____ (ESET) C:\Users\Frank\Downloads\esetsmartinstaller_deu.exe
2014-11-26 10:21 - 2014-11-26 10:22 - 00037660 _____ () C:\Users\Frank\Downloads\Addition.txt
2014-11-26 10:10 - 2014-11-26 10:10 - 01707532 _____ (Thisisu) C:\Users\Frank\Downloads\JRT.exe
2014-11-26 09:57 - 2014-11-26 10:03 - 00000000 ____D () C:\AdwCleaner
2014-11-26 09:35 - 2014-11-26 09:35 - 02148864 _____ () C:\Users\Frank\Downloads\AdwCleaner_4.102.exe
2014-11-25 11:42 - 2014-11-30 12:51 - 00000000 ____D () C:\FRST
2014-11-25 11:40 - 2014-11-27 13:18 - 02117632 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe
2014-11-23 09:30 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2014-11-23 09:28 - 2014-11-23 10:04 - 00000000 ____D () C:\Users\Frank\AppData\Local\PhotoGenie
2014-11-23 09:14 - 2014-11-23 09:14 - 00000867 _____ () C:\Users\Frank\Desktop\Lidl-Fotos.lnk
2014-11-23 09:14 - 2014-11-23 09:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lidl-Fotos
2014-11-23 09:13 - 2014-11-23 09:13 - 00000000 ____D () C:\ProgramData\PhotoGenie
2014-11-23 09:06 - 2014-11-23 09:12 - 191698064 _____ ( ) C:\Users\Frank\Downloads\Lidl_Fotos_Setup.exe
2014-11-22 15:09 - 2014-11-22 15:13 - 91561567 _____ () C:\Users\Frank\Downloads\ElLiOrGrHiiVoTw.rar
2014-11-22 15:02 - 2014-11-22 15:02 - 00000000 ____D () C:\Users\Frank\Downloads\BeGeBeOf
2014-11-22 14:50 - 2014-11-22 14:51 - 00000000 ____D () C:\Users\Frank\Downloads\Santana_20-_20Borboletta_20_281974%29
2014-11-22 14:44 - 2014-11-22 14:51 - 108869278 _____ () C:\Users\Frank\Downloads\BeGeBeOf.rar
2014-11-22 14:40 - 2014-11-22 14:51 - 203121010 _____ () C:\Users\Frank\Downloads\Carlos_Santana--Original_Album_Classics-3CD-2010-OMA-CannaPower.rar
2014-11-22 14:38 - 2014-11-22 14:44 - 111040551 _____ () C:\Users\Frank\Downloads\Santana%20-%20Borboletta%20%281974%29.rar
2014-11-21 10:06 - 2014-11-21 10:07 - 10995296 _____ (Deutsche Telekom AG, Marmiko IT-Solutions GmbH ) C:\Users\Frank\Downloads\netzmanager_setup(1).exe
2014-11-19 12:04 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-19 12:04 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-19 12:04 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-19 12:04 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-11-19 09:35 - 2014-11-19 09:36 - 00000000 ____D () C:\Users\Frank\Downloads\fck
2014-11-19 09:35 - 2014-11-19 09:35 - 00000000 ____D () C:\Users\Frank\Downloads\Eric_Clapton-Unplugged-_28Deluxe_Edition%29-2CD-2013-404
2014-11-19 09:34 - 2014-11-19 09:37 - 00000000 ____D () C:\Users\Frank\Downloads\Chopin-PianoConcerto
2014-11-19 09:34 - 2014-11-19 09:36 - 00000000 ____D () C:\Users\Frank\Downloads\Manfred_20Manns_20Earthband_1992_20_20Years_20_281971-1991%29
2014-11-17 13:15 - 2014-11-17 13:21 - 185873472 _____ () C:\Users\Frank\Downloads\Eric_Clapton-Unplugged-%28Deluxe_Edition%29-2CD-2013-404.rar
2014-11-17 13:09 - 2014-11-17 13:14 - 52922197 _____ () C:\Users\Frank\Downloads\Manfred%20Manns%20Earthband_1992_20%20Years%20%281971-1991%29.rar
2014-11-17 13:08 - 2014-11-17 13:13 - 60941943 _____ () C:\Users\Frank\Downloads\Chopin-PianoConcerto-CannaPower.zip
2014-11-17 13:04 - 2014-11-17 13:14 - 207739751 _____ () C:\Users\Frank\Downloads\fck.rar
2014-11-17 12:23 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-17 12:23 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-17 12:23 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-17 12:23 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-11-17 12:23 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-17 12:22 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-11-17 12:22 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-11-17 12:22 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-17 12:22 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-17 12:22 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-11-17 12:22 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-17 12:22 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-17 12:22 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-11-17 12:21 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-11-17 12:21 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-17 12:21 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-11-17 12:21 - 2014-09-07 23:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-17 12:21 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-11-17 12:21 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-11-17 12:21 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-17 12:21 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-11-17 12:21 - 2014-08-31 01:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-11-17 12:21 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-17 12:21 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-17 12:21 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-17 12:21 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-17 12:21 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-11-17 12:21 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-17 12:21 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-17 12:21 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-17 12:21 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-11-17 12:20 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-11-17 12:20 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-17 12:20 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-17 12:20 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-11-17 12:20 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-17 12:20 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-17 12:20 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-17 12:20 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-17 12:20 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-11-17 12:20 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-17 12:20 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-11-17 12:20 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-17 12:20 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-11-17 12:20 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2014-11-17 12:20 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2014-11-17 12:19 - 2014-10-31 06:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-17 12:19 - 2014-10-31 04:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-17 12:19 - 2014-10-07 07:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-11-17 12:19 - 2014-10-07 07:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-11-17 12:19 - 2014-10-07 07:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-17 12:19 - 2014-10-07 07:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-11-17 12:19 - 2014-10-07 07:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-17 12:19 - 2014-10-07 04:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-17 12:19 - 2014-10-07 04:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-17 12:19 - 2014-10-07 04:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-17 12:19 - 2014-10-07 02:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-17 12:19 - 2014-10-07 02:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-17 12:19 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-17 12:19 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-17 12:18 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-11-17 12:18 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-11-17 12:18 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-11-17 12:18 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-11-17 12:18 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-11-17 12:18 - 2014-10-31 06:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-11-17 12:18 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-11-17 12:18 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-17 12:18 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-17 12:18 - 2014-10-31 06:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-17 12:18 - 2014-10-31 06:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-11-17 12:18 - 2014-10-31 06:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-11-17 12:18 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-17 12:18 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-17 12:18 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-11-17 12:18 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-11-17 12:18 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-11-17 12:18 - 2014-10-31 05:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-17 12:18 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-11-17 12:18 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-11-17 12:18 - 2014-10-31 05:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-17 12:18 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-11-17 12:18 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-11-17 12:18 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-17 12:18 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-17 12:18 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-17 12:18 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-11-17 12:18 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-11-17 12:18 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-17 12:18 - 2014-10-31 05:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-17 12:18 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-11-17 12:18 - 2014-10-31 05:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-11-17 12:18 - 2014-10-31 05:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-17 12:18 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-11-17 12:18 - 2014-10-31 05:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-11-17 12:18 - 2014-10-31 05:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-11-17 12:18 - 2014-10-31 05:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-17 12:18 - 2014-10-31 05:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-17 12:18 - 2014-10-31 05:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-17 12:18 - 2014-10-31 05:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-17 12:18 - 2014-10-31 04:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-17 12:18 - 2014-10-31 04:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-17 12:18 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-17 12:18 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-11-17 12:18 - 2014-10-31 04:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-17 12:18 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-11-17 12:18 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-11-17 12:18 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-17 12:18 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-17 12:18 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-17 12:18 - 2014-10-31 04:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-11-17 12:18 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-11-17 12:18 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-17 12:18 - 2014-10-31 04:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-11-17 12:18 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-17 12:18 - 2014-10-31 04:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-11-17 12:18 - 2014-10-31 04:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-11-17 12:18 - 2014-10-31 04:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-17 12:18 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-17 12:18 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-17 12:18 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-17 12:18 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-11-17 12:18 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-11-17 12:18 - 2014-10-31 04:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-17 12:18 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-17 12:18 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-17 12:18 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-17 12:18 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-17 12:18 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-17 12:18 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-11-17 12:18 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-17 12:18 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-11-17 12:18 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-17 12:18 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-17 12:18 - 2014-10-31 03:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-17 12:18 - 2014-10-31 03:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-11-17 12:18 - 2014-10-31 03:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-17 12:18 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-11-17 12:18 - 2014-10-31 03:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-17 12:18 - 2014-10-31 03:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-11-17 12:18 - 2014-10-31 03:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-11-17 12:18 - 2014-10-31 03:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-17 12:18 - 2014-10-31 03:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-17 12:18 - 2014-10-31 03:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-17 12:18 - 2014-10-31 03:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-17 12:18 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-17 12:18 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-17 12:18 - 2014-10-31 03:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-17 12:18 - 2014-10-31 03:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-17 12:18 - 2014-10-31 03:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-11-17 12:18 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-17 12:18 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-17 12:18 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-17 12:18 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-17 12:18 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-17 12:18 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-11-17 12:18 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-17 12:18 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-17 12:18 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-17 12:18 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-11-17 12:18 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-11-17 12:18 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-17 12:18 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-17 12:18 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-17 12:18 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-17 12:18 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-17 12:18 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-17 12:18 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-17 12:17 - 2014-10-18 10:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-11-17 12:17 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-11-17 12:17 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-11-17 12:17 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-11-17 12:17 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-11-17 12:17 - 2014-10-18 07:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-11-17 12:17 - 2014-10-18 07:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-11-17 12:17 - 2014-10-18 07:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-11-17 12:17 - 2014-10-18 07:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-17 12:17 - 2014-10-18 07:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-11-17 12:17 - 2014-10-18 07:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-11-17 12:17 - 2014-10-18 07:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-11-17 12:17 - 2014-10-18 07:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-11-17 12:17 - 2014-10-18 07:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-11-17 12:17 - 2014-10-18 07:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-11-17 12:17 - 2014-10-18 07:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-11-15 19:18 - 2014-11-15 19:18 - 00017388 _____ () C:\Users\Frank\Downloads\Formular(1).zip
2014-11-15 16:49 - 2014-11-17 11:30 - 00000000 ____D () C:\ProgramData\Intel.sav
2014-11-15 16:43 - 2014-11-15 16:43 - 00664768 _____ (Copyright© 2012-2013 Intel Corporation. All rights reserved.) C:\Users\Frank\Downloads\Intel(R) WiDi Update Tool(1).exe
2014-11-15 16:41 - 2014-11-15 16:41 - 05353024 _____ () C:\Users\Frank\Downloads\SETUP_Win81_Updater_02(1).exe
2014-11-11 09:01 - 2014-11-30 11:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 10:37 - 2014-11-10 10:37 - 11666104 _____ () C:\Users\Frank\Downloads\moziloCMS_Backup_Include_catpage_layouts_plugins_docu_2014_11_10_10-37-11.zip
2014-11-10 10:36 - 2014-11-10 10:36 - 02361037 _____ () C:\Users\Frank\Downloads\moziloCMS_Backup_Include_layouts_2014_11_10_10-36-49.zip
2014-11-09 18:17 - 2014-11-09 18:52 - 176370030 _____ () C:\Users\Frank\Downloads\Kamera-Uploads.zip
2014-11-08 11:21 - 2014-11-08 11:22 - 00001734 _____ () C:\Users\Frank\Desktop\BVB.lnk
2014-11-07 14:32 - 2014-11-07 14:32 - 00000000 ____D () C:\Users\Frank\AppData\Local\GHISLER
2014-11-07 14:30 - 2014-11-07 17:06 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\GHISLER
2014-11-07 14:30 - 2014-11-07 14:30 - 00000811 _____ () C:\Users\Public\Desktop\Total Commander 64 bit.lnk
2014-11-07 14:30 - 2014-11-07 14:30 - 00000799 _____ () C:\Users\Public\Desktop\Total Commander.lnk
2014-11-07 14:30 - 2014-11-07 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2014-11-07 14:27 - 2014-11-07 14:27 - 01125200 _____ () C:\Users\Frank\Downloads\Total Commander - CHIP-Installer.exe
2014-11-06 17:52 - 2014-11-06 17:52 - 00000000 ____D () C:\Users\Frank\Downloads\1.12_collektion(1)
2014-11-06 17:51 - 2014-11-06 17:52 - 04519421 _____ () C:\Users\Frank\Downloads\1.12_collektion(1).zip
2014-11-06 09:34 - 2014-11-06 09:34 - 00007269 _____ () C:\Users\Frank\Downloads\jQbackstretch.zip
2014-11-05 11:45 - 2014-11-05 11:45 - 10995296 _____ (Deutsche Telekom AG, Marmiko IT-Solutions GmbH ) C:\Users\Frank\Downloads\netzmanager_setup.exe
2014-11-04 16:36 - 2014-11-04 16:36 - 00000000 ____D () C:\Users\Frank\Documents\NewBlueFX
2014-11-04 16:36 - 2014-11-04 16:36 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Titler
2014-11-04 09:54 - 2014-11-04 09:54 - 00000000 ____D () C:\WINDOWS\system32\config\RegBack 2014-11-04 09-30-30
2014-11-04 09:54 - 2014-11-04 09:54 - 00000000 ____D () C:\Users\UpdatusUser\RegBack 2014-11-04 09-30-30
2014-11-04 09:54 - 2014-11-04 09:54 - 00000000 ____D () C:\Users\Frank\RegBack 2014-11-04 09-30-30
2014-11-04 09:48 - 2014-11-04 09:48 - 00070152 _____ (simplitec GmbH) C:\WINDOWS\system32\RegDefragNT.exe
2014-11-04 09:25 - 2014-11-04 09:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2014-11-03 18:33 - 2014-11-03 18:38 - 139167091 _____ () C:\Users\Frank\Downloads\Mit dem Rollstuhl duch den Harz_ Teil 1 - Torfhaus.mp4
2014-11-03 16:45 - 2014-11-03 16:45 - 00000000 ____D () C:\Users\Public\Documents\MAGIX
2014-11-03 15:40 - 2014-11-03 15:40 - 03033136 _____ (MAGIX Software GmbH) C:\Users\Frank\Downloads\videodeluxe2015plus_dlm.exe
2014-10-31 12:01 - 2014-10-31 12:02 - 06126536 _____ (Tim Kosse) C:\Users\Frank\Downloads\FileZilla_3.9.0.6_win32-setup.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-30 12:51 - 2014-08-23 11:34 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-30 12:38 - 2013-07-17 08:45 - 00000000 ____D () C:\Users\Frank\Documents\1 Exel Tabellen
2014-11-30 12:23 - 2013-07-13 18:09 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-348412604-1390753195-2502655749-1002
2014-11-30 12:03 - 2013-12-29 13:30 - 01762123 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-30 12:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-30 11:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-11-30 11:43 - 2013-08-11 08:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2014-11-30 11:03 - 2013-09-21 17:00 - 00000946 _____ () C:\Users\Frank\Desktop\Revo Uninstaller.lnk
2014-11-30 09:10 - 2013-07-19 11:07 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\FileZilla
2014-11-30 09:09 - 2013-11-14 08:27 - 01789004 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-30 09:09 - 2013-11-14 08:11 - 00768888 _____ () C:\WINDOWS\system32\perfh007.dat
2014-11-30 09:09 - 2013-11-14 08:11 - 00160706 _____ () C:\WINDOWS\system32\perfc007.dat
2014-11-29 19:49 - 2013-09-26 15:00 - 00000000 ____D () C:\Program Files (x86)\StarMoney 9.0
2014-11-29 19:48 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-11-29 09:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-29 09:09 - 2014-03-12 17:39 - 00000000 ___DO () C:\Users\Frank\SkyDrive
2014-11-29 09:09 - 2013-08-02 10:44 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Dropbox
2014-11-28 19:57 - 2014-07-07 16:33 - 00000000 ____D () C:\Users\Frank\AppData\Local\Adobe
2014-11-28 09:15 - 2014-01-07 18:43 - 00000000 ____D () C:\Users\Frank\Documents\2014
2014-11-27 10:51 - 2013-12-29 13:30 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-27 10:51 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-27 10:50 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-27 10:47 - 2013-07-21 11:43 - 00000000 ____D () C:\Users\Frank\Documents\PDF
2014-11-26 10:47 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-26 10:05 - 2013-11-13 23:18 - 00093416 _____ () C:\WINDOWS\PFRO.log
2014-11-26 10:03 - 2013-12-29 13:34 - 00000000 ____D () C:\Users\Frank
2014-11-25 11:15 - 2013-07-18 09:29 - 00033792 _____ () C:\Users\Frank\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-24 16:29 - 2013-08-22 15:46 - 00362370 _____ () C:\WINDOWS\setupact.log
2014-11-24 10:02 - 2013-07-18 10:50 - 04205568 ___SH () C:\Users\Frank\Downloads\Thumbs.db
2014-11-23 11:38 - 2013-07-21 10:40 - 00000000 ____D () C:\Users\Frank\Documents\2012
2014-11-23 09:30 - 2012-11-08 05:49 - 00038350 _____ () C:\WINDOWS\DirectX.log
2014-11-20 21:51 - 2013-08-22 16:38 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-20 21:51 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-20 09:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-19 12:22 - 2013-07-17 17:32 - 00000000 ____D () C:\Users\Frank\Documents\BVB
2014-11-19 08:42 - 2013-08-22 15:44 - 00761792 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-18 20:09 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-18 20:09 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-18 20:09 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-18 20:09 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-18 20:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-18 20:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-18 20:08 - 2013-07-19 09:25 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-18 20:05 - 2013-07-14 07:53 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-18 12:04 - 2013-09-27 08:45 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\GLS Vereinsmeister
2014-11-17 13:45 - 2013-07-25 16:00 - 00005607 _____ () C:\WirelessDiagLog.csv
2014-11-17 11:33 - 2014-08-23 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-17 11:31 - 2012-11-08 05:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-11-17 11:30 - 2014-08-23 11:34 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-17 11:30 - 2013-07-31 18:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2014-11-17 11:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\registration
2014-11-17 11:19 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-11-17 11:16 - 2014-08-06 11:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-17 11:16 - 2012-11-08 05:33 - 00000000 ____D () C:\ProgramData\Intel
2014-11-17 11:16 - 2012-11-08 05:33 - 00000000 ____D () C:\Program Files\Intel
2014-11-15 16:50 - 2013-08-30 18:59 - 00000000 ____D () C:\Users\RYU
2014-11-15 16:50 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2014-11-15 16:49 - 2012-11-08 05:33 - 00025958 _____ () C:\WINDOWS\DPINST.LOG
2014-11-09 08:39 - 2012-12-04 07:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-11-09 08:39 - 2012-12-04 07:45 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-11-08 11:21 - 2013-07-31 13:57 - 00045568 ___SH () C:\Users\Frank\Desktop\Thumbs.db
2014-11-07 19:34 - 2014-08-06 11:20 - 00001160 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-07 19:34 - 2013-07-14 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-07 19:34 - 2013-07-14 17:33 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-06 10:58 - 2013-07-15 10:24 - 00247632 _____ () C:\Users\Frank\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-06 08:37 - 2014-10-30 17:02 - 00000376 _____ () C:\WINDOWS\Tasks\simplitec Power Suite.job
2014-11-05 10:07 - 2013-07-14 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-11-05 10:07 - 2013-07-14 15:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-04 17:43 - 2013-07-18 09:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2014-11-04 11:50 - 2012-07-26 06:26 - 00000167 _____ () C:\WINDOWS\win.ini
2014-11-04 09:55 - 2013-08-22 14:25 - 91750400 _____ () C:\WINDOWS\system32\config\SOFTWARE.bak
2014-11-04 09:55 - 2013-08-22 14:25 - 13893632 _____ () C:\WINDOWS\system32\config\SYSTEM.bak
2014-11-04 09:55 - 2013-08-22 14:25 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2014-11-04 09:53 - 2013-08-22 14:25 - 00524288 _____ () C:\WINDOWS\system32\config\DEFAULT.bak
2014-11-04 09:53 - 2013-08-22 14:25 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.bak
2014-11-04 09:30 - 2013-07-19 12:32 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\MAGIX
2014-11-04 09:30 - 2012-12-04 07:41 - 00000000 ____D () C:\ProgramData\MAGIX
2014-11-03 16:45 - 2013-07-19 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-10-31 12:02 - 2013-07-19 11:07 - 00001074 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk

Some content of TEMP:
====================
C:\Users\Frank\AppData\Local\Temp\avgnt.exe
C:\Users\Frank\AppData\Local\Temp\ChangeIcon.exe
C:\Users\Frank\AppData\Local\Temp\CIB1C25.tmp.exe
C:\Users\Frank\AppData\Local\Temp\CIB6CC4.tmp.exe
C:\Users\Frank\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzj4yne.dll
C:\Users\Frank\AppData\Local\Temp\icqsetup.exe
C:\Users\Frank\AppData\Local\Temp\mpam-54ba7f35.exe
C:\Users\Frank\AppData\Local\Temp\npp.6.5.4.Installer.exe
C:\Users\Frank\AppData\Local\Temp\npp.6.5.5.Installer.exe
C:\Users\Frank\AppData\Local\Temp\npp.6.6.6.Installer.exe
C:\Users\Frank\AppData\Local\Temp\npp.6.6.7.Installer.exe
C:\Users\Frank\AppData\Local\Temp\npp.6.6.9.Installer.exe
C:\Users\Frank\AppData\Local\Temp\Quarantine.exe
C:\Users\Frank\AppData\Local\Temp\sqlite3.dll
C:\Users\Frank\AppData\Local\Temp\UNNeroVision.exe
C:\Users\Frank\AppData\Local\Temp\Update_Simplitec_PowerSuite_1.5.2.2de_DE.exe
C:\Users\Frank\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Frank\AppData\Local\Temp\_is84C7.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-30 03:45

==================== End Of Log ============================

--- --- ---

--- --- ---

Ich bedanke mich erneut für die professionelle Hilfe und wünsche einen schönen 1. Advent

Mein Rechner ist wieder clean. ;-)

schrauber · 30.11.2014, 17:59

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

28.11.2014, 08:46	#8
schrauber /// the machine /// TB-Ausbilder	Malwarebytes Anti-Malware meldet beim Scan Funde! Java und Adobe updaten. Das Log von ESET sollte genau dort zu finden sein. Was wurde denn gefunden? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Malwarebytes Anti-Malware meldet beim Scan Funde!

Plagegeister aller Art und deren Bekämpfung: Malwarebytes Anti-Malware meldet beim Scan Funde!