rvzr-a.akamaihd.net virus auf dem rechner

frama63 · 22.11.2013, 16:39

hallo wertes team
habe seit kurzem den rvzr-a.akamaihd.net auf meinem windows 8 rechner, mit den bekannten problemen, dass werbung eingeblendet und man popups bekommt
wuerde mich sehr freuen, wenn ihr mir weiterhelfen koennt

danke und beste gruesse
frank

aharonov · 23.11.2013, 03:56

Hallo Frank,

mach bitte einen FRST-Scan:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

frama63 · 24.11.2013, 08:53

hallo leo
erst mal vielen dank fuer die hilfe

hier die frst datei
FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2013 03
Ran by Frank (administrator) on BODEGA_MARUCCIA on 24-11-2013 08:28:08
Running from C:\Users\Frank\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SERVEREXP2008\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney Business 6.0\ouservice\StarMoneyOnlineUpdate.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Pokki) C:\Users\Frank\AppData\Local\Pokki\Engine\pokki.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Pokki) C:\Users\Frank\AppData\Local\Pokki\Engine\pokki.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Copernic Inc.) C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearch.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Copernic Inc.) C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Pokki) C:\Users\Frank\AppData\Local\Pokki\Engine\pokki.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mirko Böer) C:\Program Files\SuperMailer\sm.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Frank\Downloads\FRST64 (3).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2872176 2012-10-09] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-09-29] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-09-29] (Atheros Communications)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKCU\...\Run: [HP Officejet Pro 8600 (NET)] - C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKCU\...\Run: [Pokki] - C:\windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
HKCU\...\Run: [Copernic Desktop Search - Home] - C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe [1692200 2013-01-28] (Copernic Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [AppEx Accelerator UI] - C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe [1000288 2012-05-22] (AppEx Networks Corporation)
HKCU\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1315144 2013-09-04] (Apple Inc.)
HKCU\...\Run: [BackgroundContainer] - "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Frank\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKCU\...\RunOnce: [Application Restart #5] - C:\Users\Frank\AppData\Local\Pokki\Engine\pokki.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Frank\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --flag-switches-begin --flag-switches-end --restore-last-session [8252744 2013-11-01] (Pokki)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [AllShareAgent] - C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-01-19] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-10-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [606024 2013-09-19] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
AppInit_DLLs: C:\Windows\System32\    [0 ] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
URLSearchHook: HKLM-x32 - RadioTotal1 Toolbar - {422f7661-9403-4da4-b4ef-cc3e268817b5} - C:\Program Files (x86)\RadioTotal1\prxtbRadi.dll (Conduit Ltd.)
URLSearchHook: HKCU - RadioTotal1 Toolbar - {422f7661-9403-4da4-b4ef-cc3e268817b5} - C:\Program Files (x86)\RadioTotal1\prxtbRadi.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 
SearchScopes: HKLM - {CE5A0938-A9F2-4A8B-B1A8-3A688B23C7DF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - {CE5A0938-A9F2-4A8B-B1A8-3A688B23C7DF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - DefaultScope {41E3EBB7-1E81-4672-8597-63F4ED4807EE} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3317892&CUI=UN24908529903248031&UM=2
SearchScopes: HKCU - {41E3EBB7-1E81-4672-8597-63F4ED4807EE} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3317892&CUI=UN24908529903248031&UM=2
SearchScopes: HKCU - {8A45B80F-B0E1-432F-90AB-1A7FA99091FF} URL = hxxp://search.certified-toolbar.com?si=42820&st=bs&tid=3347&q={searchTerms}
SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = 
SearchScopes: HKCU - {CE5A0938-A9F2-4A8B-B1A8-3A688B23C7DF} URL = 
BHO: Plus-HD-3.8 - {11111111-1111-1111-1111-110311901130} - C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-bho64.dll (Plus HD)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Plus-HD-3.8 - {11111111-1111-1111-1111-110311901130} - C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-bho.dll (Plus HD)
BHO-x32: RadioTotal1 Toolbar - {422f7661-9403-4da4-b4ef-cc3e268817b5} - C:\Program Files (x86)\RadioTotal1\prxtbRadi.dll (Conduit Ltd.)
BHO-x32: visualbee Helper Object - {66F57190-01EB-45A6-8260-7895267209F7} - C:\Program Files (x86)\visualbee\visualbee\1.8.9.1\bh\visualbee.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: HomeTab - {9fdfb66c-713b-4201-83a6-5b78ae227b41} - C:\Users\Frank\AppData\Roaming\HomeTab\HomeTab.dll No File
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Web Optimizer - {bbb1d54d-cf70-4a80-bf2f-3bafca0225ce} - C:\Program Files (x86)\Web Optimizer\weboptimizer.dll (Web Optimizer)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - HomeTab - {9fdfb66c-713b-4201-83a6-5b78ae227b41} - C:\Users\Frank\AppData\Roaming\HomeTab\HomeTab.dll No File
Toolbar: HKLM-x32 - visualbee Toolbar - {610AF794-9293-4129-9FAF-A81BBDFBFA14} - C:\Program Files (x86)\visualbee\visualbee\1.8.9.1\visualbeeTlbr.dll No File
Toolbar: HKLM-x32 - RadioTotal1 Toolbar - {422f7661-9403-4da4-b4ef-cc3e268817b5} - C:\Program Files (x86)\RadioTotal1\prxtbRadi.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Toolbar: HKCU - No Name - {422F7661-9403-4DA4-B4EF-CC3E268817B5} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\xh8uu50j.default
FF Homepage: about:home
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3317892&SearchSource=2&CUI=UN24468670721935620&UM=2&q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Plus-HD-3.8 - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\xh8uu50j.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com
FF Extension: vis - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\xh8uu50j.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
FF Extension: HomeTab - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\xh8uu50j.default\Extensions\{9c72a7f0-9ced-4876-80b8-2cebdc068f07}
FF Extension: No Name - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\xh8uu50j.default\Extensions\WTB_GLOBAL.sqlite
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [{ff0f24dd-184a-42ca-9ce8-8ca6184fd0ac}] - C:\Program Files (x86)\Web Optimizer\weboptimizer.xpi
FF Extension: No Name - C:\Program Files (x86)\Web Optimizer\weboptimizer.xpi
FF HKCU\...\Firefox\Extensions: [{57319509-7821-41B0-9FDF-3B58F146AE33}] - c:\program files (x86)\copernic desktop search - home\firefoxconnector
FF Extension: Copernic Desktop Search - Search Firefox content - c:\program files (x86)\copernic desktop search - home\firefoxconnector

Chrome: 
=======
CHR RestoreOnStartup: "hxxp://www.google.de/", "hxxp://www.maruccia.com/", "about:newtab?source=home"
CHR DefaultSearchURL: (google.de) - hxxp://www.google.de/search?hl=de&tbo=d&output=search&sclient=psy-ab&q={searchTerms}&btnG=
CHR DefaultSuggestURL: (google.de) -       "suggest_url": "",
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Wallet) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM-x32\...\Chrome\Extension: [afjadpgpmmloiaibmijliigmaokkejnk] - C:\Program Files (x86)\Web Optimizer\weboptimizer.crx
CHR HKLM-x32\...\Chrome\Extension: [cfigonhgidedenkkhlilmefgodjpefna] - C:\Users\Frank\AppData\Local\CRE\cfigonhgidedenkkhlilmefgodjpefna.crx
CHR HKLM-x32\...\Chrome\Extension: [npgpgjiajblpbldjkelafjjhfjcddlba] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-29] (Qualcomm Atheros Commnucations)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-09-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-09-19] (BlueStack Systems, Inc.)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-08-26] (Samsung Electronics CO., LTD.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [90992 2012-10-09] (ELAN Microelectronics Corp.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MSSQL$SERVEREXP2008; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SERVEREXP2008\MSSQL\Binn\sqlservr.exe [43028328 2011-09-22] (Microsoft Corporation)
S3 Samsung UPD Service2; C:\windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics)
S4 SQLAgent$SERVEREXP2008; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SERVEREXP2008\MSSQL\Binn\SQLAGENT.EXE [370024 2011-09-22] (Microsoft Corporation)
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2013-10-11] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 StarMoney Business 6.0 OnlineUpdate; C:\Program Files (x86)\StarMoney Business 6.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2013-10-11] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-29] (Atheros)

==================== Drivers (Whitelisted) ====================

R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-18] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106904 2013-11-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132600 2013-11-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-09-19] (BlueStack Systems)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-29] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [610136 2012-11-15] (Kaspersky Lab)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-10-08] (Windows (R) 2003 DDK 3790 provider)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [89944 2012-11-15] (Kaspersky Lab)
S3 SBIOSIO; \??\C:\Users\Frank\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [x]
S3 UCORESYS; \??\C:\windiag\ReadDMI8\UCORESYS.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-24 08:29 - 2013-11-24 08:29 - 00057489 _____ C:\Users\Frank\Desktop\FRST.txt
2013-11-24 08:28 - 2013-11-24 08:28 - 00024977 _____ C:\Users\Frank\Downloads\FRST.txt
2013-11-23 20:27 - 2013-11-23 20:30 - 00033174 _____ C:\Users\Frank\Downloads\Addition.txt
2013-11-23 20:25 - 2013-11-23 20:25 - 00000000 ____D C:\FRST
2013-11-23 20:24 - 2013-11-23 20:24 - 01958396 _____ (Farbar) C:\Users\Frank\Downloads\FRST64 (3).exe
2013-11-23 20:24 - 2013-11-23 20:24 - 01958396 _____ (Farbar) C:\Users\Frank\Downloads\FRST64 (2).exe
2013-11-23 20:24 - 2013-11-23 20:24 - 01958396 _____ (Farbar) C:\Users\Frank\Downloads\FRST64 (1).exe
2013-11-23 20:23 - 2013-11-23 20:23 - 01958396 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe
2013-11-22 15:38 - 2013-11-22 15:38 - 04101441 _____ C:\Users\Frank\Downloads\tdsskiller.zip
2013-11-22 15:38 - 2013-11-22 15:38 - 04101441 _____ C:\Users\Frank\Downloads\tdsskiller (1).zip
2013-11-22 15:36 - 2013-11-22 15:36 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Frank\Downloads\tdsskiller.exe
2013-11-22 06:19 - 2013-11-22 06:19 - 00002095 _____ C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2013-11-20 10:18 - 2013-11-20 10:18 - 00002239 _____ C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pixsta.lnk
2013-11-19 16:23 - 2013-11-19 16:24 - 04979632 _____ C:\windows\system32\FNTCACHE.DAT
2013-11-19 13:53 - 2013-11-19 13:53 - 00001941 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-19 13:53 - 2013-11-19 13:53 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-19 13:50 - 2013-11-19 13:50 - 01034531 _____ (Thisisu) C:\Users\Frank\Downloads\JRT (1).exe
2013-11-19 13:49 - 2013-11-19 13:49 - 00000000 ____D C:\windows\ERUNT
2013-11-19 13:48 - 2013-11-19 13:49 - 01034531 _____ (Thisisu) C:\Users\Frank\Downloads\JRT.exe
2013-11-18 12:14 - 2013-11-18 12:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 12:13 - 2013-11-18 13:28 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-18 12:13 - 2013-11-18 12:13 - 00116440 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2013-11-18 12:12 - 2013-11-18 13:28 - 00000000 ____D C:\Users\Frank\Desktop\mbar
2013-11-18 12:12 - 2013-11-18 12:12 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Frank\Downloads\mbar-1.07.0.1007.exe
2013-11-18 12:12 - 2013-11-18 12:12 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2013-11-16 11:14 - 2013-11-16 11:14 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-11-16 10:55 - 2013-11-05 23:58 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-11-16 10:55 - 2013-11-05 23:58 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-16 10:17 - 2013-11-16 10:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 15:14 - 2013-11-15 15:14 - 00018117 _____ C:\Users\Frank\Documents\versandliste-porsche.odt
2013-11-15 12:12 - 2013-11-15 12:12 - 00001793 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-15 12:11 - 2013-11-15 12:12 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-15 12:11 - 2013-11-15 12:12 - 00000000 ____D C:\Program Files\iTunes
2013-11-15 12:11 - 2013-11-15 12:12 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-15 12:11 - 2013-11-15 12:11 - 00000000 ____D C:\Program Files\iPod
2013-11-15 10:50 - 2013-11-19 13:50 - 00000000 ____D C:\Users\Frank\AppData\Roaming\XnView
2013-11-15 10:50 - 2013-11-15 10:50 - 00000925 _____ C:\Users\Frank\Desktop\XnView.lnk
2013-11-15 10:49 - 2013-11-15 10:49 - 00000000 ____D C:\Program Files (x86)\XnView
2013-11-15 10:45 - 2013-11-15 10:48 - 15211760 _____ (Gougelet Pierre-e                                           ) C:\Users\Frank\Downloads\XnView-win-full_2.05.exe
2013-11-15 10:42 - 2013-11-15 10:42 - 00002656 _____ C:\Users\Frank\AppData\Local\recently-used.xbel
2013-11-14 08:55 - 2013-11-14 08:55 - 00001957 _____ C:\Users\Public\Desktop\Sonos.lnk
2013-11-13 09:53 - 2013-10-10 12:53 - 00096600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2013-11-13 09:53 - 2013-10-10 10:21 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-11-13 09:53 - 2013-10-10 10:20 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2013-11-13 09:53 - 2013-09-14 02:15 - 00059416 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2013-11-13 09:53 - 2013-09-13 23:36 - 00628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2013-11-13 09:53 - 2013-09-13 23:36 - 00247296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2013-11-13 09:53 - 2013-09-13 23:36 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2013-11-13 09:53 - 2013-09-13 23:36 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2013-11-13 09:53 - 2013-09-13 23:36 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2013-11-13 09:53 - 2013-09-13 23:34 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2013-11-13 09:53 - 2013-09-13 23:33 - 03279360 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 01622016 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00773120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00328192 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00252928 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2013-11-13 09:53 - 2013-08-30 06:43 - 00061784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\crashdmp.sys
2013-11-13 09:53 - 2013-08-30 06:20 - 01173504 _____ (Microsoft Corporation) C:\windows\system32\UIAutomationCore.dll
2013-11-13 09:53 - 2013-08-30 00:48 - 00914432 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAutomationCore.dll
2013-11-13 09:53 - 2013-08-21 07:39 - 00465240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2013-11-13 09:53 - 2013-08-10 07:30 - 00151896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2013-11-13 09:53 - 2013-08-10 06:21 - 00817152 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2013-11-13 09:53 - 2013-08-10 04:58 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2013-11-13 09:53 - 2013-07-25 00:10 - 10799104 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2013-11-13 09:53 - 2013-07-25 00:07 - 13661696 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2013-11-13 09:53 - 2013-07-12 02:38 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2013-11-13 09:53 - 2013-07-12 02:30 - 00485376 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2013-11-13 09:52 - 2013-10-03 00:25 - 01300992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-11-13 09:52 - 2013-10-02 00:37 - 01569280 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2013-11-13 09:52 - 2013-10-02 00:26 - 01890816 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-11-13 09:52 - 2013-10-01 23:22 - 01022976 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2013-11-13 09:52 - 2013-09-23 23:30 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-11-13 09:52 - 2013-09-23 23:30 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2013-11-13 09:52 - 2013-09-04 04:11 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2013-11-13 09:52 - 2013-08-23 08:22 - 02062848 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2013-11-13 09:52 - 2013-08-23 02:44 - 01711616 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2013-11-13 09:51 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-13 09:51 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-13 09:51 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-13 09:51 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-13 09:51 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-13 09:51 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-13 09:51 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-13 09:51 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-13 09:51 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-13 09:51 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-13 09:51 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-13 09:50 - 2013-10-02 00:37 - 02035712 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2013-11-13 09:50 - 2013-10-02 00:26 - 02304512 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-11-11 17:18 - 2013-11-11 17:18 - 00001091 _____ C:\Users\Frank\Downloads\Bilder - Verknüpfung.lnk
2013-11-11 14:04 - 2013-11-11 14:04 - 01116492 _____ C:\Users\Frank\Downloads\codestyling-localization.1.99.30.zip
2013-11-11 14:01 - 2013-11-11 14:01 - 00023749 _____ C:\Users\Frank\Documents\sdfks.html
2013-11-07 17:14 - 2013-11-07 17:14 - 00000200 _____ C:\Users\Frank\Documents\wordpress.txt
2013-11-07 16:15 - 2013-11-07 16:15 - 00010451 _____ C:\Users\Frank\Downloads\woocommerce-min-max-quantities.zip
2013-11-06 16:38 - 2013-11-06 16:38 - 00466494 _____ C:\Users\Frank\Documents\maruccia_stempel.eps
2013-11-05 12:07 - 2013-11-05 12:07 - 00001490 _____ C:\Users\Frank\Documents\signatur-club-4.html
2013-11-05 12:03 - 2013-11-12 10:04 - 00002184 _____ C:\Users\Frank\Documents\signatur-club-3.html
2013-11-05 12:01 - 2013-11-05 12:02 - 00002232 _____ C:\Users\Frank\Documents\signatur-club-2.html
2013-11-05 11:17 - 2013-11-04 14:23 - 00028508 _____ C:\Users\Frank\Documents\versanduebersicht-mitgliederuebersicht.xls_1.ods
2013-11-05 11:15 - 2013-11-05 11:15 - 00024576 _____ C:\Users\Frank\Documents\analiticas BISK BALEARIC.xls
2013-11-04 14:05 - 2013-11-04 14:05 - 104867914 _____ C:\windows\SysWOW64\┾ꅛLŔ
2013-11-03 13:42 - 2013-11-03 13:47 - 00000000 ____D C:\Users\Frank\Documents\NewsletterDesigner
2013-11-03 13:42 - 2013-11-03 13:42 - 00000000 ____D C:\Users\Frank\AppData\Roaming\mresreg
2013-11-03 13:42 - 2013-11-03 13:42 - 00000000 ____D C:\Users\Frank\AppData\Roaming\IN-MEDIAKG
2013-11-03 13:39 - 2013-11-22 13:39 - 00001328 _____ C:\windows\Tasks\Plus-HD-3.8-updater.job
2013-11-03 13:39 - 2013-11-22 13:39 - 00001130 _____ C:\windows\Tasks\Plus-HD-3.8-enabler.job
2013-11-03 13:39 - 2013-11-11 13:50 - 00000000 ____D C:\Program Files (x86)\NewsletterDesigner
2013-11-03 13:39 - 2013-11-03 13:39 - 00004332 _____ C:\windows\System32\Tasks\Plus-HD-3.8-updater
2013-11-03 13:39 - 2013-11-03 13:39 - 00004134 _____ C:\windows\System32\Tasks\Plus-HD-3.8-enabler
2013-11-03 13:39 - 2013-11-03 13:39 - 00001153 _____ C:\Users\Frank\Desktop\NewsletterDesigner.lnk
2013-11-03 13:39 - 2013-11-03 13:39 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Windows Net Data
2013-11-03 13:39 - 2013-11-03 13:39 - 00000000 ____D C:\Program Files (x86)\Web Optimizer
2013-11-03 13:39 - 2013-11-03 13:39 - 00000000 ____D C:\Program Files (x86)\mresreg
2013-11-03 13:38 - 2013-11-22 13:43 - 00001938 _____ C:\windows\Tasks\Plus-HD-3.8-chromeinstaller.job
2013-11-03 13:38 - 2013-11-22 13:43 - 00001862 _____ C:\windows\Tasks\Plus-HD-3.8-firefoxinstaller.job
2013-11-03 13:38 - 2013-11-22 13:38 - 00001230 _____ C:\windows\Tasks\Plus-HD-3.8-codedownloader.job
2013-11-03 13:38 - 2013-11-03 13:39 - 00000000 ____D C:\Program Files (x86)\Plus-HD-3.8
2013-11-03 13:38 - 2013-11-03 13:38 - 00004234 _____ C:\windows\System32\Tasks\Plus-HD-3.8-codedownloader
2013-11-03 13:09 - 2013-11-03 13:09 - 00003370 _____ C:\windows\System32\Tasks\BackgroundContainer Startup Task
2013-11-03 13:08 - 2013-11-03 13:08 - 00000000 ____D C:\Users\Frank\AppData\Local\NativeMessaging
2013-11-03 13:08 - 2013-11-03 13:08 - 00000000 ____D C:\Users\Frank\AppData\Local\Conduit
2013-11-03 13:08 - 2013-11-03 13:08 - 00000000 ____D C:\ProgramData\Conduit
2013-11-03 13:08 - 2013-11-03 13:08 - 00000000 ____D C:\Program Files (x86)\RadioTotal1
2013-11-03 13:07 - 2013-11-03 13:08 - 00000000 ____D C:\Users\Frank\AppData\Local\CRE
2013-11-03 13:07 - 2013-11-03 13:08 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-11-03 12:59 - 2013-11-03 13:09 - 00000009 _____ C:\END
2013-11-03 12:59 - 2013-11-03 12:59 - 00000140 _____ C:\Users\Frank\Desktop\Amazon.url
2013-11-03 12:58 - 2013-11-03 13:40 - 00000000 ____D C:\Users\Frank\AppData\Local\DownloadGuide
2013-11-03 12:56 - 2013-11-03 12:57 - 00567144 _____ C:\Users\Frank\Downloads\nldsetup-Downloader.exe
2013-11-02 10:13 - 2013-11-02 10:13 - 00021434 _____ C:\Users\Frank\Documents\newsletter-test.html
2013-11-01 13:43 - 2013-11-01 13:43 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Nvu
2013-11-01 13:42 - 2013-11-01 13:43 - 00000000 ____D C:\Program Files (x86)\Nvu
2013-11-01 13:42 - 2013-11-01 13:42 - 06297003 _____ (Thorsten Fritz                                              ) C:\Users\Frank\Downloads\nvu-1.0-win32-installer-de-DE.exe
2013-11-01 13:37 - 2013-11-01 13:37 - 00000000 ____D C:\Users\Frank\Documents\mystical
2013-11-01 13:36 - 2013-11-01 13:36 - 00000000 ____D C:\Users\Frank\Documents\html-vorlage-mail
2013-11-01 12:35 - 2013-11-01 12:35 - 00001456 _____ C:\Users\Frank\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-10-31 14:52 - 2013-10-30 11:33 - 00028462 _____ C:\Users\Frank\Documents\versanduebersicht-mitgliederuebersicht.xls_0.ods
2013-10-31 11:12 - 2013-10-31 11:21 - 00000000 ____D C:\AdwCleaner
2013-10-31 11:12 - 2013-10-31 11:12 - 01060070 _____ C:\Users\Frank\Downloads\adwcleaner-3.010.exe
2013-10-31 10:58 - 2013-10-31 10:58 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Frank\Downloads\SpyHunter-Installer.exe
2013-10-30 12:41 - 2013-08-13 08:38 - 00032328 _____ C:\windows\Launcher.exe
2013-10-30 09:32 - 2013-10-30 09:32 - 00070656 _____ C:\Users\Frank\Documents\Bodega Maruccia 28.10.13.xls
2013-10-28 14:22 - 2013-10-28 14:22 - 00064000 _____ C:\Users\Frank\Documents\Maruccia1
2013-10-28 14:19 - 2013-10-28 14:19 - 103734365 _____ C:\windows\SysWOW64\楁烬Lŝ

==================== One Month Modified Files and Folders =======

2013-11-24 08:30 - 2012-12-28 12:56 - 00001140 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-24 08:29 - 2013-11-24 08:29 - 00057489 _____ C:\Users\Frank\Desktop\FRST.txt
2013-11-24 08:29 - 2013-11-24 08:28 - 00024977 _____ C:\Users\Frank\Downloads\FRST.txt
2013-11-24 08:29 - 2013-01-20 13:29 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Skype
2013-11-24 08:26 - 2012-12-24 17:30 - 00000000 ____D C:\Users\Frank\AppData\Local\Adobe
2013-11-24 08:22 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\sru
2013-11-24 03:23 - 2013-02-12 15:37 - 00000000 ____D C:\Users\Frank\AppData\Local\Pokki
2013-11-23 21:19 - 2012-08-29 03:55 - 01423744 _____ C:\windows\WindowsUpdate.log
2013-11-23 20:48 - 2013-05-17 20:11 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-11-23 20:30 - 2013-11-23 20:27 - 00033174 _____ C:\Users\Frank\Downloads\Addition.txt
2013-11-23 20:25 - 2013-11-23 20:25 - 00000000 ____D C:\FRST
2013-11-23 20:24 - 2013-11-23 20:24 - 01958396 _____ (Farbar) C:\Users\Frank\Downloads\FRST64 (3).exe
2013-11-23 20:24 - 2013-11-23 20:24 - 01958396 _____ (Farbar) C:\Users\Frank\Downloads\FRST64 (2).exe
2013-11-23 20:24 - 2013-11-23 20:24 - 01958396 _____ (Farbar) C:\Users\Frank\Downloads\FRST64 (1).exe
2013-11-23 20:23 - 2013-11-23 20:23 - 01958396 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe
2013-11-22 15:41 - 2012-12-31 16:41 - 00000000 ____D C:\Users\Frank\AppData\Local\CrashDumps
2013-11-22 15:38 - 2013-11-22 15:38 - 04101441 _____ C:\Users\Frank\Downloads\tdsskiller.zip
2013-11-22 15:38 - 2013-11-22 15:38 - 04101441 _____ C:\Users\Frank\Downloads\tdsskiller (1).zip
2013-11-22 15:36 - 2013-11-22 15:36 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Frank\Downloads\tdsskiller.exe
2013-11-22 14:29 - 2012-12-28 12:56 - 00001136 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-22 13:43 - 2013-11-03 13:38 - 00001938 _____ C:\windows\Tasks\Plus-HD-3.8-chromeinstaller.job
2013-11-22 13:43 - 2013-11-03 13:38 - 00001862 _____ C:\windows\Tasks\Plus-HD-3.8-firefoxinstaller.job
2013-11-22 13:39 - 2013-11-03 13:39 - 00001328 _____ C:\windows\Tasks\Plus-HD-3.8-updater.job
2013-11-22 13:39 - 2013-11-03 13:39 - 00001130 _____ C:\windows\Tasks\Plus-HD-3.8-enabler.job
2013-11-22 13:38 - 2013-11-03 13:38 - 00001230 _____ C:\windows\Tasks\Plus-HD-3.8-codedownloader.job
2013-11-22 12:03 - 2013-01-22 19:55 - 00000000 ____D C:\Users\Frank\AppData\Roaming\SuperMailer
2013-11-22 08:41 - 2013-06-23 17:38 - 00000000 ____D C:\Program Files (x86)\StarMoney Business 6.0
2013-11-22 06:19 - 2013-11-22 06:19 - 00002095 _____ C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2013-11-22 06:19 - 2013-01-23 12:51 - 00000000 ____D C:\Program Files (x86)\StarMoney 8.0
2013-11-21 23:08 - 2013-03-01 08:53 - 00089600 ___SH C:\Users\Frank\Documents\Thumbs.db
2013-11-21 23:00 - 2013-04-24 16:37 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0
2013-11-21 10:36 - 2013-10-16 09:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-21 10:36 - 2012-12-27 10:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-21 08:36 - 2012-08-29 20:12 - 02684562 _____ C:\windows\system32\perfh007.dat
2013-11-21 08:36 - 2012-08-29 20:12 - 00739004 _____ C:\windows\system32\perfc007.dat
2013-11-21 08:36 - 2012-07-26 08:28 - 00006048 _____ C:\windows\system32\PerfStringBackup.INI
2013-11-21 08:35 - 2012-07-26 09:12 - 00000000 ____D C:\windows\AUInstallAgent
2013-11-20 12:34 - 2012-12-30 11:31 - 518587392 _____ C:\Users\Frank\Documents\archive1.pst
2013-11-20 12:34 - 2012-12-27 17:05 - 00000000 ____D C:\Users\Frank\Documents\Outlook-Dateien
2013-11-20 10:18 - 2013-11-20 10:18 - 00002239 _____ C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pixsta.lnk
2013-11-19 16:33 - 2012-08-29 04:43 - 00000000 ____D C:\ProgramData\WinClon
2013-11-19 16:24 - 2013-11-19 16:23 - 04979632 _____ C:\windows\system32\FNTCACHE.DAT
2013-11-19 16:24 - 2012-07-26 08:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-11-19 16:23 - 2012-08-05 22:07 - 00835702 _____ C:\windows\PFRO.log
2013-11-19 16:22 - 2012-07-26 06:26 - 00524288 ___SH C:\windows\system32\config\BBI
2013-11-19 16:19 - 2013-05-10 21:20 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2013-11-19 16:19 - 2013-05-10 15:14 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2013-11-19 16:19 - 2013-05-10 15:14 - 00106904 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2013-11-19 16:19 - 2013-05-10 15:14 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2013-11-19 14:24 - 2012-12-24 17:23 - 00003594 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-484924946-752710417-643280108-1001
2013-11-19 13:53 - 2013-11-19 13:53 - 00001941 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-19 13:53 - 2013-11-19 13:53 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-19 13:50 - 2013-11-19 13:50 - 01034531 _____ (Thisisu) C:\Users\Frank\Downloads\JRT (1).exe
2013-11-19 13:50 - 2013-11-15 10:50 - 00000000 ____D C:\Users\Frank\AppData\Roaming\XnView
2013-11-19 13:49 - 2013-11-19 13:49 - 00000000 ____D C:\windows\ERUNT
2013-11-19 13:49 - 2013-11-19 13:48 - 01034531 _____ (Thisisu) C:\Users\Frank\Downloads\JRT.exe
2013-11-18 13:28 - 2013-11-18 12:13 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-18 13:28 - 2013-11-18 12:12 - 00000000 ____D C:\Users\Frank\Desktop\mbar
2013-11-18 12:20 - 2013-05-06 12:26 - 00001793 _____ C:\windows\SysWOW64\InstallUtil.InstallLog
2013-11-18 12:14 - 2013-11-18 12:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 12:13 - 2013-11-18 12:13 - 00116440 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2013-11-18 12:12 - 2013-11-18 12:12 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Frank\Downloads\mbar-1.07.0.1007.exe
2013-11-18 12:12 - 2013-11-18 12:12 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2013-11-16 16:45 - 2012-07-26 09:12 - 00000000 ____D C:\windows\rescache
2013-11-16 11:14 - 2013-11-16 11:14 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-11-16 11:14 - 2013-05-17 20:11 - 00003772 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-11-16 10:49 - 2012-07-26 09:12 - 00000000 ___RD C:\windows\ToastData
2013-11-16 10:49 - 2012-07-26 09:12 - 00000000 ____D C:\windows\WinStore
2013-11-16 10:17 - 2013-11-16 10:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 15:14 - 2013-11-15 15:14 - 00018117 _____ C:\Users\Frank\Documents\versandliste-porsche.odt
2013-11-15 14:51 - 2013-03-17 18:40 - 00000000 ____D C:\Users\Frank\.gimp-2.8
2013-11-15 12:12 - 2013-11-15 12:12 - 00001793 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-15 12:12 - 2013-11-15 12:11 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-15 12:12 - 2013-11-15 12:11 - 00000000 ____D C:\Program Files\iTunes
2013-11-15 12:12 - 2013-11-15 12:11 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-15 12:11 - 2013-11-15 12:11 - 00000000 ____D C:\Program Files\iPod
2013-11-15 10:50 - 2013-11-15 10:50 - 00000925 _____ C:\Users\Frank\Desktop\XnView.lnk
2013-11-15 10:49 - 2013-11-15 10:49 - 00000000 ____D C:\Program Files (x86)\XnView
2013-11-15 10:48 - 2013-11-15 10:45 - 15211760 _____ (Gougelet Pierre-e                                           ) C:\Users\Frank\Downloads\XnView-win-full_2.05.exe
2013-11-15 10:42 - 2013-11-15 10:42 - 00002656 _____ C:\Users\Frank\AppData\Local\recently-used.xbel
2013-11-14 08:56 - 2013-09-28 16:13 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2013-11-14 08:55 - 2013-11-14 08:55 - 00001957 _____ C:\Users\Public\Desktop\Sonos.lnk
2013-11-14 08:55 - 2013-09-28 16:13 - 00000000 ____D C:\Program Files (x86)\Sonos
2013-11-14 08:55 - 2012-12-28 10:06 - 00000000 ____D C:\Users\Frank\AppData\Local\Downloaded Installations
2013-11-13 10:42 - 2012-12-27 16:04 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-13 10:35 - 2013-08-14 07:37 - 00000000 ____D C:\windows\system32\MRT
2013-11-13 10:30 - 2012-12-28 09:34 - 82896128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-11-12 10:04 - 2013-11-05 12:03 - 00002184 _____ C:\Users\Frank\Documents\signatur-club-3.html
2013-11-11 17:18 - 2013-11-11 17:18 - 00001091 _____ C:\Users\Frank\Downloads\Bilder - Verknüpfung.lnk
2013-11-11 14:04 - 2013-11-11 14:04 - 01116492 _____ C:\Users\Frank\Downloads\codestyling-localization.1.99.30.zip
2013-11-11 14:01 - 2013-11-11 14:01 - 00023749 _____ C:\Users\Frank\Documents\sdfks.html
2013-11-11 13:50 - 2013-11-03 13:39 - 00000000 ____D C:\Program Files (x86)\NewsletterDesigner
2013-11-07 17:14 - 2013-11-07 17:14 - 00000200 _____ C:\Users\Frank\Documents\wordpress.txt
2013-11-07 16:15 - 2013-11-07 16:15 - 00010451 _____ C:\Users\Frank\Downloads\woocommerce-min-max-quantities.zip
2013-11-06 16:38 - 2013-11-06 16:38 - 00466494 _____ C:\Users\Frank\Documents\maruccia_stempel.eps
2013-11-05 23:58 - 2013-11-16 10:55 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-11-05 23:58 - 2013-11-16 10:55 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-05 16:21 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\NDF
2013-11-05 16:04 - 2013-01-09 09:42 - 00386048 ___SH C:\Users\Frank\Desktop\Thumbs.db
2013-11-05 12:07 - 2013-11-05 12:07 - 00001490 _____ C:\Users\Frank\Documents\signatur-club-4.html
2013-11-05 12:04 - 2013-06-30 17:27 - 00000000 ____D C:\Users\Frank\AppData\Local\Windows Live
2013-11-05 12:02 - 2013-11-05 12:01 - 00002232 _____ C:\Users\Frank\Documents\signatur-club-2.html
2013-11-05 11:56 - 2013-07-08 09:18 - 00001490 _____ C:\Users\Frank\Documents\signatur-club.html
2013-11-05 11:15 - 2013-11-05 11:15 - 00024576 _____ C:\Users\Frank\Documents\analiticas BISK BALEARIC.xls
2013-11-04 14:23 - 2013-11-05 11:17 - 00028508 _____ C:\Users\Frank\Documents\versanduebersicht-mitgliederuebersicht.xls_1.ods
2013-11-04 14:05 - 2013-11-04 14:05 - 104867914 _____ C:\windows\SysWOW64\┾ꅛLŔ
2013-11-03 13:47 - 2013-11-03 13:42 - 00000000 ____D C:\Users\Frank\Documents\NewsletterDesigner
2013-11-03 13:42 - 2013-11-03 13:42 - 00000000 ____D C:\Users\Frank\AppData\Roaming\mresreg
2013-11-03 13:42 - 2013-11-03 13:42 - 00000000 ____D C:\Users\Frank\AppData\Roaming\IN-MEDIAKG
2013-11-03 13:42 - 2013-06-04 11:17 - 00006050 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2013-11-03 13:40 - 2013-11-03 12:58 - 00000000 ____D C:\Users\Frank\AppData\Local\DownloadGuide
2013-11-03 13:39 - 2013-11-03 13:39 - 00004332 _____ C:\windows\System32\Tasks\Plus-HD-3.8-updater
2013-11-03 13:39 - 2013-11-03 13:39 - 00004134 _____ C:\windows\System32\Tasks\Plus-HD-3.8-enabler
2013-11-03 13:39 - 2013-11-03 13:39 - 00001153 _____ C:\Users\Frank\Desktop\NewsletterDesigner.lnk
2013-11-03 13:39 - 2013-11-03 13:39 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Windows Net Data
2013-11-03 13:39 - 2013-11-03 13:39 - 00000000 ____D C:\Program Files (x86)\Web Optimizer
2013-11-03 13:39 - 2013-11-03 13:39 - 00000000 ____D C:\Program Files (x86)\mresreg
2013-11-03 13:39 - 2013-11-03 13:38 - 00000000 ____D C:\Program Files (x86)\Plus-HD-3.8
2013-11-03 13:38 - 2013-11-03 13:38 - 00004234 _____ C:\windows\System32\Tasks\Plus-HD-3.8-codedownloader
2013-11-03 13:09 - 2013-11-03 13:09 - 00003370 _____ C:\windows\System32\Tasks\BackgroundContainer Startup Task
2013-11-03 13:09 - 2013-11-03 12:59 - 00000009 _____ C:\END
2013-11-03 13:08 - 2013-11-03 13:08 - 00000000 ____D C:\Users\Frank\AppData\Local\NativeMessaging
2013-11-03 13:08 - 2013-11-03 13:08 - 00000000 ____D C:\Users\Frank\AppData\Local\Conduit
2013-11-03 13:08 - 2013-11-03 13:08 - 00000000 ____D C:\ProgramData\Conduit
2013-11-03 13:08 - 2013-11-03 13:08 - 00000000 ____D C:\Program Files (x86)\RadioTotal1
2013-11-03 13:08 - 2013-11-03 13:07 - 00000000 ____D C:\Users\Frank\AppData\Local\CRE
2013-11-03 13:08 - 2013-11-03 13:07 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-11-03 12:59 - 2013-11-03 12:59 - 00000140 _____ C:\Users\Frank\Desktop\Amazon.url
2013-11-03 12:57 - 2013-11-03 12:56 - 00567144 _____ C:\Users\Frank\Downloads\nldsetup-Downloader.exe
2013-11-02 10:13 - 2013-11-02 10:13 - 00021434 _____ C:\Users\Frank\Documents\newsletter-test.html
2013-11-01 13:43 - 2013-11-01 13:43 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Nvu
2013-11-01 13:43 - 2013-11-01 13:42 - 00000000 ____D C:\Program Files (x86)\Nvu
2013-11-01 13:43 - 2012-12-24 17:15 - 00000000 ____D C:\Users\Frank\AppData\Local\VirtualStore
2013-11-01 13:42 - 2013-11-01 13:42 - 06297003 _____ (Thorsten Fritz                                              ) C:\Users\Frank\Downloads\nvu-1.0-win32-installer-de-DE.exe
2013-11-01 13:37 - 2013-11-01 13:37 - 00000000 ____D C:\Users\Frank\Documents\mystical
2013-11-01 13:36 - 2013-11-01 13:36 - 00000000 ____D C:\Users\Frank\Documents\html-vorlage-mail
2013-11-01 12:35 - 2013-11-01 12:35 - 00001456 _____ C:\Users\Frank\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-11-01 12:34 - 2012-12-24 17:16 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Adobe
2013-11-01 08:57 - 2013-01-22 19:55 - 00000000 ____D C:\Program Files\SuperMailer
2013-10-31 11:21 - 2013-10-31 11:12 - 00000000 ____D C:\AdwCleaner
2013-10-31 11:21 - 2013-08-25 11:40 - 00000000 ____D C:\windows\System32\Tasks\Browser Updater
2013-10-31 11:21 - 2013-04-21 19:13 - 00000000 ____D C:\windows\System32\Tasks\ProtectedSearch
2013-10-31 11:21 - 2013-03-10 17:30 - 00000000 ____D C:\Users\Frank\AppData\Roaming\CheckPoint
2013-10-31 11:12 - 2013-10-31 11:12 - 01060070 _____ C:\Users\Frank\Downloads\adwcleaner-3.010.exe
2013-10-31 10:58 - 2013-10-31 10:58 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Frank\Downloads\SpyHunter-Installer.exe
2013-10-30 11:33 - 2013-10-31 14:52 - 00028462 _____ C:\Users\Frank\Documents\versanduebersicht-mitgliederuebersicht.xls_0.ods
2013-10-30 09:32 - 2013-10-30 09:32 - 00070656 _____ C:\Users\Frank\Documents\Bodega Maruccia 28.10.13.xls
2013-10-28 14:22 - 2013-10-28 14:22 - 00064000 _____ C:\Users\Frank\Documents\Maruccia1
2013-10-28 14:19 - 2013-10-28 14:19 - 103734365 _____ C:\windows\SysWOW64\楁烬Lŝ

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe


Some content of TEMP:
====================
C:\Users\Frank\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-19 10:14

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

die addtion.txt habe ich leider nicht gefunden
auf dem desktop wurde nichts abgespeichert ?

BG

habe das doch noch gefundenkFRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2013 03
Ran by Frank at 2013-11-24 08:48:29
Running from C:\Users\Frank\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Creative Cloud (x32 Version: 2.1.2.232)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152)
Adobe Photoshop CC (x32 Version: 14.0)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Allshare Play Link (x32 Version: 1.0.0)
AllSharePlayLink (x32 Version: 1.0.0)
AMD Accelerated Video Transcoding (Version: 12.5.100.21010)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Quick Stream (Version: 3.3.26.0)
AMD VISION Engine Control Center (x32 Version: 2012.1010.1519.25530)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
AutoHotkey 1.1.11.01 (Version: 1.1.11.01)
Avira Free Antivirus (x32 Version: 14.0.1.719)
Bandizip (HKCU Version: 3.04)
BlueStacks App Player (x32 Version: 0.7.18.921)
BlueStacks Notification Center (x32 Version: 0.7.18.921)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center InstallProxy (x32 Version: 2012.1010.1519.25530)
Catalyst Control Center Localization All (x32 Version: 2012.1010.1519.25530)
CCC Help Chinese Standard (x32 Version: 2012.1010.1518.25530)
CCC Help Chinese Traditional (x32 Version: 2012.1010.1518.25530)
CCC Help Czech (x32 Version: 2012.1010.1518.25530)
CCC Help Danish (x32 Version: 2012.1010.1518.25530)
CCC Help Dutch (x32 Version: 2012.1010.1518.25530)
CCC Help English (x32 Version: 2012.1010.1518.25530)
CCC Help Finnish (x32 Version: 2012.1010.1518.25530)
CCC Help French (x32 Version: 2012.1010.1518.25530)
CCC Help German (x32 Version: 2012.1010.1518.25530)
CCC Help Greek (x32 Version: 2012.1010.1518.25530)
CCC Help Hungarian (x32 Version: 2012.1010.1518.25530)
CCC Help Italian (x32 Version: 2012.1010.1518.25530)
CCC Help Japanese (x32 Version: 2012.1010.1518.25530)
CCC Help Korean (x32 Version: 2012.1010.1518.25530)
CCC Help Norwegian (x32 Version: 2012.1010.1518.25530)
CCC Help Polish (x32 Version: 2012.1010.1518.25530)
CCC Help Portuguese (x32 Version: 2012.1010.1518.25530)
CCC Help Russian (x32 Version: 2012.1010.1518.25530)
CCC Help Spanish (x32 Version: 2012.1010.1518.25530)
CCC Help Swedish (x32 Version: 2012.1010.1518.25530)
CCC Help Thai (x32 Version: 2012.1010.1518.25530)
CCC Help Turkish (x32 Version: 2012.1010.1518.25530)
ccc-utility64 (Version: 2012.1010.1519.25530)
Copernic Desktop Search - Home (x32)
D3DX10 (x32 Version: 15.4.2368.0902)
DDBAC (x32 Version: 5.3.6)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Easy File Share (x32 Version: 1.3.4)
E-POP (x32 Version: 1.0.1)
ETDWare X64 11.7.5.5_WHQL (Version: 11.7.5.5)
FlashFXP v4.2 (x32 Version: 4.2.5.1813)
Fotogalerie (x32 Version: 16.4.3505.0912)
Free System Utilities (x32 Version: 1.0.0.16)
Free SystemUtilities (x32 Version: 1.0.0.16)
Galerie de photos (x32 Version: 16.4.3505.0912)
GIMP 2.8.4 (Version: 2.8.4)
Google Chrome (x32 Version: 31.0.1650.57)
Google Update Helper (x32 Version: 1.3.21.165)
Help Desk (Version: 1.0.96)
HP ePrint (x32 Version: 6.0.12230.783)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (Version: 28.0.1315.0)
HP Postscript Converter (Version: 3.1.3591)
HP Unified IO (Version: 2.0.0.404)
HP Unified IO (x32 Version: 2.0.0.404)
iCloud (Version: 3.0.2.163)
iFunbox (v2.1.2228.731), iFunbox DevTeam (x32 Version: v2.1.2228.731)
iTunes (Version: 11.1.3.8)
Java 7 Update 21 (x32 Version: 7.0.210)
Java Auto Updater (x32 Version: 2.1.9.5)
Lexware vereinsverwaltung 13 (x32 Version: 13.0)
McAfee Security Scan Plus (Version: 3.8.130.10)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Outlook 2010 (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server 2008 (x32)
Microsoft SQL Server 2008 Browser (x32 Version: 10.3.5500.0)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.3.5500.0)
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.3.5500.0)
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.3.5500.0)
Microsoft SQL Server 2008 Native Client (Version: 10.3.5500.0)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.3.5500.0)
Microsoft SQL Server VSS Writer (Version: 10.3.5500.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 24.1.1)
Mozilla Thunderbird 24.1.1 (x86 de) (x32 Version: 24.1.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
NewsletterDesigner (x32 Version: Aktuelle Version)
Nvu 1.0 (x32 Version: 1.0)
OpenOffice 4.0.1 (x32 Version: 4.01.9714)
PDF Settings CC (x32 Version: 12.0)
PDF24 Creator 5.4.0 (x32)
PDFtk Server version 2.00 (x32 Version: 2.00)
Phase 5 HTML-Editor (x32 Version: 5.6.2.3)
Photo Common (x32 Version: 16.4.3505.0912)
Photo Gallery (x32 Version: 16.4.3505.0912)
Picasa 3 (x32 Version: 3.9)
Pixsta (HKCU Version: 3.0.0.51376)
Plus-HD-3.8 (x32 Version: 1.29.153.2) <==== ATTENTION
Pokki (HKCU Version: 0.266.1.172)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.210)
Qualcomm Atheros Client Installation Program (x32 Version: 10.0)
Quick Starter (Version: 1.0.2)
Raccolta foto (x32 Version: 16.4.3505.0912)
RadioTotal1 Toolbar for IE (x32 Version: 6.17.1.25)
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6699)
Recovery (x32 Version: 6.0.10.0)
Revo Uninstaller 1.94 (x32 Version: 1.94)
S Agent (Version: 1.1.45)
Samsung AllShare (x32 Version: 2.1.0.12013_8)
Samsung Universal Print Driver (x32 Version: 2.03.01.00:36)
Service Pack 3 für SQL Server 2008 (KB2546951) (x32 Version: 10.3.5500.0)
Settings (x32 Version: 2.0.0)
Skype™ 6.6 (x32 Version: 6.6.106)
Sonos Controller (x32 Version: 24.0.69180)
Sql Server Customer Experience Improvement Program (x32 Version: 10.3.5500.0)
StarMoney (x32 Version: 3.0.5.8)
StarMoney (x32 Version: 4.0.0.203)
StarMoney 8.0  (x32 Version: 8.0)
StarMoney 9.0  (x32 Version: 9.0)
StarMoney Business 6.0  (x32 Version: 6.0)
SuperMailer 7.03 (Version: 7.03)
Support Center (Version: 2.1.1106)
Support Center FAQ (x32 Version: 1.0.11)
SW Update (x32 Version: 2.1.21)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (x32 Version: 10.3.5500.0)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
User Guide (x32 Version: 1.1.00)
Web Optimizer (x32)
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass  (07/27/2012 20.57.1.735) (Version: 07/27/2012 20.57.1.735)
Windows Live (x32 Version: 16.4.3505.0912)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
XnView 2.05 (x32 Version: 2.05)
ZoneAlarm Antivirus (x32 Version: 11.0.000.057)
ZoneAlarm Firewall (x32 Version: 11.0.000.057)
ZoneAlarm Security (x32 Version: 11.0.000.504)

==================== Restore Points  =========================

11-11-2013 12:20:29 DDBAC wird entfernt
19-11-2013 13:27:29 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {156CA460-8D8F-4A7C-A506-E71440EE19D0} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-08-26] (Samsung Electronics CO., LTD.)
Task: {18D90FB1-6015-431E-8C2F-080A52EC9071} - System32\Tasks\{A8CBDE78-A3E8-4A8A-BFAF-7AA0C2FD1716} => Chrome.exe hxxp://ui.skype.com/ui/0/6.2.0.106/en/abandoninstall?page=tsMain
Task: {1D67D1C3-59D5-4BAA-8DB9-B2F8377097B5} - System32\Tasks\Plus-HD-3.8-enabler => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-enabler.exe [2013-11-03] (Plus HD) <==== ATTENTION
Task: {4E7BBBCA-3F17-44E8-BE9B-D224A97978CB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-16] (Adobe Systems Incorporated)
Task: {4EEAA4E8-CD0A-40A3-8675-FD5DD88670A1} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2013-08-23] (SEC)
Task: {52371C7B-C417-4E50-8905-A6315CD8B888} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\System32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {59F81142-653F-45B9-B879-5D097627C19D} - \EPUpdater No Task File
Task: {5E658CDA-0007-4144-A442-5FBDC93DDC8A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-28] (Google Inc.)
Task: {74271319-2E7B-4C83-B0F2-DA1C770FB486} - System32\Tasks\Plus-HD-3.8-chromeinstaller => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-chromeinstaller.exe [2013-11-03] (Plus HD) <==== ATTENTION
Task: {77C0D1F3-2C49-435C-A81A-27A1BCA51D4F} - \ProtectedSearch\Protected Search No Task File
Task: {82944B54-944C-4319-9BB8-7485FD89E4FB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9CB8F990-57B8-4456-A356-BC353FE813C1} - System32\Tasks\Plus-HD-3.8-updater => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-updater.exe [2013-11-03] (Plus HD) <==== ATTENTION
Task: {9FD2802A-F402-4249-BEF3-A0A818332A2F} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: {A33D8EB5-2B94-4408-8A0F-ED8826082283} - System32\Tasks\{ED924F92-8168-40CA-B1DB-BEAA7A9A0435} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-06-21] (Skype Technologies S.A.)
Task: {B46C721F-E897-479F-B38C-FD8A12A94202} - System32\Tasks\Freemium1ClickMaint => C:\Program Files (x86)\Covus Freemium\Free System Utilities\1Click.exe [2013-03-11] ()
Task: {B69A4427-B94B-402C-98C1-EA72630D7B31} - System32\Tasks\AdobeAAMUpdater-1.0-Bodega_Maruccia-Frank => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {BB8561CC-1457-4A4A-992E-03E32374BE8F} - System32\Tasks\Plus-HD-3.8-firefoxinstaller => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-firefoxinstaller.exe [2013-11-03] (Plus HD) <==== ATTENTION
Task: {BED553C5-6E31-44BC-89AF-0EED4E16ADB6} - \Software Updater No Task File
Task: {C3E945E2-E8D8-4F3A-9416-D49D432E9C7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-28] (Google Inc.)
Task: {CE974FC3-A2A2-4E19-949C-796DAC2D9CAC} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E8275008-1A3F-4A7B-A05F-26F88CAB9A02} - System32\Tasks\Plus-HD-3.8-codedownloader => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-codedownloader.exe [2013-11-03] (Plus HD) <==== ATTENTION
Task: {E9D8AF2C-121D-4879-B99E-8D709FAB7D47} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation)
Task: {EA89DE75-C2FB-4090-A867-BECC9B0001CC} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.)
Task: {EE662443-5DFD-445C-91D6-BA9B36068348} - System32\Tasks\BackgroundContainer Startup Task => C:\Users\Frank\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll [2013-10-15] (Conduit Ltd.)
Task: {F7F51415-D8A7-4A0E-B5FD-E13462B0DC25} - \Software Updater Ui No Task File
Task: {FC6615D1-3870-4575-BDA4-69B5BFAFF990} - \Browser Updater\Browser Updater No Task File
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Plus-HD-3.8-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-chromeinstaller.exe
Task: C:\windows\Tasks\Plus-HD-3.8-codedownloader.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-codedownloader.exe
Task: C:\windows\Tasks\Plus-HD-3.8-enabler.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-enabler.exe
Task: C:\windows\Tasks\Plus-HD-3.8-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-firefoxinstaller.exe
Task: C:\windows\Tasks\Plus-HD-3.8-updater.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-updater.exe

==================== Loaded Modules (whitelisted) =============

2012-07-26 08:55 - 2012-07-26 08:53 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-10-16 18:15 - 2013-10-16 18:15 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2012-10-10 14:17 - 2012-10-10 14:17 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-11-01 08:57 - 2013-10-29 13:30 - 10343421 _____ () C:\Program Files\SuperMailer\ChilkatDelphiXE64.dll
2013-01-22 19:55 - 2012-12-05 12:00 - 01176064 _____ () C:\Program Files\SuperMailer\sqlite364.dll
2013-01-22 19:55 - 2012-12-05 12:00 - 01501696 _____ () C:\Program Files\SuperMailer\libeay32.dll
2013-01-22 19:55 - 2012-12-05 12:00 - 00331776 _____ () C:\Program Files\SuperMailer\ssleay32.dll
2013-08-30 09:01 - 2013-08-30 09:01 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
2013-05-10 15:14 - 2013-05-10 15:13 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-02-20 19:13 - 2011-01-13 11:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 8.0\ouservice\PATCHW32.dll
2013-10-16 07:56 - 2011-01-13 09:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll
2013-10-16 07:57 - 2011-01-13 09:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney Business 6.0\ouservice\PATCHW32.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00026232 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00029816 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00091768 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-09-03 14:25 - 2013-09-03 14:25 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-06-05 13:10 - 2013-06-05 13:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2013-08-30 09:00 - 2013-08-30 09:00 - 00381808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CCInvokeAAM.dll
2013-09-07 03:11 - 2013-09-07 03:11 - 00569856 _____ () C:\Users\Frank\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
2013-09-07 03:11 - 2013-09-07 03:11 - 01400846 _____ () C:\Users\Frank\AppData\Local\Pokki\Engine\avcodec-54.dll
2013-09-07 03:11 - 2013-09-07 03:11 - 00151054 _____ () C:\Users\Frank\AppData\Local\Pokki\Engine\avutil-51.dll
2013-09-07 03:11 - 2013-09-07 03:11 - 00222734 _____ () C:\Users\Frank\AppData\Local\Pokki\Engine\avformat-54.dll
2013-09-20 12:50 - 2013-09-20 12:50 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
2013-09-17 03:54 - 2013-09-17 03:54 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll
2013-09-17 03:54 - 2013-09-17 03:54 - 00136192 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec-mscrypto.dll
2013-09-17 03:54 - 2013-09-17 03:54 - 00303616 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2012-09-23 20:43 - 2012-09-23 20:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
2012-12-18 20:08 - 2012-12-18 20:08 - 14588632 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\NPSWF32.dll
2013-11-16 10:17 - 2013-11-16 10:17 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-11-15 09:34 - 2013-11-14 12:28 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
2013-11-15 09:34 - 2013-11-14 12:28 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libegl.dll
2013-11-15 09:34 - 2013-11-14 12:29 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll
2013-11-15 09:34 - 2013-11-14 12:29 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
2013-11-15 09:34 - 2013-11-14 12:28 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
2013-11-15 09:34 - 2013-11-14 12:29 - 13582800 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll
2013-11-21 10:36 - 2013-11-21 10:36 - 03008624 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-11-21 10:36 - 2013-11-21 10:36 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-11-21 10:36 - 2013-11-21 10:36 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/23/2013 06:57:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16708

Error: (11/23/2013 06:57:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16708

Error: (11/23/2013 06:57:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/23/2013 06:57:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15023

Error: (11/23/2013 06:57:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15023

Error: (11/23/2013 06:57:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/23/2013 06:57:33 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13229

Error: (11/23/2013 06:57:33 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13229

Error: (11/23/2013 06:57:33 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/23/2013 06:57:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11591


System errors:
=============
Error: (11/20/2013 04:39:50 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Samsung AllShare PC" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/20/2013 10:19:13 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SWUpdateService erreicht.

Error: (11/19/2013 04:25:50 PM) (Source: DCOM) (User: Bodega_Maruccia)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Bodega_MarucciaFrankS-1-5-21-484924946-752710417-643280108-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/19/2013 04:25:50 PM) (Source: DCOM) (User: Bodega_Maruccia)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Bodega_MarucciaFrankS-1-5-21-484924946-752710417-643280108-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/19/2013 04:25:50 PM) (Source: DCOM) (User: Bodega_Maruccia)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Bodega_MarucciaFrankS-1-5-21-484924946-752710417-643280108-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/19/2013 04:25:50 PM) (Source: DCOM) (User: Bodega_Maruccia)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Bodega_MarucciaFrankS-1-5-21-484924946-752710417-643280108-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/19/2013 04:25:50 PM) (Source: DCOM) (User: Bodega_Maruccia)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Bodega_MarucciaFrankS-1-5-21-484924946-752710417-643280108-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/19/2013 04:25:50 PM) (Source: DCOM) (User: Bodega_Maruccia)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Bodega_MarucciaFrankS-1-5-21-484924946-752710417-643280108-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/19/2013 04:25:49 PM) (Source: DCOM) (User: Bodega_Maruccia)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Bodega_MarucciaFrankS-1-5-21-484924946-752710417-643280108-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/19/2013 04:25:49 PM) (Source: DCOM) (User: Bodega_Maruccia)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Bodega_MarucciaFrankS-1-5-21-484924946-752710417-643280108-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


Microsoft Office Sessions:
=========================
Error: (11/23/2013 06:57:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16708

Error: (11/23/2013 06:57:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16708

Error: (11/23/2013 06:57:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/23/2013 06:57:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15023

Error: (11/23/2013 06:57:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15023

Error: (11/23/2013 06:57:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/23/2013 06:57:33 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13229

Error: (11/23/2013 06:57:33 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13229

Error: (11/23/2013 06:57:33 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/23/2013 06:57:31 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11591


CodeIntegrity Errors:
===================================
  Date: 2013-05-22 07:56:49.594
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2013-05-22 07:56:48.307
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2013-05-22 07:56:47.240
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2013-05-22 07:56:44.479
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2013-05-22 07:55:08.673
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

  Date: 2013-05-22 07:55:07.897
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

  Date: 2013-05-22 07:55:07.179
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

  Date: 2013-05-22 07:55:06.292
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

  Date: 2013-05-22 07:55:05.523
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

  Date: 2013-05-22 07:55:04.934
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.


==================== Memory info =========================== 

Percentage of memory in use: 45%
Total physical RAM: 7656.41 MB
Available physical RAM: 4191.53 MB
Total Pagefile: 9960.41 MB
Available Pagefile: 4705.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:442.27 GB) (Free:359.6 GB) NTFS
Drive e: (USB DISK) (Removable) (Total:7.6 GB) (Free:3.6 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: AAEBC8AE)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 8 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.

==================== End Of Log ============================

--- --- ---

aharonov · 24.11.2013, 16:24

Ok, dann so weiter:

Schritt 1

Gehe in die Systemsteuerung und öffne Programme und Funktionen.
Suche und deinstalliere dort der Reihe nach folgende Einträge:
Plus-HD-3.8
Pokki
RadioTotal1 Toolbar for IE
Web Optimizer
Schliesse das Fenster wieder und führe einen Neustart durch, wenn das gefordert wurde.

Schritt 2

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3

Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Bitte poste in deiner nächsten Antwort:

Log von AdwCleaner
Log von FRST

frama63 · 24.11.2013, 17:44

hi leo
noch mal besten dank
weiss das sehr zu schaetzen
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-11-2013
Ran by Frank (administrator) on BODEGA_MARUCCIA on 24-11-2013 17:12:36
Running from C:\Users\Frank\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SERVEREXP2008\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney Business 6.0\ouservice\StarMoneyOnlineUpdate.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Copernic Inc.) C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearch.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Copernic Inc.) C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mirko Böer) C:\Program Files\SuperMailer\sm.exe
(Sonos, Inc.) C:\Program Files (x86)\Sonos\Sonos.exe
(Farbar) C:\Users\Frank\Downloads\FRST64(1).exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2872176 2012-10-09] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-09-29] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-09-29] (Atheros Communications)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKCU\...\Run: [HP Officejet Pro 8600 (NET)] - C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
HKCU\...\Run: [Copernic Desktop Search - Home] - C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe [1692200 2013-01-28] (Copernic Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [AppEx Accelerator UI] - C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe [1000288 2012-05-22] (AppEx Networks Corporation)
HKCU\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1315144 2013-09-04] (Apple Inc.)
HKCU\...\Runonce: [Application Restart #5] - C:\Users\Frank\AppData\Local\Pokki\Engine\pokki.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Frank\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --flag-switches-begin --flag-switches-end --restore-last-session
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [AllShareAgent] - C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-01-19] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-10-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [606024 2013-09-19] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
AppInit_DLLs: C:\Windows\System32\    [0 ] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 
SearchScopes: HKLM - {CE5A0938-A9F2-4A8B-B1A8-3A688B23C7DF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - {CE5A0938-A9F2-4A8B-B1A8-3A688B23C7DF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - DefaultScope {41E3EBB7-1E81-4672-8597-63F4ED4807EE} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3317892&CUI=UN24908529903248031&UM=2
SearchScopes: HKCU - {41E3EBB7-1E81-4672-8597-63F4ED4807EE} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3317892&CUI=UN24908529903248031&UM=2
SearchScopes: HKCU - {8A45B80F-B0E1-432F-90AB-1A7FA99091FF} URL = hxxp://search.certified-toolbar.com?si=42820&st=bs&tid=3347&q={searchTerms}
SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = 
SearchScopes: HKCU - {CE5A0938-A9F2-4A8B-B1A8-3A688B23C7DF} URL = 
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: visualbee Helper Object - {66F57190-01EB-45A6-8260-7895267209F7} - C:\Program Files (x86)\visualbee\visualbee\1.8.9.1\bh\visualbee.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: HomeTab - {9fdfb66c-713b-4201-83a6-5b78ae227b41} - C:\Users\Frank\AppData\Roaming\HomeTab\HomeTab.dll No File
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - HomeTab - {9fdfb66c-713b-4201-83a6-5b78ae227b41} - C:\Users\Frank\AppData\Roaming\HomeTab\HomeTab.dll No File
Toolbar: HKLM-x32 - visualbee Toolbar - {610AF794-9293-4129-9FAF-A81BBDFBFA14} - C:\Program Files (x86)\visualbee\visualbee\1.8.9.1\visualbeeTlbr.dll No File
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\xh8uu50j.default
FF Homepage: about:home
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3317892&SearchSource=2&CUI=UN24468670721935620&UM=2&q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: vis - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\xh8uu50j.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
FF Extension: HomeTab - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\xh8uu50j.default\Extensions\{9c72a7f0-9ced-4876-80b8-2cebdc068f07}
FF Extension: No Name - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\xh8uu50j.default\Extensions\WTB_GLOBAL.sqlite
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKCU\...\Firefox\Extensions: [{57319509-7821-41B0-9FDF-3B58F146AE33}] - c:\program files (x86)\copernic desktop search - home\firefoxconnector
FF Extension: Copernic Desktop Search - Search Firefox content - c:\program files (x86)\copernic desktop search - home\firefoxconnector

Chrome: 
=======
CHR RestoreOnStartup: "hxxp://www.google.de/", "hxxp://www.maruccia.com/", "about:newtab?source=home"
CHR DefaultSearchURL: (google.de) - hxxp://www.google.de/search?hl=de&tbo=d&output=search&sclient=psy-ab&q={searchTerms}&btnG=
CHR DefaultSuggestURL: (google.de) -       "suggest_url": "",
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Wallet) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM-x32\...\Chrome\Extension: [cfigonhgidedenkkhlilmefgodjpefna] - C:\Users\Frank\AppData\Local\CRE\cfigonhgidedenkkhlilmefgodjpefna.crx
CHR HKLM-x32\...\Chrome\Extension: [npgpgjiajblpbldjkelafjjhfjcddlba] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-29] (Qualcomm Atheros Commnucations)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-09-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-09-19] (BlueStack Systems, Inc.)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-08-26] (Samsung Electronics CO., LTD.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [90992 2012-10-09] (ELAN Microelectronics Corp.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MSSQL$SERVEREXP2008; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SERVEREXP2008\MSSQL\Binn\sqlservr.exe [43028328 2011-09-22] (Microsoft Corporation)
S3 Samsung UPD Service2; C:\windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics)
S4 SQLAgent$SERVEREXP2008; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SERVEREXP2008\MSSQL\Binn\SQLAGENT.EXE [370024 2011-09-22] (Microsoft Corporation)
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2013-10-11] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 StarMoney Business 6.0 OnlineUpdate; C:\Program Files (x86)\StarMoney Business 6.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2013-10-11] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-29] (Atheros)

==================== Drivers (Whitelisted) ====================

R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-18] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106904 2013-11-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132600 2013-11-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-09-19] (BlueStack Systems)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-29] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [610136 2012-11-15] (Kaspersky Lab)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-10-08] (Windows (R) 2003 DDK 3790 provider)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [89944 2012-11-15] (Kaspersky Lab)
S3 SBIOSIO; \??\C:\Users\Frank\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [x]
S3 UCORESYS; \??\C:\windiag\ReadDMI8\UCORESYS.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-24 17:12 - 2013-11-24 17:12 - 00021988 _____ C:\Users\Frank\Downloads\FRST.txt
2013-11-24 17:10 - 2013-11-24 17:10 - 01958440 _____ (Farbar) C:\Users\Frank\Downloads\FRST64 (1).exe
2013-11-24 17:09 - 2013-11-24 17:09 - 01958440 _____ (Farbar) C:\Users\Frank\Downloads\FRST64(1).exe
2013-11-24 09:01 - 2013-11-24 09:01 - 00010451 _____ C:\Users\Frank\Downloads\woocommerce-min-max-quantities (1).zip
2013-11-24 08:52 - 2013-11-24 08:52 - 00033055 _____ C:\Users\Frank\Desktop\Addition.txt
2013-11-24 08:48 - 2013-11-24 08:51 - 00033055 _____ C:\Users\Frank\Downloads\Addition.txt
2013-11-24 08:29 - 2013-11-24 08:30 - 00056443 _____ C:\Users\Frank\Desktop\FRST.txt
2013-11-23 20:25 - 2013-11-23 20:25 - 00000000 ____D C:\FRST
2013-11-23 20:23 - 2013-11-23 20:23 - 01958396 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe
2013-11-22 15:38 - 2013-11-22 15:38 - 04101441 _____ C:\Users\Frank\Downloads\tdsskiller.zip
2013-11-22 15:38 - 2013-11-22 15:38 - 04101441 _____ C:\Users\Frank\Downloads\tdsskiller (1).zip
2013-11-22 15:36 - 2013-11-22 15:36 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Frank\Downloads\tdsskiller.exe
2013-11-19 16:23 - 2013-11-19 16:24 - 04979632 _____ C:\windows\system32\FNTCACHE.DAT
2013-11-19 13:53 - 2013-11-19 13:53 - 00001941 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-19 13:53 - 2013-11-19 13:53 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-19 13:50 - 2013-11-19 13:50 - 01034531 _____ (Thisisu) C:\Users\Frank\Downloads\JRT (1).exe
2013-11-19 13:49 - 2013-11-19 13:49 - 00000000 ____D C:\windows\ERUNT
2013-11-19 13:48 - 2013-11-19 13:49 - 01034531 _____ (Thisisu) C:\Users\Frank\Downloads\JRT.exe
2013-11-18 12:14 - 2013-11-18 12:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 12:13 - 2013-11-18 13:28 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-18 12:13 - 2013-11-18 12:13 - 00116440 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2013-11-18 12:12 - 2013-11-18 13:28 - 00000000 ____D C:\Users\Frank\Desktop\mbar
2013-11-18 12:12 - 2013-11-18 12:12 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Frank\Downloads\mbar-1.07.0.1007.exe
2013-11-18 12:12 - 2013-11-18 12:12 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2013-11-16 11:14 - 2013-11-16 11:14 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-11-16 10:55 - 2013-11-05 23:58 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-11-16 10:55 - 2013-11-05 23:58 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-16 10:17 - 2013-11-16 10:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 15:14 - 2013-11-15 15:14 - 00018117 _____ C:\Users\Frank\Documents\versandliste-porsche.odt
2013-11-15 12:12 - 2013-11-15 12:12 - 00001793 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-15 12:11 - 2013-11-15 12:12 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-15 12:11 - 2013-11-15 12:12 - 00000000 ____D C:\Program Files\iTunes
2013-11-15 12:11 - 2013-11-15 12:12 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-15 12:11 - 2013-11-15 12:11 - 00000000 ____D C:\Program Files\iPod
2013-11-15 10:50 - 2013-11-19 13:50 - 00000000 ____D C:\Users\Frank\AppData\Roaming\XnView
2013-11-15 10:50 - 2013-11-15 10:50 - 00000925 _____ C:\Users\Frank\Desktop\XnView.lnk
2013-11-15 10:49 - 2013-11-15 10:49 - 00000000 ____D C:\Program Files (x86)\XnView
2013-11-15 10:45 - 2013-11-15 10:48 - 15211760 _____ (Gougelet Pierre-e                                           ) C:\Users\Frank\Downloads\XnView-win-full_2.05.exe
2013-11-15 10:42 - 2013-11-15 10:42 - 00002656 _____ C:\Users\Frank\AppData\Local\recently-used.xbel
2013-11-14 08:55 - 2013-11-14 08:55 - 00001957 _____ C:\Users\Public\Desktop\Sonos.lnk
2013-11-13 09:53 - 2013-10-10 12:53 - 00096600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2013-11-13 09:53 - 2013-10-10 10:21 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-11-13 09:53 - 2013-10-10 10:20 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2013-11-13 09:53 - 2013-09-14 02:15 - 00059416 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2013-11-13 09:53 - 2013-09-13 23:36 - 00628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2013-11-13 09:53 - 2013-09-13 23:36 - 00247296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2013-11-13 09:53 - 2013-09-13 23:36 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2013-11-13 09:53 - 2013-09-13 23:36 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2013-11-13 09:53 - 2013-09-13 23:36 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2013-11-13 09:53 - 2013-09-13 23:34 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2013-11-13 09:53 - 2013-09-13 23:33 - 03279360 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 01622016 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00773120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00328192 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00252928 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2013-11-13 09:53 - 2013-08-30 06:43 - 00061784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\crashdmp.sys
2013-11-13 09:53 - 2013-08-30 06:20 - 01173504 _____ (Microsoft Corporation) C:\windows\system32\UIAutomationCore.dll
2013-11-13 09:53 - 2013-08-30 00:48 - 00914432 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAutomationCore.dll
2013-11-13 09:53 - 2013-08-21 07:39 - 00465240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2013-11-13 09:53 - 2013-08-10 07:30 - 00151896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2013-11-13 09:53 - 2013-08-10 06:21 - 00817152 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2013-11-13 09:53 - 2013-08-10 04:58 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2013-11-13 09:53 - 2013-07-25 00:10 - 10799104 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2013-11-13 09:53 - 2013-07-25 00:07 - 13661696 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2013-11-13 09:53 - 2013-07-12 02:38 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2013-11-13 09:53 - 2013-07-12 02:30 - 00485376 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2013-11-13 09:52 - 2013-10-03 00:25 - 01300992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-11-13 09:52 - 2013-10-02 00:37 - 01569280 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2013-11-13 09:52 - 2013-10-02 00:26 - 01890816 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-11-13 09:52 - 2013-10-01 23:22 - 01022976 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2013-11-13 09:52 - 2013-09-23 23:30 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-11-13 09:52 - 2013-09-23 23:30 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2013-11-13 09:52 - 2013-09-04 04:11 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2013-11-13 09:52 - 2013-08-23 08:22 - 02062848 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2013-11-13 09:52 - 2013-08-23 02:44 - 01711616 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2013-11-13 09:51 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-13 09:51 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-13 09:51 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-13 09:51 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-13 09:51 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-13 09:51 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-13 09:51 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-13 09:51 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-13 09:51 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-13 09:51 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-13 09:51 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-13 09:50 - 2013-10-02 00:37 - 02035712 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2013-11-13 09:50 - 2013-10-02 00:26 - 02304512 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-11-11 17:18 - 2013-11-11 17:18 - 00001091 _____ C:\Users\Frank\Downloads\Bilder - Verknüpfung.lnk
2013-11-11 14:04 - 2013-11-11 14:04 - 01116492 _____ C:\Users\Frank\Downloads\codestyling-localization.1.99.30.zip
2013-11-11 14:01 - 2013-11-11 14:01 - 00023749 _____ C:\Users\Frank\Documents\sdfks.html
2013-11-07 17:14 - 2013-11-07 17:14 - 00000200 _____ C:\Users\Frank\Documents\wordpress.txt
2013-11-07 16:15 - 2013-11-07 16:15 - 00010451 _____ C:\Users\Frank\Downloads\woocommerce-min-max-quantities.zip
2013-11-06 16:38 - 2013-11-06 16:38 - 00466494 _____ C:\Users\Frank\Documents\maruccia_stempel.eps
2013-11-05 12:07 - 2013-11-05 12:07 - 00001490 _____ C:\Users\Frank\Documents\signatur-club-4.html
2013-11-05 12:03 - 2013-11-12 10:04 - 00002184 _____ C:\Users\Frank\Documents\signatur-club-3.html
2013-11-05 12:01 - 2013-11-05 12:02 - 00002232 _____ C:\Users\Frank\Documents\signatur-club-2.html
2013-11-05 11:17 - 2013-11-04 14:23 - 00028508 _____ C:\Users\Frank\Documents\versanduebersicht-mitgliederuebersicht.xls_1.ods
2013-11-05 11:15 - 2013-11-05 11:15 - 00024576 _____ C:\Users\Frank\Documents\analiticas BISK BALEARIC.xls
2013-11-04 14:05 - 2013-11-04 14:05 - 104867914 _____ C:\windows\SysWOW64\┾ꅛLŔ
2013-11-03 13:42 - 2013-11-03 13:47 - 00000000 ____D C:\Users\Frank\Documents\NewsletterDesigner
2013-11-03 13:42 - 2013-11-03 13:42 - 00000000 ____D C:\Users\Frank\AppData\Roaming\mresreg
2013-11-03 13:42 - 2013-11-03 13:42 - 00000000 ____D C:\Users\Frank\AppData\Roaming\IN-MEDIAKG
2013-11-03 13:39 - 2013-11-11 13:50 - 00000000 ____D C:\Program Files (x86)\NewsletterDesigner
2013-11-03 13:39 - 2013-11-03 13:39 - 00001153 _____ C:\Users\Frank\Desktop\NewsletterDesigner.lnk
2013-11-03 13:39 - 2013-11-03 13:39 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Windows Net Data
2013-11-03 13:39 - 2013-11-03 13:39 - 00000000 ____D C:\Program Files (x86)\mresreg
2013-11-03 13:09 - 2013-11-03 13:09 - 00003370 _____ C:\windows\System32\Tasks\BackgroundContainer Startup Task
2013-11-03 13:08 - 2013-11-24 16:58 - 00000000 ____D C:\Users\Frank\AppData\Local\Conduit
2013-11-03 13:08 - 2013-11-03 13:08 - 00000000 ____D C:\Users\Frank\AppData\Local\NativeMessaging
2013-11-03 13:08 - 2013-11-03 13:08 - 00000000 ____D C:\ProgramData\Conduit
2013-11-03 13:07 - 2013-11-03 13:08 - 00000000 ____D C:\Users\Frank\AppData\Local\CRE
2013-11-03 13:07 - 2013-11-03 13:08 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-11-03 12:59 - 2013-11-03 13:09 - 00000009 _____ C:\END
2013-11-03 12:59 - 2013-11-03 12:59 - 00000140 _____ C:\Users\Frank\Desktop\Amazon.url
2013-11-03 12:58 - 2013-11-03 13:40 - 00000000 ____D C:\Users\Frank\AppData\Local\DownloadGuide
2013-11-03 12:56 - 2013-11-03 12:57 - 00567144 _____ C:\Users\Frank\Downloads\nldsetup-Downloader.exe
2013-11-02 10:13 - 2013-11-02 10:13 - 00021434 _____ C:\Users\Frank\Documents\newsletter-test.html
2013-11-01 13:43 - 2013-11-01 13:43 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Nvu
2013-11-01 13:42 - 2013-11-01 13:43 - 00000000 ____D C:\Program Files (x86)\Nvu
2013-11-01 13:42 - 2013-11-01 13:42 - 06297003 _____ (Thorsten Fritz                                              ) C:\Users\Frank\Downloads\nvu-1.0-win32-installer-de-DE.exe
2013-11-01 13:37 - 2013-11-01 13:37 - 00000000 ____D C:\Users\Frank\Documents\mystical
2013-11-01 13:36 - 2013-11-01 13:36 - 00000000 ____D C:\Users\Frank\Documents\html-vorlage-mail
2013-11-01 12:35 - 2013-11-01 12:35 - 00001456 _____ C:\Users\Frank\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-10-31 14:52 - 2013-10-30 11:33 - 00028462 _____ C:\Users\Frank\Documents\versanduebersicht-mitgliederuebersicht.xls_0.ods
2013-10-31 11:12 - 2013-10-31 11:21 - 00000000 ____D C:\AdwCleaner
2013-10-31 11:12 - 2013-10-31 11:12 - 01060070 _____ C:\Users\Frank\Downloads\adwcleaner-3.010.exe
2013-10-31 10:58 - 2013-10-31 10:58 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Frank\Downloads\SpyHunter-Installer.exe
2013-10-30 12:41 - 2013-08-13 08:38 - 00032328 _____ C:\windows\Launcher.exe
2013-10-30 09:32 - 2013-10-30 09:32 - 00070656 _____ C:\Users\Frank\Documents\Bodega Maruccia 28.10.13.xls
2013-10-28 14:22 - 2013-10-28 14:22 - 00064000 _____ C:\Users\Frank\Documents\Maruccia1
2013-10-28 14:19 - 2013-10-28 14:19 - 103734365 _____ C:\windows\SysWOW64\楁烬Lŝ

==================== One Month Modified Files and Folders =======

2013-11-24 17:13 - 2013-11-24 17:12 - 00021988 _____ C:\Users\Frank\Downloads\FRST.txt
2013-11-24 17:13 - 2013-01-20 13:29 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Skype
2013-11-24 17:10 - 2013-11-24 17:10 - 01958440 _____ (Farbar) C:\Users\Frank\Downloads\FRST64 (1).exe
2013-11-24 17:09 - 2013-11-24 17:09 - 01958440 _____ (Farbar) C:\Users\Frank\Downloads\FRST64(1).exe
2013-11-24 17:07 - 2012-12-24 17:23 - 00003592 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-484924946-752710417-643280108-1001
2013-11-24 17:02 - 2013-09-28 16:13 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2013-11-24 17:00 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\sru
2013-11-24 16:58 - 2013-11-03 13:08 - 00000000 ____D C:\Users\Frank\AppData\Local\Conduit
2013-11-24 16:44 - 2012-08-29 03:55 - 01568628 _____ C:\windows\WindowsUpdate.log
2013-11-24 16:29 - 2012-12-28 12:56 - 00001140 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-24 15:48 - 2013-05-17 20:11 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-11-24 13:34 - 2013-01-22 19:55 - 00000000 ____D C:\Users\Frank\AppData\Roaming\SuperMailer
2013-11-24 09:01 - 2013-11-24 09:01 - 00010451 _____ C:\Users\Frank\Downloads\woocommerce-min-max-quantities (1).zip
2013-11-24 08:52 - 2013-11-24 08:52 - 00033055 _____ C:\Users\Frank\Desktop\Addition.txt
2013-11-24 08:51 - 2013-11-24 08:48 - 00033055 _____ C:\Users\Frank\Downloads\Addition.txt
2013-11-24 08:30 - 2013-11-24 08:29 - 00056443 _____ C:\Users\Frank\Desktop\FRST.txt
2013-11-24 08:26 - 2012-12-24 17:30 - 00000000 ____D C:\Users\Frank\AppData\Local\Adobe
2013-11-23 20:25 - 2013-11-23 20:25 - 00000000 ____D C:\FRST
2013-11-23 20:23 - 2013-11-23 20:23 - 01958396 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe
2013-11-22 15:41 - 2012-12-31 16:41 - 00000000 ____D C:\Users\Frank\AppData\Local\CrashDumps
2013-11-22 15:38 - 2013-11-22 15:38 - 04101441 _____ C:\Users\Frank\Downloads\tdsskiller.zip
2013-11-22 15:38 - 2013-11-22 15:38 - 04101441 _____ C:\Users\Frank\Downloads\tdsskiller (1).zip
2013-11-22 15:36 - 2013-11-22 15:36 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Frank\Downloads\tdsskiller.exe
2013-11-22 14:29 - 2012-12-28 12:56 - 00001136 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-22 08:41 - 2013-06-23 17:38 - 00000000 ____D C:\Program Files (x86)\StarMoney Business 6.0
2013-11-22 06:19 - 2013-01-23 12:51 - 00000000 ____D C:\Program Files (x86)\StarMoney 8.0
2013-11-21 23:08 - 2013-03-01 08:53 - 00089600 ___SH C:\Users\Frank\Documents\Thumbs.db
2013-11-21 23:00 - 2013-04-24 16:37 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0
2013-11-21 10:36 - 2013-10-16 09:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-21 10:36 - 2012-12-27 10:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-21 08:36 - 2012-08-29 20:12 - 02684562 _____ C:\windows\system32\perfh007.dat
2013-11-21 08:36 - 2012-08-29 20:12 - 00739004 _____ C:\windows\system32\perfc007.dat
2013-11-21 08:36 - 2012-07-26 08:28 - 00006048 _____ C:\windows\system32\PerfStringBackup.INI
2013-11-21 08:35 - 2012-07-26 09:12 - 00000000 ____D C:\windows\AUInstallAgent
2013-11-20 12:34 - 2012-12-30 11:31 - 518587392 _____ C:\Users\Frank\Documents\archive1.pst
2013-11-20 12:34 - 2012-12-27 17:05 - 00000000 ____D C:\Users\Frank\Documents\Outlook-Dateien
2013-11-19 16:33 - 2012-08-29 04:43 - 00000000 ____D C:\ProgramData\WinClon
2013-11-19 16:24 - 2013-11-19 16:23 - 04979632 _____ C:\windows\system32\FNTCACHE.DAT
2013-11-19 16:24 - 2012-07-26 08:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-11-19 16:23 - 2012-08-05 22:07 - 00835702 _____ C:\windows\PFRO.log
2013-11-19 16:22 - 2012-07-26 06:26 - 00524288 ___SH C:\windows\system32\config\BBI
2013-11-19 16:19 - 2013-05-10 21:20 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2013-11-19 16:19 - 2013-05-10 15:14 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2013-11-19 16:19 - 2013-05-10 15:14 - 00106904 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2013-11-19 16:19 - 2013-05-10 15:14 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2013-11-19 13:53 - 2013-11-19 13:53 - 00001941 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-19 13:53 - 2013-11-19 13:53 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-19 13:50 - 2013-11-19 13:50 - 01034531 _____ (Thisisu) C:\Users\Frank\Downloads\JRT (1).exe
2013-11-19 13:50 - 2013-11-15 10:50 - 00000000 ____D C:\Users\Frank\AppData\Roaming\XnView
2013-11-19 13:49 - 2013-11-19 13:49 - 00000000 ____D C:\windows\ERUNT
2013-11-19 13:49 - 2013-11-19 13:48 - 01034531 _____ (Thisisu) C:\Users\Frank\Downloads\JRT.exe
2013-11-18 13:28 - 2013-11-18 12:13 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-18 13:28 - 2013-11-18 12:12 - 00000000 ____D C:\Users\Frank\Desktop\mbar
2013-11-18 12:20 - 2013-05-06 12:26 - 00001793 _____ C:\windows\SysWOW64\InstallUtil.InstallLog
2013-11-18 12:14 - 2013-11-18 12:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 12:13 - 2013-11-18 12:13 - 00116440 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2013-11-18 12:12 - 2013-11-18 12:12 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Frank\Downloads\mbar-1.07.0.1007.exe
2013-11-18 12:12 - 2013-11-18 12:12 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2013-11-16 16:45 - 2012-07-26 09:12 - 00000000 ____D C:\windows\rescache
2013-11-16 11:14 - 2013-11-16 11:14 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-11-16 11:14 - 2013-05-17 20:11 - 00003772 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-11-16 10:49 - 2012-07-26 09:12 - 00000000 ___RD C:\windows\ToastData
2013-11-16 10:49 - 2012-07-26 09:12 - 00000000 ____D C:\windows\WinStore
2013-11-16 10:17 - 2013-11-16 10:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 15:14 - 2013-11-15 15:14 - 00018117 _____ C:\Users\Frank\Documents\versandliste-porsche.odt
2013-11-15 14:51 - 2013-03-17 18:40 - 00000000 ____D C:\Users\Frank\.gimp-2.8
2013-11-15 12:12 - 2013-11-15 12:12 - 00001793 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-15 12:12 - 2013-11-15 12:11 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-15 12:12 - 2013-11-15 12:11 - 00000000 ____D C:\Program Files\iTunes
2013-11-15 12:12 - 2013-11-15 12:11 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-15 12:11 - 2013-11-15 12:11 - 00000000 ____D C:\Program Files\iPod
2013-11-15 10:50 - 2013-11-15 10:50 - 00000925 _____ C:\Users\Frank\Desktop\XnView.lnk
2013-11-15 10:49 - 2013-11-15 10:49 - 00000000 ____D C:\Program Files (x86)\XnView
2013-11-15 10:48 - 2013-11-15 10:45 - 15211760 _____ (Gougelet Pierre-e                                           ) C:\Users\Frank\Downloads\XnView-win-full_2.05.exe
2013-11-15 10:42 - 2013-11-15 10:42 - 00002656 _____ C:\Users\Frank\AppData\Local\recently-used.xbel
2013-11-14 08:55 - 2013-11-14 08:55 - 00001957 _____ C:\Users\Public\Desktop\Sonos.lnk
2013-11-14 08:55 - 2013-09-28 16:13 - 00000000 ____D C:\Program Files (x86)\Sonos
2013-11-14 08:55 - 2012-12-28 10:06 - 00000000 ____D C:\Users\Frank\AppData\Local\Downloaded Installations
2013-11-13 10:42 - 2012-12-27 16:04 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-13 10:35 - 2013-08-14 07:37 - 00000000 ____D C:\windows\system32\MRT
2013-11-13 10:30 - 2012-12-28 09:34 - 82896128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-11-12 10:04 - 2013-11-05 12:03 - 00002184 _____ C:\Users\Frank\Documents\signatur-club-3.html
2013-11-11 17:18 - 2013-11-11 17:18 - 00001091 _____ C:\Users\Frank\Downloads\Bilder - Verknüpfung.lnk
2013-11-11 14:04 - 2013-11-11 14:04 - 01116492 _____ C:\Users\Frank\Downloads\codestyling-localization.1.99.30.zip
2013-11-11 14:01 - 2013-11-11 14:01 - 00023749 _____ C:\Users\Frank\Documents\sdfks.html
2013-11-11 13:50 - 2013-11-03 13:39 - 00000000 ____D C:\Program Files (x86)\NewsletterDesigner
2013-11-07 17:14 - 2013-11-07 17:14 - 00000200 _____ C:\Users\Frank\Documents\wordpress.txt
2013-11-07 16:15 - 2013-11-07 16:15 - 00010451 _____ C:\Users\Frank\Downloads\woocommerce-min-max-quantities.zip
2013-11-06 16:38 - 2013-11-06 16:38 - 00466494 _____ C:\Users\Frank\Documents\maruccia_stempel.eps
2013-11-05 23:58 - 2013-11-16 10:55 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-11-05 23:58 - 2013-11-16 10:55 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-05 16:21 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\NDF
2013-11-05 16:04 - 2013-01-09 09:42 - 00386048 ___SH C:\Users\Frank\Desktop\Thumbs.db
2013-11-05 12:07 - 2013-11-05 12:07 - 00001490 _____ C:\Users\Frank\Documents\signatur-club-4.html
2013-11-05 12:04 - 2013-06-30 17:27 - 00000000 ____D C:\Users\Frank\AppData\Local\Windows Live
2013-11-05 12:02 - 2013-11-05 12:01 - 00002232 _____ C:\Users\Frank\Documents\signatur-club-2.html
2013-11-05 11:56 - 2013-07-08 09:18 - 00001490 _____ C:\Users\Frank\Documents\signatur-club.html
2013-11-05 11:15 - 2013-11-05 11:15 - 00024576 _____ C:\Users\Frank\Documents\analiticas BISK BALEARIC.xls
2013-11-04 14:23 - 2013-11-05 11:17 - 00028508 _____ C:\Users\Frank\Documents\versanduebersicht-mitgliederuebersicht.xls_1.ods
2013-11-04 14:05 - 2013-11-04 14:05 - 104867914 _____ C:\windows\SysWOW64\┾ꅛLŔ
2013-11-03 13:47 - 2013-11-03 13:42 - 00000000 ____D C:\Users\Frank\Documents\NewsletterDesigner
2013-11-03 13:42 - 2013-11-03 13:42 - 00000000 ____D C:\Users\Frank\AppData\Roaming\mresreg
2013-11-03 13:42 - 2013-11-03 13:42 - 00000000 ____D C:\Users\Frank\AppData\Roaming\IN-MEDIAKG
2013-11-03 13:42 - 2013-06-04 11:17 - 00006050 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2013-11-03 13:40 - 2013-11-03 12:58 - 00000000 ____D C:\Users\Frank\AppData\Local\DownloadGuide
2013-11-03 13:39 - 2013-11-03 13:39 - 00001153 _____ C:\Users\Frank\Desktop\NewsletterDesigner.lnk
2013-11-03 13:39 - 2013-11-03 13:39 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Windows Net Data
2013-11-03 13:39 - 2013-11-03 13:39 - 00000000 ____D C:\Program Files (x86)\mresreg
2013-11-03 13:09 - 2013-11-03 13:09 - 00003370 _____ C:\windows\System32\Tasks\BackgroundContainer Startup Task
2013-11-03 13:09 - 2013-11-03 12:59 - 00000009 _____ C:\END
2013-11-03 13:08 - 2013-11-03 13:08 - 00000000 ____D C:\Users\Frank\AppData\Local\NativeMessaging
2013-11-03 13:08 - 2013-11-03 13:08 - 00000000 ____D C:\ProgramData\Conduit
2013-11-03 13:08 - 2013-11-03 13:07 - 00000000 ____D C:\Users\Frank\AppData\Local\CRE
2013-11-03 13:08 - 2013-11-03 13:07 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-11-03 12:59 - 2013-11-03 12:59 - 00000140 _____ C:\Users\Frank\Desktop\Amazon.url
2013-11-03 12:57 - 2013-11-03 12:56 - 00567144 _____ C:\Users\Frank\Downloads\nldsetup-Downloader.exe
2013-11-02 10:13 - 2013-11-02 10:13 - 00021434 _____ C:\Users\Frank\Documents\newsletter-test.html
2013-11-01 13:43 - 2013-11-01 13:43 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Nvu
2013-11-01 13:43 - 2013-11-01 13:42 - 00000000 ____D C:\Program Files (x86)\Nvu
2013-11-01 13:43 - 2012-12-24 17:15 - 00000000 ____D C:\Users\Frank\AppData\Local\VirtualStore
2013-11-01 13:42 - 2013-11-01 13:42 - 06297003 _____ (Thorsten Fritz                                              ) C:\Users\Frank\Downloads\nvu-1.0-win32-installer-de-DE.exe
2013-11-01 13:37 - 2013-11-01 13:37 - 00000000 ____D C:\Users\Frank\Documents\mystical
2013-11-01 13:36 - 2013-11-01 13:36 - 00000000 ____D C:\Users\Frank\Documents\html-vorlage-mail
2013-11-01 12:35 - 2013-11-01 12:35 - 00001456 _____ C:\Users\Frank\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-11-01 12:34 - 2012-12-24 17:16 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Adobe
2013-11-01 08:57 - 2013-01-22 19:55 - 00000000 ____D C:\Program Files\SuperMailer
2013-10-31 11:21 - 2013-10-31 11:12 - 00000000 ____D C:\AdwCleaner
2013-10-31 11:21 - 2013-08-25 11:40 - 00000000 ____D C:\windows\System32\Tasks\Browser Updater
2013-10-31 11:21 - 2013-04-21 19:13 - 00000000 ____D C:\windows\System32\Tasks\ProtectedSearch
2013-10-31 11:21 - 2013-03-10 17:30 - 00000000 ____D C:\Users\Frank\AppData\Roaming\CheckPoint
2013-10-31 11:12 - 2013-10-31 11:12 - 01060070 _____ C:\Users\Frank\Downloads\adwcleaner-3.010.exe
2013-10-31 10:58 - 2013-10-31 10:58 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Frank\Downloads\SpyHunter-Installer.exe
2013-10-30 11:33 - 2013-10-31 14:52 - 00028462 _____ C:\Users\Frank\Documents\versanduebersicht-mitgliederuebersicht.xls_0.ods
2013-10-30 09:32 - 2013-10-30 09:32 - 00070656 _____ C:\Users\Frank\Documents\Bodega Maruccia 28.10.13.xls
2013-10-28 14:22 - 2013-10-28 14:22 - 00064000 _____ C:\Users\Frank\Documents\Maruccia1
2013-10-28 14:19 - 2013-10-28 14:19 - 103734365 _____ C:\windows\SysWOW64\楁烬Lŝ

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe


Some content of TEMP:
====================
C:\Users\Frank\AppData\Local\Temp\avgnt.exe
C:\Users\Frank\AppData\Local\Temp\tbRadi.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-19 10:14

==================== End Of Log ============================

--- --- ---

aharonov · 24.11.2013, 17:47

Hast du den AdwCleaner ausgeführt..?

frama63 · 24.11.2013, 17:49

bin gerade dabei

aharonov · 24.11.2013, 17:50

Die Anleitungen bitte immer der Reihe nach abarbeiten. Mach dann nach dem AdwCleaner-Durchlauf nochmals ein frisches FRST-Log und poste dieses ebenfalls.

frama63 · 24.11.2013, 18:38

jetzt aber ;-)
FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-11-2013
Ran by Frank (administrator) on BODEGA_MARUCCIA on 24-11-2013 18:33:15
Running from C:\Users\Frank\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SERVEREXP2008\MSSQL\Binn\sqlservr.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney Business 6.0\ouservice\StarMoneyOnlineUpdate.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Copernic Inc.) C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Sonos, Inc.) C:\Program Files (x86)\Sonos\Sonos.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Frank\Downloads\FRST64 (2).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2872176 2012-10-09] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-09-29] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-09-29] (Atheros Communications)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKCU\...\Run: [HP Officejet Pro 8600 (NET)] - C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
HKCU\...\Run: [Copernic Desktop Search - Home] - C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe [1692200 2013-01-28] (Copernic Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [AppEx Accelerator UI] - C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe [1000288 2012-05-22] (AppEx Networks Corporation)
HKCU\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1315144 2013-09-04] (Apple Inc.)
HKCU\...\Runonce: [Application Restart #5] - C:\Users\Frank\AppData\Local\Pokki\Engine\pokki.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Frank\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --flag-switches-begin --flag-switches-end --restore-last-session
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [AllShareAgent] - C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-01-19] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-10-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [606024 2013-09-19] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
AppInit_DLLs: C:\Windows\System32\    [0 ] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 
SearchScopes: HKLM - {CE5A0938-A9F2-4A8B-B1A8-3A688B23C7DF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - {CE5A0938-A9F2-4A8B-B1A8-3A688B23C7DF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - {41E3EBB7-1E81-4672-8597-63F4ED4807EE} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3317892&CUI=UN24908529903248031&UM=2
SearchScopes: HKCU - {8A45B80F-B0E1-432F-90AB-1A7FA99091FF} URL = hxxp://search.certified-toolbar.com?si=42820&st=bs&tid=3347&q={searchTerms}
SearchScopes: HKCU - {CE5A0938-A9F2-4A8B-B1A8-3A688B23C7DF} URL = 
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: visualbee Helper Object - {66F57190-01EB-45A6-8260-7895267209F7} - C:\Program Files (x86)\visualbee\visualbee\1.8.9.1\bh\visualbee.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: HomeTab - {9fdfb66c-713b-4201-83a6-5b78ae227b41} - C:\Users\Frank\AppData\Roaming\HomeTab\HomeTab.dll No File
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - HomeTab - {9fdfb66c-713b-4201-83a6-5b78ae227b41} - C:\Users\Frank\AppData\Roaming\HomeTab\HomeTab.dll No File
Toolbar: HKLM-x32 - visualbee Toolbar - {610AF794-9293-4129-9FAF-A81BBDFBFA14} - C:\Program Files (x86)\visualbee\visualbee\1.8.9.1\visualbeeTlbr.dll No File
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\xh8uu50j.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HomeTab - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\xh8uu50j.default\Extensions\{9c72a7f0-9ced-4876-80b8-2cebdc068f07}
FF Extension: No Name - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\xh8uu50j.default\Extensions\WTB_GLOBAL.sqlite
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKCU\...\Firefox\Extensions: [{57319509-7821-41B0-9FDF-3B58F146AE33}] - c:\program files (x86)\copernic desktop search - home\firefoxconnector
FF Extension: Copernic Desktop Search - Search Firefox content - c:\program files (x86)\copernic desktop search - home\firefoxconnector

Chrome: 
=======
CHR RestoreOnStartup: "hxxp://www.google.de/", "hxxp://www.maruccia.com/", "about:newtab?source=home"
CHR DefaultSearchURL: (google.de) - hxxp://www.google.de/search?hl=de&tbo=d&output=search&sclient=psy-ab&q={searchTerms}&btnG=
CHR DefaultSuggestURL: (google.de) -       "suggest_url": "",
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Wallet) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM-x32\...\Chrome\Extension: [cfigonhgidedenkkhlilmefgodjpefna] - C:\Users\Frank\AppData\Local\CRE\cfigonhgidedenkkhlilmefgodjpefna.crx
CHR HKLM-x32\...\Chrome\Extension: [npgpgjiajblpbldjkelafjjhfjcddlba] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-29] (Qualcomm Atheros Commnucations)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-09-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-09-19] (BlueStack Systems, Inc.)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-08-26] (Samsung Electronics CO., LTD.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [90992 2012-10-09] (ELAN Microelectronics Corp.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MSSQL$SERVEREXP2008; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SERVEREXP2008\MSSQL\Binn\sqlservr.exe [43028328 2011-09-22] (Microsoft Corporation)
S3 Samsung UPD Service2; C:\windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics)
S4 SQLAgent$SERVEREXP2008; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SERVEREXP2008\MSSQL\Binn\SQLAGENT.EXE [370024 2011-09-22] (Microsoft Corporation)
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2013-10-11] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 StarMoney Business 6.0 OnlineUpdate; C:\Program Files (x86)\StarMoney Business 6.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2013-10-11] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-29] (Atheros)

==================== Drivers (Whitelisted) ====================

R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-18] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106904 2013-11-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132600 2013-11-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-09-19] (BlueStack Systems)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-29] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [610136 2012-11-15] (Kaspersky Lab)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-10-08] (Windows (R) 2003 DDK 3790 provider)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [89944 2012-11-15] (Kaspersky Lab)
S3 SBIOSIO; \??\C:\Users\Frank\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [x]
S3 UCORESYS; \??\C:\windiag\ReadDMI8\UCORESYS.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-24 18:33 - 2013-11-24 18:33 - 00021162 _____ C:\Users\Frank\Downloads\FRST.txt
2013-11-24 18:32 - 2013-11-24 18:32 - 01958440 _____ (Farbar) C:\Users\Frank\Downloads\FRST64 (2).exe
2013-11-24 17:45 - 2013-11-24 17:45 - 01091882 _____ C:\Users\Frank\Downloads\adwcleaner.exe
2013-11-24 17:10 - 2013-11-24 17:10 - 01958440 _____ (Farbar) C:\Users\Frank\Downloads\FRST64 (1).exe
2013-11-24 17:09 - 2013-11-24 17:09 - 01958440 _____ (Farbar) C:\Users\Frank\Downloads\FRST64(1).exe
2013-11-24 09:01 - 2013-11-24 09:01 - 00010451 _____ C:\Users\Frank\Downloads\woocommerce-min-max-quantities (1).zip
2013-11-24 08:52 - 2013-11-24 08:52 - 00033055 _____ C:\Users\Frank\Desktop\Addition.txt
2013-11-24 08:48 - 2013-11-24 08:51 - 00033055 _____ C:\Users\Frank\Downloads\Addition.txt
2013-11-24 08:29 - 2013-11-24 08:30 - 00056443 _____ C:\Users\Frank\Desktop\FRST.txt
2013-11-23 20:25 - 2013-11-23 20:25 - 00000000 ____D C:\FRST
2013-11-23 20:23 - 2013-11-23 20:23 - 01958396 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe
2013-11-22 15:38 - 2013-11-22 15:38 - 04101441 _____ C:\Users\Frank\Downloads\tdsskiller.zip
2013-11-22 15:38 - 2013-11-22 15:38 - 04101441 _____ C:\Users\Frank\Downloads\tdsskiller (1).zip
2013-11-22 15:36 - 2013-11-22 15:36 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Frank\Downloads\tdsskiller.exe
2013-11-19 16:23 - 2013-11-19 16:24 - 04979632 _____ C:\windows\system32\FNTCACHE.DAT
2013-11-19 13:53 - 2013-11-19 13:53 - 00001941 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-19 13:53 - 2013-11-19 13:53 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-19 13:50 - 2013-11-19 13:50 - 01034531 _____ (Thisisu) C:\Users\Frank\Downloads\JRT (1).exe
2013-11-19 13:49 - 2013-11-19 13:49 - 00000000 ____D C:\windows\ERUNT
2013-11-19 13:48 - 2013-11-19 13:49 - 01034531 _____ (Thisisu) C:\Users\Frank\Downloads\JRT.exe
2013-11-18 12:14 - 2013-11-18 12:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 12:13 - 2013-11-18 13:28 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-18 12:13 - 2013-11-18 12:13 - 00116440 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2013-11-18 12:12 - 2013-11-18 13:28 - 00000000 ____D C:\Users\Frank\Desktop\mbar
2013-11-18 12:12 - 2013-11-18 12:12 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Frank\Downloads\mbar-1.07.0.1007.exe
2013-11-18 12:12 - 2013-11-18 12:12 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2013-11-16 11:14 - 2013-11-16 11:14 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-11-16 10:55 - 2013-11-05 23:58 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-11-16 10:55 - 2013-11-05 23:58 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-16 10:17 - 2013-11-16 10:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 15:14 - 2013-11-15 15:14 - 00018117 _____ C:\Users\Frank\Documents\versandliste-porsche.odt
2013-11-15 12:12 - 2013-11-15 12:12 - 00001793 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-15 12:11 - 2013-11-15 12:12 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-15 12:11 - 2013-11-15 12:12 - 00000000 ____D C:\Program Files\iTunes
2013-11-15 12:11 - 2013-11-15 12:12 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-15 12:11 - 2013-11-15 12:11 - 00000000 ____D C:\Program Files\iPod
2013-11-15 10:50 - 2013-11-19 13:50 - 00000000 ____D C:\Users\Frank\AppData\Roaming\XnView
2013-11-15 10:50 - 2013-11-15 10:50 - 00000925 _____ C:\Users\Frank\Desktop\XnView.lnk
2013-11-15 10:49 - 2013-11-15 10:49 - 00000000 ____D C:\Program Files (x86)\XnView
2013-11-15 10:45 - 2013-11-15 10:48 - 15211760 _____ (Gougelet Pierre-e                                           ) C:\Users\Frank\Downloads\XnView-win-full_2.05.exe
2013-11-15 10:42 - 2013-11-15 10:42 - 00002656 _____ C:\Users\Frank\AppData\Local\recently-used.xbel
2013-11-14 08:55 - 2013-11-14 08:55 - 00001957 _____ C:\Users\Public\Desktop\Sonos.lnk
2013-11-13 09:53 - 2013-10-10 12:53 - 00096600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2013-11-13 09:53 - 2013-10-10 10:21 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-11-13 09:53 - 2013-10-10 10:20 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2013-11-13 09:53 - 2013-09-14 02:15 - 00059416 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2013-11-13 09:53 - 2013-09-13 23:36 - 00628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2013-11-13 09:53 - 2013-09-13 23:36 - 00247296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2013-11-13 09:53 - 2013-09-13 23:36 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2013-11-13 09:53 - 2013-09-13 23:36 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2013-11-13 09:53 - 2013-09-13 23:36 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2013-11-13 09:53 - 2013-09-13 23:34 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2013-11-13 09:53 - 2013-09-13 23:33 - 03279360 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 01622016 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00773120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00328192 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00252928 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2013-11-13 09:53 - 2013-08-30 06:43 - 00061784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\crashdmp.sys
2013-11-13 09:53 - 2013-08-30 06:20 - 01173504 _____ (Microsoft Corporation) C:\windows\system32\UIAutomationCore.dll
2013-11-13 09:53 - 2013-08-30 00:48 - 00914432 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAutomationCore.dll
2013-11-13 09:53 - 2013-08-21 07:39 - 00465240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2013-11-13 09:53 - 2013-08-10 07:30 - 00151896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2013-11-13 09:53 - 2013-08-10 06:21 - 00817152 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2013-11-13 09:53 - 2013-08-10 04:58 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2013-11-13 09:53 - 2013-07-25 00:10 - 10799104 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2013-11-13 09:53 - 2013-07-25 00:07 - 13661696 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2013-11-13 09:53 - 2013-07-12 02:38 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2013-11-13 09:53 - 2013-07-12 02:30 - 00485376 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2013-11-13 09:52 - 2013-10-03 00:25 - 01300992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-11-13 09:52 - 2013-10-02 00:37 - 01569280 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2013-11-13 09:52 - 2013-10-02 00:26 - 01890816 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-11-13 09:52 - 2013-10-01 23:22 - 01022976 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2013-11-13 09:52 - 2013-09-23 23:30 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-11-13 09:52 - 2013-09-23 23:30 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2013-11-13 09:52 - 2013-09-04 04:11 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2013-11-13 09:52 - 2013-08-23 08:22 - 02062848 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2013-11-13 09:52 - 2013-08-23 02:44 - 01711616 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2013-11-13 09:51 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-13 09:51 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-13 09:51 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-13 09:51 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-13 09:51 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-13 09:51 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-13 09:51 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-13 09:51 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-13 09:51 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-13 09:51 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-13 09:51 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-13 09:50 - 2013-10-02 00:37 - 02035712 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2013-11-13 09:50 - 2013-10-02 00:26 - 02304512 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-11-11 17:18 - 2013-11-11 17:18 - 00001091 _____ C:\Users\Frank\Downloads\Bilder - Verknüpfung.lnk
2013-11-11 14:04 - 2013-11-11 14:04 - 01116492 _____ C:\Users\Frank\Downloads\codestyling-localization.1.99.30.zip
2013-11-11 14:01 - 2013-11-11 14:01 - 00023749 _____ C:\Users\Frank\Documents\sdfks.html
2013-11-07 17:14 - 2013-11-07 17:14 - 00000200 _____ C:\Users\Frank\Documents\wordpress.txt
2013-11-07 16:15 - 2013-11-07 16:15 - 00010451 _____ C:\Users\Frank\Downloads\woocommerce-min-max-quantities.zip
2013-11-06 16:38 - 2013-11-06 16:38 - 00466494 _____ C:\Users\Frank\Documents\maruccia_stempel.eps
2013-11-05 12:07 - 2013-11-05 12:07 - 00001490 _____ C:\Users\Frank\Documents\signatur-club-4.html
2013-11-05 12:03 - 2013-11-12 10:04 - 00002184 _____ C:\Users\Frank\Documents\signatur-club-3.html
2013-11-05 12:01 - 2013-11-05 12:02 - 00002232 _____ C:\Users\Frank\Documents\signatur-club-2.html
2013-11-05 11:17 - 2013-11-04 14:23 - 00028508 _____ C:\Users\Frank\Documents\versanduebersicht-mitgliederuebersicht.xls_1.ods
2013-11-05 11:15 - 2013-11-05 11:15 - 00024576 _____ C:\Users\Frank\Documents\analiticas BISK BALEARIC.xls
2013-11-04 14:05 - 2013-11-04 14:05 - 104867914 _____ C:\windows\SysWOW64\┾ꅛLŔ
2013-11-03 13:42 - 2013-11-03 13:47 - 00000000 ____D C:\Users\Frank\Documents\NewsletterDesigner
2013-11-03 13:42 - 2013-11-03 13:42 - 00000000 ____D C:\Users\Frank\AppData\Roaming\mresreg
2013-11-03 13:42 - 2013-11-03 13:42 - 00000000 ____D C:\Users\Frank\AppData\Roaming\IN-MEDIAKG
2013-11-03 13:39 - 2013-11-11 13:50 - 00000000 ____D C:\Program Files (x86)\NewsletterDesigner
2013-11-03 13:39 - 2013-11-03 13:39 - 00001153 _____ C:\Users\Frank\Desktop\NewsletterDesigner.lnk
2013-11-03 13:39 - 2013-11-03 13:39 - 00000000 ____D C:\Program Files (x86)\mresreg
2013-11-03 13:08 - 2013-11-03 13:08 - 00000000 ____D C:\Users\Frank\AppData\Local\NativeMessaging
2013-11-03 13:07 - 2013-11-03 13:08 - 00000000 ____D C:\Users\Frank\AppData\Local\CRE
2013-11-03 12:59 - 2013-11-03 12:59 - 00000140 _____ C:\Users\Frank\Desktop\Amazon.url
2013-11-03 12:56 - 2013-11-03 12:57 - 00567144 _____ C:\Users\Frank\Downloads\nldsetup-Downloader.exe
2013-11-02 10:13 - 2013-11-02 10:13 - 00021434 _____ C:\Users\Frank\Documents\newsletter-test.html
2013-11-01 13:43 - 2013-11-01 13:43 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Nvu
2013-11-01 13:42 - 2013-11-01 13:43 - 00000000 ____D C:\Program Files (x86)\Nvu
2013-11-01 13:42 - 2013-11-01 13:42 - 06297003 _____ (Thorsten Fritz                                              ) C:\Users\Frank\Downloads\nvu-1.0-win32-installer-de-DE.exe
2013-11-01 13:37 - 2013-11-01 13:37 - 00000000 ____D C:\Users\Frank\Documents\mystical
2013-11-01 13:36 - 2013-11-01 13:36 - 00000000 ____D C:\Users\Frank\Documents\html-vorlage-mail
2013-11-01 12:35 - 2013-11-01 12:35 - 00001456 _____ C:\Users\Frank\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-10-31 14:52 - 2013-10-30 11:33 - 00028462 _____ C:\Users\Frank\Documents\versanduebersicht-mitgliederuebersicht.xls_0.ods
2013-10-31 11:12 - 2013-11-24 18:05 - 00000000 ____D C:\AdwCleaner
2013-10-31 11:12 - 2013-10-31 11:12 - 01060070 _____ C:\Users\Frank\Downloads\adwcleaner-3.010.exe
2013-10-31 10:58 - 2013-10-31 10:58 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Frank\Downloads\SpyHunter-Installer.exe
2013-10-30 12:41 - 2013-08-13 08:38 - 00032328 _____ C:\windows\Launcher.exe
2013-10-30 09:32 - 2013-10-30 09:32 - 00070656 _____ C:\Users\Frank\Documents\Bodega Maruccia 28.10.13.xls
2013-10-28 14:22 - 2013-10-28 14:22 - 00064000 _____ C:\Users\Frank\Documents\Maruccia1
2013-10-28 14:19 - 2013-10-28 14:19 - 103734365 _____ C:\windows\SysWOW64\楁烬Lŝ

==================== One Month Modified Files and Folders =======

2013-11-24 18:33 - 2013-11-24 18:33 - 00021162 _____ C:\Users\Frank\Downloads\FRST.txt
2013-11-24 18:32 - 2013-11-24 18:32 - 01958440 _____ (Farbar) C:\Users\Frank\Downloads\FRST64 (2).exe
2013-11-24 18:29 - 2012-12-28 12:56 - 00001140 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-24 18:18 - 2013-01-20 13:29 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Skype
2013-11-24 18:18 - 2012-08-29 03:55 - 01650895 _____ C:\windows\WindowsUpdate.log
2013-11-24 18:11 - 2012-08-29 20:12 - 02716154 _____ C:\windows\system32\perfh007.dat
2013-11-24 18:11 - 2012-08-29 20:12 - 00748476 _____ C:\windows\system32\perfc007.dat
2013-11-24 18:11 - 2012-07-26 08:28 - 00006048 _____ C:\windows\system32\PerfStringBackup.INI
2013-11-24 18:10 - 2012-08-29 04:43 - 00000000 ____D C:\ProgramData\WinClon
2013-11-24 18:10 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\NDF
2013-11-24 18:09 - 2012-12-30 11:31 - 518587392 _____ C:\Users\Frank\Documents\archive1.pst
2013-11-24 18:09 - 2012-12-27 17:05 - 00000000 ____D C:\Users\Frank\Documents\Outlook-Dateien
2013-11-24 18:08 - 2013-09-28 16:13 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2013-11-24 18:08 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\sru
2013-11-24 18:06 - 2012-12-28 12:56 - 00001136 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-24 18:06 - 2012-07-26 08:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-11-24 18:05 - 2013-10-31 11:12 - 00000000 ____D C:\AdwCleaner
2013-11-24 18:05 - 2012-07-26 06:26 - 00524288 ___SH C:\windows\system32\config\BBI
2013-11-24 17:53 - 2012-12-27 10:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-24 17:53 - 2012-08-05 22:07 - 00836744 _____ C:\windows\PFRO.log
2013-11-24 17:48 - 2013-05-17 20:11 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-11-24 17:45 - 2013-11-24 17:45 - 01091882 _____ C:\Users\Frank\Downloads\adwcleaner.exe
2013-11-24 17:30 - 2012-12-24 17:23 - 00003594 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-484924946-752710417-643280108-1001
2013-11-24 17:10 - 2013-11-24 17:10 - 01958440 _____ (Farbar) C:\Users\Frank\Downloads\FRST64 (1).exe
2013-11-24 17:09 - 2013-11-24 17:09 - 01958440 _____ (Farbar) C:\Users\Frank\Downloads\FRST64(1).exe
2013-11-24 13:34 - 2013-01-22 19:55 - 00000000 ____D C:\Users\Frank\AppData\Roaming\SuperMailer
2013-11-24 09:01 - 2013-11-24 09:01 - 00010451 _____ C:\Users\Frank\Downloads\woocommerce-min-max-quantities (1).zip
2013-11-24 08:52 - 2013-11-24 08:52 - 00033055 _____ C:\Users\Frank\Desktop\Addition.txt
2013-11-24 08:51 - 2013-11-24 08:48 - 00033055 _____ C:\Users\Frank\Downloads\Addition.txt
2013-11-24 08:30 - 2013-11-24 08:29 - 00056443 _____ C:\Users\Frank\Desktop\FRST.txt
2013-11-24 08:26 - 2012-12-24 17:30 - 00000000 ____D C:\Users\Frank\AppData\Local\Adobe
2013-11-23 20:25 - 2013-11-23 20:25 - 00000000 ____D C:\FRST
2013-11-23 20:23 - 2013-11-23 20:23 - 01958396 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe
2013-11-22 15:41 - 2012-12-31 16:41 - 00000000 ____D C:\Users\Frank\AppData\Local\CrashDumps
2013-11-22 15:38 - 2013-11-22 15:38 - 04101441 _____ C:\Users\Frank\Downloads\tdsskiller.zip
2013-11-22 15:38 - 2013-11-22 15:38 - 04101441 _____ C:\Users\Frank\Downloads\tdsskiller (1).zip
2013-11-22 15:36 - 2013-11-22 15:36 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Frank\Downloads\tdsskiller.exe
2013-11-22 08:41 - 2013-06-23 17:38 - 00000000 ____D C:\Program Files (x86)\StarMoney Business 6.0
2013-11-22 06:19 - 2013-01-23 12:51 - 00000000 ____D C:\Program Files (x86)\StarMoney 8.0
2013-11-21 23:08 - 2013-03-01 08:53 - 00089600 ___SH C:\Users\Frank\Documents\Thumbs.db
2013-11-21 23:00 - 2013-04-24 16:37 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0
2013-11-21 10:36 - 2013-10-16 09:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-21 08:35 - 2012-07-26 09:12 - 00000000 ____D C:\windows\AUInstallAgent
2013-11-19 16:24 - 2013-11-19 16:23 - 04979632 _____ C:\windows\system32\FNTCACHE.DAT
2013-11-19 16:19 - 2013-05-10 21:20 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2013-11-19 16:19 - 2013-05-10 15:14 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2013-11-19 16:19 - 2013-05-10 15:14 - 00106904 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2013-11-19 16:19 - 2013-05-10 15:14 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2013-11-19 13:53 - 2013-11-19 13:53 - 00001941 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-19 13:53 - 2013-11-19 13:53 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-19 13:50 - 2013-11-19 13:50 - 01034531 _____ (Thisisu) C:\Users\Frank\Downloads\JRT (1).exe
2013-11-19 13:50 - 2013-11-15 10:50 - 00000000 ____D C:\Users\Frank\AppData\Roaming\XnView
2013-11-19 13:49 - 2013-11-19 13:49 - 00000000 ____D C:\windows\ERUNT
2013-11-19 13:49 - 2013-11-19 13:48 - 01034531 _____ (Thisisu) C:\Users\Frank\Downloads\JRT.exe
2013-11-18 13:28 - 2013-11-18 12:13 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-18 13:28 - 2013-11-18 12:12 - 00000000 ____D C:\Users\Frank\Desktop\mbar
2013-11-18 12:20 - 2013-05-06 12:26 - 00001793 _____ C:\windows\SysWOW64\InstallUtil.InstallLog
2013-11-18 12:14 - 2013-11-18 12:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 12:13 - 2013-11-18 12:13 - 00116440 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2013-11-18 12:12 - 2013-11-18 12:12 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Frank\Downloads\mbar-1.07.0.1007.exe
2013-11-18 12:12 - 2013-11-18 12:12 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2013-11-16 16:45 - 2012-07-26 09:12 - 00000000 ____D C:\windows\rescache
2013-11-16 11:14 - 2013-11-16 11:14 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-11-16 11:14 - 2013-05-17 20:11 - 00003772 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-11-16 10:49 - 2012-07-26 09:12 - 00000000 ___RD C:\windows\ToastData
2013-11-16 10:49 - 2012-07-26 09:12 - 00000000 ____D C:\windows\WinStore
2013-11-16 10:17 - 2013-11-16 10:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 15:14 - 2013-11-15 15:14 - 00018117 _____ C:\Users\Frank\Documents\versandliste-porsche.odt
2013-11-15 14:51 - 2013-03-17 18:40 - 00000000 ____D C:\Users\Frank\.gimp-2.8
2013-11-15 12:12 - 2013-11-15 12:12 - 00001793 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-15 12:12 - 2013-11-15 12:11 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-15 12:12 - 2013-11-15 12:11 - 00000000 ____D C:\Program Files\iTunes
2013-11-15 12:12 - 2013-11-15 12:11 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-15 12:11 - 2013-11-15 12:11 - 00000000 ____D C:\Program Files\iPod
2013-11-15 10:50 - 2013-11-15 10:50 - 00000925 _____ C:\Users\Frank\Desktop\XnView.lnk
2013-11-15 10:49 - 2013-11-15 10:49 - 00000000 ____D C:\Program Files (x86)\XnView
2013-11-15 10:48 - 2013-11-15 10:45 - 15211760 _____ (Gougelet Pierre-e                                           ) C:\Users\Frank\Downloads\XnView-win-full_2.05.exe
2013-11-15 10:42 - 2013-11-15 10:42 - 00002656 _____ C:\Users\Frank\AppData\Local\recently-used.xbel
2013-11-14 08:55 - 2013-11-14 08:55 - 00001957 _____ C:\Users\Public\Desktop\Sonos.lnk
2013-11-14 08:55 - 2013-09-28 16:13 - 00000000 ____D C:\Program Files (x86)\Sonos
2013-11-14 08:55 - 2012-12-28 10:06 - 00000000 ____D C:\Users\Frank\AppData\Local\Downloaded Installations
2013-11-13 10:42 - 2012-12-27 16:04 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-13 10:35 - 2013-08-14 07:37 - 00000000 ____D C:\windows\system32\MRT
2013-11-13 10:30 - 2012-12-28 09:34 - 82896128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-11-12 10:04 - 2013-11-05 12:03 - 00002184 _____ C:\Users\Frank\Documents\signatur-club-3.html
2013-11-11 17:18 - 2013-11-11 17:18 - 00001091 _____ C:\Users\Frank\Downloads\Bilder - Verknüpfung.lnk
2013-11-11 14:04 - 2013-11-11 14:04 - 01116492 _____ C:\Users\Frank\Downloads\codestyling-localization.1.99.30.zip
2013-11-11 14:01 - 2013-11-11 14:01 - 00023749 _____ C:\Users\Frank\Documents\sdfks.html
2013-11-11 13:50 - 2013-11-03 13:39 - 00000000 ____D C:\Program Files (x86)\NewsletterDesigner
2013-11-07 17:14 - 2013-11-07 17:14 - 00000200 _____ C:\Users\Frank\Documents\wordpress.txt
2013-11-07 16:15 - 2013-11-07 16:15 - 00010451 _____ C:\Users\Frank\Downloads\woocommerce-min-max-quantities.zip
2013-11-06 16:38 - 2013-11-06 16:38 - 00466494 _____ C:\Users\Frank\Documents\maruccia_stempel.eps
2013-11-05 23:58 - 2013-11-16 10:55 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-11-05 23:58 - 2013-11-16 10:55 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-05 16:04 - 2013-01-09 09:42 - 00386048 ___SH C:\Users\Frank\Desktop\Thumbs.db
2013-11-05 12:07 - 2013-11-05 12:07 - 00001490 _____ C:\Users\Frank\Documents\signatur-club-4.html
2013-11-05 12:04 - 2013-06-30 17:27 - 00000000 ____D C:\Users\Frank\AppData\Local\Windows Live
2013-11-05 12:02 - 2013-11-05 12:01 - 00002232 _____ C:\Users\Frank\Documents\signatur-club-2.html
2013-11-05 11:56 - 2013-07-08 09:18 - 00001490 _____ C:\Users\Frank\Documents\signatur-club.html
2013-11-05 11:15 - 2013-11-05 11:15 - 00024576 _____ C:\Users\Frank\Documents\analiticas BISK BALEARIC.xls
2013-11-04 14:23 - 2013-11-05 11:17 - 00028508 _____ C:\Users\Frank\Documents\versanduebersicht-mitgliederuebersicht.xls_1.ods
2013-11-04 14:05 - 2013-11-04 14:05 - 104867914 _____ C:\windows\SysWOW64\┾ꅛLŔ
2013-11-03 13:47 - 2013-11-03 13:42 - 00000000 ____D C:\Users\Frank\Documents\NewsletterDesigner
2013-11-03 13:42 - 2013-11-03 13:42 - 00000000 ____D C:\Users\Frank\AppData\Roaming\mresreg
2013-11-03 13:42 - 2013-11-03 13:42 - 00000000 ____D C:\Users\Frank\AppData\Roaming\IN-MEDIAKG
2013-11-03 13:42 - 2013-06-04 11:17 - 00006050 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2013-11-03 13:39 - 2013-11-03 13:39 - 00001153 _____ C:\Users\Frank\Desktop\NewsletterDesigner.lnk
2013-11-03 13:39 - 2013-11-03 13:39 - 00000000 ____D C:\Program Files (x86)\mresreg
2013-11-03 13:08 - 2013-11-03 13:08 - 00000000 ____D C:\Users\Frank\AppData\Local\NativeMessaging
2013-11-03 13:08 - 2013-11-03 13:07 - 00000000 ____D C:\Users\Frank\AppData\Local\CRE
2013-11-03 12:59 - 2013-11-03 12:59 - 00000140 _____ C:\Users\Frank\Desktop\Amazon.url
2013-11-03 12:57 - 2013-11-03 12:56 - 00567144 _____ C:\Users\Frank\Downloads\nldsetup-Downloader.exe
2013-11-02 10:13 - 2013-11-02 10:13 - 00021434 _____ C:\Users\Frank\Documents\newsletter-test.html
2013-11-01 13:43 - 2013-11-01 13:43 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Nvu
2013-11-01 13:43 - 2013-11-01 13:42 - 00000000 ____D C:\Program Files (x86)\Nvu
2013-11-01 13:43 - 2012-12-24 17:15 - 00000000 ____D C:\Users\Frank\AppData\Local\VirtualStore
2013-11-01 13:42 - 2013-11-01 13:42 - 06297003 _____ (Thorsten Fritz                                              ) C:\Users\Frank\Downloads\nvu-1.0-win32-installer-de-DE.exe
2013-11-01 13:37 - 2013-11-01 13:37 - 00000000 ____D C:\Users\Frank\Documents\mystical
2013-11-01 13:36 - 2013-11-01 13:36 - 00000000 ____D C:\Users\Frank\Documents\html-vorlage-mail
2013-11-01 12:35 - 2013-11-01 12:35 - 00001456 _____ C:\Users\Frank\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-11-01 12:34 - 2012-12-24 17:16 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Adobe
2013-11-01 08:57 - 2013-01-22 19:55 - 00000000 ____D C:\Program Files\SuperMailer
2013-10-31 11:21 - 2013-08-25 11:40 - 00000000 ____D C:\windows\System32\Tasks\Browser Updater
2013-10-31 11:21 - 2013-04-21 19:13 - 00000000 ____D C:\windows\System32\Tasks\ProtectedSearch
2013-10-31 11:21 - 2013-03-10 17:30 - 00000000 ____D C:\Users\Frank\AppData\Roaming\CheckPoint
2013-10-31 11:12 - 2013-10-31 11:12 - 01060070 _____ C:\Users\Frank\Downloads\adwcleaner-3.010.exe
2013-10-31 10:58 - 2013-10-31 10:58 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Frank\Downloads\SpyHunter-Installer.exe
2013-10-30 11:33 - 2013-10-31 14:52 - 00028462 _____ C:\Users\Frank\Documents\versanduebersicht-mitgliederuebersicht.xls_0.ods
2013-10-30 09:32 - 2013-10-30 09:32 - 00070656 _____ C:\Users\Frank\Documents\Bodega Maruccia 28.10.13.xls
2013-10-28 14:22 - 2013-10-28 14:22 - 00064000 _____ C:\Users\Frank\Documents\Maruccia1
2013-10-28 14:19 - 2013-10-28 14:19 - 103734365 _____ C:\windows\SysWOW64\楁烬Lŝ

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe


Some content of TEMP:
====================
C:\Users\Frank\AppData\Local\Temp\avgnt.exe
C:\Users\Frank\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-19 10:14

==================== End Of Log ============================

--- --- ---

--- --- ---

und falls notwendig
danke noch malFRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-11-2013
Ran by Frank at 2013-11-24 18:34:51
Running from C:\Users\Frank\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Creative Cloud (x32 Version: 2.1.2.232)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152)
Adobe Photoshop CC (x32 Version: 14.0)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Allshare Play Link (x32 Version: 1.0.0)
AllSharePlayLink (x32 Version: 1.0.0)
AMD Accelerated Video Transcoding (Version: 12.5.100.21010)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Quick Stream (Version: 3.3.26.0)
AMD VISION Engine Control Center (x32 Version: 2012.1010.1519.25530)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
AutoHotkey 1.1.11.01 (Version: 1.1.11.01)
Avira Free Antivirus (x32 Version: 14.0.1.719)
Bandizip (HKCU Version: 3.04)
BlueStacks App Player (x32 Version: 0.7.18.921)
BlueStacks Notification Center (x32 Version: 0.7.18.921)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center InstallProxy (x32 Version: 2012.1010.1519.25530)
Catalyst Control Center Localization All (x32 Version: 2012.1010.1519.25530)
CCC Help Chinese Standard (x32 Version: 2012.1010.1518.25530)
CCC Help Chinese Traditional (x32 Version: 2012.1010.1518.25530)
CCC Help Czech (x32 Version: 2012.1010.1518.25530)
CCC Help Danish (x32 Version: 2012.1010.1518.25530)
CCC Help Dutch (x32 Version: 2012.1010.1518.25530)
CCC Help English (x32 Version: 2012.1010.1518.25530)
CCC Help Finnish (x32 Version: 2012.1010.1518.25530)
CCC Help French (x32 Version: 2012.1010.1518.25530)
CCC Help German (x32 Version: 2012.1010.1518.25530)
CCC Help Greek (x32 Version: 2012.1010.1518.25530)
CCC Help Hungarian (x32 Version: 2012.1010.1518.25530)
CCC Help Italian (x32 Version: 2012.1010.1518.25530)
CCC Help Japanese (x32 Version: 2012.1010.1518.25530)
CCC Help Korean (x32 Version: 2012.1010.1518.25530)
CCC Help Norwegian (x32 Version: 2012.1010.1518.25530)
CCC Help Polish (x32 Version: 2012.1010.1518.25530)
CCC Help Portuguese (x32 Version: 2012.1010.1518.25530)
CCC Help Russian (x32 Version: 2012.1010.1518.25530)
CCC Help Spanish (x32 Version: 2012.1010.1518.25530)
CCC Help Swedish (x32 Version: 2012.1010.1518.25530)
CCC Help Thai (x32 Version: 2012.1010.1518.25530)
CCC Help Turkish (x32 Version: 2012.1010.1518.25530)
ccc-utility64 (Version: 2012.1010.1519.25530)
Copernic Desktop Search - Home (x32)
D3DX10 (x32 Version: 15.4.2368.0902)
DDBAC (x32 Version: 5.3.6)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Easy File Share (x32 Version: 1.3.4)
E-POP (x32 Version: 1.0.1)
ETDWare X64 11.7.5.5_WHQL (Version: 11.7.5.5)
FlashFXP v4.2 (x32 Version: 4.2.5.1813)
Fotogalerie (x32 Version: 16.4.3505.0912)
Free System Utilities (x32 Version: 1.0.0.16)
Free SystemUtilities (x32 Version: 1.0.0.16)
Galerie de photos (x32 Version: 16.4.3505.0912)
GIMP 2.8.4 (Version: 2.8.4)
Google Chrome (x32 Version: 31.0.1650.57)
Google Update Helper (x32 Version: 1.3.21.165)
Help Desk (Version: 1.0.96)
HP ePrint (x32 Version: 6.0.12230.783)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (Version: 28.0.1315.0)
HP Postscript Converter (Version: 3.1.3591)
HP Unified IO (Version: 2.0.0.404)
HP Unified IO (x32 Version: 2.0.0.404)
iCloud (Version: 3.0.2.163)
iFunbox (v2.1.2228.731), iFunbox DevTeam (x32 Version: v2.1.2228.731)
iTunes (Version: 11.1.3.8)
Java 7 Update 21 (x32 Version: 7.0.210)
Java Auto Updater (x32 Version: 2.1.9.5)
Lexware vereinsverwaltung 13 (x32 Version: 13.0)
McAfee Security Scan Plus (Version: 3.8.130.10)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Outlook 2010 (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server 2008 (x32)
Microsoft SQL Server 2008 Browser (x32 Version: 10.3.5500.0)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.3.5500.0)
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.3.5500.0)
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.3.5500.0)
Microsoft SQL Server 2008 Native Client (Version: 10.3.5500.0)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.3.5500.0)
Microsoft SQL Server VSS Writer (Version: 10.3.5500.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 24.1.1)
Mozilla Thunderbird 24.1.1 (x86 de) (x32 Version: 24.1.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
NewsletterDesigner (x32 Version: Aktuelle Version)
Nvu 1.0 (x32 Version: 1.0)
OpenOffice 4.0.1 (x32 Version: 4.01.9714)
PDF Settings CC (x32 Version: 12.0)
PDF24 Creator 5.4.0 (x32)
PDFtk Server version 2.00 (x32 Version: 2.00)
Phase 5 HTML-Editor (x32 Version: 5.6.2.3)
Photo Common (x32 Version: 16.4.3505.0912)
Photo Gallery (x32 Version: 16.4.3505.0912)
Picasa 3 (x32 Version: 3.9)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.210)
Qualcomm Atheros Client Installation Program (x32 Version: 10.0)
Quick Starter (Version: 1.0.2)
Raccolta foto (x32 Version: 16.4.3505.0912)
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6699)
Recovery (x32 Version: 6.0.10.0)
Revo Uninstaller 1.94 (x32 Version: 1.94)
S Agent (Version: 1.1.45)
Samsung AllShare (x32 Version: 2.1.0.12013_8)
Samsung Universal Print Driver (x32 Version: 2.03.01.00:36)
Service Pack 3 für SQL Server 2008 (KB2546951) (x32 Version: 10.3.5500.0)
Settings (x32 Version: 2.0.0)
Skype™ 6.6 (x32 Version: 6.6.106)
Sonos Controller (x32 Version: 24.0.69180)
Sql Server Customer Experience Improvement Program (x32 Version: 10.3.5500.0)
StarMoney (x32 Version: 3.0.5.8)
StarMoney (x32 Version: 4.0.0.203)
StarMoney 8.0  (x32 Version: 8.0)
StarMoney 9.0  (x32 Version: 9.0)
StarMoney Business 6.0  (x32 Version: 6.0)
SuperMailer 7.03 (Version: 7.03)
Support Center (Version: 2.1.1106)
Support Center FAQ (x32 Version: 1.0.11)
SW Update (x32 Version: 2.1.21)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (x32 Version: 10.3.5500.0)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
User Guide (x32 Version: 1.1.00)
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass  (07/27/2012 20.57.1.735) (Version: 07/27/2012 20.57.1.735)
Windows Live (x32 Version: 16.4.3505.0912)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
XnView 2.05 (x32 Version: 2.05)
ZoneAlarm Antivirus (x32 Version: 11.0.000.057)
ZoneAlarm Firewall (x32 Version: 11.0.000.057)
ZoneAlarm Security (x32 Version: 11.0.000.504)

==================== Restore Points  =========================

19-11-2013 13:27:29 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {156CA460-8D8F-4A7C-A506-E71440EE19D0} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-08-26] (Samsung Electronics CO., LTD.)
Task: {18D90FB1-6015-431E-8C2F-080A52EC9071} - System32\Tasks\{A8CBDE78-A3E8-4A8A-BFAF-7AA0C2FD1716} => Chrome.exe hxxp://ui.skype.com/ui/0/6.2.0.106/en/abandoninstall?page=tsMain
Task: {4E7BBBCA-3F17-44E8-BE9B-D224A97978CB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-16] (Adobe Systems Incorporated)
Task: {4EEAA4E8-CD0A-40A3-8675-FD5DD88670A1} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2013-08-23] (SEC)
Task: {52371C7B-C417-4E50-8905-A6315CD8B888} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\System32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {59F81142-653F-45B9-B879-5D097627C19D} - \EPUpdater No Task File
Task: {5E658CDA-0007-4144-A442-5FBDC93DDC8A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-28] (Google Inc.)
Task: {77C0D1F3-2C49-435C-A81A-27A1BCA51D4F} - \ProtectedSearch\Protected Search No Task File
Task: {82944B54-944C-4319-9BB8-7485FD89E4FB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9FD2802A-F402-4249-BEF3-A0A818332A2F} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: {A33D8EB5-2B94-4408-8A0F-ED8826082283} - System32\Tasks\{ED924F92-8168-40CA-B1DB-BEAA7A9A0435} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-06-21] (Skype Technologies S.A.)
Task: {B46C721F-E897-479F-B38C-FD8A12A94202} - System32\Tasks\Freemium1ClickMaint => C:\Program Files (x86)\Covus Freemium\Free System Utilities\1Click.exe [2013-03-11] ()
Task: {B69A4427-B94B-402C-98C1-EA72630D7B31} - System32\Tasks\AdobeAAMUpdater-1.0-Bodega_Maruccia-Frank => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {BED553C5-6E31-44BC-89AF-0EED4E16ADB6} - \Software Updater No Task File
Task: {C3E945E2-E8D8-4F3A-9416-D49D432E9C7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-28] (Google Inc.)
Task: {CE974FC3-A2A2-4E19-949C-796DAC2D9CAC} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E9D8AF2C-121D-4879-B99E-8D709FAB7D47} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation)
Task: {EA89DE75-C2FB-4090-A867-BECC9B0001CC} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.)
Task: {EE662443-5DFD-445C-91D6-BA9B36068348} - \BackgroundContainer Startup Task No Task File
Task: {F7F51415-D8A7-4A0E-B5FD-E13462B0DC25} - \Software Updater Ui No Task File
Task: {FC6615D1-3870-4575-BDA4-69B5BFAFF990} - \Browser Updater\Browser Updater No Task File
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-08-30 09:01 - 2013-08-30 09:01 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
2012-07-26 08:55 - 2012-07-26 08:53 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-10-16 18:15 - 2013-10-16 18:15 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2012-10-10 14:17 - 2012-10-10 14:17 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-05-10 15:14 - 2013-05-10 15:13 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00028280 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 01015416 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2013-02-20 19:13 - 2011-01-13 11:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 8.0\ouservice\PATCHW32.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00026232 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00029816 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00091768 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2013-10-16 07:56 - 2011-01-13 09:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll
2013-10-16 07:57 - 2011-01-13 09:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney Business 6.0\ouservice\PATCHW32.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-11-21 10:36 - 2013-11-21 10:36 - 03008624 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-11-21 10:36 - 2013-11-21 10:36 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-11-21 10:36 - 2013-11-21 10:36 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-10-04 06:10 - 2013-10-04 06:10 - 05565952 _____ () C:\Program Files (x86)\Sonos\sclib-csharp.DLL
2013-09-03 14:25 - 2013-09-03 14:25 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-06-05 13:10 - 2013-06-05 13:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2013-08-30 09:00 - 2013-08-30 09:00 - 00381808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CCInvokeAAM.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 01135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00655872 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 00520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 00450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 05717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 00147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 04671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 00686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 00070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 00152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 00366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll
2012-01-18 16:10 - 2012-01-18 16:10 - 00290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 00399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll
2012-01-06 15:40 - 2012-01-06 15:40 - 00044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll
2013-11-15 09:34 - 2013-11-14 12:28 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
2013-11-15 09:34 - 2013-11-14 12:28 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libegl.dll
2013-11-15 09:34 - 2013-11-14 12:29 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll
2013-11-15 09:34 - 2013-11-14 12:29 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
2013-11-15 09:34 - 2013-11-14 12:28 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
2013-11-15 09:34 - 2013-11-14 12:29 - 13582800 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/24/2013 06:11:43 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (11/24/2013 06:11:43 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/24/2013 06:11:43 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/24/2013 06:06:50 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (11/24/2013 06:01:01 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (11/24/2013 06:01:01 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/24/2013 06:01:01 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/24/2013 05:53:49 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (11/24/2013 04:46:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1826

Error: (11/24/2013 04:46:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1826


System errors:
=============
Error: (11/24/2013 06:06:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (11/24/2013 05:53:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (11/20/2013 04:39:50 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Samsung AllShare PC" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/20/2013 10:19:13 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SWUpdateService erreicht.

Error: (11/19/2013 04:25:50 PM) (Source: DCOM) (User: Bodega_Maruccia)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Bodega_MarucciaFrankS-1-5-21-484924946-752710417-643280108-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/19/2013 04:25:50 PM) (Source: DCOM) (User: Bodega_Maruccia)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Bodega_MarucciaFrankS-1-5-21-484924946-752710417-643280108-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/19/2013 04:25:50 PM) (Source: DCOM) (User: Bodega_Maruccia)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Bodega_MarucciaFrankS-1-5-21-484924946-752710417-643280108-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/19/2013 04:25:50 PM) (Source: DCOM) (User: Bodega_Maruccia)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Bodega_MarucciaFrankS-1-5-21-484924946-752710417-643280108-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/19/2013 04:25:50 PM) (Source: DCOM) (User: Bodega_Maruccia)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Bodega_MarucciaFrankS-1-5-21-484924946-752710417-643280108-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/19/2013 04:25:50 PM) (Source: DCOM) (User: Bodega_Maruccia)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Bodega_MarucciaFrankS-1-5-21-484924946-752710417-643280108-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


Microsoft Office Sessions:
=========================
Error: (11/24/2013 06:11:43 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F2030000E5050000

Error: (11/24/2013 06:11:43 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance163707000000000000000000008F020000

Error: (11/24/2013 06:11:43 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance163707000000000000000000008F020000

Error: (11/24/2013 06:06:50 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (11/24/2013 06:01:01 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F2030000E5050000

Error: (11/24/2013 06:01:01 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance163707000000000000000000008F020000

Error: (11/24/2013 06:01:01 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance163707000000000000000000008F020000

Error: (11/24/2013 05:53:49 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (11/24/2013 04:46:04 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1826

Error: (11/24/2013 04:46:04 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1826


CodeIntegrity Errors:
===================================
  Date: 2013-05-22 07:56:49.594
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2013-05-22 07:56:48.307
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2013-05-22 07:56:47.240
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2013-05-22 07:56:44.479
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2013-05-22 07:55:08.673
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

  Date: 2013-05-22 07:55:07.897
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

  Date: 2013-05-22 07:55:07.179
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

  Date: 2013-05-22 07:55:06.292
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

  Date: 2013-05-22 07:55:05.523
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

  Date: 2013-05-22 07:55:04.934
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.


==================== Memory info =========================== 

Percentage of memory in use: 28%
Total physical RAM: 7656.41 MB
Available physical RAM: 5496.19 MB
Total Pagefile: 9640.41 MB
Available Pagefile: 7047.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:442.27 GB) (Free:364.17 GB) NTFS
Drive e: (USB DISK) (Removable) (Total:7.6 GB) (Free:3.6 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: AAEBC8AE)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 8 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.

==================== End Of Log ============================

--- --- ---

aharonov · 24.11.2013, 19:06

Ok, wie läuft der Rechner jetzt?

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

SearchScopes: HKCU - {41E3EBB7-1E81-4672-8597-63F4ED4807EE} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3317892&CUI=UN24908529903248031&UM=2
SearchScopes: HKCU - {8A45B80F-B0E1-432F-90AB-1A7FA99091FF} URL = hxxp://search.certified-toolbar.com?si=42820&st=bs&tid=3347&q={searchTerms}
BHO-x32: visualbee Helper Object - {66F57190-01EB-45A6-8260-7895267209F7} - C:\Program Files (x86)\visualbee\visualbee\1.8.9.1\bh\visualbee.dll No File
BHO-x32: HomeTab - {9fdfb66c-713b-4201-83a6-5b78ae227b41} - C:\Users\Frank\AppData\Roaming\HomeTab\HomeTab.dll No File
FF Extension: HomeTab - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\xh8uu50j.default\Extensions\{9c72a7f0-9ced-4876-80b8-2cebdc068f07}
CHR HKLM-x32\...\Chrome\Extension: [cfigonhgidedenkkhlilmefgodjpefna] - C:\Users\Frank\AppData\Local\CRE\cfigonhgidedenkkhlilmefgodjpefna.crx
CHR HKLM-x32\...\Chrome\Extension: [npgpgjiajblpbldjkelafjjhfjcddlba] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx
Task: {59F81142-653F-45B9-B879-5D097627C19D} - \EPUpdater No Task File
Toolbar: HKLM-x32 - HomeTab - {9fdfb66c-713b-4201-83a6-5b78ae227b41} - C:\Users\Frank\AppData\Roaming\HomeTab\HomeTab.dll No File
Toolbar: HKLM-x32 - visualbee Toolbar - {610AF794-9293-4129-9FAF-A81BBDFBFA14} - C:\Program Files (x86)\visualbee\visualbee\1.8.9.1\visualbeeTlbr.dll No File
Task: {BED553C5-6E31-44BC-89AF-0EED4E16ADB6} - \Software Updater No Task File
Task: {F7F51415-D8A7-4A0E-B5FD-E13462B0DC25} - \Software Updater Ui No Task File
Task: {FC6615D1-3870-4575-BDA4-69B5BFAFF990} - \Browser Updater\Browser Updater No Task File

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

aharonov · 07.01.2014, 15:10

Fehlende Rückmeldung
Dieses Thema wurde aus meinen Abos gelöscht. Somit bekomme ich keine Benachrichtigung mehr über neue Antworten.
Schreib mir eine PM, falls du das Thema doch wieder fortsetzen möchtest. Dann machen wir hier weiter.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.

24.11.2013, 17:47	#6
aharonov /// TB-Ausbilder	rvzr-a.akamaihd.net virus auf dem rechner Hast du den AdwCleaner ausgeführt..? __________________ --> rvzr-a.akamaihd.net virus auf dem rechner

24.11.2013, 17:50	#8
aharonov /// TB-Ausbilder	rvzr-a.akamaihd.net virus auf dem rechner Die Anleitungen bitte immer der Reihe nach abarbeiten. Mach dann nach dem AdwCleaner-Durchlauf nochmals ein frisches FRST-Log und poste dieses ebenfalls. __________________ cheers, Leo

rvzr-a.akamaihd.net virus auf dem rechner

Plagegeister aller Art und deren Bekämpfung: rvzr-a.akamaihd.net virus auf dem rechner