Oh da ist aber ne Menge Adware liegengeblieben
Bitte MBAM ausführen und Log posten, anschließend bitte nochmal adwCleaner probieren, sonst wird das zuviel mit dem Fixen über FRST

Downloade Dir bitte Malwarebytes Anti-Malware

• Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

ohje so hier mal das Log:

Code: Alles auswählenAufklappen

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.16.01

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16750
Manuela :: MANUELA [Administrator]

16.01.2014 07:59:15
mbam-log-2014-01-16 (07-59-15).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 228411
Laufzeit: 4 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 4
C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager.A) -> 1512 -> Löschen bei Neustart.
C:\Program Files (x86)\PricePeep\PricePeepUpdater.exe (PUP.Optional.PricePeep.A) -> 5424 -> Löschen bei Neustart.
C:\ProgramData\InternetUpdater\InternetUpdaterService.exe (PUP.Optional.InternetUpdater.A) -> 2204 -> Löschen bei Neustart.
C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe (PUP.Optional.JumpFlip.A) -> 2516 -> Löschen bei Neustart.

Infizierte Speichermodule: 1
C:\Users\Manuela\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Löschen bei Neustart.

Infizierte Registrierungsschlüssel: 56
HKLM\SYSTEM\CurrentControlSet\Services\Wpm (PUP.Optional.WpManager.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WPM (PUP.Optional.WpManager.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C} (PUP.Optional.WebSteroids.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{112BA211-334C-4A90-90EC-2AD1CDAB287C} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\iminent.iminentHlpr.1 (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\iminent.iminentHlpr (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{112BA211-334C-4A90-90EC-2AD1CDAB287C} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{112BA211-334C-4A90-90EC-2AD1CDAB287C} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{112BA211-334C-4A90-90EC-2AD1CDAB287C} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{1FAFD711-ABF9-4F6A-8130-5166C7371427} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\iminent.iminentdskBnd.1 (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\iminent.iminentdskBnd (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1FAFD711-ABF9-4F6A-8130-5166C7371427} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1FAFD711-ABF9-4F6A-8130-5166C7371427} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5} (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D} (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} (PUP.Optional.DynConIE.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268} (PUP.Optional.PCSpeedUp.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{3157E247-2784-4028-BF0F-52D6DDC70E1B} (PUP.Optional.PCSpeedUp.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{6C42038D-817A-472C-8C2A-EF46F1DA576D} (PUP.Optional.PCSpeedUp.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\PCSU.Registry.1 (PUP.Optional.PCSpeedUp.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\PCSU.Registry (PUP.Optional.PCSpeedUp.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Typelib\{DCABB943-792E-44C4-9029-ECBEE6265AF9} (PUP.Optional.OutBrowse) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} (PUP.Optional.OutBrowse) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} (PUP.Optional.Datamngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\InternetUpdater (PUP.Optional.InternetUpdater.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InternetUpdater (PUP.Optional.InternetUpdater.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\esrv.iminentESrvc (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\esrv.iminentESrvc.1 (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\iminent.iminentappCore (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\iminent.iminentappCore.1 (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\IminentToolbar (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\Jump Flip (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\SEARCHPROTECTINT (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\IminentToolbar (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\nationzoomSoftware (PUP.Optional.NationZoom.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Plus-HD-5.5 (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Google\chrome\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Speedchecker Limited\PC Speed Up (PUP.Optional.PCSpeedUp.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\Update Jump Flip (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\Updater Service for AMZN (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdaterV3 (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\Software\Jump Flip (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{A2CC3C46-143B-4142-9D5A-B8543F0A6F55} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{9FD0C1D9-180B-4834-B80B-4B7325AF90E1} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{8E9F2D02-6B06-4EBA-92C2-68438EADED28} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-5.5 (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 6
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{84FF7BD6-B47F-46F8-9130-01B2696B36CB} (PUP.Optional.Iminent.A) -> Daten:  -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} (PUP.Optional.Iminent.A) -> Daten:  -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Daten: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Manuela\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\SearchProtectINT|Install (PUP.Optional.SearchProtect.A) -> Daten: 1 -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\InternetUpdater|ImagePath (PUP.Optional.InternetUpdater.A) -> Daten: "C:\ProgramData\InternetUpdater\InternetUpdaterService.exe" -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\Wpm|ImagePath (PUP.Optional.WpManager.A) -> Daten: C:\ProgramData\WPM\wprotectmanager.exe -service -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 7
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (PUP.Optional.NationZoom.A) -> Bösartig: (hxxp://www.nationzoom.com/?type=hp&ts=1389562401&from=tugs&uid=TOSHIBAXMQ01ABD100_X3DCP2ELTXXX3DCP2ELT) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command| (PUP.Optional.NationZoom.A) -> Bösartig: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1389562401&from=tugs&uid=TOSHIBAXMQ01ABD100_X3DCP2ELTXXX3DCP2ELT) Gut: (iexplore.exe) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (PUP.Optional.NationZoom.A) -> Bösartig: (hxxp://www.nationzoom.com/web/?type=ds&ts=1389562401&from=tugs&uid=TOSHIBAXMQ01ABD100_X3DCP2ELTXXX3DCP2ELT&q={searchTerms}) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.NationZoom.A) -> Bösartig: (hxxp://www.nationzoom.com/?type=hp&ts=1389562401&from=tugs&uid=TOSHIBAXMQ01ABD100_X3DCP2ELTXXX3DCP2ELT) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|DefaultScope (PUP.Optional.Qone8) -> Bösartig: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}) Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\Software\Microsoft\Internet Explorer\Main|Default_Page_URL (PUP.Optional.NationZoom.A) -> Bösartig: (hxxp://www.nationzoom.com/?type=hp&ts=1389562401&from=tugs&uid=TOSHIBAXMQ01ABD100_X3DCP2ELTXXX3DCP2ELT) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\Software\Microsoft\Internet Explorer\Main|Search Page (PUP.Optional.NationZoom) -> Bösartig: (hxxp://www.nationzoom.com/web/?type=ds&ts=1389562401&from=tugs&uid=TOSHIBAXMQ01ABD100_X3DCP2ELTXXX3DCP2ELT&q={searchTerms}) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 20
C:\ProgramData\InternetUpdater (PUP.Optional.InternetUpdater.A) -> Löschen bei Neustart.
C:\Program Files (x86)\Wajam (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Wajam\Updater (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\default\extensions\pkhojieggfgllhllcegoffdcnmdeojgb (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\default\extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0 (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\IminentToolbar (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\IminentToolbar\1.8.28.3 (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\IminentToolbar\1.8.28.3\bh (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Temp\Iminent (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-5.5 (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Temp\CT3318857 (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\RHelpers\ChromeHelper (PUP.Optional.Searchagent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\RHelpers\FirefoxHelper (PUP.Optional.Searchagent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\RHelpers\IeHelper (PUP.Optional.Searchagent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Temp\mt_ffx\IminentToolbar (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Temp\mt_ffx\IminentToolbar\iminent (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Temp\mt_ffx\IminentToolbar\iminent\1.8.28.3 (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Löschen bei Neustart.
C:\Users\Manuela\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\PricePeep (PUP.Optional.PricePeep.A) -> Löschen bei Neustart.

Infizierte Dateien: 74
C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager.A) -> Löschen bei Neustart.
C:\Program Files (x86)\PricePeep\PricePeepUpdater.exe (PUP.Optional.PricePeep.A) -> Löschen bei Neustart.
C:\Program Files (x86)\IminentToolbar\1.8.28.3\bh\iminent.dll (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\IminentToolbar\1.8.28.3\iminentTlbr.dll (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Temp\DownloadManager.exe (PUP.Optional.OutBrowse) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe (PUP.Optional.SearchDonkey.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe (PUP.Optional.SearchDonkey.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.SearchDonkey.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Temp\nsg2AB6.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Temp\nsr1B5B.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Temp\nsr5AD6.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Temp\nsv44C6.exe (PUP.Optional.SearchProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Temp\SearchProtectINT.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Temp\Umbrella.exe47f3e (PUP.Optional.Iminent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Temp\fullpackage_temp1389562376\Baofeng.exe (PUP.Optional.NationZoom.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Temp\fullpackage_temp1389562376\tmp\NewGdp.exe (PUP.Optional.WpManager.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Temp\is266438442\510489_stp\JumpFlipSetup.exe (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Temp\n162\filesfrog_2009-df12f8bc.exe (PUP.Optional.Somoto.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Temp\n162\pricepeep_270004_0101.exe (PUP.Optional.PricePeep.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Temp\n162\wajam_2207-6c14163c.exe (PUP.Optional.Wajam) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Temp\n3661\Iminent_1712-b2fcad5e.exe (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\Downloads\rcpsetup_r (1).exe (PUP.Optional.RegCleanerPro) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\Downloads\rcpsetup_r (2).exe (PUP.Optional.RegCleanerPro) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\Downloads\rcpsetup_r.exe (PUP.Optional.RegCleanerPro) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InternetUpdater\InternetUpdater.ico (PUP.Optional.InternetUpdater.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InternetUpdater\app.dat (PUP.Optional.InternetUpdater.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InternetUpdater\data.dat (PUP.Optional.InternetUpdater.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InternetUpdater\InternetUpdaterService.exe (PUP.Optional.InternetUpdater.A) -> Löschen bei Neustart.
C:\ProgramData\InternetUpdater\InternetUpdaterService.exe.config (PUP.Optional.InternetUpdater.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InternetUpdater\Uninstall.exe (PUP.Optional.InternetUpdater.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PricePeepUpdater.lnk (PUP.Optional.PricePeep.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Löschen bei Neustart.
C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe (PUP.Optional.JumpFlip.A) -> Löschen bei Neustart.
C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\default\extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\appCntrl.js (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\default\extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\bg.html (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\default\extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\bg.js (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\default\extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\ct.js (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\default\extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\CTB.dll (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\default\extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\dpk.js (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\default\extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\hprtkMsg.htm (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\default\extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\hprtkMsg.js (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\default\extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\json2.min.js (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\default\extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\logo.png (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\default\extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\manifest.json (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\default\extensions\pkhojieggfgllhllcegoffdcnmdeojgb\2.0_0\pref.json (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\IminentToolbar\1.8.28.3\iminent.crx (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\IminentToolbar\1.8.28.3\iminentApp.dll (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\IminentToolbar\1.8.28.3\iminentEng.dll (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\IminentToolbar\1.8.28.3\iminentsrv.exe (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\IminentToolbar\1.8.28.3\uninstall.exe (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-5.5\49060.crx (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-5.5\49060.xpi (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-5.5\background.html (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-5.5\Installer.log (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-bg.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-bho.dll (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-bho64.dll (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-buttonutil.dll (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-buttonutil.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-buttonutil64.dll (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-buttonutil64.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-chromeinstaller.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-codedownloader.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-enabler.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-firefoxinstaller.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-helper.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-updater.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5.ico (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-5.5\Uninstall.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-5.5\utils.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Local\Temp\CT3318857\ddt.csf (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Manuela\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         

Jetzt probiere ich noch den adwCleaner...

Soo - diesmal hats geklappt

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v3.017 - Bericht erstellt am 16/01/2014 um 08:20:55
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Manuela - MANUELA
# Gestartet von : C:\Users\Manuela\Downloads\adwcleaner(4).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\RHelpers
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pc speed up
Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Program Files (x86)\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Manuela\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Manuela\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Manuela\AppData\LocalLow\ilividmoviestoolbarha
Ordner Gelöscht : C:\Users\Manuela\AppData\LocalLow\IminentToolbar
Ordner Gelöscht : C:\Users\Manuela\AppData\Roaming\newnext.me
Ordner Gelöscht : C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Ordner Gelöscht : C:\Users\Manuela\Documents\Mobogenie
Ordner Gelöscht : C:\Users\Manuela\Documents\PC Speed Maximizer
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Manuela\AppData\Local\Temp\Uninstall.exe
Datei Gelöscht : C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Datei Gelöscht : C:\Users\Manuela\Desktop\MyPC Backup.lnk
Datei Gelöscht : C:\Users\Manuela\Desktop\PC Speed Up.lnk
Datei Gelöscht : C:\Windows\System32\Tasks\LaunchApp

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Manuela\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Classes\Applications\lollipop.exe
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\wajam.com
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99E71BF1-5F51-4AF9-830B-67015D59640D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{5563BEFE-3B03-43B1-8041-64A9745DAA56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{208D4124-3895-4974-B293-A159BD306078}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\Speedchecker Limited
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\Speedchecker Limited
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Browser Settings
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Iminent
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Speedchecker Limited
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537

Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v3.6.28 (de)

[ Datei : C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\rhkfz73g.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [41771 octets] - [15/01/2014 11:48:18]
AdwCleaner[R1].txt - [41774 octets] - [15/01/2014 12:09:28]
AdwCleaner[R2].txt - [41771 octets] - [15/01/2014 12:13:51]
AdwCleaner[R3].txt - [41771 octets] - [15/01/2014 12:15:53]
AdwCleaner[R4].txt - [41771 octets] - [15/01/2014 12:44:01]
AdwCleaner[R5].txt - [32801 octets] - [15/01/2014 17:32:57]
AdwCleaner[R6].txt - [7530 octets] - [16/01/2014 08:17:31]
AdwCleaner[S0].txt - [6557 octets] - [16/01/2014 08:20:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6617 octets] ##########
         

Gut. Dann bitte frische FRST Logs

Okay:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2014 03
Ran by Manuela (administrator) on MANUELA on 16-01-2014 09:17:37
Running from C:\Users\Manuela\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEPSON Connect\mepService.exe
() C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEPSON Connect\mep.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILGE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILGE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILGE.EXE
(1&1 Mail & Media GmbH) C:\Users\Manuela\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe
(Farbar) C:\Users\Manuela\Downloads\FRST64(3).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-23] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ATLauncher] - "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createshortcuts:1
HKLM-x32\...\Run: [ATUninstallIcon] - "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createuninstallentry:1
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2014-01-03] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILGE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [EPLTarget\P0000000000000001] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILGE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [EPLTarget\P0000000000000002] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILGE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [WEB.DE Application {sync-000021}] - C:\Users\Manuela\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe [875008 2013-09-13] (1&1 Mail & Media GmbH)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - C1A6C3714AB8411A9EC8696FFDF77A6F URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p07_serp_ie_de_display?ie=UTF8&tagbase=bds-p07&tag=bds-p07-serp-de-ie-21&tbrId=v1_abb-channel-7_4d9d85559c694c5b96d77187a7f567c1_30_46_20140103_DE_ie_ds_AdWords&query={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Plus-HD-5.5 - {11111111-1111-1111-1111-110411901160} - C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-bho64.dll No File
BHO: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll (Amazon Inc.)
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
BHO-x32: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE.dll (Amazon Inc.)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\rhkfz73g.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF NetworkProxy: "type", 0
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll (mozilla.org)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

Chrome: 
=======
CHR Extension: (Plus-HD-5.5) - C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\default\extensions\aoilcbjfkbdplcfglkiedhefcomondlk\1.26.9_0 [2014-01-13]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

U2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2014-01-03] (Avira Operations GmbH & Co. KG)
U2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-22] (Avira Operations GmbH & Co. KG)
U2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2014-01-03] (Avira Operations GmbH & Co. KG)
U2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] (APN LLC.)
U2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
U2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] ()
U2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [31632 2013-01-18] (Intel Corporation)
U2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [33168 2013-01-18] (Intel Corporation)
U2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
U2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent)
U2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
U3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
U2 MyEPSON Connect Service; C:\Program Files (x86)\EPSON\MyEPSON Connect\mepService.exe [703616 2012-10-01] (SEIKO EPSON CORPORATION)
U2 Update Jump Flip; C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe [97056 2014-01-16] ()
U2 Util Jump Flip; C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe [97056 2014-01-12] ()
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
U2 MgAssistService; C:\Program Files (x86)\Mobogenie\MgAssist.exe [x]

==================== Drivers (Whitelisted) ====================

U3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-01-16] (ASUS Corporation)
U2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-01-03] (Avira Operations GmbH & Co. KG)
U1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2014-01-03] (Avira Operations GmbH & Co. KG)
U1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-22] (Avira Operations GmbH & Co. KG)
U2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2014-01-03] (Avira Operations GmbH & Co. KG)
U3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107920 2013-01-18] (Intel Corporation)
U3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [43408 2013-01-18] (Intel Corporation)
U3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [65424 2013-01-18] (Intel Corporation)
U3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229776 2013-01-18] (Intel Corporation)
U3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363920 2013-01-18] (Intel Corporation)
U3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
U3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
U0 msahci; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-16 09:17 - 2014-01-16 09:17 - 02076160 _____ (Farbar) C:\Users\Manuela\Downloads\FRST64(3).exe
2014-01-16 08:16 - 2014-01-16 08:16 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner(4).exe
2014-01-16 07:57 - 2014-01-16 07:57 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Malwarebytes
2014-01-16 07:56 - 2014-01-16 07:56 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-16 07:56 - 2014-01-16 07:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-16 07:56 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-16 07:55 - 2014-01-16 07:56 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Manuela\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-15 21:11 - 2013-12-07 07:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-01-15 21:11 - 2013-12-07 07:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 21:11 - 2013-12-07 06:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-01-15 21:11 - 2013-12-07 06:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 17:34 - 2014-01-15 17:34 - 02076160 _____ (Farbar) C:\Users\Manuela\Downloads\FRST64(2).exe
2014-01-15 17:32 - 2014-01-15 17:32 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner(3).exe
2014-01-15 15:59 - 2014-01-15 15:59 - 00013826 _____ C:\Users\Manuela\Desktop\JRT.txt
2014-01-15 15:55 - 2014-01-15 15:55 - 00000000 ____D C:\Windows\ERUNT
2014-01-15 15:54 - 2014-01-15 15:54 - 01037068 _____ (Thisisu) C:\Users\Manuela\Downloads\JRT.exe
2014-01-15 12:09 - 2014-01-15 12:09 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner(2).exe
2014-01-15 11:48 - 2014-01-16 08:21 - 00000000 ____D C:\AdwCleaner
2014-01-15 11:47 - 2014-01-15 11:47 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner.exe
2014-01-15 10:52 - 2014-01-15 10:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-15 10:51 - 2014-01-15 11:41 - 00000000 ____D C:\Users\Manuela\Desktop\mbar
2014-01-15 10:51 - 2014-01-15 11:16 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-15 10:50 - 2014-01-15 10:50 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Manuela\Downloads\mbar-1.07.0.1008.exe
2014-01-15 10:26 - 2014-01-15 10:26 - 00001211 _____ C:\Users\Manuela\Downloads\SHK.bat
2014-01-15 10:14 - 2014-01-15 17:35 - 00016180 _____ C:\Users\Manuela\Downloads\Addition.txt
2014-01-15 10:13 - 2014-01-16 09:17 - 00016471 _____ C:\Users\Manuela\Downloads\FRST.txt
2014-01-15 10:13 - 2014-01-15 10:13 - 02076160 _____ (Farbar) C:\Users\Manuela\Downloads\FRST64.exe
2014-01-15 10:13 - 2014-01-15 10:13 - 00000000 ____D C:\FRST
2014-01-14 08:53 - 2014-01-14 08:53 - 00001945 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-14 08:53 - 2014-01-14 08:53 - 00000000 ____D C:\Users\Manuela\AppData\Local\Mozilla
2014-01-14 08:53 - 2014-01-14 08:53 - 00000000 _____ C:\Windows\nsreg.dat
2014-01-14 08:35 - 2014-01-14 08:35 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
2014-01-14 08:21 - 2014-01-15 11:13 - 00000000 ____D C:\ProgramData\Updater
2014-01-14 08:21 - 2014-01-14 08:53 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Mozilla
2014-01-14 08:20 - 2014-01-14 08:20 - 00001123 _____ C:\Users\Manuela\Desktop\PC Speed Maximizer.lnk
2014-01-13 23:40 - 2014-01-15 10:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-13 23:40 - 2014-01-13 23:40 - 00000000 ____D C:\Users\Manuela\AppData\Local\Google
2014-01-13 07:35 - 2014-01-13 07:37 - 00002236 _____ C:\Windows\system32\ASOROSet.bin
2014-01-13 07:28 - 2014-01-13 07:35 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2014-01-13 07:14 - 2014-01-13 07:14 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-13 07:14 - 2014-01-13 07:14 - 00000000 ____D C:\Windows\system32\NV
2014-01-13 06:13 - 2014-01-13 06:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2014-01-13 06:13 - 2014-01-13 06:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2014-01-13 06:08 - 2014-01-13 06:08 - 00000000 _____ C:\Users\Manuela\Downloads\AKD-73631541863.pdf.g8c3lwl.partial
2014-01-13 04:34 - 2014-01-13 04:34 - 00000000 _____ C:\autoexec.bat
2014-01-13 04:33 - 2014-01-15 10:25 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-13 04:33 - 2014-01-13 04:33 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-12 23:35 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-01-12 23:35 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-01-12 23:35 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-01-12 23:35 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-01-12 23:35 - 2013-10-28 06:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-01-12 23:35 - 2013-10-28 05:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-01-12 23:35 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-01-12 23:35 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-12 23:35 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-01-12 23:35 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-01-12 23:35 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-01-12 22:52 - 2014-01-12 22:52 - 00001638 _____ C:\Users\Manuela\Desktop\Sync Folder.lnk
2014-01-12 22:52 - 2014-01-12 22:52 - 00000000 ____D C:\Users\Manuela\SyncFolder
2014-01-12 22:35 - 2014-01-12 22:35 - 00000000 ____D C:\Users\Manuela\AppData\Local\newplayer
2014-01-12 22:34 - 2014-01-12 22:35 - 00000000 ____D C:\Program Files (x86)\NewPlayer
2014-01-03 14:17 - 2014-01-03 14:17 - 00003204 _____ C:\Windows\System32\Tasks\{72B62A4C-4546-4C80-9DA8-459C32A2C0B9}
2014-01-03 14:15 - 2014-01-03 14:15 - 00000000 ____D C:\Users\Manuela\AppData\Local\AskPartnerNetwork
2014-01-03 14:12 - 2014-01-03 14:12 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Avira
2014-01-03 14:07 - 2014-01-03 14:07 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2014-01-03 14:07 - 2014-01-03 14:07 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2014-01-03 14:04 - 2014-01-03 14:09 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-01-03 14:04 - 2014-01-03 14:09 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-01-03 14:04 - 2014-01-03 14:09 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-01-03 14:04 - 2014-01-03 14:04 - 00002072 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2014-01-03 14:04 - 2014-01-03 14:04 - 00000000 ____D C:\ProgramData\Avira
2014-01-03 14:04 - 2014-01-03 14:04 - 00000000 ____D C:\Program Files (x86)\Avira
2014-01-03 14:04 - 2013-11-22 12:01 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-01-03 13:32 - 2013-11-19 11:21 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-03 13:19 - 2014-01-12 22:34 - 00000000 ____D C:\Users\Manuela\AppData\Local\cache
2014-01-03 13:19 - 2014-01-03 13:20 - 00000000 ____D C:\Users\Manuela\.android
2014-01-03 13:19 - 2014-01-03 13:19 - 00000000 _____ C:\Users\Manuela\daemonprocess.txt
2014-01-03 13:15 - 2014-01-16 09:01 - 00000000 ____D C:\Program Files (x86)\Jump Flip
2014-01-03 13:13 - 2014-01-03 13:13 - 00000000 ____D C:\Program Files (x86)\Amazon
2014-01-03 13:12 - 2014-01-03 13:12 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\0F1F1C2Y1H1P1C0I0T
2014-01-03 13:11 - 2014-01-03 13:11 - 02092792 _____ C:\Users\Manuela\Downloads\avira-free-antivirus [1].exe
2013-12-30 22:47 - 2013-12-30 22:58 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-12-26 22:56 - 2013-12-26 22:56 - 00000000 ___RD C:\Users\Manuela\SkyDrive
2013-12-26 22:05 - 2013-12-26 22:43 - 00000000 ____D C:\Users\Manuela\WEB.DE Online-Speicher
2013-12-26 22:05 - 2013-12-26 22:05 - 00001337 _____ C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WEB.DE Online-Speicher.lnk
2013-12-26 22:05 - 2013-12-26 22:05 - 00001329 _____ C:\Users\Manuela\Desktop\WEB.DE Online-Speicher.lnk
2013-12-26 22:05 - 2013-12-26 22:05 - 00000000 ____D C:\Users\Manuela\AppData\Local\WEB.DE Application {sync-000021}
2013-12-25 22:49 - 2013-12-25 22:49 - 00409704 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-24 11:50 - 2014-01-14 06:31 - 00000000 ____D C:\Users\Manuela\Documents\Auto
2013-12-24 11:31 - 2013-12-24 11:41 - 00000400 _____ C:\Windows\ODBC.INI
2013-12-24 11:30 - 2013-12-24 11:30 - 00000000 ____D C:\Windows\Msagent
2013-12-17 09:51 - 2013-12-17 09:54 - 00000000 ____D C:\Users\Manuela\Desktop\Datensicherung PC alt

==================== One Month Modified Files and Folders =======

2014-01-16 09:17 - 2014-01-16 09:17 - 02076160 _____ (Farbar) C:\Users\Manuela\Downloads\FRST64(3).exe
2014-01-16 09:17 - 2014-01-15 10:13 - 00016471 _____ C:\Users\Manuela\Downloads\FRST.txt
2014-01-16 09:14 - 2013-12-04 15:14 - 00000935 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Update {CC91ECC5-A7AC-4E4F-8715-9946ACD2F1A0}.job
2014-01-16 09:14 - 2013-12-04 15:14 - 00000749 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {CC91ECC5-A7AC-4E4F-8715-9946ACD2F1A0}.job
2014-01-16 09:02 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2014-01-16 09:01 - 2014-01-03 13:15 - 00000000 ____D C:\Program Files (x86)\Jump Flip
2014-01-16 08:45 - 2013-10-20 01:35 - 01571417 _____ C:\Windows\WindowsUpdate.log
2014-01-16 08:39 - 2013-12-04 15:39 - 00000935 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Update {1F4C59CE-65DF-4311-A923-1398D5C36FCB}.job
2014-01-16 08:39 - 2013-12-04 15:39 - 00000749 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {1F4C59CE-65DF-4311-A923-1398D5C36FCB}.job
2014-01-16 08:36 - 2013-12-14 19:36 - 00000935 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Update {6722053F-5536-4362-A98B-FB472EF2D81D}.job
2014-01-16 08:36 - 2013-12-14 19:36 - 00000749 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {6722053F-5536-4362-A98B-FB472EF2D81D}.job
2014-01-16 08:34 - 2013-12-03 16:07 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-16 08:34 - 2013-12-03 16:07 - 00000000 ____D C:\Windows\system32\MRT
2014-01-16 08:34 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore
2014-01-16 08:33 - 2013-12-02 21:33 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2863067475-3168439478-3626505949-1002
2014-01-16 08:23 - 2013-12-02 21:26 - 00000062 _____ C:\Users\Manuela\AppData\Roaming\sp_data.sys
2014-01-16 08:22 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-16 08:22 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2014-01-16 08:21 - 2014-01-15 11:48 - 00000000 ____D C:\AdwCleaner
2014-01-16 08:21 - 2013-12-02 21:26 - 00001001 _____ C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-16 08:21 - 2013-12-02 21:26 - 00000000 ___RD C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-16 08:16 - 2014-01-16 08:16 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner(4).exe
2014-01-16 08:04 - 2012-08-02 14:24 - 00362658 _____ C:\Windows\PFRO.log
2014-01-16 07:57 - 2014-01-16 07:57 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Malwarebytes
2014-01-16 07:56 - 2014-01-16 07:56 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-16 07:56 - 2014-01-16 07:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-16 07:56 - 2014-01-16 07:55 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Manuela\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-15 17:35 - 2014-01-15 10:14 - 00016180 _____ C:\Users\Manuela\Downloads\Addition.txt
2014-01-15 17:34 - 2014-01-15 17:34 - 02076160 _____ (Farbar) C:\Users\Manuela\Downloads\FRST64(2).exe
2014-01-15 17:32 - 2014-01-15 17:32 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner(3).exe
2014-01-15 15:59 - 2014-01-15 15:59 - 00013826 _____ C:\Users\Manuela\Desktop\JRT.txt
2014-01-15 15:55 - 2014-01-15 15:55 - 00000000 ____D C:\Windows\ERUNT
2014-01-15 15:54 - 2014-01-15 15:54 - 01037068 _____ (Thisisu) C:\Users\Manuela\Downloads\JRT.exe
2014-01-15 12:09 - 2014-01-15 12:09 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner(2).exe
2014-01-15 11:47 - 2014-01-15 11:47 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner.exe
2014-01-15 11:41 - 2014-01-15 10:51 - 00000000 ____D C:\Users\Manuela\Desktop\mbar
2014-01-15 11:16 - 2014-01-15 10:51 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-15 11:13 - 2014-01-14 08:21 - 00000000 ____D C:\ProgramData\Updater
2014-01-15 10:52 - 2014-01-15 10:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-15 10:50 - 2014-01-15 10:50 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Manuela\Downloads\mbar-1.07.0.1008.exe
2014-01-15 10:26 - 2014-01-15 10:26 - 00001211 _____ C:\Users\Manuela\Downloads\SHK.bat
2014-01-15 10:25 - 2014-01-13 04:33 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-15 10:14 - 2014-01-13 23:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-15 10:13 - 2014-01-15 10:13 - 02076160 _____ (Farbar) C:\Users\Manuela\Downloads\FRST64.exe
2014-01-15 10:13 - 2014-01-15 10:13 - 00000000 ____D C:\FRST
2014-01-14 08:53 - 2014-01-14 08:53 - 00001945 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-14 08:53 - 2014-01-14 08:53 - 00000000 ____D C:\Users\Manuela\AppData\Local\Mozilla
2014-01-14 08:53 - 2014-01-14 08:53 - 00000000 _____ C:\Windows\nsreg.dat
2014-01-14 08:53 - 2014-01-14 08:21 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Mozilla
2014-01-14 08:35 - 2014-01-14 08:35 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
2014-01-14 08:23 - 2013-04-26 00:16 - 00000561 _____ C:\Windows\DirectX.log
2014-01-14 08:20 - 2014-01-14 08:20 - 00001123 _____ C:\Users\Manuela\Desktop\PC Speed Maximizer.lnk
2014-01-14 07:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2014-01-14 06:31 - 2013-12-24 11:50 - 00000000 ____D C:\Users\Manuela\Documents\Auto
2014-01-13 23:40 - 2014-01-13 23:40 - 00000000 ____D C:\Users\Manuela\AppData\Local\Google
2014-01-13 07:40 - 2013-12-02 21:25 - 00000000 ____D C:\Users\Manuela
2014-01-13 07:38 - 2012-07-26 06:26 - 77594624 _____ C:\Windows\system32\config\SOFTWARE.bak
2014-01-13 07:38 - 2012-07-26 06:26 - 12845056 _____ C:\Windows\system32\config\SYSTEM.bak
2014-01-13 07:38 - 2012-07-26 06:26 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2014-01-13 07:37 - 2014-01-13 07:35 - 00002236 _____ C:\Windows\system32\ASOROSet.bin
2014-01-13 07:36 - 2012-07-26 06:26 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2014-01-13 07:35 - 2014-01-13 07:28 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2014-01-13 07:14 - 2014-01-13 07:14 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-13 07:14 - 2014-01-13 07:14 - 00000000 ____D C:\Windows\system32\NV
2014-01-13 07:14 - 2013-10-20 01:36 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-13 07:06 - 2013-10-20 01:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-13 06:13 - 2014-01-13 06:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2014-01-13 06:13 - 2014-01-13 06:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2014-01-13 06:12 - 2012-07-26 06:26 - 00000220 _____ C:\Windows\win.ini
2014-01-13 06:08 - 2014-01-13 06:08 - 00000000 _____ C:\Users\Manuela\Downloads\AKD-73631541863.pdf.g8c3lwl.partial
2014-01-13 04:34 - 2014-01-13 04:34 - 00000000 _____ C:\autoexec.bat
2014-01-13 04:33 - 2014-01-13 04:33 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-12 23:45 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\NDF
2014-01-12 22:52 - 2014-01-12 22:52 - 00001638 _____ C:\Users\Manuela\Desktop\Sync Folder.lnk
2014-01-12 22:52 - 2014-01-12 22:52 - 00000000 ____D C:\Users\Manuela\SyncFolder
2014-01-12 22:35 - 2014-01-12 22:35 - 00000000 ____D C:\Users\Manuela\AppData\Local\newplayer
2014-01-12 22:35 - 2014-01-12 22:34 - 00000000 ____D C:\Program Files (x86)\NewPlayer
2014-01-12 22:34 - 2014-01-03 13:19 - 00000000 ____D C:\Users\Manuela\AppData\Local\cache
2014-01-09 09:02 - 2013-12-16 13:11 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-09 09:02 - 2013-12-16 13:11 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-06 09:18 - 2013-12-08 13:42 - 00000000 ____D C:\Users\Manuela\AppData\Local\Windows Live
2014-01-03 14:17 - 2014-01-03 14:17 - 00003204 _____ C:\Windows\System32\Tasks\{72B62A4C-4546-4C80-9DA8-459C32A2C0B9}
2014-01-03 14:15 - 2014-01-03 14:15 - 00000000 ____D C:\Users\Manuela\AppData\Local\AskPartnerNetwork
2014-01-03 14:12 - 2014-01-03 14:12 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Avira
2014-01-03 14:09 - 2014-01-03 14:04 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-01-03 14:09 - 2014-01-03 14:04 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-01-03 14:09 - 2014-01-03 14:04 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-01-03 14:07 - 2014-01-03 14:07 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2014-01-03 14:07 - 2014-01-03 14:07 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2014-01-03 14:04 - 2014-01-03 14:04 - 00002072 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2014-01-03 14:04 - 2014-01-03 14:04 - 00000000 ____D C:\ProgramData\Avira
2014-01-03 14:04 - 2014-01-03 14:04 - 00000000 ____D C:\Program Files (x86)\Avira
2014-01-03 13:45 - 2013-10-20 01:51 - 00000000 ____D C:\Program Files\McAfeeEx
2014-01-03 13:45 - 2013-04-26 00:18 - 00000000 ____D C:\ProgramData\McAfee
2014-01-03 13:45 - 2013-04-26 00:18 - 00000000 ____D C:\Program Files\mcafee
2014-01-03 13:45 - 2013-04-26 00:18 - 00000000 ____D C:\Program Files\Common Files\mcafee
2014-01-03 13:28 - 2012-07-26 09:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2014-01-03 13:20 - 2014-01-03 13:19 - 00000000 ____D C:\Users\Manuela\.android
2014-01-03 13:19 - 2014-01-03 13:19 - 00000000 _____ C:\Users\Manuela\daemonprocess.txt
2014-01-03 13:13 - 2014-01-03 13:13 - 00000000 ____D C:\Program Files (x86)\Amazon
2014-01-03 13:12 - 2014-01-03 13:12 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\0F1F1C2Y1H1P1C0I0T
2014-01-03 13:11 - 2014-01-03 13:11 - 02092792 _____ C:\Users\Manuela\Downloads\avira-free-antivirus [1].exe
2014-01-03 13:08 - 2012-08-03 00:02 - 00759192 _____ C:\Windows\system32\perfh007.dat
2014-01-03 13:08 - 2012-08-03 00:02 - 00158376 _____ C:\Windows\system32\perfc007.dat
2014-01-03 13:08 - 2012-07-26 08:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-03 10:33 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-12-30 22:59 - 2013-04-26 00:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-30 22:58 - 2013-12-30 22:47 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-12-26 22:56 - 2013-12-26 22:56 - 00000000 ___RD C:\Users\Manuela\SkyDrive
2013-12-26 22:56 - 2013-12-02 21:25 - 00002189 _____ C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-12-26 22:43 - 2013-12-26 22:05 - 00000000 ____D C:\Users\Manuela\WEB.DE Online-Speicher
2013-12-26 22:05 - 2013-12-26 22:05 - 00001337 _____ C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WEB.DE Online-Speicher.lnk
2013-12-26 22:05 - 2013-12-26 22:05 - 00001329 _____ C:\Users\Manuela\Desktop\WEB.DE Online-Speicher.lnk
2013-12-26 22:05 - 2013-12-26 22:05 - 00000000 ____D C:\Users\Manuela\AppData\Local\WEB.DE Application {sync-000021}
2013-12-25 23:10 - 2013-12-05 21:42 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Epson
2013-12-25 23:10 - 2013-12-04 15:02 - 00000000 ____D C:\ProgramData\Epson
2013-12-25 22:49 - 2013-12-25 22:49 - 00409704 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-25 22:46 - 2012-07-26 10:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-12-25 22:46 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\SysWOW64\winrm
2013-12-25 22:46 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2013-12-25 22:46 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2013-12-25 22:46 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\en-GB
2013-12-25 22:46 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-12-25 22:46 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2013-12-25 22:46 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-12-25 22:46 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-12-25 22:46 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Common Files\System
2013-12-25 22:46 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-12-25 22:46 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-12-25 22:46 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-12-25 22:46 - 2012-07-26 06:37 - 00000000 ____D C:\Windows\servicing
2013-12-25 22:45 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\SysWOW64\WCN
2013-12-25 22:45 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-12-25 22:45 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-12-25 22:44 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2013-12-25 22:44 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\system32\winrm
2013-12-25 22:44 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\system32\slmgr
2013-12-25 22:44 - 2012-07-26 09:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-12-25 22:44 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\SysWOW64\Com
2013-12-25 22:44 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\migwiz
2013-12-25 22:44 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\en-GB
2013-12-25 22:44 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-25 22:44 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\Sysprep
2013-12-25 22:44 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\oobe
2013-12-25 22:41 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\system32\WCN
2013-12-25 22:41 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\MUI
2013-12-25 22:41 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\Dism
2013-12-25 22:40 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-12-25 22:40 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2013-12-25 22:40 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\Com
2013-12-24 11:48 - 2013-12-02 21:25 - 00000000 ____D C:\Users\Manuela\AppData\Local\VirtualStore
2013-12-24 11:41 - 2013-12-24 11:31 - 00000400 _____ C:\Windows\ODBC.INI
2013-12-24 11:39 - 2012-07-26 10:45 - 00000000 ____D C:\Windows\ShellNew
2013-12-24 11:36 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\System
2013-12-24 11:30 - 2013-12-24 11:30 - 00000000 ____D C:\Windows\Msagent
2013-12-24 11:30 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\Help
2013-12-18 08:10 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-12-17 09:54 - 2013-12-17 09:51 - 00000000 ____D C:\Users\Manuela\Desktop\Datensicherung PC alt
2013-12-17 09:53 - 2012-07-26 08:21 - 00040392 _____ C:\Windows\setupact.log

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\Manuela\AppData\Local\Temp\avgnt.exe
C:\Users\Manuela\AppData\Local\Temp\BackupSetup.exe
C:\Users\Manuela\AppData\Local\Temp\oi_{30838A32-2E62-402A-A40B-8B39AA12CB26}.exe
C:\Users\Manuela\AppData\Local\Temp\Quarantine.exe
C:\Users\Manuela\AppData\Local\Temp\Setup.exe
C:\Users\Manuela\AppData\Local\Temp\SHSetup.exe
C:\Users\Manuela\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-13 07:45

==================== End Of Log ============================
         

--- --- ---


hätte ich den Haken bei Addition.txt auch wieder setzen sollen??

Ja Haken bitte setzen. Neuen Scan machen. Aber dann bitte nur die neue additions posten

okay hier die addition:

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2014 03
Ran by Manuela at 2014-01-16 10:09:49
Running from C:\Users\Manuela\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Amazon 1Button App (x32 Version: 1.0.4 - Amazon)
ASUS InstantOn (x32 Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (x32 Version: 3.1.13 - ASUS)
ASUS Live Update (x32 Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (Version: 2.0.4 - ASUS)
ASUS Screen Saver (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (x32 Version: 1.1.3 - ASUS)
ASUS Splendid Video Enhancement Technology (x32 Version: 2.01.0002 - ASUS)
ASUS USB Charger Plus (x32 Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (x32 Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
ATK Package (x32 Version: 1.0.0027 - ASUS)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Avira SearchFree Toolbar (x32 Version: 12.10.0.2951 - APN, LLC)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled Twist (x32 Version: 2.2.0.95 - WildTangent) Hidden
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Epson Connect Printer Setup (x32 Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson Event Manager (x32 Version: 3.10.0017 - Seiko Epson Corporation)
EPSON Scan (x32 Version:  - Seiko Epson Corporation)
EPSON XP-215 217 Series Printer Uninstall (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (x32 Version: 1.31.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (x32 Version: 2.6.0 - SEIKO EPSON CORPORATION)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (x32 Version: 6.0.7.1084 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2867 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Jump Flip (Version: 2013.12.27.213125 - Jump Flip) <==== ATTENTION
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (x32 Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office XP Media Content (x32 Version: 10.0.2619.0 - Microsoft Corporation)
Microsoft Office XP Professional (x32 Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Publisher 2002 (x32 Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works 6-9 Converter (x32 Version: 14.0.6120.5002 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox (3.6.28) (x32 Version: 3.6.28 (de) - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyBitCast 2.0 (x32 Version: 2.0 - ASUS)
MyEPSON Portal (x32 Version:  - SEIKO EPSON Corporation)
MyEPSON Portal (x32 Version: 1.0.4.0 - SEIKO EPSON CORPORATION) Hidden
NewPlayer (x32 Version: v2.1.1.0 - TUGUU SL)
NVIDIA Grafiktreiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.15.2 (Version: 1.15.2 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
PC Speed Maximizer v3.2 (x32 Version: 3.2 - Smart PC Solutions)
PC Speed Up (Version: 3.4.1.0 - Speedchecker Limited)
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Qualcomm Atheros Client Installation Program (x32 Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (x32 Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6829 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (x32 Version: 6.1.8400.27023 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
Software Updater (x32 Version: 4.1.7 - SEIKO EPSON CORPORATION)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Updater (x32 Version: 2.6.53 - Creative Island Media, LLC)
WEB.DE Online-Speicher 1.5.1894.0 (HKCU Version: 1.5.1894.0 - 1&1 Mail & Media GmbH)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
WildTangent-Spiele (x32 Version: 1.0.4.0 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse  (01/10/2013 1.0.0.170) (Version: 01/10/2013 1.0.0.170 - ASUS)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (x32 Version: 2.41.1 - ASUS)

==================== Restore Points  =========================

15-01-2014 07:14:23 Geplanter Prüfpunkt
15-01-2014 10:11:40 Malwarebytes Anti-Rootkit Restore Point

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1C7A9998-330D-4BAA-ADDF-48606EB80EFD} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-29] (ASUS)
Task: {20FC13A1-B0B6-4C97-BC33-5D33F28CDCAC} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-01-16] (AsusTek)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {44910F63-82D0-4E48-AA5A-34762E02D3C2} - System32\Tasks\EPSON XP-215 217 Series Invitation {1F4C59CE-65DF-4311-A923-1398D5C36FCB} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {68EE22AF-03C0-4297-A9C0-5A4155621436} - System32\Tasks\EPSON XP-215 217 Series Update {1F4C59CE-65DF-4311-A923-1398D5C36FCB} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {74F9DE2E-15D3-497B-8A25-24143949A633} - System32\Tasks\EPSON XP-215 217 Series Update {6722053F-5536-4362-A98B-FB472EF2D81D} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {8058864E-9740-427F-B963-726680C33286} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {8A39CEB1-2BD8-4497-81CF-8CA056E72B2C} - \LaunchApp No Task File
Task: {8BC43FF5-FD75-4E7C-9FCB-2BA873D24534} - System32\Tasks\EPSON XP-215 217 Series Invitation {CC91ECC5-A7AC-4E4F-8715-9946ACD2F1A0} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {924EEE96-7372-4068-AEA3-C1E8B54B10C0} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B0A73E07-0BE1-4656-B502-C4A1B70BF7F2} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {C488200D-B5F5-46C1-A540-00DDD8C43E07} - System32\Tasks\EPSON XP-215 217 Series Invitation {6722053F-5536-4362-A98B-FB472EF2D81D} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CA08D60E-2D36-4D99-A35F-BB99F1AA895C} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-10-24] (ASUS)
Task: {E39E9D46-7731-4EA0-969E-765D805BB328} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2012-11-29] ()
Task: {E82F9241-79B7-4814-B52B-AF20E6CFD01E} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F25DA116-752C-4066-B90A-39859EB957B9} - System32\Tasks\EPSON XP-215 217 Series Update {CC91ECC5-A7AC-4E4F-8715-9946ACD2F1A0} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {1F4C59CE-65DF-4311-A923-1398D5C36FCB}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {6722053F-5536-4362-A98B-FB472EF2D81D}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {CC91ECC5-A7AC-4E4F-8715-9946ACD2F1A0}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {1F4C59CE-65DF-4311-A923-1398D5C36FCB}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {6722053F-5536-4362-A98B-FB472EF2D81D}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {CC91ECC5-A7AC-4E4F-8715-9946ACD2F1A0}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE

==================== Loaded Modules (whitelisted) =============

2012-08-24 17:26 - 2012-08-24 17:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-12-03 14:48 - 2013-12-03 14:50 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-12-26 22:05 - 2013-09-13 15:12 - 00070656 _____ () C:\Users\Manuela\AppData\Local\WEB.DE Application {sync-000021}\CoreBranding.dll
2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-04-24 14:30 - 2012-10-15 05:09 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2014-01-03 14:04 - 2013-11-22 12:01 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-01-14 08:53 - 2012-03-06 18:29 - 01014744 _____ () C:\Program Files (x86)\Mozilla Firefox\js3250.dll
2013-10-20 01:39 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

Der angeforderte Dienst wurde bereits gestartet.

Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 2182 eingeben.


==================== Memory info =========================== 

Percentage of memory in use: 21%
Total physical RAM: 8077.54 MB
Available physical RAM: 6336.93 MB
Total Pagefile: 16781.54 MB
Available Pagefile: 14903.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:301.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:537.8 GB) (Free:537.64 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 568814A2)

Partition: GPT Partition Type
==================== End Of Log ============================
         

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code: Alles auswählenAufklappen

ATTFilter

BHO: Plus-HD-5.5 - {11111111-1111-1111-1111-110411901160} - C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-bho64.dll No File
BHO: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll (Amazon Inc.)
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
BHO-x32: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE.dll (Amazon Inc.)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
U2 Update Jump Flip; C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe [97056 2014-01-16] ()
U2 Util Jump Flip; C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe [97056 2014-01-12] ()
U3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
C:\Windows\System32\Tasks\{72B62A4C-4546-4C80-9DA8-459C32A2C0B9}
C:\ProgramData\*.exe
C:\ProgramData\*.VBS
C:\Program Files (x86)\AskPartnerNetwork
C:\Program Files\Enigma Software Group
C:\Program Files (x86)\Plus-HD-5.5
C:\Program Files (x86)\Jump Flip
C:\Program Files (x86)\NewPlayer
C:\Users\Manuela\AppData\Local\AskPartnerNetwork
C:\Users\Manuela\AppData\Roaming\0F1F1C2Y1H1P1C0I0T
C:\Users\Manuela\Desktop\PC Speed Maximizer.lnk
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
C:\Users\Manuela\Downloads\AKD-73631541863.pdf.g8c3lwl.partial
C:\Users\Manuela\AppData\Local\newplayer
C:\Users\Manuela\AppData\Local\Temp\avgnt.exe
C:\Users\Manuela\AppData\Local\Temp\BackupSetup.exe
C:\Users\Manuela\AppData\Local\Temp\oi_{30838A32-2E62-402A-A40B-8B39AA12CB26}.exe
C:\Users\Manuela\AppData\Local\Temp\Quarantine.exe
C:\Users\Manuela\AppData\Local\Temp\Setup.exe
C:\Users\Manuela\AppData\Local\Temp\SHSetup.exe
C:\Users\Manuela\AppData\Local\Temp\vcredist_x64.exe
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

• Starte nun FRST erneut und klicke den Entfernen Button.
• Das Tool erstellt eine Fixlog.txt.
• Poste mir deren Inhalt.

Code: Alles auswählenAufklappen

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-01-2014 03
Ran by Manuela at 2014-01-16 19:12:55 Run:1
Running from C:\FRST
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
BHO: Plus-HD-5.5 - {11111111-1111-1111-1111-110411901160} - C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-bho64.dll No File
BHO: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll (Amazon Inc.)
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
BHO-x32: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE.dll (Amazon Inc.)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
U2 Update Jump Flip; C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe [97056 2014-01-16] ()
U2 Util Jump Flip; C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe [97056 2014-01-12] ()
U3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
C:\Windows\System32\Tasks\{72B62A4C-4546-4C80-9DA8-459C32A2C0B9}
C:\ProgramData\*.exe
C:\ProgramData\*.VBS
C:\Program Files (x86)\AskPartnerNetwork
C:\Program Files\Enigma Software Group
C:\Program Files (x86)\Plus-HD-5.5
C:\Program Files (x86)\Jump Flip
C:\Program Files (x86)\NewPlayer
C:\Users\Manuela\AppData\Local\AskPartnerNetwork
C:\Users\Manuela\AppData\Roaming\0F1F1C2Y1H1P1C0I0T
C:\Users\Manuela\Desktop\PC Speed Maximizer.lnk
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
C:\Users\Manuela\Downloads\AKD-73631541863.pdf.g8c3lwl.partial
C:\Users\Manuela\AppData\Local\newplayer
C:\Users\Manuela\AppData\Local\Temp\avgnt.exe
C:\Users\Manuela\AppData\Local\Temp\BackupSetup.exe
C:\Users\Manuela\AppData\Local\Temp\oi_{30838A32-2E62-402A-A40B-8B39AA12CB26}.exe
C:\Users\Manuela\AppData\Local\Temp\Quarantine.exe
C:\Users\Manuela\AppData\Local\Temp\Setup.exe
C:\Users\Manuela\AppData\Local\Temp\SHSetup.exe
C:\Users\Manuela\AppData\Local\Temp\vcredist_x64.exe
         
*****************

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901160} => Key deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110411901160} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} => Key deleted successfully.
HKCR\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7} => Key deleted successfully.
HKCR\CLSID\{41564952-412D-5637-4300-7A786E7484D7} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{41564952-412D-5637-4300-7A786E7484D7} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{41564952-412D-5637-4300-7A786E7484D7} => Value deleted successfully.
HKCR\CLSID\{41564952-412D-5637-4300-7A786E7484D7} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{41564952-412D-5637-4300-7A786E7484D7} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{41564952-412D-5637-4300-7A786E7484D7} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{41564952-412D-5637-00A7-7A786E7484D7} => Value deleted successfully.
HKCR\CLSID\{41564952-412D-5637-00A7-7A786E7484D7} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{41564952-412D-5637-4300-7A786E7484D7} => Value deleted successfully.
HKCR\CLSID\{41564952-412D-5637-4300-7A786E7484D7} => Key not found.
Firefox DefaultSearchEngine deleted successfully.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Update Jump Flip => Service deleted successfully.
Util Jump Flip => Service deleted successfully.
esgiguard => Service deleted successfully.
C:\Windows\System32\Tasks\{72B62A4C-4546-4C80-9DA8-459C32A2C0B9} => Moved successfully.
C:\ProgramData\*.exe => Moved successfully.
C:\ProgramData\*.VBS => Moved successfully.
C:\Program Files (x86)\AskPartnerNetwork => Moved successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
"C:\Program Files (x86)\Plus-HD-5.5" => File/Directory not found.
C:\Program Files (x86)\Jump Flip => Moved successfully.
C:\Program Files (x86)\NewPlayer => Moved successfully.
C:\Users\Manuela\AppData\Local\AskPartnerNetwork => Moved successfully.
C:\Users\Manuela\AppData\Roaming\0F1F1C2Y1H1P1C0I0T => Moved successfully.
C:\Users\Manuela\Desktop\PC Speed Maximizer.lnk => Moved successfully.
C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop => Moved successfully.
C:\Users\Manuela\Downloads\AKD-73631541863.pdf.g8c3lwl.partial => Moved successfully.
C:\Users\Manuela\AppData\Local\newplayer => Moved successfully.
C:\Users\Manuela\AppData\Local\Temp\avgnt.exe => Moved successfully.
C:\Users\Manuela\AppData\Local\Temp\BackupSetup.exe => Moved successfully.
C:\Users\Manuela\AppData\Local\Temp\oi_{30838A32-2E62-402A-A40B-8B39AA12CB26}.exe => Moved successfully.
C:\Users\Manuela\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Manuela\AppData\Local\Temp\Setup.exe => Moved successfully.
C:\Users\Manuela\AppData\Local\Temp\SHSetup.exe => Moved successfully.
C:\Users\Manuela\AppData\Local\Temp\vcredist_x64.exe => Moved successfully.

==== End of Fixlog ====
         

FRST neu runterladen, Haken bei additions und frische Logs bitte

Hier die Logs

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2014 03
Ran by Manuela (administrator) on MANUELA on 17-01-2014 13:19:21
Running from C:\Users\Manuela\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEPSON Connect\mepService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEPSON Connect\mep.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILGE.EXE
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILGE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILGE.EXE
(1&1 Mail & Media GmbH) C:\Users\Manuela\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\APRP\aprp.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Manuela\Downloads\FRST64(3).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-23] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ATLauncher] - "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createshortcuts:1
HKLM-x32\...\Run: [ATUninstallIcon] - "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createuninstallentry:1
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2014-01-03] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILGE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [EPLTarget\P0000000000000001] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILGE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [EPLTarget\P0000000000000002] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILGE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [WEB.DE Application {sync-000021}] - C:\Users\Manuela\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe [875008 2013-09-13] (1&1 Mail & Media GmbH)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - C1A6C3714AB8411A9EC8696FFDF77A6F URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p07_serp_ie_de_display?ie=UTF8&tagbase=bds-p07&tag=bds-p07-serp-de-ie-21&tbrId=v1_abb-channel-7_4d9d85559c694c5b96d77187a7f567c1_30_46_20140103_DE_ie_ds_AdWords&query={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\rhkfz73g.default
FF NetworkProxy: "type", 0
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll (mozilla.org)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

Chrome: 
=======
CHR Extension: (Plus-HD-5.5) - C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\default\extensions\aoilcbjfkbdplcfglkiedhefcomondlk\1.26.9_0 [2014-01-13]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

U2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2014-01-03] (Avira Operations GmbH & Co. KG)
U2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-22] (Avira Operations GmbH & Co. KG)
U2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2014-01-03] (Avira Operations GmbH & Co. KG)
U2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
U2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] ()
U2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [31632 2013-01-18] (Intel Corporation)
U2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [33168 2013-01-18] (Intel Corporation)
U2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
U2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent)
U2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
U3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
U2 MyEPSON Connect Service; C:\Program Files (x86)\EPSON\MyEPSON Connect\mepService.exe [703616 2012-10-01] (SEIKO EPSON CORPORATION)
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
U2 APNMCP; "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe" [x]
U2 MgAssistService; C:\Program Files (x86)\Mobogenie\MgAssist.exe [x]

==================== Drivers (Whitelisted) ====================

U3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-01-16] (ASUS Corporation)
U2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-01-03] (Avira Operations GmbH & Co. KG)
U1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2014-01-03] (Avira Operations GmbH & Co. KG)
U1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-22] (Avira Operations GmbH & Co. KG)
U2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2014-01-03] (Avira Operations GmbH & Co. KG)
U3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107920 2013-01-18] (Intel Corporation)
U3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [43408 2013-01-18] (Intel Corporation)
U3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [65424 2013-01-18] (Intel Corporation)
U3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229776 2013-01-18] (Intel Corporation)
U3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363920 2013-01-18] (Intel Corporation)
U3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
U0 msahci; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-17 13:19 - 2014-01-17 13:19 - 02076160 _____ (Farbar) C:\Users\Manuela\Downloads\FRST64(3).exe
2014-01-17 08:38 - 2014-01-17 08:38 - 00000000 ____D C:\Program Files (x86)\Jump Flip
2014-01-16 08:16 - 2014-01-16 08:16 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner(4).exe
2014-01-16 07:57 - 2014-01-16 07:57 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Malwarebytes
2014-01-16 07:56 - 2014-01-16 07:56 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-16 07:56 - 2014-01-16 07:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-16 07:56 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-16 07:55 - 2014-01-16 07:56 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Manuela\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-15 21:11 - 2013-12-07 07:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-01-15 21:11 - 2013-12-07 07:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 21:11 - 2013-12-07 06:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-01-15 21:11 - 2013-12-07 06:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 17:34 - 2014-01-15 17:34 - 02076160 _____ (Farbar) C:\Users\Manuela\Downloads\FRST64(2).exe
2014-01-15 17:32 - 2014-01-15 17:32 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner(3).exe
2014-01-15 15:59 - 2014-01-15 15:59 - 00013826 _____ C:\Users\Manuela\Desktop\JRT.txt
2014-01-15 15:55 - 2014-01-15 15:55 - 00000000 ____D C:\Windows\ERUNT
2014-01-15 15:54 - 2014-01-15 15:54 - 01037068 _____ (Thisisu) C:\Users\Manuela\Downloads\JRT.exe
2014-01-15 12:09 - 2014-01-15 12:09 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner(2).exe
2014-01-15 11:48 - 2014-01-16 08:21 - 00000000 ____D C:\AdwCleaner
2014-01-15 11:47 - 2014-01-15 11:47 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner.exe
2014-01-15 10:52 - 2014-01-15 10:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-15 10:51 - 2014-01-15 11:41 - 00000000 ____D C:\Users\Manuela\Desktop\mbar
2014-01-15 10:51 - 2014-01-15 11:16 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-15 10:50 - 2014-01-15 10:50 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Manuela\Downloads\mbar-1.07.0.1008.exe
2014-01-15 10:26 - 2014-01-15 10:26 - 00001211 _____ C:\Users\Manuela\Downloads\SHK.bat
2014-01-15 10:14 - 2014-01-16 10:10 - 00015734 _____ C:\Users\Manuela\Downloads\Addition.txt
2014-01-15 10:13 - 2014-01-17 13:19 - 00014527 _____ C:\Users\Manuela\Downloads\FRST.txt
2014-01-15 10:13 - 2014-01-16 19:12 - 00000000 ____D C:\FRST
2014-01-15 10:13 - 2014-01-15 10:13 - 02076160 _____ (Farbar) C:\Users\Manuela\Downloads\FRST64.exe
2014-01-14 08:53 - 2014-01-14 08:53 - 00001945 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-14 08:53 - 2014-01-14 08:53 - 00000000 ____D C:\Users\Manuela\AppData\Local\Mozilla
2014-01-14 08:53 - 2014-01-14 08:53 - 00000000 _____ C:\Windows\nsreg.dat
2014-01-14 08:21 - 2014-01-15 11:13 - 00000000 ____D C:\ProgramData\Updater
2014-01-14 08:21 - 2014-01-14 08:53 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Mozilla
2014-01-13 23:40 - 2014-01-15 10:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-13 23:40 - 2014-01-13 23:40 - 00000000 ____D C:\Users\Manuela\AppData\Local\Google
2014-01-13 07:35 - 2014-01-13 07:37 - 00002236 _____ C:\Windows\system32\ASOROSet.bin
2014-01-13 07:28 - 2014-01-13 07:35 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2014-01-13 07:14 - 2014-01-13 07:14 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-13 07:14 - 2014-01-13 07:14 - 00000000 ____D C:\Windows\system32\NV
2014-01-13 06:13 - 2014-01-13 06:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2014-01-13 06:13 - 2014-01-13 06:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2014-01-13 04:34 - 2014-01-13 04:34 - 00000000 _____ C:\autoexec.bat
2014-01-13 04:33 - 2014-01-15 10:25 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-12 23:35 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-01-12 23:35 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-01-12 23:35 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-01-12 23:35 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-01-12 23:35 - 2013-10-28 06:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-01-12 23:35 - 2013-10-28 05:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-01-12 23:35 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-01-12 23:35 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-12 23:35 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-01-12 23:35 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-01-12 23:35 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-01-12 22:52 - 2014-01-12 22:52 - 00001638 _____ C:\Users\Manuela\Desktop\Sync Folder.lnk
2014-01-12 22:52 - 2014-01-12 22:52 - 00000000 ____D C:\Users\Manuela\SyncFolder
2014-01-03 14:12 - 2014-01-03 14:12 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Avira
2014-01-03 14:07 - 2014-01-03 14:07 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2014-01-03 14:04 - 2014-01-03 14:09 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-01-03 14:04 - 2014-01-03 14:09 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-01-03 14:04 - 2014-01-03 14:09 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-01-03 14:04 - 2014-01-03 14:04 - 00002072 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2014-01-03 14:04 - 2014-01-03 14:04 - 00000000 ____D C:\ProgramData\Avira
2014-01-03 14:04 - 2014-01-03 14:04 - 00000000 ____D C:\Program Files (x86)\Avira
2014-01-03 14:04 - 2013-11-22 12:01 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-01-03 13:32 - 2013-11-19 11:21 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-03 13:19 - 2014-01-12 22:34 - 00000000 ____D C:\Users\Manuela\AppData\Local\cache
2014-01-03 13:19 - 2014-01-03 13:20 - 00000000 ____D C:\Users\Manuela\.android
2014-01-03 13:19 - 2014-01-03 13:19 - 00000000 _____ C:\Users\Manuela\daemonprocess.txt
2014-01-03 13:13 - 2014-01-03 13:13 - 00000000 ____D C:\Program Files (x86)\Amazon
2014-01-03 13:11 - 2014-01-03 13:11 - 02092792 _____ C:\Users\Manuela\Downloads\avira-free-antivirus [1].exe
2013-12-30 22:47 - 2013-12-30 22:58 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-12-26 22:56 - 2013-12-26 22:56 - 00000000 ___RD C:\Users\Manuela\SkyDrive
2013-12-26 22:05 - 2013-12-26 22:43 - 00000000 ____D C:\Users\Manuela\WEB.DE Online-Speicher
2013-12-26 22:05 - 2013-12-26 22:05 - 00001337 _____ C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WEB.DE Online-Speicher.lnk
2013-12-26 22:05 - 2013-12-26 22:05 - 00001329 _____ C:\Users\Manuela\Desktop\WEB.DE Online-Speicher.lnk
2013-12-26 22:05 - 2013-12-26 22:05 - 00000000 ____D C:\Users\Manuela\AppData\Local\WEB.DE Application {sync-000021}
2013-12-25 22:49 - 2013-12-25 22:49 - 00409704 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-24 11:50 - 2014-01-14 06:31 - 00000000 ____D C:\Users\Manuela\Documents\Auto
2013-12-24 11:31 - 2013-12-24 11:41 - 00000400 _____ C:\Windows\ODBC.INI
2013-12-24 11:30 - 2013-12-24 11:30 - 00000000 ____D C:\Windows\Msagent

==================== One Month Modified Files and Folders =======

2014-01-17 13:19 - 2014-01-17 13:19 - 02076160 _____ (Farbar) C:\Users\Manuela\Downloads\FRST64(3).exe
2014-01-17 13:19 - 2014-01-15 10:13 - 00014527 _____ C:\Users\Manuela\Downloads\FRST.txt
2014-01-17 13:14 - 2013-12-04 15:14 - 00000935 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Update {CC91ECC5-A7AC-4E4F-8715-9946ACD2F1A0}.job
2014-01-17 13:14 - 2013-12-04 15:14 - 00000749 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {CC91ECC5-A7AC-4E4F-8715-9946ACD2F1A0}.job
2014-01-17 13:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2014-01-17 12:39 - 2013-12-04 15:39 - 00000935 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Update {1F4C59CE-65DF-4311-A923-1398D5C36FCB}.job
2014-01-17 12:39 - 2013-12-04 15:39 - 00000749 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {1F4C59CE-65DF-4311-A923-1398D5C36FCB}.job
2014-01-17 12:36 - 2013-12-14 19:36 - 00000935 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Update {6722053F-5536-4362-A98B-FB472EF2D81D}.job
2014-01-17 12:36 - 2013-12-14 19:36 - 00000749 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {6722053F-5536-4362-A98B-FB472EF2D81D}.job
2014-01-17 08:45 - 2013-10-20 01:35 - 01648189 _____ C:\Windows\WindowsUpdate.log
2014-01-17 08:38 - 2014-01-17 08:38 - 00000000 ____D C:\Program Files (x86)\Jump Flip
2014-01-17 08:26 - 2013-12-02 21:26 - 00000062 _____ C:\Users\Manuela\AppData\Roaming\sp_data.sys
2014-01-16 19:12 - 2014-01-15 10:13 - 00000000 ____D C:\FRST
2014-01-16 10:10 - 2014-01-15 10:14 - 00015734 _____ C:\Users\Manuela\Downloads\Addition.txt
2014-01-16 08:35 - 2013-12-03 16:07 - 00000000 ____D C:\Windows\system32\MRT
2014-01-16 08:34 - 2013-12-03 16:07 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-16 08:34 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore
2014-01-16 08:33 - 2013-12-02 21:33 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2863067475-3168439478-3626505949-1002
2014-01-16 08:22 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-16 08:22 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2014-01-16 08:21 - 2014-01-15 11:48 - 00000000 ____D C:\AdwCleaner
2014-01-16 08:21 - 2013-12-02 21:26 - 00001001 _____ C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-16 08:21 - 2013-12-02 21:26 - 00000000 ___RD C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-16 08:16 - 2014-01-16 08:16 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner(4).exe
2014-01-16 08:04 - 2012-08-02 14:24 - 00362658 _____ C:\Windows\PFRO.log
2014-01-16 07:57 - 2014-01-16 07:57 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Malwarebytes
2014-01-16 07:56 - 2014-01-16 07:56 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-16 07:56 - 2014-01-16 07:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-16 07:56 - 2014-01-16 07:55 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Manuela\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-15 17:34 - 2014-01-15 17:34 - 02076160 _____ (Farbar) C:\Users\Manuela\Downloads\FRST64(2).exe
2014-01-15 17:32 - 2014-01-15 17:32 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner(3).exe
2014-01-15 15:59 - 2014-01-15 15:59 - 00013826 _____ C:\Users\Manuela\Desktop\JRT.txt
2014-01-15 15:55 - 2014-01-15 15:55 - 00000000 ____D C:\Windows\ERUNT
2014-01-15 15:54 - 2014-01-15 15:54 - 01037068 _____ (Thisisu) C:\Users\Manuela\Downloads\JRT.exe
2014-01-15 12:09 - 2014-01-15 12:09 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner(2).exe
2014-01-15 11:47 - 2014-01-15 11:47 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner.exe
2014-01-15 11:41 - 2014-01-15 10:51 - 00000000 ____D C:\Users\Manuela\Desktop\mbar
2014-01-15 11:16 - 2014-01-15 10:51 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-15 11:13 - 2014-01-14 08:21 - 00000000 ____D C:\ProgramData\Updater
2014-01-15 10:52 - 2014-01-15 10:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-15 10:50 - 2014-01-15 10:50 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Manuela\Downloads\mbar-1.07.0.1008.exe
2014-01-15 10:26 - 2014-01-15 10:26 - 00001211 _____ C:\Users\Manuela\Downloads\SHK.bat
2014-01-15 10:25 - 2014-01-13 04:33 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-15 10:14 - 2014-01-13 23:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-15 10:13 - 2014-01-15 10:13 - 02076160 _____ (Farbar) C:\Users\Manuela\Downloads\FRST64.exe
2014-01-14 08:53 - 2014-01-14 08:53 - 00001945 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-14 08:53 - 2014-01-14 08:53 - 00000000 ____D C:\Users\Manuela\AppData\Local\Mozilla
2014-01-14 08:53 - 2014-01-14 08:53 - 00000000 _____ C:\Windows\nsreg.dat
2014-01-14 08:53 - 2014-01-14 08:21 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Mozilla
2014-01-14 08:23 - 2013-04-26 00:16 - 00000561 _____ C:\Windows\DirectX.log
2014-01-14 07:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2014-01-14 06:31 - 2013-12-24 11:50 - 00000000 ____D C:\Users\Manuela\Documents\Auto
2014-01-13 23:40 - 2014-01-13 23:40 - 00000000 ____D C:\Users\Manuela\AppData\Local\Google
2014-01-13 07:40 - 2013-12-02 21:25 - 00000000 ____D C:\Users\Manuela
2014-01-13 07:38 - 2012-07-26 06:26 - 77594624 _____ C:\Windows\system32\config\SOFTWARE.bak
2014-01-13 07:38 - 2012-07-26 06:26 - 12845056 _____ C:\Windows\system32\config\SYSTEM.bak
2014-01-13 07:38 - 2012-07-26 06:26 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2014-01-13 07:37 - 2014-01-13 07:35 - 00002236 _____ C:\Windows\system32\ASOROSet.bin
2014-01-13 07:36 - 2012-07-26 06:26 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2014-01-13 07:35 - 2014-01-13 07:28 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2014-01-13 07:14 - 2014-01-13 07:14 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-13 07:14 - 2014-01-13 07:14 - 00000000 ____D C:\Windows\system32\NV
2014-01-13 07:14 - 2013-10-20 01:36 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-13 07:06 - 2013-10-20 01:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-13 06:13 - 2014-01-13 06:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2014-01-13 06:13 - 2014-01-13 06:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2014-01-13 06:12 - 2012-07-26 06:26 - 00000220 _____ C:\Windows\win.ini
2014-01-13 04:34 - 2014-01-13 04:34 - 00000000 _____ C:\autoexec.bat
2014-01-12 23:45 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\NDF
2014-01-12 22:52 - 2014-01-12 22:52 - 00001638 _____ C:\Users\Manuela\Desktop\Sync Folder.lnk
2014-01-12 22:52 - 2014-01-12 22:52 - 00000000 ____D C:\Users\Manuela\SyncFolder
2014-01-12 22:34 - 2014-01-03 13:19 - 00000000 ____D C:\Users\Manuela\AppData\Local\cache
2014-01-09 09:02 - 2013-12-16 13:11 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-09 09:02 - 2013-12-16 13:11 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-06 09:18 - 2013-12-08 13:42 - 00000000 ____D C:\Users\Manuela\AppData\Local\Windows Live
2014-01-03 14:12 - 2014-01-03 14:12 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Avira
2014-01-03 14:09 - 2014-01-03 14:04 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-01-03 14:09 - 2014-01-03 14:04 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-01-03 14:09 - 2014-01-03 14:04 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-01-03 14:07 - 2014-01-03 14:07 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2014-01-03 14:04 - 2014-01-03 14:04 - 00002072 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2014-01-03 14:04 - 2014-01-03 14:04 - 00000000 ____D C:\ProgramData\Avira
2014-01-03 14:04 - 2014-01-03 14:04 - 00000000 ____D C:\Program Files (x86)\Avira
2014-01-03 13:45 - 2013-10-20 01:51 - 00000000 ____D C:\Program Files\McAfeeEx
2014-01-03 13:45 - 2013-04-26 00:18 - 00000000 ____D C:\ProgramData\McAfee
2014-01-03 13:45 - 2013-04-26 00:18 - 00000000 ____D C:\Program Files\mcafee
2014-01-03 13:45 - 2013-04-26 00:18 - 00000000 ____D C:\Program Files\Common Files\mcafee
2014-01-03 13:28 - 2012-07-26 09:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2014-01-03 13:20 - 2014-01-03 13:19 - 00000000 ____D C:\Users\Manuela\.android
2014-01-03 13:19 - 2014-01-03 13:19 - 00000000 _____ C:\Users\Manuela\daemonprocess.txt
2014-01-03 13:13 - 2014-01-03 13:13 - 00000000 ____D C:\Program Files (x86)\Amazon
2014-01-03 13:11 - 2014-01-03 13:11 - 02092792 _____ C:\Users\Manuela\Downloads\avira-free-antivirus [1].exe
2014-01-03 13:08 - 2012-08-03 00:02 - 00759192 _____ C:\Windows\system32\perfh007.dat
2014-01-03 13:08 - 2012-08-03 00:02 - 00158376 _____ C:\Windows\system32\perfc007.dat
2014-01-03 13:08 - 2012-07-26 08:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-03 10:33 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-12-30 22:59 - 2013-04-26 00:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-30 22:58 - 2013-12-30 22:47 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-12-26 22:56 - 2013-12-26 22:56 - 00000000 ___RD C:\Users\Manuela\SkyDrive
2013-12-26 22:56 - 2013-12-02 21:25 - 00002189 _____ C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-12-26 22:43 - 2013-12-26 22:05 - 00000000 ____D C:\Users\Manuela\WEB.DE Online-Speicher
2013-12-26 22:05 - 2013-12-26 22:05 - 00001337 _____ C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WEB.DE Online-Speicher.lnk
2013-12-26 22:05 - 2013-12-26 22:05 - 00001329 _____ C:\Users\Manuela\Desktop\WEB.DE Online-Speicher.lnk
2013-12-26 22:05 - 2013-12-26 22:05 - 00000000 ____D C:\Users\Manuela\AppData\Local\WEB.DE Application {sync-000021}
2013-12-25 23:10 - 2013-12-05 21:42 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Epson
2013-12-25 23:10 - 2013-12-04 15:02 - 00000000 ____D C:\ProgramData\Epson
2013-12-25 22:49 - 2013-12-25 22:49 - 00409704 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-25 22:46 - 2012-07-26 10:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-12-25 22:46 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\SysWOW64\winrm
2013-12-25 22:46 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2013-12-25 22:46 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2013-12-25 22:46 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\en-GB
2013-12-25 22:46 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-12-25 22:46 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2013-12-25 22:46 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-12-25 22:46 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-12-25 22:46 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Common Files\System
2013-12-25 22:46 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-12-25 22:46 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-12-25 22:46 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-12-25 22:46 - 2012-07-26 06:37 - 00000000 ____D C:\Windows\servicing
2013-12-25 22:45 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\SysWOW64\WCN
2013-12-25 22:45 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-12-25 22:45 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-12-25 22:44 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2013-12-25 22:44 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\system32\winrm
2013-12-25 22:44 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\system32\slmgr
2013-12-25 22:44 - 2012-07-26 09:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-12-25 22:44 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\SysWOW64\Com
2013-12-25 22:44 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\migwiz
2013-12-25 22:44 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\en-GB
2013-12-25 22:44 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-25 22:44 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\Sysprep
2013-12-25 22:44 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\oobe
2013-12-25 22:41 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\system32\WCN
2013-12-25 22:41 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\MUI
2013-12-25 22:41 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\Dism
2013-12-25 22:40 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-12-25 22:40 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2013-12-25 22:40 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\Com
2013-12-24 11:48 - 2013-12-02 21:25 - 00000000 ____D C:\Users\Manuela\AppData\Local\VirtualStore
2013-12-24 11:41 - 2013-12-24 11:31 - 00000400 _____ C:\Windows\ODBC.INI
2013-12-24 11:39 - 2012-07-26 10:45 - 00000000 ____D C:\Windows\ShellNew
2013-12-24 11:36 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\System
2013-12-24 11:30 - 2013-12-24 11:30 - 00000000 ____D C:\Windows\Msagent
2013-12-24 11:30 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\Help
2013-12-18 08:10 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent

Some content of TEMP:
====================
C:\Users\Manuela\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-17 08:43

==================== End Of Log ============================
         

--- --- ---

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2014 03
Ran by Manuela at 2014-01-17 13:19:42
Running from C:\Users\Manuela\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Amazon 1Button App (x32 Version: 1.0.4 - Amazon)
ASUS InstantOn (x32 Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (x32 Version: 3.1.13 - ASUS)
ASUS Live Update (x32 Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (Version: 2.0.4 - ASUS)
ASUS Screen Saver (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (x32 Version: 1.1.3 - ASUS)
ASUS Splendid Video Enhancement Technology (x32 Version: 2.01.0002 - ASUS)
ASUS USB Charger Plus (x32 Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (x32 Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
ATK Package (x32 Version: 1.0.0027 - ASUS)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Avira SearchFree Toolbar (x32 Version: 12.10.0.2951 - APN, LLC)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled Twist (x32 Version: 2.2.0.95 - WildTangent) Hidden
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Epson Connect Printer Setup (x32 Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson Event Manager (x32 Version: 3.10.0017 - Seiko Epson Corporation)
EPSON Scan (x32 Version:  - Seiko Epson Corporation)
EPSON XP-215 217 Series Printer Uninstall (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (x32 Version: 1.31.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (x32 Version: 2.6.0 - SEIKO EPSON CORPORATION)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (x32 Version: 6.0.7.1084 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2867 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Jump Flip (Version: 2013.12.27.213125 - Jump Flip) <==== ATTENTION
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (x32 Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office XP Media Content (x32 Version: 10.0.2619.0 - Microsoft Corporation)
Microsoft Office XP Professional (x32 Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Publisher 2002 (x32 Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works 6-9 Converter (x32 Version: 14.0.6120.5002 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox (3.6.28) (x32 Version: 3.6.28 (de) - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyBitCast 2.0 (x32 Version: 2.0 - ASUS)
MyEPSON Portal (x32 Version:  - SEIKO EPSON Corporation)
MyEPSON Portal (x32 Version: 1.0.4.0 - SEIKO EPSON CORPORATION) Hidden
NewPlayer (x32 Version: v2.1.1.0 - TUGUU SL)
NVIDIA Grafiktreiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.15.2 (Version: 1.15.2 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
PC Speed Maximizer v3.2 (x32 Version: 3.2 - Smart PC Solutions)
PC Speed Up (Version: 3.4.1.0 - Speedchecker Limited)
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Qualcomm Atheros Client Installation Program (x32 Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (x32 Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6829 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (x32 Version: 6.1.8400.27023 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
Software Updater (x32 Version: 4.1.7 - SEIKO EPSON CORPORATION)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Updater (x32 Version: 2.6.53 - Creative Island Media, LLC)
WEB.DE Online-Speicher 1.5.1894.0 (HKCU Version: 1.5.1894.0 - 1&1 Mail & Media GmbH)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
WildTangent-Spiele (x32 Version: 1.0.4.0 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse  (01/10/2013 1.0.0.170) (Version: 01/10/2013 1.0.0.170 - ASUS)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (x32 Version: 2.41.1 - ASUS)

==================== Restore Points  =========================

15-01-2014 07:14:23 Geplanter Prüfpunkt
15-01-2014 10:11:40 Malwarebytes Anti-Rootkit Restore Point

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {03EA440E-14DE-4338-990D-70BFD0144558} - \{72B62A4C-4546-4C80-9DA8-459C32A2C0B9} No Task File
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1C7A9998-330D-4BAA-ADDF-48606EB80EFD} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-29] (ASUS)
Task: {20FC13A1-B0B6-4C97-BC33-5D33F28CDCAC} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-01-16] (AsusTek)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {44910F63-82D0-4E48-AA5A-34762E02D3C2} - System32\Tasks\EPSON XP-215 217 Series Invitation {1F4C59CE-65DF-4311-A923-1398D5C36FCB} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {68EE22AF-03C0-4297-A9C0-5A4155621436} - System32\Tasks\EPSON XP-215 217 Series Update {1F4C59CE-65DF-4311-A923-1398D5C36FCB} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {74F9DE2E-15D3-497B-8A25-24143949A633} - System32\Tasks\EPSON XP-215 217 Series Update {6722053F-5536-4362-A98B-FB472EF2D81D} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {8058864E-9740-427F-B963-726680C33286} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {8A39CEB1-2BD8-4497-81CF-8CA056E72B2C} - \LaunchApp No Task File
Task: {8BC43FF5-FD75-4E7C-9FCB-2BA873D24534} - System32\Tasks\EPSON XP-215 217 Series Invitation {CC91ECC5-A7AC-4E4F-8715-9946ACD2F1A0} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {924EEE96-7372-4068-AEA3-C1E8B54B10C0} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B0A73E07-0BE1-4656-B502-C4A1B70BF7F2} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {C488200D-B5F5-46C1-A540-00DDD8C43E07} - System32\Tasks\EPSON XP-215 217 Series Invitation {6722053F-5536-4362-A98B-FB472EF2D81D} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CA08D60E-2D36-4D99-A35F-BB99F1AA895C} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-10-24] (ASUS)
Task: {E39E9D46-7731-4EA0-969E-765D805BB328} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2012-11-29] ()
Task: {E82F9241-79B7-4814-B52B-AF20E6CFD01E} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F25DA116-752C-4066-B90A-39859EB957B9} - System32\Tasks\EPSON XP-215 217 Series Update {CC91ECC5-A7AC-4E4F-8715-9946ACD2F1A0} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {1F4C59CE-65DF-4311-A923-1398D5C36FCB}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {6722053F-5536-4362-A98B-FB472EF2D81D}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {CC91ECC5-A7AC-4E4F-8715-9946ACD2F1A0}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {1F4C59CE-65DF-4311-A923-1398D5C36FCB}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {6722053F-5536-4362-A98B-FB472EF2D81D}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {CC91ECC5-A7AC-4E4F-8715-9946ACD2F1A0}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE

==================== Loaded Modules (whitelisted) =============

2012-08-24 17:26 - 2012-08-24 17:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-12-03 14:48 - 2013-12-03 14:50 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-12-26 22:05 - 2013-09-13 15:12 - 00070656 _____ () C:\Users\Manuela\AppData\Local\WEB.DE Application {sync-000021}\CoreBranding.dll
2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-04-24 14:30 - 2012-10-15 05:09 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2014-01-03 14:04 - 2013-11-22 12:01 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-10-20 01:39 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-01-14 08:53 - 2012-03-06 18:29 - 01014744 _____ () C:\Program Files (x86)\Mozilla Firefox\js3250.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.


==================== Memory info =========================== 

Percentage of memory in use: 18%
Total physical RAM: 8077.54 MB
Available physical RAM: 6577.85 MB
Total Pagefile: 16781.54 MB
Available Pagefile: 14833.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:298.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:537.8 GB) (Free:537.64 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 568814A2)

Partition: GPT Partition Type
==================== End Of Log ============================
         

DANKE

Du hast FRST nicht neu runtergeladen!!

Doch habe ich schon gemacht...ich mache es nochmal...


FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2014 03
Ran by Manuela (administrator) on MANUELA on 17-01-2014 13:37:15
Running from C:\Users\Manuela\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEPSON Connect\mepService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEPSON Connect\mep.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILGE.EXE
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILGE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILGE.EXE
(1&1 Mail & Media GmbH) C:\Users\Manuela\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Manuela\Downloads\FRST64(4).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-23] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ATLauncher] - "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createshortcuts:1
HKLM-x32\...\Run: [ATUninstallIcon] - "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createuninstallentry:1
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2014-01-03] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILGE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [EPLTarget\P0000000000000001] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILGE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [EPLTarget\P0000000000000002] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILGE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [WEB.DE Application {sync-000021}] - C:\Users\Manuela\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe [875008 2013-09-13] (1&1 Mail & Media GmbH)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - C1A6C3714AB8411A9EC8696FFDF77A6F URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p07_serp_ie_de_display?ie=UTF8&tagbase=bds-p07&tag=bds-p07-serp-de-ie-21&tbrId=v1_abb-channel-7_4d9d85559c694c5b96d77187a7f567c1_30_46_20140103_DE_ie_ds_AdWords&query={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\rhkfz73g.default
FF NetworkProxy: "type", 0
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll (mozilla.org)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

Chrome: 
=======
CHR Extension: (Plus-HD-5.5) - C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\default\extensions\aoilcbjfkbdplcfglkiedhefcomondlk\1.26.9_0 [2014-01-13]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

U2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2014-01-03] (Avira Operations GmbH & Co. KG)
U2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-22] (Avira Operations GmbH & Co. KG)
U2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2014-01-03] (Avira Operations GmbH & Co. KG)
U2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
U2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] ()
U2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [31632 2013-01-18] (Intel Corporation)
U2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [33168 2013-01-18] (Intel Corporation)
U2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
U2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent)
U2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
U3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
U2 MyEPSON Connect Service; C:\Program Files (x86)\EPSON\MyEPSON Connect\mepService.exe [703616 2012-10-01] (SEIKO EPSON CORPORATION)
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
U2 APNMCP; "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe" [x]
U2 MgAssistService; C:\Program Files (x86)\Mobogenie\MgAssist.exe [x]

==================== Drivers (Whitelisted) ====================

U3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-01-16] (ASUS Corporation)
U2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-01-03] (Avira Operations GmbH & Co. KG)
U1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2014-01-03] (Avira Operations GmbH & Co. KG)
U1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-22] (Avira Operations GmbH & Co. KG)
U2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2014-01-03] (Avira Operations GmbH & Co. KG)
U3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107920 2013-01-18] (Intel Corporation)
U3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [43408 2013-01-18] (Intel Corporation)
U3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [65424 2013-01-18] (Intel Corporation)
U3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229776 2013-01-18] (Intel Corporation)
U3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363920 2013-01-18] (Intel Corporation)
U3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
U0 msahci; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-17 13:37 - 2014-01-17 13:37 - 02076160 _____ (Farbar) C:\Users\Manuela\Downloads\FRST64(4).exe
2014-01-17 13:19 - 2014-01-17 13:19 - 02076160 _____ (Farbar) C:\Users\Manuela\Downloads\FRST64(3).exe
2014-01-17 08:38 - 2014-01-17 08:38 - 00000000 ____D C:\Program Files (x86)\Jump Flip
2014-01-16 08:16 - 2014-01-16 08:16 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner(4).exe
2014-01-16 07:57 - 2014-01-16 07:57 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Malwarebytes
2014-01-16 07:56 - 2014-01-16 07:56 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-16 07:56 - 2014-01-16 07:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-16 07:56 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-16 07:55 - 2014-01-16 07:56 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Manuela\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-15 21:11 - 2013-12-07 07:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-01-15 21:11 - 2013-12-07 07:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 21:11 - 2013-12-07 06:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-01-15 21:11 - 2013-12-07 06:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 17:34 - 2014-01-15 17:34 - 02076160 _____ (Farbar) C:\Users\Manuela\Downloads\FRST64(2).exe
2014-01-15 17:32 - 2014-01-15 17:32 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner(3).exe
2014-01-15 15:59 - 2014-01-15 15:59 - 00013826 _____ C:\Users\Manuela\Desktop\JRT.txt
2014-01-15 15:55 - 2014-01-15 15:55 - 00000000 ____D C:\Windows\ERUNT
2014-01-15 15:54 - 2014-01-15 15:54 - 01037068 _____ (Thisisu) C:\Users\Manuela\Downloads\JRT.exe
2014-01-15 12:09 - 2014-01-15 12:09 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner(2).exe
2014-01-15 11:48 - 2014-01-16 08:21 - 00000000 ____D C:\AdwCleaner
2014-01-15 11:47 - 2014-01-15 11:47 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner.exe
2014-01-15 10:52 - 2014-01-15 10:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-15 10:51 - 2014-01-15 11:41 - 00000000 ____D C:\Users\Manuela\Desktop\mbar
2014-01-15 10:51 - 2014-01-15 11:16 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-15 10:50 - 2014-01-15 10:50 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Manuela\Downloads\mbar-1.07.0.1008.exe
2014-01-15 10:26 - 2014-01-15 10:26 - 00001211 _____ C:\Users\Manuela\Downloads\SHK.bat
2014-01-15 10:14 - 2014-01-17 13:19 - 00015716 _____ C:\Users\Manuela\Downloads\Addition.txt
2014-01-15 10:13 - 2014-01-17 13:37 - 00014460 _____ C:\Users\Manuela\Downloads\FRST.txt
2014-01-15 10:13 - 2014-01-16 19:12 - 00000000 ____D C:\FRST
2014-01-15 10:13 - 2014-01-15 10:13 - 02076160 _____ (Farbar) C:\Users\Manuela\Downloads\FRST64.exe
2014-01-14 08:53 - 2014-01-14 08:53 - 00001945 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-14 08:53 - 2014-01-14 08:53 - 00000000 ____D C:\Users\Manuela\AppData\Local\Mozilla
2014-01-14 08:53 - 2014-01-14 08:53 - 00000000 _____ C:\Windows\nsreg.dat
2014-01-14 08:21 - 2014-01-15 11:13 - 00000000 ____D C:\ProgramData\Updater
2014-01-14 08:21 - 2014-01-14 08:53 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Mozilla
2014-01-13 23:40 - 2014-01-15 10:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-13 23:40 - 2014-01-13 23:40 - 00000000 ____D C:\Users\Manuela\AppData\Local\Google
2014-01-13 07:35 - 2014-01-13 07:37 - 00002236 _____ C:\Windows\system32\ASOROSet.bin
2014-01-13 07:28 - 2014-01-13 07:35 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2014-01-13 07:14 - 2014-01-13 07:14 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-13 07:14 - 2014-01-13 07:14 - 00000000 ____D C:\Windows\system32\NV
2014-01-13 06:13 - 2014-01-13 06:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2014-01-13 06:13 - 2014-01-13 06:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2014-01-13 04:34 - 2014-01-13 04:34 - 00000000 _____ C:\autoexec.bat
2014-01-13 04:33 - 2014-01-15 10:25 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-12 23:35 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-01-12 23:35 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-01-12 23:35 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-01-12 23:35 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-01-12 23:35 - 2013-10-28 06:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-01-12 23:35 - 2013-10-28 05:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-01-12 23:35 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-01-12 23:35 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-12 23:35 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-01-12 23:35 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-01-12 23:35 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-01-12 22:52 - 2014-01-12 22:52 - 00001638 _____ C:\Users\Manuela\Desktop\Sync Folder.lnk
2014-01-12 22:52 - 2014-01-12 22:52 - 00000000 ____D C:\Users\Manuela\SyncFolder
2014-01-03 14:12 - 2014-01-03 14:12 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Avira
2014-01-03 14:07 - 2014-01-03 14:07 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2014-01-03 14:04 - 2014-01-03 14:09 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-01-03 14:04 - 2014-01-03 14:09 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-01-03 14:04 - 2014-01-03 14:09 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-01-03 14:04 - 2014-01-03 14:04 - 00002072 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2014-01-03 14:04 - 2014-01-03 14:04 - 00000000 ____D C:\ProgramData\Avira
2014-01-03 14:04 - 2014-01-03 14:04 - 00000000 ____D C:\Program Files (x86)\Avira
2014-01-03 14:04 - 2013-11-22 12:01 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-01-03 13:32 - 2013-11-19 11:21 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-03 13:19 - 2014-01-12 22:34 - 00000000 ____D C:\Users\Manuela\AppData\Local\cache
2014-01-03 13:19 - 2014-01-03 13:20 - 00000000 ____D C:\Users\Manuela\.android
2014-01-03 13:19 - 2014-01-03 13:19 - 00000000 _____ C:\Users\Manuela\daemonprocess.txt
2014-01-03 13:13 - 2014-01-03 13:13 - 00000000 ____D C:\Program Files (x86)\Amazon
2014-01-03 13:11 - 2014-01-03 13:11 - 02092792 _____ C:\Users\Manuela\Downloads\avira-free-antivirus [1].exe
2013-12-30 22:47 - 2013-12-30 22:58 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-12-26 22:56 - 2013-12-26 22:56 - 00000000 ___RD C:\Users\Manuela\SkyDrive
2013-12-26 22:05 - 2013-12-26 22:43 - 00000000 ____D C:\Users\Manuela\WEB.DE Online-Speicher
2013-12-26 22:05 - 2013-12-26 22:05 - 00001337 _____ C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WEB.DE Online-Speicher.lnk
2013-12-26 22:05 - 2013-12-26 22:05 - 00001329 _____ C:\Users\Manuela\Desktop\WEB.DE Online-Speicher.lnk
2013-12-26 22:05 - 2013-12-26 22:05 - 00000000 ____D C:\Users\Manuela\AppData\Local\WEB.DE Application {sync-000021}
2013-12-25 22:49 - 2013-12-25 22:49 - 00409704 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-24 11:50 - 2014-01-14 06:31 - 00000000 ____D C:\Users\Manuela\Documents\Auto
2013-12-24 11:31 - 2013-12-24 11:41 - 00000400 _____ C:\Windows\ODBC.INI
2013-12-24 11:30 - 2013-12-24 11:30 - 00000000 ____D C:\Windows\Msagent

==================== One Month Modified Files and Folders =======

2014-01-17 13:37 - 2014-01-17 13:37 - 02076160 _____ (Farbar) C:\Users\Manuela\Downloads\FRST64(4).exe
2014-01-17 13:37 - 2014-01-15 10:13 - 00014460 _____ C:\Users\Manuela\Downloads\FRST.txt
2014-01-17 13:36 - 2013-12-14 19:36 - 00000935 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Update {6722053F-5536-4362-A98B-FB472EF2D81D}.job
2014-01-17 13:36 - 2013-12-14 19:36 - 00000749 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {6722053F-5536-4362-A98B-FB472EF2D81D}.job
2014-01-17 13:31 - 2013-10-20 01:35 - 01677231 _____ C:\Windows\WindowsUpdate.log
2014-01-17 13:19 - 2014-01-17 13:19 - 02076160 _____ (Farbar) C:\Users\Manuela\Downloads\FRST64(3).exe
2014-01-17 13:19 - 2014-01-15 10:14 - 00015716 _____ C:\Users\Manuela\Downloads\Addition.txt
2014-01-17 13:14 - 2013-12-04 15:14 - 00000935 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Update {CC91ECC5-A7AC-4E4F-8715-9946ACD2F1A0}.job
2014-01-17 13:14 - 2013-12-04 15:14 - 00000749 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {CC91ECC5-A7AC-4E4F-8715-9946ACD2F1A0}.job
2014-01-17 13:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2014-01-17 12:39 - 2013-12-04 15:39 - 00000935 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Update {1F4C59CE-65DF-4311-A923-1398D5C36FCB}.job
2014-01-17 12:39 - 2013-12-04 15:39 - 00000749 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {1F4C59CE-65DF-4311-A923-1398D5C36FCB}.job
2014-01-17 08:38 - 2014-01-17 08:38 - 00000000 ____D C:\Program Files (x86)\Jump Flip
2014-01-17 08:26 - 2013-12-02 21:26 - 00000062 _____ C:\Users\Manuela\AppData\Roaming\sp_data.sys
2014-01-16 19:12 - 2014-01-15 10:13 - 00000000 ____D C:\FRST
2014-01-16 08:35 - 2013-12-03 16:07 - 00000000 ____D C:\Windows\system32\MRT
2014-01-16 08:34 - 2013-12-03 16:07 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-16 08:34 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore
2014-01-16 08:33 - 2013-12-02 21:33 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2863067475-3168439478-3626505949-1002
2014-01-16 08:22 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-16 08:22 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2014-01-16 08:21 - 2014-01-15 11:48 - 00000000 ____D C:\AdwCleaner
2014-01-16 08:21 - 2013-12-02 21:26 - 00001001 _____ C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-16 08:21 - 2013-12-02 21:26 - 00000000 ___RD C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-16 08:16 - 2014-01-16 08:16 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner(4).exe
2014-01-16 08:04 - 2012-08-02 14:24 - 00362658 _____ C:\Windows\PFRO.log
2014-01-16 07:57 - 2014-01-16 07:57 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Malwarebytes
2014-01-16 07:56 - 2014-01-16 07:56 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-16 07:56 - 2014-01-16 07:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-16 07:56 - 2014-01-16 07:55 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Manuela\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-15 17:34 - 2014-01-15 17:34 - 02076160 _____ (Farbar) C:\Users\Manuela\Downloads\FRST64(2).exe
2014-01-15 17:32 - 2014-01-15 17:32 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner(3).exe
2014-01-15 15:59 - 2014-01-15 15:59 - 00013826 _____ C:\Users\Manuela\Desktop\JRT.txt
2014-01-15 15:55 - 2014-01-15 15:55 - 00000000 ____D C:\Windows\ERUNT
2014-01-15 15:54 - 2014-01-15 15:54 - 01037068 _____ (Thisisu) C:\Users\Manuela\Downloads\JRT.exe
2014-01-15 12:09 - 2014-01-15 12:09 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner(2).exe
2014-01-15 11:47 - 2014-01-15 11:47 - 01236282 _____ C:\Users\Manuela\Downloads\adwcleaner.exe
2014-01-15 11:41 - 2014-01-15 10:51 - 00000000 ____D C:\Users\Manuela\Desktop\mbar
2014-01-15 11:16 - 2014-01-15 10:51 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-15 11:13 - 2014-01-14 08:21 - 00000000 ____D C:\ProgramData\Updater
2014-01-15 10:52 - 2014-01-15 10:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-15 10:50 - 2014-01-15 10:50 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Manuela\Downloads\mbar-1.07.0.1008.exe
2014-01-15 10:26 - 2014-01-15 10:26 - 00001211 _____ C:\Users\Manuela\Downloads\SHK.bat
2014-01-15 10:25 - 2014-01-13 04:33 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-15 10:14 - 2014-01-13 23:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-15 10:13 - 2014-01-15 10:13 - 02076160 _____ (Farbar) C:\Users\Manuela\Downloads\FRST64.exe
2014-01-14 08:53 - 2014-01-14 08:53 - 00001945 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-14 08:53 - 2014-01-14 08:53 - 00000000 ____D C:\Users\Manuela\AppData\Local\Mozilla
2014-01-14 08:53 - 2014-01-14 08:53 - 00000000 _____ C:\Windows\nsreg.dat
2014-01-14 08:53 - 2014-01-14 08:21 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Mozilla
2014-01-14 08:23 - 2013-04-26 00:16 - 00000561 _____ C:\Windows\DirectX.log
2014-01-14 07:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2014-01-14 06:31 - 2013-12-24 11:50 - 00000000 ____D C:\Users\Manuela\Documents\Auto
2014-01-13 23:40 - 2014-01-13 23:40 - 00000000 ____D C:\Users\Manuela\AppData\Local\Google
2014-01-13 07:40 - 2013-12-02 21:25 - 00000000 ____D C:\Users\Manuela
2014-01-13 07:38 - 2012-07-26 06:26 - 77594624 _____ C:\Windows\system32\config\SOFTWARE.bak
2014-01-13 07:38 - 2012-07-26 06:26 - 12845056 _____ C:\Windows\system32\config\SYSTEM.bak
2014-01-13 07:38 - 2012-07-26 06:26 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2014-01-13 07:37 - 2014-01-13 07:35 - 00002236 _____ C:\Windows\system32\ASOROSet.bin
2014-01-13 07:36 - 2012-07-26 06:26 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2014-01-13 07:35 - 2014-01-13 07:28 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2014-01-13 07:14 - 2014-01-13 07:14 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-13 07:14 - 2014-01-13 07:14 - 00000000 ____D C:\Windows\system32\NV
2014-01-13 07:14 - 2013-10-20 01:36 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-13 07:06 - 2013-10-20 01:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-13 06:13 - 2014-01-13 06:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2014-01-13 06:13 - 2014-01-13 06:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2014-01-13 06:12 - 2012-07-26 06:26 - 00000220 _____ C:\Windows\win.ini
2014-01-13 04:34 - 2014-01-13 04:34 - 00000000 _____ C:\autoexec.bat
2014-01-12 23:45 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\NDF
2014-01-12 22:52 - 2014-01-12 22:52 - 00001638 _____ C:\Users\Manuela\Desktop\Sync Folder.lnk
2014-01-12 22:52 - 2014-01-12 22:52 - 00000000 ____D C:\Users\Manuela\SyncFolder
2014-01-12 22:34 - 2014-01-03 13:19 - 00000000 ____D C:\Users\Manuela\AppData\Local\cache
2014-01-09 09:02 - 2013-12-16 13:11 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-09 09:02 - 2013-12-16 13:11 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-06 09:18 - 2013-12-08 13:42 - 00000000 ____D C:\Users\Manuela\AppData\Local\Windows Live
2014-01-03 14:12 - 2014-01-03 14:12 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Avira
2014-01-03 14:09 - 2014-01-03 14:04 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-01-03 14:09 - 2014-01-03 14:04 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-01-03 14:09 - 2014-01-03 14:04 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-01-03 14:07 - 2014-01-03 14:07 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2014-01-03 14:04 - 2014-01-03 14:04 - 00002072 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2014-01-03 14:04 - 2014-01-03 14:04 - 00000000 ____D C:\ProgramData\Avira
2014-01-03 14:04 - 2014-01-03 14:04 - 00000000 ____D C:\Program Files (x86)\Avira
2014-01-03 13:45 - 2013-10-20 01:51 - 00000000 ____D C:\Program Files\McAfeeEx
2014-01-03 13:45 - 2013-04-26 00:18 - 00000000 ____D C:\ProgramData\McAfee
2014-01-03 13:45 - 2013-04-26 00:18 - 00000000 ____D C:\Program Files\mcafee
2014-01-03 13:45 - 2013-04-26 00:18 - 00000000 ____D C:\Program Files\Common Files\mcafee
2014-01-03 13:28 - 2012-07-26 09:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2014-01-03 13:20 - 2014-01-03 13:19 - 00000000 ____D C:\Users\Manuela\.android
2014-01-03 13:19 - 2014-01-03 13:19 - 00000000 _____ C:\Users\Manuela\daemonprocess.txt
2014-01-03 13:13 - 2014-01-03 13:13 - 00000000 ____D C:\Program Files (x86)\Amazon
2014-01-03 13:11 - 2014-01-03 13:11 - 02092792 _____ C:\Users\Manuela\Downloads\avira-free-antivirus [1].exe
2014-01-03 13:08 - 2012-08-03 00:02 - 00759192 _____ C:\Windows\system32\perfh007.dat
2014-01-03 13:08 - 2012-08-03 00:02 - 00158376 _____ C:\Windows\system32\perfc007.dat
2014-01-03 13:08 - 2012-07-26 08:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-03 10:33 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-12-30 22:59 - 2013-04-26 00:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-30 22:58 - 2013-12-30 22:47 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-12-26 22:56 - 2013-12-26 22:56 - 00000000 ___RD C:\Users\Manuela\SkyDrive
2013-12-26 22:56 - 2013-12-02 21:25 - 00002189 _____ C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-12-26 22:43 - 2013-12-26 22:05 - 00000000 ____D C:\Users\Manuela\WEB.DE Online-Speicher
2013-12-26 22:05 - 2013-12-26 22:05 - 00001337 _____ C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WEB.DE Online-Speicher.lnk
2013-12-26 22:05 - 2013-12-26 22:05 - 00001329 _____ C:\Users\Manuela\Desktop\WEB.DE Online-Speicher.lnk
2013-12-26 22:05 - 2013-12-26 22:05 - 00000000 ____D C:\Users\Manuela\AppData\Local\WEB.DE Application {sync-000021}
2013-12-25 23:10 - 2013-12-05 21:42 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Epson
2013-12-25 23:10 - 2013-12-04 15:02 - 00000000 ____D C:\ProgramData\Epson
2013-12-25 22:49 - 2013-12-25 22:49 - 00409704 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-25 22:46 - 2012-07-26 10:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-12-25 22:46 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\SysWOW64\winrm
2013-12-25 22:46 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2013-12-25 22:46 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2013-12-25 22:46 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\en-GB
2013-12-25 22:46 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-12-25 22:46 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2013-12-25 22:46 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-12-25 22:46 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-12-25 22:46 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Common Files\System
2013-12-25 22:46 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-12-25 22:46 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-12-25 22:46 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-12-25 22:46 - 2012-07-26 06:37 - 00000000 ____D C:\Windows\servicing
2013-12-25 22:45 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\SysWOW64\WCN
2013-12-25 22:45 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-12-25 22:45 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-12-25 22:44 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2013-12-25 22:44 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\system32\winrm
2013-12-25 22:44 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\system32\slmgr
2013-12-25 22:44 - 2012-07-26 09:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-12-25 22:44 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\SysWOW64\Com
2013-12-25 22:44 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\migwiz
2013-12-25 22:44 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\en-GB
2013-12-25 22:44 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-25 22:44 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\Sysprep
2013-12-25 22:44 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\oobe
2013-12-25 22:41 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\system32\WCN
2013-12-25 22:41 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\MUI
2013-12-25 22:41 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\Dism
2013-12-25 22:40 - 2012-07-26 10:43 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-12-25 22:40 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2013-12-25 22:40 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\Com
2013-12-24 11:48 - 2013-12-02 21:25 - 00000000 ____D C:\Users\Manuela\AppData\Local\VirtualStore
2013-12-24 11:41 - 2013-12-24 11:31 - 00000400 _____ C:\Windows\ODBC.INI
2013-12-24 11:39 - 2012-07-26 10:45 - 00000000 ____D C:\Windows\ShellNew
2013-12-24 11:36 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\System
2013-12-24 11:30 - 2013-12-24 11:30 - 00000000 ____D C:\Windows\Msagent
2013-12-24 11:30 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\Help
2013-12-18 08:10 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent

Some content of TEMP:
====================
C:\Users\Manuela\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-17 08:43

==================== End Of Log ============================
         

--- --- ---

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2014 03
Ran by Manuela at 2014-01-17 13:37:34
Running from C:\Users\Manuela\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Amazon 1Button App (x32 Version: 1.0.4 - Amazon)
ASUS InstantOn (x32 Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (x32 Version: 3.1.13 - ASUS)
ASUS Live Update (x32 Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (Version: 2.0.4 - ASUS)
ASUS Screen Saver (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (x32 Version: 1.1.3 - ASUS)
ASUS Splendid Video Enhancement Technology (x32 Version: 2.01.0002 - ASUS)
ASUS USB Charger Plus (x32 Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (x32 Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
ATK Package (x32 Version: 1.0.0027 - ASUS)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Avira SearchFree Toolbar (x32 Version: 12.10.0.2951 - APN, LLC)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled Twist (x32 Version: 2.2.0.95 - WildTangent) Hidden
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Epson Connect Printer Setup (x32 Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson Event Manager (x32 Version: 3.10.0017 - Seiko Epson Corporation)
EPSON Scan (x32 Version:  - Seiko Epson Corporation)
EPSON XP-215 217 Series Printer Uninstall (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (x32 Version: 1.31.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (x32 Version: 2.6.0 - SEIKO EPSON CORPORATION)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (x32 Version: 6.0.7.1084 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2867 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Jump Flip (Version: 2013.12.27.213125 - Jump Flip) <==== ATTENTION
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (x32 Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office XP Media Content (x32 Version: 10.0.2619.0 - Microsoft Corporation)
Microsoft Office XP Professional (x32 Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Publisher 2002 (x32 Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works 6-9 Converter (x32 Version: 14.0.6120.5002 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox (3.6.28) (x32 Version: 3.6.28 (de) - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyBitCast 2.0 (x32 Version: 2.0 - ASUS)
MyEPSON Portal (x32 Version:  - SEIKO EPSON Corporation)
MyEPSON Portal (x32 Version: 1.0.4.0 - SEIKO EPSON CORPORATION) Hidden
NewPlayer (x32 Version: v2.1.1.0 - TUGUU SL)
NVIDIA Grafiktreiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.15.2 (Version: 1.15.2 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
PC Speed Maximizer v3.2 (x32 Version: 3.2 - Smart PC Solutions)
PC Speed Up (Version: 3.4.1.0 - Speedchecker Limited)
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Qualcomm Atheros Client Installation Program (x32 Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (x32 Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6829 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (x32 Version: 6.1.8400.27023 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
Software Updater (x32 Version: 4.1.7 - SEIKO EPSON CORPORATION)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Updater (x32 Version: 2.6.53 - Creative Island Media, LLC)
WEB.DE Online-Speicher 1.5.1894.0 (HKCU Version: 1.5.1894.0 - 1&1 Mail & Media GmbH)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
WildTangent-Spiele (x32 Version: 1.0.4.0 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse  (01/10/2013 1.0.0.170) (Version: 01/10/2013 1.0.0.170 - ASUS)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (x32 Version: 2.41.1 - ASUS)

==================== Restore Points  =========================

15-01-2014 07:14:23 Geplanter Prüfpunkt
15-01-2014 10:11:40 Malwarebytes Anti-Rootkit Restore Point

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {03EA440E-14DE-4338-990D-70BFD0144558} - \{72B62A4C-4546-4C80-9DA8-459C32A2C0B9} No Task File
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1C7A9998-330D-4BAA-ADDF-48606EB80EFD} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-29] (ASUS)
Task: {20FC13A1-B0B6-4C97-BC33-5D33F28CDCAC} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-01-16] (AsusTek)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {44910F63-82D0-4E48-AA5A-34762E02D3C2} - System32\Tasks\EPSON XP-215 217 Series Invitation {1F4C59CE-65DF-4311-A923-1398D5C36FCB} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {68EE22AF-03C0-4297-A9C0-5A4155621436} - System32\Tasks\EPSON XP-215 217 Series Update {1F4C59CE-65DF-4311-A923-1398D5C36FCB} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {74F9DE2E-15D3-497B-8A25-24143949A633} - System32\Tasks\EPSON XP-215 217 Series Update {6722053F-5536-4362-A98B-FB472EF2D81D} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {8058864E-9740-427F-B963-726680C33286} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {8A39CEB1-2BD8-4497-81CF-8CA056E72B2C} - \LaunchApp No Task File
Task: {8BC43FF5-FD75-4E7C-9FCB-2BA873D24534} - System32\Tasks\EPSON XP-215 217 Series Invitation {CC91ECC5-A7AC-4E4F-8715-9946ACD2F1A0} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {924EEE96-7372-4068-AEA3-C1E8B54B10C0} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B0A73E07-0BE1-4656-B502-C4A1B70BF7F2} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {C488200D-B5F5-46C1-A540-00DDD8C43E07} - System32\Tasks\EPSON XP-215 217 Series Invitation {6722053F-5536-4362-A98B-FB472EF2D81D} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CA08D60E-2D36-4D99-A35F-BB99F1AA895C} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-10-24] (ASUS)
Task: {E39E9D46-7731-4EA0-969E-765D805BB328} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2012-11-29] ()
Task: {E82F9241-79B7-4814-B52B-AF20E6CFD01E} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F25DA116-752C-4066-B90A-39859EB957B9} - System32\Tasks\EPSON XP-215 217 Series Update {CC91ECC5-A7AC-4E4F-8715-9946ACD2F1A0} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {1F4C59CE-65DF-4311-A923-1398D5C36FCB}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {6722053F-5536-4362-A98B-FB472EF2D81D}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {CC91ECC5-A7AC-4E4F-8715-9946ACD2F1A0}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {1F4C59CE-65DF-4311-A923-1398D5C36FCB}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {6722053F-5536-4362-A98B-FB472EF2D81D}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {CC91ECC5-A7AC-4E4F-8715-9946ACD2F1A0}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE

==================== Loaded Modules (whitelisted) =============

2012-08-24 17:26 - 2012-08-24 17:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-12-03 14:48 - 2013-12-03 14:50 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-12-26 22:05 - 2013-09-13 15:12 - 00070656 _____ () C:\Users\Manuela\AppData\Local\WEB.DE Application {sync-000021}\CoreBranding.dll
2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-04-24 14:30 - 2012-10-15 05:09 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2014-01-03 14:04 - 2013-11-22 12:01 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-10-20 01:39 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-01-14 08:53 - 2012-03-06 18:29 - 01014744 _____ () C:\Program Files (x86)\Mozilla Firefox\js3250.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.


==================== Memory info =========================== 

Percentage of memory in use: 18%
Total physical RAM: 8077.54 MB
Available physical RAM: 6548.23 MB
Total Pagefile: 16781.54 MB
Available Pagefile: 14815.62 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:298.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:537.8 GB) (Free:537.64 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 568814A2)

Partition: GPT Partition Type
==================== End Of Log ============================
         

Nein. Du hast immer noch Version: 15-01-2014 03

Was ist denn daran so schwierigg

Alte FRST löschen, neue runterladen und doppelklicken

so..also ich hab jetzt alles alte gelöscht nur der Ordner Quarantine (Unterordner von Frst) lässt sich nicht löschen (Meldung: Dieser Ordner ist geöffnet...owohl ich ihn nirgendwo geöffnet habe) und wenn ich mir FRST runterlade und den Scan mache...aber ich trotzdem immer noch die Version 15-01-2014...

Sry iwie hatte ich Tomaten auf den Augen. Ich hatte einen Vermerkt bei FRST vermisst, irgendwie wurde der nun wieder rausgenommen

Version: 15-01-2014 03 hattest du auch vorher


Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM)

Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset