| |
| |||||||
Log-Analyse und Auswertung: Unterschiedliche Pop-upsWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
14.09.2014, 12:35
| #1 |
 |  Unterschiedliche Pop-ups Hallo, habe folgendes Problem. Habe mir am Freitag einen neuen Rechner mit Windows 8.1 gekauft. Kaspersky als Sicherheitssoftware raufgehauen und mir Firefox gedownloaded. Jetzt habe ich seit Samstag ständig irgdnwelche Pop-ups. Sei es Werbunbg oder die Info " ich benutze eine veraltete Software". Des Weiteren bekommen ich am rechten Browser-Fenster irgendwelche Werbung. Könnt ihr mit bitte helfen das zu beseitigen? Anbei die FRST Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Dennis (administrator) on DENNIS on 14-09-2014 13:31:34
Running from C:\Users\Dennis\Downloads
Platform: Windows 8.1 (X64) OS Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
() C:\Windows\SysWOW64\AsHookDevice.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Term Tutor) C:\Program Files (x86)\TermTutor\Service\ttsvc.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Microsoft) C:\Program Files (x86)\ASUS\ASUS Launcher\Launcher.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DT_NFCExpressDesktops.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DTNFCServer.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Lighting\ASUS_Manager_Lighting.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\Built-in UPS\Built-in UPS.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSPanel.exe
() C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(PokerTracker Software, LLC.) C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PokerTracker Software, LLC.) C:\Program Files (x86)\PokerTracker 4\PokerTrackerHud4.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(PokerStars) C:\Program Files (x86)\PokerStars.EU\PokerStars.exe
() C:\Program Files (x86)\PokerStars.EU\gameutil1.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(TableNinja) C:\Program Files (x86)\PASG\TN2\tableninja2.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16384_none_fa1dc1539b4180d8\TiWorker.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-26] (Realtek Semiconductor Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2014-01-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe [63296 2013-08-16] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [181208 2013-06-24] (cyberlink)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3656314769-1064978787-4233295665-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-08-19] (AMD)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: !AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: StorageProviderError -> {0CA2640D-5B9C-4c59-A5FB-2DA61A7437CF} => C:\Windows\System32\shell32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: StorageProviderSyncing -> {0A30F902-8398-4ee8-86F7-4CFB589F04D1} => C:\Windows\System32\shell32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: StorageProviderError -> {0CA2640D-5B9C-4c59-A5FB-2DA61A7437CF} => C:\Windows\SysWOW64\shell32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: StorageProviderSyncing -> {0A30F902-8398-4ee8-86F7-4CFB589F04D1} => C:\Windows\SysWOW64\shell32.dll (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\wla6vwqs.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\wla6vwqs.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Modul zum Sperren von gefährlichen Webseiten - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtuelle Tastatur - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址過濾 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Sicherer Zahlungsverkehr - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-09-12]
Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSearchKeyword: Default -> 2B68679307CD89AF5750DACE6795E086445A6566B3C48BF136781D3D4224E58B
CHR DefaultSearchProvider: Default -> F2811A452EEF687EB632B2F1CD69B5C6698073D99770A61B9B76F45E88097E7A
CHR DefaultSearchURL: Default -> 3A67F7884DAE179AC498699CE549676F9F99B74C93592DEF698E465D05E1A425
CHR Profile: C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-12]
CHR Extension: (Google Docs) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-12]
CHR Extension: (Google Drive) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-12]
CHR Extension: (YouTube) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-12]
CHR Extension: (Google-Suche) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-12]
CHR Extension: (Kaspersky Protection) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-09-12]
CHR Extension: (Google Wallet) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-12]
CHR Extension: (Google Mail) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-12]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho []
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-08-28] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-05-15] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [File not signed]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [59392 2013-09-26] () [File not signed]
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [244696 2013-06-25] (CyberLink)
R2 Device Handle Service; C:\Windows\SysWOW64\AsHookDevice.exe [207160 2013-08-08] ()
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-01-13] (Microsoft Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2013-08-22] (Microsoft Corporation)
R2 postgresql-x64-9.3; C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe [89088 2014-07-22] (PostgreSQL Global Development Group) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R2 ttsvc; C:\Program Files (x86)\TermTutor\Service\ttsvc.exe [276048 2014-09-04] (Term Tutor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiChargerDT; C:\Windows\SysWow64\drivers\AiChargerDT.sys [14880 2012-10-18] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [469264 2013-06-26] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [141376 2014-09-12] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [769600 2014-09-12] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [67680 2014-03-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-19] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation )
R1 ttnfd; C:\Windows\System32\drivers\ttnfd.sys [58232 2014-09-04] (Term Tutor)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-14 11:45 - 2014-09-14 11:45 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-14 11:45 - 2014-09-14 11:45 - 00002046 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-09-14 11:45 - 2014-09-14 11:45 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-14 11:44 - 2014-09-14 11:44 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Macromedia
2014-09-14 11:35 - 2014-09-14 11:35 - 00709564 _____ () C:\Users\Dennis\Downloads\delfix_10.8.exe
2014-09-14 11:24 - 2014-09-14 11:47 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Adobe
2014-09-14 11:09 - 2014-09-14 11:09 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-14 11:09 - 2014-09-14 11:09 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Mozilla
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-14 10:54 - 2014-09-14 10:55 - 13114824 _____ (ASUS Cloud Corporation) C:\Users\Dennis\Downloads\WebStorageSyncAgent 2.1.10.398.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-13 15:52 - 2014-09-13 15:52 - 00001319 _____ () C:\Users\Dennis\Desktop\Calculator.lnk
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HoldemResources
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Program Files\Java
2014-09-13 15:50 - 2014-09-13 15:50 - 00000000 ____D () C:\Users\Dennis\AppData\Local\HoldemResources
2014-09-13 15:41 - 2014-09-13 15:44 - 74773785 _____ (HoldemResources) C:\Users\Dennis\Downloads\holdemresources_release_x86_64_win-setup.exe
2014-09-13 13:35 - 2014-09-14 12:40 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-13 13:35 - 2014-09-14 11:05 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-13 13:35 - 2014-09-13 13:35 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-13 13:35 - 2014-09-13 13:35 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-13 11:55 - 2010-08-30 09:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-13 11:54 - 2014-09-13 11:55 - 00000000 ____D () C:\AdwCleaner
2014-09-13 11:54 - 2014-09-13 11:54 - 01373475 _____ () C:\Users\Dennis\Downloads\AdwCleaner_3.310.exe
2014-09-13 11:49 - 2014-09-13 11:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-09-13 02:04 - 2014-09-13 01:34 - 117931107 _____ () C:\Users\Dennis\Desktop\Back_up_12.09.zip
2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 __SHD () C:\aws
2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 ____D () C:\Asus WebStorage
2014-09-13 00:26 - 2014-09-13 00:26 - 00001097 _____ () C:\Users\Dennis\Desktop\PokerTracker 4.lnk
2014-09-13 00:26 - 2014-09-13 00:26 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-09-13 00:24 - 2014-09-13 00:24 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\postgresql
2014-09-13 00:16 - 2014-09-13 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.3
2014-09-13 00:15 - 2014-09-13 00:15 - 00000000 ____D () C:\Program Files\PostgreSQL
2014-09-13 00:07 - 2014-09-13 00:09 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64 (1).exe
2014-09-12 23:50 - 2014-09-12 23:51 - 51895176 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.0.18-1-windows-x64.exe
2014-09-12 23:38 - 2014-09-13 11:48 - 00002357 _____ () C:\Users\Dennis\Desktop\Sicherer Zahlungsverkehr.lnk
2014-09-12 23:38 - 2014-09-12 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-09-12 23:38 - 2014-09-12 23:37 - 00001219 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-09-12 23:37 - 2014-09-14 12:44 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-12 23:37 - 2014-09-12 23:49 - 00769600 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-12 23:37 - 2014-09-12 23:49 - 00141376 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-12 23:37 - 2014-09-12 23:37 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-12 23:37 - 2014-04-10 18:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-09-12 23:37 - 2013-05-06 10:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-09-12 23:31 - 2014-09-12 23:31 - 06501278 _____ () C:\Users\Dennis\Downloads\Nicht bestätigt 314320.crdownload
2014-09-12 23:28 - 2014-09-12 23:33 - 176561792 _____ () C:\Users\Dennis\Downloads\kis15.0.0.463de-de.exe
2014-09-12 23:14 - 2014-09-12 23:14 - 00247722 _____ () C:\Users\Dennis\Downloads\notes.o_S7ven_o.xml
2014-09-12 23:10 - 2014-09-12 23:11 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\postgresql_93.exe
2014-09-12 23:04 - 2014-09-12 23:05 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64.exe
2014-09-12 22:52 - 2014-09-12 22:52 - 00000092 _____ () C:\Users\Dennis\Desktop\test.txt
2014-09-12 22:48 - 2014-09-12 22:48 - 00001291 _____ () C:\Users\Dennis\Desktop\Revo Uninstaller.lnk
2014-09-12 22:48 - 2014-09-12 22:48 - 00000068 _____ () C:\Users\Dennis\AppData\Roaming\WB.CFG
2014-09-12 22:48 - 2014-09-12 22:48 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-12 22:47 - 2014-09-12 22:48 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dennis\Downloads\revosetup95.exe
2014-09-12 22:45 - 2014-09-13 13:32 - 00036623 _____ () C:\Users\Dennis\Downloads\Addition.txt
2014-09-12 22:44 - 2014-09-14 13:31 - 00026032 _____ () C:\Users\Dennis\Downloads\FRST.txt
2014-09-12 22:44 - 2014-09-14 13:31 - 00000000 ____D () C:\FRST
2014-09-12 22:43 - 2014-09-12 22:43 - 02105856 _____ (Farbar) C:\Users\Dennis\Downloads\FRST64.exe
2014-09-12 22:36 - 2014-09-12 22:42 - 63697776 _____ () C:\Users\Dennis\Downloads\PT-Install-v4.11.11.exe
2014-09-12 22:35 - 2014-09-12 22:35 - 00002392 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICMIZER.lnk
2014-09-12 22:35 - 2014-09-12 22:35 - 00002362 _____ () C:\Users\Dennis\Desktop\ICMIZER.lnk
2014-09-12 22:14 - 2014-09-13 13:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-12 22:14 - 2014-09-12 22:18 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Google
2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Deployment
2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Apps\2.0
2014-09-12 22:12 - 2014-09-13 01:27 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerTracker 4
2014-09-12 22:12 - 2014-09-12 22:12 - 00005044 _____ () C:\ProgramData\flwjycbm.bab
2014-09-12 22:12 - 2014-09-12 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-09-12 22:11 - 2014-09-14 11:14 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 4
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-12 22:01 - 2014-09-14 11:18 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerStars.EU
2014-09-12 22:01 - 2014-09-12 22:01 - 00002023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2014-09-12 22:01 - 2014-09-12 22:01 - 00001999 _____ () C:\Users\Dennis\Desktop\PokerStars.eu.lnk
2014-09-12 22:01 - 2014-09-12 22:01 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
2014-09-12 22:00 - 2014-09-13 12:13 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2014-09-12 21:56 - 2014-09-14 11:32 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\TableNinja.v2
2014-09-12 21:56 - 2014-09-13 21:59 - 00003063 _____ () C:\Users\Dennis\Desktop\TableNinja v2.lnk
2014-09-12 21:56 - 2014-09-13 21:59 - 00003023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TableNinja v2.lnk
2014-09-12 21:56 - 2014-09-12 21:57 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\HoldemManager
2014-09-12 21:56 - 2014-09-12 21:56 - 00000000 ____D () C:\Program Files (x86)\PASG
2014-09-12 21:51 - 2014-09-12 21:51 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Mozilla
2014-09-12 21:50 - 2014-09-12 21:50 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-12 21:48 - 2014-09-12 21:48 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-12 21:48 - 2014-09-12 21:48 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-09-12 21:36 - 2014-09-12 21:36 - 00002071 _____ () C:\Users\Public\Desktop\AI Suite II.lnk
2014-09-12 21:30 - 2014-09-12 21:30 - 00000000 ___HD () C:\kleaner.tmp
2014-09-12 21:29 - 2014-09-12 21:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-12 21:18 - 2014-09-12 21:18 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Macromedia
2014-09-12 21:14 - 2014-09-14 11:50 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3656314769-1064978787-4233295665-1001
2014-09-12 21:13 - 2014-09-14 11:15 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0AD65E03-0F0B-4F68-8FB0-C71DE2348261}
2014-09-12 21:12 - 2014-09-14 11:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\WebStorage
2014-09-12 21:12 - 2014-09-12 21:12 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-09-12 21:11 - 2014-09-14 11:05 - 00000000 ___RD () C:\Users\Dennis\SkyDrive
2014-09-12 21:11 - 2012-04-16 06:00 - 00389120 _____ (CANON INC.) C:\Windows\system32\CNMLMBB.DLL
2014-09-12 21:10 - 2014-09-12 21:10 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Intel Corporation
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\ATI
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ATI
2014-09-12 21:08 - 2014-09-14 11:24 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Adobe
2014-09-12 21:08 - 2014-09-14 11:06 - 00023204 _____ () C:\Users\Dennis\AppData\Local\BTServer.log
2014-09-12 21:08 - 2014-09-12 23:02 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ASUS
2014-09-12 21:08 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Packages
2014-09-12 21:08 - 2014-09-12 21:08 - 00001453 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\Documents\My Bluetooth
2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\VirtualStore
2014-09-12 21:07 - 2014-09-13 02:14 - 00000000 ____D () C:\Users\Dennis
2014-09-12 21:07 - 2014-09-12 21:07 - 00000020 ___SH () C:\Users\Dennis\ntuser.ini
2014-09-12 21:07 - 2014-01-13 12:44 - 00002114 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-04 19:22 - 2014-09-04 19:22 - 00058232 _____ (Term Tutor) C:\Windows\system32\Drivers\ttnfd.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-14 13:31 - 2014-09-12 22:44 - 00026032 _____ () C:\Users\Dennis\Downloads\FRST.txt
2014-09-14 13:31 - 2014-09-12 22:44 - 00000000 ____D () C:\FRST
2014-09-14 13:31 - 2014-04-10 20:27 - 02061346 _____ () C:\Windows\WindowsUpdate.log
2014-09-14 13:31 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-14 13:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-14 12:44 - 2014-09-12 23:37 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-14 12:40 - 2014-09-13 13:35 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-14 11:50 - 2014-09-12 21:14 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3656314769-1064978787-4233295665-1001
2014-09-14 11:47 - 2014-09-14 11:24 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Adobe
2014-09-14 11:45 - 2014-09-14 11:45 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-14 11:45 - 2014-09-14 11:45 - 00002046 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-09-14 11:45 - 2014-09-14 11:45 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-14 11:45 - 2014-01-13 12:22 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-14 11:44 - 2014-09-14 11:44 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Macromedia
2014-09-14 11:35 - 2014-09-14 11:35 - 00709564 _____ () C:\Users\Dennis\Downloads\delfix_10.8.exe
2014-09-14 11:32 - 2014-09-12 21:56 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\TableNinja.v2
2014-09-14 11:24 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Adobe
2014-09-14 11:18 - 2014-09-12 22:01 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerStars.EU
2014-09-14 11:15 - 2014-09-12 21:13 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0AD65E03-0F0B-4F68-8FB0-C71DE2348261}
2014-09-14 11:14 - 2014-09-12 22:11 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 4
2014-09-14 11:10 - 2014-01-13 12:03 - 08365588 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-14 11:10 - 2013-09-13 23:24 - 00450712 _____ () C:\Windows\system32\prfh0404.dat
2014-09-14 11:10 - 2013-09-13 23:24 - 00135868 _____ () C:\Windows\system32\prfc0404.dat
2014-09-14 11:10 - 2013-09-13 23:15 - 00436346 _____ () C:\Windows\system32\prfh0804.dat
2014-09-14 11:10 - 2013-09-13 23:15 - 00135868 _____ () C:\Windows\system32\prfc0804.dat
2014-09-14 11:10 - 2013-09-13 23:07 - 00789596 _____ () C:\Windows\system32\prfh0816.dat
2014-09-14 11:10 - 2013-09-13 23:07 - 00164166 _____ () C:\Windows\system32\prfc0816.dat
2014-09-14 11:10 - 2013-09-13 22:59 - 00798252 _____ () C:\Windows\system32\perfh013.dat
2014-09-14 11:10 - 2013-09-13 22:59 - 00162330 _____ () C:\Windows\system32\perfc013.dat
2014-09-14 11:10 - 2013-09-13 22:52 - 00794000 _____ () C:\Windows\system32\perfh010.dat
2014-09-14 11:10 - 2013-09-13 22:52 - 00156420 _____ () C:\Windows\system32\perfc010.dat
2014-09-14 11:10 - 2013-09-13 22:45 - 00802234 _____ () C:\Windows\system32\perfh00C.dat
2014-09-14 11:10 - 2013-09-13 22:45 - 00159184 _____ () C:\Windows\system32\perfc00C.dat
2014-09-14 11:10 - 2013-09-13 22:38 - 00800660 _____ () C:\Windows\system32\perfh00A.dat
2014-09-14 11:10 - 2013-09-13 22:38 - 00166550 _____ () C:\Windows\system32\perfc00A.dat
2014-09-14 11:10 - 2013-09-13 22:28 - 00542632 _____ () C:\Windows\system32\perfh008.dat
2014-09-14 11:10 - 2013-09-13 22:28 - 00089196 _____ () C:\Windows\system32\perfc008.dat
2014-09-14 11:10 - 2013-09-13 22:22 - 00763218 _____ () C:\Windows\system32\perfh007.dat
2014-09-14 11:10 - 2013-09-13 22:22 - 00159364 _____ () C:\Windows\system32\perfc007.dat
2014-09-14 11:09 - 2014-09-14 11:09 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-14 11:09 - 2014-09-14 11:09 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Mozilla
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-14 11:09 - 2014-09-12 21:12 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\WebStorage
2014-09-14 11:06 - 2014-09-12 21:08 - 00023204 _____ () C:\Users\Dennis\AppData\Local\BTServer.log
2014-09-14 11:05 - 2014-09-13 13:35 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-14 11:05 - 2014-09-12 21:11 - 00000000 ___RD () C:\Users\Dennis\SkyDrive
2014-09-14 11:05 - 2014-04-10 20:39 - 00000025 ___SH () C:\Windows\SysWOW64\ReadTag.ini
2014-09-14 11:05 - 2014-01-13 11:53 - 00023700 _____ () C:\Windows\PFRO.log
2014-09-14 11:05 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-14 11:05 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-14 10:55 - 2014-09-14 10:54 - 13114824 _____ (ASUS Cloud Corporation) C:\Users\Dennis\Downloads\WebStorageSyncAgent 2.1.10.398.exe
2014-09-13 21:59 - 2014-09-12 21:56 - 00003063 _____ () C:\Users\Dennis\Desktop\TableNinja v2.lnk
2014-09-13 21:59 - 2014-09-12 21:56 - 00003023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TableNinja v2.lnk
2014-09-13 18:38 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-13 15:52 - 2014-09-13 15:52 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-13 15:52 - 2014-09-13 15:52 - 00001319 _____ () C:\Users\Dennis\Desktop\Calculator.lnk
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HoldemResources
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Program Files\Java
2014-09-13 15:50 - 2014-09-13 15:50 - 00000000 ____D () C:\Users\Dennis\AppData\Local\HoldemResources
2014-09-13 15:44 - 2014-09-13 15:41 - 74773785 _____ (HoldemResources) C:\Users\Dennis\Downloads\holdemresources_release_x86_64_win-setup.exe
2014-09-13 13:36 - 2014-09-12 22:14 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-13 13:35 - 2014-09-13 13:35 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-13 13:35 - 2014-09-13 13:35 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-13 13:32 - 2014-09-12 22:45 - 00036623 _____ () C:\Users\Dennis\Downloads\Addition.txt
2014-09-13 12:13 - 2014-09-12 22:00 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2014-09-13 11:55 - 2014-09-13 11:54 - 00000000 ____D () C:\AdwCleaner
2014-09-13 11:54 - 2014-09-13 11:54 - 01373475 _____ () C:\Users\Dennis\Downloads\AdwCleaner_3.310.exe
2014-09-13 11:49 - 2014-09-13 11:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-09-13 11:49 - 2013-08-22 16:46 - 00014700 _____ () C:\Windows\setupact.log
2014-09-13 11:48 - 2014-09-12 23:38 - 00002357 _____ () C:\Users\Dennis\Desktop\Sicherer Zahlungsverkehr.lnk
2014-09-13 05:49 - 2014-01-13 11:53 - 00000000 ____D () C:\Windows\Panther
2014-09-13 02:14 - 2014-09-12 21:07 - 00000000 ____D () C:\Users\Dennis
2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 __SHD () C:\aws
2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 ____D () C:\Asus WebStorage
2014-09-13 01:34 - 2014-09-13 02:04 - 117931107 _____ () C:\Users\Dennis\Desktop\Back_up_12.09.zip
2014-09-13 01:27 - 2014-09-12 22:12 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerTracker 4
2014-09-13 00:26 - 2014-09-13 00:26 - 00001097 _____ () C:\Users\Dennis\Desktop\PokerTracker 4.lnk
2014-09-13 00:26 - 2014-09-13 00:26 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-09-13 00:24 - 2014-09-13 00:24 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\postgresql
2014-09-13 00:16 - 2014-09-13 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.3
2014-09-13 00:15 - 2014-09-13 00:15 - 00000000 ____D () C:\Program Files\PostgreSQL
2014-09-13 00:09 - 2014-09-13 00:07 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64 (1).exe
2014-09-12 23:51 - 2014-09-12 23:50 - 51895176 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.0.18-1-windows-x64.exe
2014-09-12 23:49 - 2014-09-12 23:37 - 00769600 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-12 23:49 - 2014-09-12 23:37 - 00141376 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-12 23:42 - 2014-01-13 12:25 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-12 23:42 - 2014-01-13 12:25 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-09-12 23:42 - 2014-01-13 12:25 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-09-12 23:38 - 2014-09-12 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-09-12 23:37 - 2014-09-12 23:38 - 00001219 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-09-12 23:37 - 2014-09-12 23:37 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-12 23:37 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-09-12 23:37 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-12 23:33 - 2014-09-12 23:28 - 176561792 _____ () C:\Users\Dennis\Downloads\kis15.0.0.463de-de.exe
2014-09-12 23:31 - 2014-09-12 23:31 - 06501278 _____ () C:\Users\Dennis\Downloads\Nicht bestätigt 314320.crdownload
2014-09-12 23:18 - 2013-08-22 16:44 - 00424056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-12 23:14 - 2014-09-12 23:14 - 00247722 _____ () C:\Users\Dennis\Downloads\notes.o_S7ven_o.xml
2014-09-12 23:11 - 2014-09-12 23:10 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\postgresql_93.exe
2014-09-12 23:05 - 2014-09-12 23:04 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64.exe
2014-09-12 23:02 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ASUS
2014-09-12 22:52 - 2014-09-12 22:52 - 00000092 _____ () C:\Users\Dennis\Desktop\test.txt
2014-09-12 22:48 - 2014-09-12 22:48 - 00001291 _____ () C:\Users\Dennis\Desktop\Revo Uninstaller.lnk
2014-09-12 22:48 - 2014-09-12 22:48 - 00000068 _____ () C:\Users\Dennis\AppData\Roaming\WB.CFG
2014-09-12 22:48 - 2014-09-12 22:48 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-12 22:48 - 2014-09-12 22:47 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dennis\Downloads\revosetup95.exe
2014-09-12 22:43 - 2014-09-12 22:43 - 02105856 _____ (Farbar) C:\Users\Dennis\Downloads\FRST64.exe
2014-09-12 22:42 - 2014-09-12 22:36 - 63697776 _____ () C:\Users\Dennis\Downloads\PT-Install-v4.11.11.exe
2014-09-12 22:35 - 2014-09-12 22:35 - 00002392 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICMIZER.lnk
2014-09-12 22:35 - 2014-09-12 22:35 - 00002362 _____ () C:\Users\Dennis\Desktop\ICMIZER.lnk
2014-09-12 22:18 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Google
2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Deployment
2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Apps\2.0
2014-09-12 22:12 - 2014-09-12 22:12 - 00005044 _____ () C:\ProgramData\flwjycbm.bab
2014-09-12 22:12 - 2014-09-12 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-12 22:06 - 2014-04-10 20:32 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2014-09-12 22:01 - 2014-09-12 22:01 - 00002023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2014-09-12 22:01 - 2014-09-12 22:01 - 00001999 _____ () C:\Users\Dennis\Desktop\PokerStars.eu.lnk
2014-09-12 22:01 - 2014-09-12 22:01 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
2014-09-12 21:57 - 2014-09-12 21:56 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\HoldemManager
2014-09-12 21:56 - 2014-09-12 21:56 - 00000000 ____D () C:\Program Files (x86)\PASG
2014-09-12 21:51 - 2014-09-12 21:51 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Mozilla
2014-09-12 21:50 - 2014-09-12 21:50 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-12 21:48 - 2014-09-12 21:48 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-12 21:48 - 2014-09-12 21:48 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-09-12 21:36 - 2014-09-12 21:36 - 00002071 _____ () C:\Users\Public\Desktop\AI Suite II.lnk
2014-09-12 21:36 - 2014-01-13 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-09-12 21:36 - 2014-01-13 11:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-12 21:35 - 2014-04-10 20:32 - 00000000 ____D () C:\ProgramData\ASUS
2014-09-12 21:35 - 2014-01-13 12:19 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-09-12 21:30 - 2014-09-12 21:30 - 00000000 ___HD () C:\kleaner.tmp
2014-09-12 21:29 - 2014-09-12 21:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-12 21:18 - 2014-09-12 21:18 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Macromedia
2014-09-12 21:12 - 2014-09-12 21:12 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-09-12 21:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-09-12 21:10 - 2014-09-12 21:10 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Intel Corporation
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\ATI
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ATI
2014-09-12 21:09 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Packages
2014-09-12 21:08 - 2014-09-12 21:08 - 00001453 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\Documents\My Bluetooth
2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\VirtualStore
2014-09-12 21:07 - 2014-09-12 21:07 - 00000020 ___SH () C:\Users\Dennis\ntuser.ini
2014-09-04 19:22 - 2014-09-04 19:22 - 00058232 _____ (Term Tutor) C:\Windows\system32\Drivers\ttnfd.sys
Files to move or delete:
====================
C:\Users\Dennis\postgresql_93.exe
Some content of TEMP:
====================
C:\Users\Dennis\AppData\Local\Temp\optprosetup.exe
C:\Users\Dennis\AppData\Local\Temp\Quarantine.exe
C:\Users\Dennis\AppData\Local\Temp\shutdown1410556665.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-01-13 11:53
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Dennis at 2014-09-14 13:31:55
Running from C:\Users\Dennis\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.03.00 - ASUSTeK Computer Inc.)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{C6B2127C-A9E0-411B-8EF1-2CE0ACDF265D}) (Version: 20.2.6362.11139 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.2.6362.11139 - Alcor Micro Corp.) Hidden
AMD Accelerated Video Transcoding (Version: 13.15.100.30819 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{641AA84B-59BE-D8EA-EE69-3D6697371E6E}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
ASUS Launcher (HKLM-x32\...\{40376CD0-67E0-4190-86CA-8BD8CBAC331C}) (Version: 2.00.11 - ASUSTeK Computer Inc.)
ASUS Manager - Ai Booting (HKLM-x32\...\{2DCE446C-D090-4458-8782-8F16DF94351E}) (Version: 2.01.11 - ASUSTeK Computer Inc.)
ASUS Manager - Ai Charger II (HKLM-x32\...\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}) (Version: 2.00.09 - ASUSTeK Computer Inc.)
ASUS Manager - Lighting (HKLM-x32\...\{2711E58B-6090-4C1B-9E06-529E4D37DA77}) (Version: 2.00.05 - ASUSTeK Computer Inc.)
ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.00.04 - ASUSTeK Computer Inc.)
ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.01.03 - ASUSTeK Computer Inc.)
ASUS Manager - Recovery (HKLM-x32\...\{CF4A14CB-C4CB-4241-B659-7C58517515CF}) (Version: 2.00.08 - ASUSTeK Computer Inc.)
ASUS Manager - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.01.05 - ASUSTeK Computer Inc.)
ASUS Manager - USB Lock (HKLM-x32\...\{1931C916-6CB8-4E4D-8561-EA20C426AE19}) (Version: 2.00.10 - ASUSTeK Computer Inc.)
ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.05.04 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.4.1 - MAGIX AG)
ASUS Music Maker (Version: 18.0.4.1 - MAGIX AG) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5424.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5424.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.310 - ASUSTEK)
Built-in UPS (HKLM-x32\...\{8B4EF712-0FF8-4C2E-ADBD-3FF751AB103E}) (Version: 1.00.04 - ASUSTek Computer Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4428 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.4428 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.07 - ASUSTeK Computer Inc.)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HoldemResources Calculator (HKLM-x32\...\HoldemResources Calculator) (Version: release - HoldemResources)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
ICMIZER (HKCU\...\280387279.www.icmpoker.com) (Version: - www.icmpoker.com)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Network Connections 18.5.54.0 (Version: 18.5.54.0 - Intel) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NFC Express Desktops (HKLM-x32\...\{90E075A8-A820-4CFC-8543-FD52A499764A}) (Version: 2.00.02 - ASUSTeK Computer Inc.)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version: - )
PostgreSQL 9.3 (HKLM\...\PostgreSQL 9.3) (Version: 9.3 - PostgreSQL Global Development Group)
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.769.092613 - REALTEK Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7035 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0224 - REALTEK Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Term Tutor (HKLM-x32\...\TermTutor) (Version: 1.9.0.8 - Term Tutor)
TN2 (HKLM-x32\...\{6B636FF5-14E8-48DD-A251-6C6FF0C761A7}) (Version: 2.3.93 - PASG)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.0.3.226 - ASUS Cloud Corporation)
Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
12-09-2014 19:35:55 Installed AI Suite II
13-09-2014 19:59:27 Installed TN2
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2BECD49A-B7CA-41AA-A47E-9B4EB5E92129} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [2013-08-09] ()
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4A7B0FA4-343B-483B-A0E0-0010120F906C} - System32\Tasks\ASUS\ASUS AiCharger_Desktop Execute => C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe [2013-04-03] (ASUSTek Computer Inc.)
Task: {52B2427F-B9E4-44F7-B9FB-5BECFDED4810} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [2013-08-24] ()
Task: {536DF914-A4E5-4C67-8345-8F203979BA50} - System32\Tasks\ASUS\ASUS Launcher Helper => C:\Program Files (x86)\ASUS\ASUS Launcher\Launcher.exe [2013-10-29] (Microsoft)
Task: {5CC38DE7-90D5-4FE9-B550-8A5E851F8807} - System32\Tasks\ASUS\ASUS Manager - NFC Express Desktops - NFC Checker => C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\AsNFCChecker.exe [2013-08-20] (ASUSTeK Computer Inc.)
Task: {5FE7D8A9-7A35-487E-978C-A3755A850E25} - System32\Tasks\ASUS\ASUS Manager - NFC Express Desktops - NFC Controller => C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DT_NFCExpressDesktops.exe [2013-08-29] ()
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8DEE8A43-8191-4542-A8CC-8134D7C27261} - System32\Tasks\ASUS\ASUS Manager - NFC Express Desktops - File Transfer Server => C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DTNFCServer.exe [2013-08-20] (ASUSTeK Computer Inc.)
Task: {97CC14CF-ADB4-42FE-AA1A-FC82EE403EC0} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [2013-09-19] (ASUSTeK Computer Inc.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CAA74D54-69F2-4D14-9C4B-FEC26363CEE4} - System32\Tasks\ASUS\ASUS_M Lighting Execute => C:\Program Files (x86)\ASUS\ASUS Manager\Lighting\ASUS_Manager_Lighting.exe [2013-07-22] (ASUSTeK)
Task: {CEF4BE47-8C87-4BB5-A57E-4136512F2B6E} - System32\Tasks\ASUS\Power_Manager_background => C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe [2013-09-07] (ASUSTeK)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D7427E82-DFE8-45A4-B1C0-A7420BE673F0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-13] (Google Inc.)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D94A2B35-82CD-4120-BE36-D92CC0EC2AA8} - System32\Tasks\ASUS\Built-in UPS => C:\Program Files\ASUS\Built-in UPS\Built-in UPS.exe [2013-09-10] (ASUSTeK Computer Inc.)
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DEFA3160-E6AF-4AE6-9467-A21808C1E3BC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-13] (Google Inc.)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F0A58545-8ED5-44CC-B1F7-81AEB65BDDD6} - System32\Tasks\ASUS\ASUS AiCharger_II TrayIcon => C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe [2013-08-05] (ASUSTeK)
Task: {F631B273-4F9E-403B-9738-E69FD99B0D14} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {F930ACFE-C856-440A-B57D-2F1645B88DDC} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-07-10] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-04-10 20:29 - 2013-09-26 20:15 - 00059392 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2014-04-10 20:33 - 2013-08-08 20:00 - 00207160 _____ () C:\Windows\SysWOW64\AsHookDevice.exe
2014-09-13 00:15 - 2014-07-22 09:50 - 00178176 _____ () C:\Program Files\PostgreSQL\9.3\bin\LIBPQ.dll
2014-01-13 12:33 - 2012-04-24 12:43 - 00390632 ____R () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-09-13 00:16 - 2014-02-05 11:16 - 01336832 _____ () C:\Program Files\PostgreSQL\9.3\bin\libxml2.dll
2014-04-10 20:33 - 2013-08-09 03:33 - 01114768 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe
2014-04-10 20:33 - 2013-08-29 02:50 - 00894232 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DT_NFCExpressDesktops.exe
2014-01-13 12:24 - 2013-10-10 02:35 - 00879104 _____ () C:\Windows\AsusLauncherContextMenu64.dll
2014-04-10 20:32 - 2013-08-28 17:24 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2013-06-06 01:51 - 2013-06-06 01:51 - 00430080 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2013-06-06 01:51 - 2013-06-06 01:51 - 00032768 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResourcesNet4.dll
2012-03-08 04:27 - 2012-03-08 04:27 - 00016384 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ACVsWin.dll
2013-08-16 10:25 - 2013-08-16 10:25 - 01255744 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSService.exe
2014-09-13 00:15 - 2014-07-22 09:53 - 00165376 _____ () C:\Program Files\PostgreSQL\9.3\lib\plpgsql.dll
2014-09-12 22:00 - 2014-09-12 22:00 - 00584000 _____ () C:\Program Files (x86)\PokerStars.EU\gameutil1.exe
2014-08-12 00:18 - 2014-08-12 00:18 - 00226304 _____ () C:\Program Files (x86)\PASG\TN2\TNv2Common.dll
2014-08-12 00:18 - 2014-08-12 00:18 - 00023552 _____ () C:\Program Files (x86)\PASG\TN2\TNLog.dll
2014-08-12 00:18 - 2014-08-12 00:18 - 00203264 _____ () C:\Program Files (x86)\PASG\TN2\TN2licensing.dll
2014-08-12 00:18 - 2014-08-12 00:18 - 00071680 _____ () C:\Program Files (x86)\PASG\TN2\TNRelRects.dll
2014-08-12 00:18 - 2014-08-12 00:18 - 00018944 _____ () C:\Program Files (x86)\PASG\TN2\TNUnfuscated.dll
2014-08-12 00:18 - 2014-08-12 00:18 - 00112128 _____ () C:\Program Files (x86)\PASG\TN2\TNCommonFT.dll
2014-08-12 00:18 - 2014-08-12 00:18 - 00061952 _____ () C:\Program Files (x86)\PASG\TN2\NinjaVision.dll
2014-08-12 00:18 - 2014-08-12 00:18 - 00051712 _____ () C:\Program Files (x86)\PASG\TN2\TNCommonPP.dll
2014-03-06 16:00 - 2014-03-06 16:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2014-04-10 20:33 - 2013-06-11 21:02 - 00068096 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\library\ProximityDll_CPP.dll
2014-04-10 20:32 - 2014-09-14 11:06 - 00026624 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-04-10 20:32 - 2010-06-29 04:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-04-10 20:26 - 2013-08-19 21:10 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-09-14 11:09 - 2014-09-12 04:42 - 03716720 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-01-30 15:58 - 2014-01-30 15:58 - 37016064 ____R () C:\Program Files (x86)\PokerTracker 4\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Dennis\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/14/2014 10:56:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wwahost.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215d0bb
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.16408, Zeitstempel: 0x523d557d
Ausnahmecode: 0x00000004
Fehleroffset: 0x000000000000ab78
ID des fehlerhaften Prozesses: 0x19f4
Startzeit der fehlerhaften Anwendung: 0xwwahost.exe0
Pfad der fehlerhaften Anwendung: wwahost.exe1
Pfad des fehlerhaften Moduls: wwahost.exe2
Berichtskennung: wwahost.exe3
Vollständiger Name des fehlerhaften Pakets: wwahost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wwahost.exe5
Error: (09/12/2014 11:17:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PokerTracker4.exe, Version: 4.11.11.0, Zeitstempel: 0x53da8901
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.16408, Zeitstempel: 0x523d45fa
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e2fd8
ID des fehlerhaften Prozesses: 0x1170
Startzeit der fehlerhaften Anwendung: 0xPokerTracker4.exe0
Pfad der fehlerhaften Anwendung: PokerTracker4.exe1
Pfad des fehlerhaften Moduls: PokerTracker4.exe2
Berichtskennung: PokerTracker4.exe3
Vollständiger Name des fehlerhaften Pakets: PokerTracker4.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PokerTracker4.exe5
Error: (09/13/2014 06:00:35 AM) (Source: Windows Search Service Profile Notification) (EventID: 2) (User: )
Description: Die indizierten Daten von Windows Search für den Benutzer '<Event xmlns='hxxp://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Search-ProfileNotify' Guid='{FC6F77DD-769A-470E-BCF9-1B6555A118BE}' EventSourceName='Windows Search Service Profile Notification'/><EventID Qualifiers='49152'>2</EventID><Version>0</Version><Level>2</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2014-09-13T04:00:35.000000000Z'/><EventRecordID>961</EventRecordID><Correlation/><Execution ProcessID='0' ThreadID='0'/><Channel>Application</Channel><Computer>Dennis</Computer><Security/></System><ProcessingErrorData><ErrorCode>15005</ErrorCode><DataItemName>__binLength</DataItemName><EventPayload>440065006E006E00690073005C00410064006D0069006E006900730074007200610074006F00720000003000780038003000300034003200310030003300000000000000</EventPayload></ProcessingErrorData></Event>' können im Zuge der Löschung des Benutzerprofils nicht entfernt werden. Fehlercode %2.
%3.
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Der Ereignisfilter mit der Abfrage "select * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration'" konnte im Namespace "//./root" aufgrund des Fehlers "0x80041033" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root/CIMV2" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root/subscription" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __SystemEvent" zu registrieren, deren Zielklasse "__SystemEvent" im Namespace "//./root/CIMV2" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __SystemEvent" zu registrieren, deren Zielklasse "__SystemEvent" im Namespace "//./root/subscription" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __SystemEvent" zu registrieren, deren Zielklasse "__SystemEvent" im Namespace "//./root" nicht vorhanden ist. Die Abfrage wird ignoriert.
System errors:
=============
Error: (09/14/2014 11:02:07 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (09/13/2014 11:48:03 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 13.09.2014 um 00:42:31 unerwartet heruntergefahren.
Error: (09/13/2014 11:47:55 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212256841146464
Error: (09/12/2014 11:42:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 12.09.2014 um 22:18:14 unerwartet heruntergefahren.
Error: (09/12/2014 11:40:47 PM) (Source: DCOM) (EventID: 10010) (User: DENNIS)
Description: {06622D85-6856-4460-8DE1-A81921B41C4B}
Error: (09/12/2014 11:35:56 PM) (Source: DCOM) (EventID: 10010) (User: DENNIS)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (09/12/2014 11:35:26 PM) (Source: DCOM) (EventID: 10010) (User: DENNIS)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (09/12/2014 11:34:56 PM) (Source: DCOM) (EventID: 10010) (User: DENNIS)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (09/12/2014 11:17:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062
Error: (09/12/2014 09:42:11 PM) (Source: DCOM) (EventID: 10010) (User: DENNIS)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Microsoft Office Sessions:
=========================
Error: (09/14/2014 10:56:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: wwahost.exe6.3.9600.163845215d0bbKERNELBASE.dll6.3.9600.16408523d557d00000004000000000000ab7819f401cfcff9ba9ba436C:\Windows\system32\wwahost.exeC:\Windows\system32\KERNELBASE.dllf9ec3e84-3bec-11e4-825e-54271ea445acmicrosoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail
Error: (09/12/2014 11:17:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PokerTracker4.exe4.11.11.053da8901ntdll.dll6.3.9600.16408523d45fac0000374000e2fd8117001cfceced89ade3bC:\Program Files (x86)\PokerTracker 4\PokerTracker4.exeC:\Windows\SYSTEM32\ntdll.dll3db395eb-3ac2-11e4-8259-54271ea445ac
Error: (09/13/2014 06:00:35 AM) (Source: Windows Search Service Profile Notification) (EventID: 2) (User: )
Description: <Event xmlns='hxxp://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Search-ProfileNotify' Guid='{FC6F77DD-769A-470E-BCF9-1B6555A118BE}' EventSourceName='Windows Search Service Profile Notification'/><EventID Qualifiers='49152'>2</EventID><Version>0</Version><Level>2</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2014-09-13T04:00:35.000000000Z'/><EventRecordID>961</EventRecordID><Correlation/><Execution ProcessID='0' ThreadID='0'/><Channel>Application</Channel><Computer>Dennis</Computer><Security/></System><ProcessingErrorData><ErrorCode>15005</ErrorCode><DataItemName>__binLength</DataItemName><EventPayload>440065006E006E00690073005C00410064006D0069006E006900730074007200610074006F00720000003000780038003000300034003200310030003300000000000000</EventPayload></ProcessingErrorData></Event>
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: //./rootselect * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration'0x80041033
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: $Coreselect * from __TimerEvent__TimerEvent//./root/CIMV2
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: $Coreselect * from __TimerEvent__TimerEvent//./root/subscription
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: $Coreselect * from __TimerEvent__TimerEvent//./root
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: $Coreselect * from __SystemEvent__SystemEvent//./root/CIMV2
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: $Coreselect * from __SystemEvent__SystemEvent//./root/subscription
Error: (04/10/2014 08:47:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: $Coreselect * from __SystemEvent__SystemEvent//./root
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 46%
Total physical RAM: 8131.02 MB
Available physical RAM: 4341.23 MB
Total Pagefile: 10051.02 MB
Available Pagefile: 4360.68 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:102.42 GB) (Free:65.01 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:931.39 GB) (Free:931.18 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 895339B1)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
14.09.2014, 12:37
| #2 |
| /// the machine /// TB-Ausbilder    | Unterschiedliche Pop-ups hi,
__________________Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ |
|
14.09.2014, 13:10
| #3 |
| | Unterschiedliche Pop-ups So:
__________________MBAM: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 14.09.2014 Suchlauf-Zeit: 13:47:33 Logdatei: MBAM.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.09.14.03 Rootkit Datenbank: v2014.09.13.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Dennis Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 305168 Verstrichene Zeit: 4 Min, 36 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 1 PUP.Optional.TermTutor.A, C:\Program Files (x86)\TermTutor\Service\ttsvc.exe, 2128, Löschen bei Neustart, [fa91e9044e2d20164383827cb54d7e82] Module: 0 (No malicious items detected) Registrierungsschlüssel: 17 PUP.Optional.TermTutor.A, HKLM\SOFTWARE\CLASSES\CLSID\{6CB99040-7828-4C37-AC01-F15758F43E4D}, In Quarantäne, [1a718667f68562d4821ba4deb54d35cb], PUP.Optional.TermTutor.A, HKLM\SOFTWARE\CLASSES\CLSID\{6CB99040-7828-4C37-AC01-F15758F43E4D}\INPROCSERVER32, In Quarantäne, [1a718667f68562d4821ba4deb54d35cb], PUP.Optional.TermTutor.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6CB99040-7828-4C37-AC01-F15758F43E4D}, In Quarantäne, [1a718667f68562d4821ba4deb54d35cb], PUP.Optional.TermTutor.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{733413F4-5FB9-4EE9-8536-BF7AB1731A19}, In Quarantäne, [1a718667f68562d4821ba4deb54d35cb], PUP.Optional.TermTutor.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3DD26F46-6B41-49B2-878E-1883411BBB59}, In Quarantäne, [1a718667f68562d4821ba4deb54d35cb], PUP.Optional.TermTutor.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3DD26F46-6B41-49B2-878E-1883411BBB59}, In Quarantäne, [1a718667f68562d4821ba4deb54d35cb], PUP.Optional.TermTutor.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{733413F4-5FB9-4EE9-8536-BF7AB1731A19}, In Quarantäne, [1a718667f68562d4821ba4deb54d35cb], PUP.Optional.TermTutor.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{6CB99040-7828-4C37-AC01-F15758F43E4D}, In Quarantäne, [1a718667f68562d4821ba4deb54d35cb], PUP.Optional.TermTutor.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{6CB99040-7828-4C37-AC01-F15758F43E4D}, In Quarantäne, [1a718667f68562d4821ba4deb54d35cb], PUP.Optional.TermTutor.A, HKU\S-1-5-21-3656314769-1064978787-4233295665-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{6CB99040-7828-4C37-AC01-F15758F43E4D}, In Quarantäne, [1a718667f68562d4821ba4deb54d35cb], PUP.Optional.TermTutor.A, HKU\S-1-5-21-3656314769-1064978787-4233295665-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{6CB99040-7828-4C37-AC01-F15758F43E4D}, In Quarantäne, [1a718667f68562d4821ba4deb54d35cb], PUP.Optional.TermTutor.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{6CB99040-7828-4C37-AC01-F15758F43E4D}, In Quarantäne, [1a718667f68562d4821ba4deb54d35cb], PUP.Optional.TermTutor.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{6CB99040-7828-4C37-AC01-F15758F43E4D}, In Quarantäne, [1a718667f68562d4821ba4deb54d35cb], PUP.Optional.TermTutor.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\TermTutor, In Quarantäne, [fa91e9044e2d20164383827cb54d7e82], PUP.Optional.TermTutor.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ttsvc, In Quarantäne, [fa91e9044e2d20164383827cb54d7e82], PUP.Optional.TermTutor.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ttnfd, In Quarantäne, [99f21cd19eddff3736934cb2c63cee12], PUP.Optional.SuperFish.A, HKU\S-1-5-21-3656314769-1064978787-4233295665-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, In Quarantäne, [2f5cd41969122d09643b56b79a69b749], Registrierungswerte: 2 PUP.Optional.TermTutor.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TTNFD|ImagePath, system32\drivers\ttnfd.sys, In Quarantäne, [503be706443778bedcee44ba37cb8878] PUP.Optional.TermTutor.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TTSVC|ImagePath, "C:\Program Files (x86)\TermTutor\Service\ttsvc.exe", In Quarantäne, [f3983fae631883b3eed938c68a78e41c] Registrierungsdaten: 0 (No malicious items detected) Ordner: 4 PUP.Optional.TermTutor.A, C:\Program Files (x86)\TermTutor, Löschen bei Neustart, [fa91e9044e2d20164383827cb54d7e82], PUP.Optional.TermTutor.A, C:\Program Files (x86)\TermTutor\3rd Party Licenses, In Quarantäne, [fa91e9044e2d20164383827cb54d7e82], PUP.Optional.TermTutor.A, C:\Program Files (x86)\TermTutor\IE, In Quarantäne, [fa91e9044e2d20164383827cb54d7e82], PUP.Optional.TermTutor.A, C:\Program Files (x86)\TermTutor\Service, Löschen bei Neustart, [fa91e9044e2d20164383827cb54d7e82], Dateien: 12 PUP.Optional.TermTutor.A, C:\Program Files\TermTutor\IE\TermTutorClientIE.dll, In Quarantäne, [1a718667f68562d4821ba4deb54d35cb], PUP.Optional.TermTutor.A, C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll, In Quarantäne, [1a718667f68562d4821ba4deb54d35cb], PUP.Optional.TermTutor.A, C:\Program Files (x86)\TermTutor\terms-of-service.rtf, In Quarantäne, [fa91e9044e2d20164383827cb54d7e82], PUP.Optional.TermTutor.A, C:\Program Files (x86)\TermTutor\Uninstall.exe, In Quarantäne, [fa91e9044e2d20164383827cb54d7e82], PUP.Optional.TermTutor.A, C:\Program Files (x86)\TermTutor\3rd Party Licenses\buildcrx-license.txt, In Quarantäne, [fa91e9044e2d20164383827cb54d7e82], PUP.Optional.TermTutor.A, C:\Program Files (x86)\TermTutor\3rd Party Licenses\Info-ZIP-license.txt, In Quarantäne, [fa91e9044e2d20164383827cb54d7e82], PUP.Optional.TermTutor.A, C:\Program Files (x86)\TermTutor\3rd Party Licenses\nsJSON-license.txt, In Quarantäne, [fa91e9044e2d20164383827cb54d7e82], PUP.Optional.TermTutor.A, C:\Program Files (x86)\TermTutor\3rd Party Licenses\UAC-license.txt, In Quarantäne, [fa91e9044e2d20164383827cb54d7e82], PUP.Optional.TermTutor.A, C:\Program Files (x86)\TermTutor\Service\ttsvc.exe, Löschen bei Neustart, [fa91e9044e2d20164383827cb54d7e82], PUP.Optional.TermTutor.A, C:\Windows\System32\drivers\ttnfd.sys, In Quarantäne, [99f21cd19eddff3736934cb2c63cee12], PUP.Optional.Superfish.A, C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, In Quarantäne, [bfcc37b6cead8fa7af9f6aaf55aec53b], PUP.Optional.Superfish.A, C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, In Quarantäne, [f9929f4e304b55e1b29c35e4a162e51b], Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.310 - Report created 14/09/2014 at 13:57:45
# Updated 12/09/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Dennis - DENNIS
# Running from : C:\Users\Dennis\Downloads\AdwCleaner_3.310.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
File Deleted : C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\wla6vwqs.default\user.js
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16384
-\\ Mozilla Firefox v32.0.1 (x86 de)
[ File : C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\wla6vwqs.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [2375 octets] - [13/09/2014 11:54:54]
AdwCleaner[R1].txt - [1223 octets] - [14/09/2014 13:56:54]
AdwCleaner[S0].txt - [1883 octets] - [13/09/2014 11:55:45]
AdwCleaner[S1].txt - [1135 octets] - [14/09/2014 13:57:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1195 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Dennis on 14.09.2014 at 14:00:28,51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.09.2014 at 14:04:00,90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Dennis (administrator) on DENNIS on 14-09-2014 14:07:46
Running from C:\Users\Dennis\Downloads
Platform: Windows 8.1 (X64) OS Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
() C:\Windows\SysWOW64\AsHookDevice.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Lighting\ASUS_Manager_Lighting.exe
(Microsoft) C:\Program Files (x86)\ASUS\ASUS Launcher\Launcher.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DTNFCServer.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\Built-in UPS\Built-in UPS.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DT_NFCExpressDesktops.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\APRP\aprp.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSPanel.exe
() C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSService.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-26] (Realtek Semiconductor Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2014-01-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe [63296 2013-08-16] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [181208 2013-06-24] (cyberlink)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3656314769-1064978787-4233295665-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-08-19] (AMD)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: !AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: StorageProviderError -> {0CA2640D-5B9C-4c59-A5FB-2DA61A7437CF} => C:\Windows\System32\shell32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: StorageProviderSyncing -> {0A30F902-8398-4ee8-86F7-4CFB589F04D1} => C:\Windows\System32\shell32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: StorageProviderError -> {0CA2640D-5B9C-4c59-A5FB-2DA61A7437CF} => C:\Windows\SysWOW64\shell32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: StorageProviderSyncing -> {0A30F902-8398-4ee8-86F7-4CFB589F04D1} => C:\Windows\SysWOW64\shell32.dll (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\wla6vwqs.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\wla6vwqs.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Modul zum Sperren von gefährlichen Webseiten - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtuelle Tastatur - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址過濾 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Sicherer Zahlungsverkehr - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-09-12]
Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSearchKeyword: Default -> 2B68679307CD89AF5750DACE6795E086445A6566B3C48BF136781D3D4224E58B
CHR DefaultSearchProvider: Default -> F2811A452EEF687EB632B2F1CD69B5C6698073D99770A61B9B76F45E88097E7A
CHR DefaultSearchURL: Default -> 3A67F7884DAE179AC498699CE549676F9F99B74C93592DEF698E465D05E1A425
CHR Profile: C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-12]
CHR Extension: (Google Docs) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-12]
CHR Extension: (Google Drive) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-12]
CHR Extension: (YouTube) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-12]
CHR Extension: (Google-Suche) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-12]
CHR Extension: (Kaspersky Protection) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-09-12]
CHR Extension: (Google Wallet) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-12]
CHR Extension: (Google Mail) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-12]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho []
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-08-28] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-05-15] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [File not signed]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [59392 2013-09-26] () [File not signed]
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [244696 2013-06-25] (CyberLink)
R2 Device Handle Service; C:\Windows\SysWOW64\AsHookDevice.exe [207160 2013-08-08] ()
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-01-13] (Microsoft Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2013-08-22] (Microsoft Corporation)
R2 postgresql-x64-9.3; C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe [89088 2014-07-22] (PostgreSQL Global Development Group) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiChargerDT; C:\Windows\SysWow64\drivers\AiChargerDT.sys [14880 2012-10-18] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [469264 2013-06-26] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [141376 2014-09-12] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [769600 2014-09-12] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [67680 2014-03-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-19] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation )
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-14 14:04 - 2014-09-14 14:04 - 00000615 _____ () C:\Users\Dennis\Desktop\JRT.txt
2014-09-14 14:00 - 2014-09-14 14:00 - 00000000 ____D () C:\Windows\ERUNT
2014-09-14 13:58 - 2014-09-14 13:58 - 00001275 _____ () C:\Users\Dennis\Desktop\AdwCleaner[S1].txt
2014-09-14 13:55 - 2014-09-14 13:55 - 00006815 _____ () C:\Users\Dennis\Desktop\MBAM.txt
2014-09-14 13:52 - 2014-09-14 13:52 - 00002054 _____ () C:\Users\Dennis\Desktop\Anleitung.txt
2014-09-14 13:45 - 2014-09-14 13:53 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-14 13:45 - 2014-09-14 13:45 - 00001125 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-14 13:45 - 2014-09-14 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-14 13:45 - 2014-09-14 13:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-14 13:45 - 2014-09-14 13:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-14 13:45 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-14 13:45 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-14 13:45 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-14 13:44 - 2014-09-14 13:44 - 01016261 _____ (Thisisu) C:\Users\Dennis\Downloads\JRT.exe
2014-09-14 13:43 - 2014-09-14 13:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Dennis\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-14 13:43 - 2014-09-14 13:44 - 01373475 _____ () C:\Users\Dennis\Downloads\AdwCleaner_3.310(1).exe
2014-09-14 13:40 - 2014-09-14 13:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 13:40 - 2014-08-29 13:01 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-14 13:40 - 2014-01-04 22:50 - 01462216 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-09-14 13:40 - 2014-01-04 21:22 - 01202888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-09-14 13:40 - 2014-01-04 16:30 - 13209088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-09-14 13:40 - 2014-01-04 16:23 - 11702272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-09-14 13:40 - 2014-01-04 16:03 - 00919040 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-09-14 13:40 - 2014-01-04 15:47 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-09-14 13:40 - 2014-01-04 15:42 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-14 13:40 - 2014-01-04 15:40 - 07416832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-14 13:40 - 2014-01-04 15:36 - 00830976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-09-14 13:40 - 2014-01-04 15:28 - 04961792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-14 13:40 - 2013-12-21 04:10 - 00009701 _____ () C:\Windows\SysWOW64\connectedsearch-results.searchconnector-ms
2014-09-14 13:40 - 2013-12-21 04:10 - 00009701 _____ () C:\Windows\system32\connectedsearch-results.searchconnector-ms
2014-09-14 13:39 - 2014-04-19 13:15 - 21186352 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-14 13:39 - 2014-04-19 08:49 - 18644072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-14 13:36 - 2014-02-22 14:16 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-09-14 13:36 - 2014-02-22 13:24 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-09-14 13:36 - 2014-02-11 05:04 - 04189184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-14 13:36 - 2014-02-11 04:43 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-14 13:36 - 2014-02-11 04:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-14 13:36 - 2014-01-07 09:03 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.exe
2014-09-14 13:36 - 2014-01-07 07:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.exe
2014-09-14 13:36 - 2013-12-09 04:57 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-14 13:36 - 2013-12-09 03:51 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-14 13:35 - 2013-12-09 02:15 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-09-14 13:35 - 2013-11-09 08:34 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-09-14 13:35 - 2013-11-09 08:34 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2014-09-14 13:35 - 2013-11-09 07:52 - 00240128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2014-09-14 13:35 - 2013-10-16 17:58 - 01943536 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-09-14 13:35 - 2013-10-16 15:54 - 01581968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-09-14 13:35 - 2013-10-15 10:54 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-09-14 13:35 - 2013-10-15 10:03 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-09-14 13:32 - 2014-09-14 13:32 - 00055843 _____ () C:\Users\Dennis\Desktop\FRST.txt
2014-09-14 13:32 - 2014-09-14 13:32 - 00037237 _____ () C:\Users\Dennis\Desktop\Addition.txt
2014-09-14 11:45 - 2014-09-14 11:45 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-14 11:45 - 2014-09-14 11:45 - 00002046 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-09-14 11:45 - 2014-09-14 11:45 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-14 11:44 - 2014-09-14 11:44 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Macromedia
2014-09-14 11:35 - 2014-09-14 11:35 - 00709564 _____ () C:\Users\Dennis\Downloads\delfix_10.8.exe
2014-09-14 11:24 - 2014-09-14 11:47 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Adobe
2014-09-14 11:09 - 2014-09-14 11:09 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-14 11:09 - 2014-09-14 11:09 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Mozilla
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-14 10:54 - 2014-09-14 10:55 - 13114824 _____ (ASUS Cloud Corporation) C:\Users\Dennis\Downloads\WebStorageSyncAgent 2.1.10.398.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-13 15:52 - 2014-09-13 15:52 - 00001319 _____ () C:\Users\Dennis\Desktop\Calculator.lnk
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HoldemResources
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Program Files\Java
2014-09-13 15:50 - 2014-09-13 15:50 - 00000000 ____D () C:\Users\Dennis\AppData\Local\HoldemResources
2014-09-13 15:41 - 2014-09-13 15:44 - 74773785 _____ (HoldemResources) C:\Users\Dennis\Downloads\holdemresources_release_x86_64_win-setup.exe
2014-09-13 13:35 - 2014-09-14 13:58 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-13 13:35 - 2014-09-14 13:40 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-13 13:35 - 2014-09-13 13:35 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-13 13:35 - 2014-09-13 13:35 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-13 11:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-13 11:54 - 2014-09-14 13:57 - 00000000 ____D () C:\AdwCleaner
2014-09-13 11:54 - 2014-09-13 11:54 - 01373475 _____ () C:\Users\Dennis\Downloads\AdwCleaner_3.310.exe
2014-09-13 11:49 - 2014-09-13 11:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-09-13 02:04 - 2014-09-13 01:34 - 117931107 _____ () C:\Users\Dennis\Desktop\Back_up_12.09.zip
2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 __SHD () C:\aws
2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 ____D () C:\Asus WebStorage
2014-09-13 00:26 - 2014-09-13 00:26 - 00001097 _____ () C:\Users\Dennis\Desktop\PokerTracker 4.lnk
2014-09-13 00:26 - 2014-09-13 00:26 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-09-13 00:24 - 2014-09-13 00:24 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\postgresql
2014-09-13 00:16 - 2014-09-13 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.3
2014-09-13 00:15 - 2014-09-13 00:15 - 00000000 ____D () C:\Program Files\PostgreSQL
2014-09-13 00:07 - 2014-09-13 00:09 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64 (1).exe
2014-09-12 23:50 - 2014-09-12 23:51 - 51895176 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.0.18-1-windows-x64.exe
2014-09-12 23:38 - 2014-09-13 11:48 - 00002357 _____ () C:\Users\Dennis\Desktop\Sicherer Zahlungsverkehr.lnk
2014-09-12 23:38 - 2014-09-12 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-09-12 23:38 - 2014-09-12 23:37 - 00001219 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-09-12 23:37 - 2014-09-14 14:05 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-12 23:37 - 2014-09-12 23:49 - 00769600 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-12 23:37 - 2014-09-12 23:49 - 00141376 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-12 23:37 - 2014-09-12 23:37 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-12 23:37 - 2014-04-10 18:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-09-12 23:37 - 2013-05-06 10:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-09-12 23:31 - 2014-09-12 23:31 - 06501278 _____ () C:\Users\Dennis\Downloads\Nicht bestätigt 314320.crdownload
2014-09-12 23:28 - 2014-09-12 23:33 - 176561792 _____ () C:\Users\Dennis\Downloads\kis15.0.0.463de-de.exe
2014-09-12 23:14 - 2014-09-12 23:14 - 00247722 _____ () C:\Users\Dennis\Downloads\notes.o_S7ven_o.xml
2014-09-12 23:10 - 2014-09-12 23:11 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\postgresql_93.exe
2014-09-12 23:04 - 2014-09-12 23:05 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64.exe
2014-09-12 22:52 - 2014-09-12 22:52 - 00000092 _____ () C:\Users\Dennis\Desktop\test.txt
2014-09-12 22:48 - 2014-09-12 22:48 - 00001291 _____ () C:\Users\Dennis\Desktop\Revo Uninstaller.lnk
2014-09-12 22:48 - 2014-09-12 22:48 - 00000068 _____ () C:\Users\Dennis\AppData\Roaming\WB.CFG
2014-09-12 22:48 - 2014-09-12 22:48 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-12 22:47 - 2014-09-12 22:48 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dennis\Downloads\revosetup95.exe
2014-09-12 22:45 - 2014-09-14 13:32 - 00037237 _____ () C:\Users\Dennis\Downloads\Addition.txt
2014-09-12 22:44 - 2014-09-14 14:07 - 00024597 _____ () C:\Users\Dennis\Downloads\FRST.txt
2014-09-12 22:44 - 2014-09-14 14:07 - 00000000 ____D () C:\FRST
2014-09-12 22:43 - 2014-09-12 22:43 - 02105856 _____ (Farbar) C:\Users\Dennis\Downloads\FRST64.exe
2014-09-12 22:36 - 2014-09-12 22:42 - 63697776 _____ () C:\Users\Dennis\Downloads\PT-Install-v4.11.11.exe
2014-09-12 22:35 - 2014-09-12 22:35 - 00002392 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICMIZER.lnk
2014-09-12 22:35 - 2014-09-12 22:35 - 00002362 _____ () C:\Users\Dennis\Desktop\ICMIZER.lnk
2014-09-12 22:14 - 2014-09-13 13:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-12 22:14 - 2014-09-12 22:18 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Google
2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Deployment
2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Apps\2.0
2014-09-12 22:12 - 2014-09-13 01:27 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerTracker 4
2014-09-12 22:12 - 2014-09-12 22:12 - 00005044 _____ () C:\ProgramData\flwjycbm.bab
2014-09-12 22:12 - 2014-09-12 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-09-12 22:11 - 2014-09-14 11:14 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 4
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-12 22:01 - 2014-09-14 11:18 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerStars.EU
2014-09-12 22:01 - 2014-09-12 22:01 - 00002023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2014-09-12 22:01 - 2014-09-12 22:01 - 00001999 _____ () C:\Users\Dennis\Desktop\PokerStars.eu.lnk
2014-09-12 22:01 - 2014-09-12 22:01 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
2014-09-12 22:00 - 2014-09-13 12:13 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2014-09-12 21:56 - 2014-09-14 11:32 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\TableNinja.v2
2014-09-12 21:56 - 2014-09-13 21:59 - 00003063 _____ () C:\Users\Dennis\Desktop\TableNinja v2.lnk
2014-09-12 21:56 - 2014-09-13 21:59 - 00003023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TableNinja v2.lnk
2014-09-12 21:56 - 2014-09-12 21:57 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\HoldemManager
2014-09-12 21:56 - 2014-09-12 21:56 - 00000000 ____D () C:\Program Files (x86)\PASG
2014-09-12 21:51 - 2014-09-12 21:51 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Mozilla
2014-09-12 21:50 - 2014-09-12 21:50 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-12 21:48 - 2014-09-12 21:48 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-12 21:36 - 2014-09-12 21:36 - 00002071 _____ () C:\Users\Public\Desktop\AI Suite II.lnk
2014-09-12 21:30 - 2014-09-12 21:30 - 00000000 ___HD () C:\kleaner.tmp
2014-09-12 21:29 - 2014-09-12 21:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-12 21:18 - 2014-09-12 21:18 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Macromedia
2014-09-12 21:14 - 2014-09-14 14:06 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3656314769-1064978787-4233295665-1001
2014-09-12 21:13 - 2014-09-14 11:15 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0AD65E03-0F0B-4F68-8FB0-C71DE2348261}
2014-09-12 21:12 - 2014-09-14 14:01 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\WebStorage
2014-09-12 21:12 - 2014-09-12 21:12 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-09-12 21:11 - 2014-09-14 14:01 - 00000000 ___RD () C:\Users\Dennis\SkyDrive
2014-09-12 21:11 - 2012-04-16 06:00 - 00389120 _____ (CANON INC.) C:\Windows\system32\CNMLMBB.DLL
2014-09-12 21:10 - 2014-09-12 21:10 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Intel Corporation
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\ATI
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ATI
2014-09-12 21:08 - 2014-09-14 14:01 - 00031180 _____ () C:\Users\Dennis\AppData\Local\BTServer.log
2014-09-12 21:08 - 2014-09-14 11:24 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Adobe
2014-09-12 21:08 - 2014-09-12 23:02 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ASUS
2014-09-12 21:08 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Packages
2014-09-12 21:08 - 2014-09-12 21:08 - 00001453 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\Documents\My Bluetooth
2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\VirtualStore
2014-09-12 21:07 - 2014-09-13 02:14 - 00000000 ____D () C:\Users\Dennis
2014-09-12 21:07 - 2014-09-12 21:07 - 00000020 ___SH () C:\Users\Dennis\ntuser.ini
2014-09-12 21:07 - 2014-01-13 12:44 - 00002114 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-14 14:08 - 2014-09-12 22:44 - 00024597 _____ () C:\Users\Dennis\Downloads\FRST.txt
2014-09-14 14:07 - 2014-09-12 22:44 - 00000000 ____D () C:\FRST
2014-09-14 14:06 - 2014-09-12 21:14 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3656314769-1064978787-4233295665-1001
2014-09-14 14:06 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-14 14:05 - 2014-09-12 23:37 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-14 14:04 - 2014-09-14 14:04 - 00000615 _____ () C:\Users\Dennis\Desktop\JRT.txt
2014-09-14 14:04 - 2014-01-13 12:03 - 08365588 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-14 14:04 - 2013-09-13 23:24 - 00450712 _____ () C:\Windows\system32\prfh0404.dat
2014-09-14 14:04 - 2013-09-13 23:24 - 00135868 _____ () C:\Windows\system32\prfc0404.dat
2014-09-14 14:04 - 2013-09-13 23:15 - 00436346 _____ () C:\Windows\system32\prfh0804.dat
2014-09-14 14:04 - 2013-09-13 23:15 - 00135868 _____ () C:\Windows\system32\prfc0804.dat
2014-09-14 14:04 - 2013-09-13 23:07 - 00789596 _____ () C:\Windows\system32\prfh0816.dat
2014-09-14 14:04 - 2013-09-13 23:07 - 00164166 _____ () C:\Windows\system32\prfc0816.dat
2014-09-14 14:04 - 2013-09-13 22:59 - 00798252 _____ () C:\Windows\system32\perfh013.dat
2014-09-14 14:04 - 2013-09-13 22:59 - 00162330 _____ () C:\Windows\system32\perfc013.dat
2014-09-14 14:04 - 2013-09-13 22:52 - 00794000 _____ () C:\Windows\system32\perfh010.dat
2014-09-14 14:04 - 2013-09-13 22:52 - 00156420 _____ () C:\Windows\system32\perfc010.dat
2014-09-14 14:04 - 2013-09-13 22:45 - 00802234 _____ () C:\Windows\system32\perfh00C.dat
2014-09-14 14:04 - 2013-09-13 22:45 - 00159184 _____ () C:\Windows\system32\perfc00C.dat
2014-09-14 14:04 - 2013-09-13 22:38 - 00800660 _____ () C:\Windows\system32\perfh00A.dat
2014-09-14 14:04 - 2013-09-13 22:38 - 00166550 _____ () C:\Windows\system32\perfc00A.dat
2014-09-14 14:04 - 2013-09-13 22:28 - 00542632 _____ () C:\Windows\system32\perfh008.dat
2014-09-14 14:04 - 2013-09-13 22:28 - 00089196 _____ () C:\Windows\system32\perfc008.dat
2014-09-14 14:04 - 2013-09-13 22:22 - 00763218 _____ () C:\Windows\system32\perfh007.dat
2014-09-14 14:04 - 2013-09-13 22:22 - 00159364 _____ () C:\Windows\system32\perfc007.dat
2014-09-14 14:01 - 2014-09-12 21:12 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\WebStorage
2014-09-14 14:01 - 2014-09-12 21:11 - 00000000 ___RD () C:\Users\Dennis\SkyDrive
2014-09-14 14:01 - 2014-09-12 21:08 - 00031180 _____ () C:\Users\Dennis\AppData\Local\BTServer.log
2014-09-14 14:00 - 2014-09-14 14:00 - 00000000 ____D () C:\Windows\ERUNT
2014-09-14 14:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-14 13:58 - 2014-09-14 13:58 - 00001275 _____ () C:\Users\Dennis\Desktop\AdwCleaner[S1].txt
2014-09-14 13:58 - 2014-09-13 13:35 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-14 13:58 - 2014-04-10 20:39 - 00000025 ___SH () C:\Windows\SysWOW64\ReadTag.ini
2014-09-14 13:58 - 2014-01-13 11:53 - 00029514 _____ () C:\Windows\PFRO.log
2014-09-14 13:58 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-14 13:57 - 2014-09-13 11:54 - 00000000 ____D () C:\AdwCleaner
2014-09-14 13:55 - 2014-09-14 13:55 - 00006815 _____ () C:\Users\Dennis\Desktop\MBAM.txt
2014-09-14 13:53 - 2014-09-14 13:45 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-14 13:53 - 2013-09-13 22:32 - 00000000 ____D () C:\Windows\en-GB
2014-09-14 13:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-14 13:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2014-09-14 13:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\en-GB
2014-09-14 13:53 - 2013-08-22 16:44 - 00424056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-14 13:53 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-14 13:52 - 2014-09-14 13:52 - 00002054 _____ () C:\Users\Dennis\Desktop\Anleitung.txt
2014-09-14 13:52 - 2014-04-10 20:27 - 01389132 _____ () C:\Windows\WindowsUpdate.log
2014-09-14 13:45 - 2014-09-14 13:45 - 00001125 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-14 13:45 - 2014-09-14 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-14 13:45 - 2014-09-14 13:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-14 13:45 - 2014-09-14 13:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-14 13:44 - 2014-09-14 13:44 - 01016261 _____ (Thisisu) C:\Users\Dennis\Downloads\JRT.exe
2014-09-14 13:44 - 2014-09-14 13:43 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Dennis\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-14 13:44 - 2014-09-14 13:43 - 01373475 _____ () C:\Users\Dennis\Downloads\AdwCleaner_3.310(1).exe
2014-09-14 13:41 - 2014-09-14 13:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 13:41 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-09-14 13:41 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-14 13:40 - 2014-09-13 13:35 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-14 13:40 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-14 13:32 - 2014-09-14 13:32 - 00055843 _____ () C:\Users\Dennis\Desktop\FRST.txt
2014-09-14 13:32 - 2014-09-14 13:32 - 00037237 _____ () C:\Users\Dennis\Desktop\Addition.txt
2014-09-14 13:32 - 2014-09-12 22:45 - 00037237 _____ () C:\Users\Dennis\Downloads\Addition.txt
2014-09-14 11:47 - 2014-09-14 11:24 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Adobe
2014-09-14 11:45 - 2014-09-14 11:45 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-14 11:45 - 2014-09-14 11:45 - 00002046 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-09-14 11:45 - 2014-09-14 11:45 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-14 11:45 - 2014-01-13 12:22 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-14 11:44 - 2014-09-14 11:44 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Macromedia
2014-09-14 11:35 - 2014-09-14 11:35 - 00709564 _____ () C:\Users\Dennis\Downloads\delfix_10.8.exe
2014-09-14 11:32 - 2014-09-12 21:56 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\TableNinja.v2
2014-09-14 11:24 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Adobe
2014-09-14 11:18 - 2014-09-12 22:01 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerStars.EU
2014-09-14 11:15 - 2014-09-12 21:13 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0AD65E03-0F0B-4F68-8FB0-C71DE2348261}
2014-09-14 11:14 - 2014-09-12 22:11 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 4
2014-09-14 11:09 - 2014-09-14 11:09 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-14 11:09 - 2014-09-14 11:09 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Mozilla
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-14 10:55 - 2014-09-14 10:54 - 13114824 _____ (ASUS Cloud Corporation) C:\Users\Dennis\Downloads\WebStorageSyncAgent 2.1.10.398.exe
2014-09-13 21:59 - 2014-09-12 21:56 - 00003063 _____ () C:\Users\Dennis\Desktop\TableNinja v2.lnk
2014-09-13 21:59 - 2014-09-12 21:56 - 00003023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TableNinja v2.lnk
2014-09-13 18:38 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-13 15:52 - 2014-09-13 15:52 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-13 15:52 - 2014-09-13 15:52 - 00001319 _____ () C:\Users\Dennis\Desktop\Calculator.lnk
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HoldemResources
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Program Files\Java
2014-09-13 15:50 - 2014-09-13 15:50 - 00000000 ____D () C:\Users\Dennis\AppData\Local\HoldemResources
2014-09-13 15:44 - 2014-09-13 15:41 - 74773785 _____ (HoldemResources) C:\Users\Dennis\Downloads\holdemresources_release_x86_64_win-setup.exe
2014-09-13 13:36 - 2014-09-12 22:14 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-13 13:35 - 2014-09-13 13:35 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-13 13:35 - 2014-09-13 13:35 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-13 12:13 - 2014-09-12 22:00 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2014-09-13 11:54 - 2014-09-13 11:54 - 01373475 _____ () C:\Users\Dennis\Downloads\AdwCleaner_3.310.exe
2014-09-13 11:49 - 2014-09-13 11:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-09-13 11:49 - 2013-08-22 16:46 - 00014700 _____ () C:\Windows\setupact.log
2014-09-13 11:48 - 2014-09-12 23:38 - 00002357 _____ () C:\Users\Dennis\Desktop\Sicherer Zahlungsverkehr.lnk
2014-09-13 05:49 - 2014-01-13 11:53 - 00000000 ____D () C:\Windows\Panther
2014-09-13 02:14 - 2014-09-12 21:07 - 00000000 ____D () C:\Users\Dennis
2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 __SHD () C:\aws
2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 ____D () C:\Asus WebStorage
2014-09-13 01:34 - 2014-09-13 02:04 - 117931107 _____ () C:\Users\Dennis\Desktop\Back_up_12.09.zip
2014-09-13 01:27 - 2014-09-12 22:12 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerTracker 4
2014-09-13 00:26 - 2014-09-13 00:26 - 00001097 _____ () C:\Users\Dennis\Desktop\PokerTracker 4.lnk
2014-09-13 00:26 - 2014-09-13 00:26 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-09-13 00:24 - 2014-09-13 00:24 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\postgresql
2014-09-13 00:16 - 2014-09-13 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.3
2014-09-13 00:15 - 2014-09-13 00:15 - 00000000 ____D () C:\Program Files\PostgreSQL
2014-09-13 00:09 - 2014-09-13 00:07 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64 (1).exe
2014-09-12 23:51 - 2014-09-12 23:50 - 51895176 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.0.18-1-windows-x64.exe
2014-09-12 23:49 - 2014-09-12 23:37 - 00769600 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-12 23:49 - 2014-09-12 23:37 - 00141376 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-12 23:42 - 2014-01-13 12:25 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-12 23:42 - 2014-01-13 12:25 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-09-12 23:42 - 2014-01-13 12:25 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-09-12 23:38 - 2014-09-12 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-09-12 23:37 - 2014-09-12 23:38 - 00001219 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-09-12 23:37 - 2014-09-12 23:37 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-12 23:37 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-09-12 23:33 - 2014-09-12 23:28 - 176561792 _____ () C:\Users\Dennis\Downloads\kis15.0.0.463de-de.exe
2014-09-12 23:31 - 2014-09-12 23:31 - 06501278 _____ () C:\Users\Dennis\Downloads\Nicht bestätigt 314320.crdownload
2014-09-12 23:14 - 2014-09-12 23:14 - 00247722 _____ () C:\Users\Dennis\Downloads\notes.o_S7ven_o.xml
2014-09-12 23:11 - 2014-09-12 23:10 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\postgresql_93.exe
2014-09-12 23:05 - 2014-09-12 23:04 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64.exe
2014-09-12 23:02 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ASUS
2014-09-12 22:52 - 2014-09-12 22:52 - 00000092 _____ () C:\Users\Dennis\Desktop\test.txt
2014-09-12 22:48 - 2014-09-12 22:48 - 00001291 _____ () C:\Users\Dennis\Desktop\Revo Uninstaller.lnk
2014-09-12 22:48 - 2014-09-12 22:48 - 00000068 _____ () C:\Users\Dennis\AppData\Roaming\WB.CFG
2014-09-12 22:48 - 2014-09-12 22:48 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-12 22:48 - 2014-09-12 22:47 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dennis\Downloads\revosetup95.exe
2014-09-12 22:43 - 2014-09-12 22:43 - 02105856 _____ (Farbar) C:\Users\Dennis\Downloads\FRST64.exe
2014-09-12 22:42 - 2014-09-12 22:36 - 63697776 _____ () C:\Users\Dennis\Downloads\PT-Install-v4.11.11.exe
2014-09-12 22:35 - 2014-09-12 22:35 - 00002392 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICMIZER.lnk
2014-09-12 22:35 - 2014-09-12 22:35 - 00002362 _____ () C:\Users\Dennis\Desktop\ICMIZER.lnk
2014-09-12 22:18 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Google
2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Deployment
2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Apps\2.0
2014-09-12 22:12 - 2014-09-12 22:12 - 00005044 _____ () C:\ProgramData\flwjycbm.bab
2014-09-12 22:12 - 2014-09-12 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-12 22:06 - 2014-04-10 20:32 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2014-09-12 22:01 - 2014-09-12 22:01 - 00002023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2014-09-12 22:01 - 2014-09-12 22:01 - 00001999 _____ () C:\Users\Dennis\Desktop\PokerStars.eu.lnk
2014-09-12 22:01 - 2014-09-12 22:01 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
2014-09-12 21:57 - 2014-09-12 21:56 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\HoldemManager
2014-09-12 21:56 - 2014-09-12 21:56 - 00000000 ____D () C:\Program Files (x86)\PASG
2014-09-12 21:51 - 2014-09-12 21:51 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Mozilla
2014-09-12 21:50 - 2014-09-12 21:50 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-12 21:48 - 2014-09-12 21:48 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-12 21:36 - 2014-09-12 21:36 - 00002071 _____ () C:\Users\Public\Desktop\AI Suite II.lnk
2014-09-12 21:36 - 2014-01-13 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-09-12 21:36 - 2014-01-13 11:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-12 21:35 - 2014-04-10 20:32 - 00000000 ____D () C:\ProgramData\ASUS
2014-09-12 21:35 - 2014-01-13 12:19 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-09-12 21:30 - 2014-09-12 21:30 - 00000000 ___HD () C:\kleaner.tmp
2014-09-12 21:29 - 2014-09-12 21:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-12 21:18 - 2014-09-12 21:18 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Macromedia
2014-09-12 21:12 - 2014-09-12 21:12 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-09-12 21:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-09-12 21:10 - 2014-09-12 21:10 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Intel Corporation
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\ATI
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ATI
2014-09-12 21:09 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Packages
2014-09-12 21:08 - 2014-09-12 21:08 - 00001453 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\Documents\My Bluetooth
2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\VirtualStore
2014-09-12 21:07 - 2014-09-12 21:07 - 00000020 ___SH () C:\Users\Dennis\ntuser.ini
2014-09-02 22:06 - 2013-08-22 17:38 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 22:06 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-29 13:01 - 2014-09-14 13:40 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Files to move or delete:
====================
C:\Users\Dennis\postgresql_93.exe
Some content of TEMP:
====================
C:\Users\Dennis\AppData\Local\Temp\optprosetup.exe
C:\Users\Dennis\AppData\Local\Temp\Quarantine.exe
C:\Users\Dennis\AppData\Local\Temp\shutdown1410556665.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-01-13 11:53
==================== End Of Log ============================
|
|
14.09.2014, 15:22
| #4 |
| /// the machine /// TB-Ausbilder | Unterschiedliche Pop-upsESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.09.2014, 16:14
| #5 |
| | Unterschiedliche Pop-ups Hey: anbei Log: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=34f60ff2437dc5468550ca99d4a87720
# engine=20148
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-09-14 02:50:15
# local_time=2014-09-14 04:50:15 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 21103257 35587508 0 0
# scanned=304432
# found=10
# cleaned=0
# scan_time=692
sh=2718053800D44DAE154F30CDCC3B967EF389749F ft=1 fh=3790c7326800cd62 vn="möglicherweise Variante von Win32/Packed.Themida evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\PokerTracker 4\Data\Bin\PartyCommunicator.pt4"
sh=EAE1FC8170C55F791F41AF212752CE889E283FF1 ft=1 fh=739c5c9dda0daf32 vn="möglicherweise Variante von Win32/Packed.Themida evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\PokerTracker 4\Data\Bin\StarsCommunicator.pt4"
sh=FAC7341A571C709AE52946FF8F6120142664290F ft=1 fh=9dd3926ecd994b9d vn="möglicherweise Variante von Win32/Packed.Themida evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\PokerTracker 4\Data\Bin\TiltCommunicator.pt4"
sh=AA0D5FF9C71E8BAC4DC14345BAC3A58F9B452CE1 ft=1 fh=6080a96bc8daebe1 vn="Variante von Win32/InstallCore.NF evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dennis\AppData\Local\Microsoft\Windows\INetCache\IE\EN43397L\FirefoxSetup.exe"
sh=EBF1D052C13B9F415AFE09541BDAB68F37429922 ft=1 fh=c9dedb6e21153ace vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Dennis\AppData\Local\Temp\optprosetup.exe"
sh=2EFF65173426CA303DEC447D66028552629836D5 ft=1 fh=c558ef1fba628ede vn="Variante von Win32/SProtector.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dennis\AppData\Local\Temp\__tmp_1644d278"
sh=E5E4E3DF67EF76B47C8993AC1F35236577124934 ft=1 fh=b4ebd1af99768d94 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Dennis\AppData\Local\Temp\is281105613\2373100_stp\termtutor-setup-1.9.0.8.exe"
sh=852F2B517BC544084F18CCA00D4C62057A195D7B ft=1 fh=6ff8f555bfcf7819 vn="Variante von Win32/AdWare.SpeedingUpMyPC.N Anwendung" ac=I fn="C:\Users\Dennis\AppData\Local\Temp\is281105613\2373249_stp\OptimizerPro3108.exe"
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dennis\AppData\Local\Temp\is281105613\2373333_stp\uninstaller.exe"
sh=8D2A9E163F07334EA15254C9E48361EDEE3A6A9C ft=1 fh=ab707b389babb24a vn="möglicherweise Variante von Win32/Packed.Themida evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dennis\Downloads\PT-Install-v4.11.11.exe"
unsupported operating system und frische FRST: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Dennis (administrator) on DENNIS on 14-09-2014 16:58:17
Running from C:\Users\Dennis\Downloads
Platform: Windows 8.1 (X64) OS Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
() C:\Windows\SysWOW64\AsHookDevice.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Lighting\ASUS_Manager_Lighting.exe
(Microsoft) C:\Program Files (x86)\ASUS\ASUS Launcher\Launcher.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DTNFCServer.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\Built-in UPS\Built-in UPS.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DT_NFCExpressDesktops.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSPanel.exe
() C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(PokerTracker Software, LLC.) C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PokerStars) C:\Program Files (x86)\PokerStars.EU\PokerStars.exe
(TableNinja) C:\Program Files (x86)\PASG\TN2\tableninja2.exe
() C:\Program Files (x86)\PokerStars.EU\gameutil1.exe
(PokerTracker Software, LLC.) C:\Program Files (x86)\PokerTracker 4\PokerTrackerHud4.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-26] (Realtek Semiconductor Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2014-01-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe [63296 2013-08-16] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [181208 2013-06-24] (cyberlink)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3656314769-1064978787-4233295665-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-08-19] (AMD)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: !AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: StorageProviderError -> {0CA2640D-5B9C-4c59-A5FB-2DA61A7437CF} => C:\Windows\System32\shell32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: StorageProviderSyncing -> {0A30F902-8398-4ee8-86F7-4CFB589F04D1} => C:\Windows\System32\shell32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: StorageProviderError -> {0CA2640D-5B9C-4c59-A5FB-2DA61A7437CF} => C:\Windows\SysWOW64\shell32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: StorageProviderSyncing -> {0A30F902-8398-4ee8-86F7-4CFB589F04D1} => C:\Windows\SysWOW64\shell32.dll (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\wla6vwqs.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\wla6vwqs.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Modul zum Sperren von gefährlichen Webseiten - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtuelle Tastatur - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址過濾 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Sicherer Zahlungsverkehr - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-09-12]
Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSearchKeyword: Default -> 2B68679307CD89AF5750DACE6795E086445A6566B3C48BF136781D3D4224E58B
CHR DefaultSearchProvider: Default -> F2811A452EEF687EB632B2F1CD69B5C6698073D99770A61B9B76F45E88097E7A
CHR DefaultSearchURL: Default -> 3A67F7884DAE179AC498699CE549676F9F99B74C93592DEF698E465D05E1A425
CHR Profile: C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-12]
CHR Extension: (Google Docs) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-12]
CHR Extension: (Google Drive) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-12]
CHR Extension: (YouTube) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-12]
CHR Extension: (Google-Suche) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-12]
CHR Extension: (Kaspersky Protection) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-09-12]
CHR Extension: (Google Wallet) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-12]
CHR Extension: (Google Mail) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-12]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho []
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-08-28] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-05-15] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [File not signed]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [59392 2013-09-26] () [File not signed]
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [244696 2013-06-25] (CyberLink)
R2 Device Handle Service; C:\Windows\SysWOW64\AsHookDevice.exe [207160 2013-08-08] ()
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-01-13] (Microsoft Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2013-08-22] (Microsoft Corporation)
R2 postgresql-x64-9.3; C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe [89088 2014-07-22] (PostgreSQL Global Development Group) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiChargerDT; C:\Windows\SysWow64\drivers\AiChargerDT.sys [14880 2012-10-18] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [469264 2013-06-26] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [141376 2014-09-12] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [769600 2014-09-12] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [67680 2014-03-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-19] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation )
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-14 16:57 - 2014-09-14 16:57 - 00010240 ___SH () C:\Users\Dennis\Desktop\Thumbs.db
2014-09-14 16:27 - 2014-09-14 16:27 - 02347384 _____ (ESET) C:\Users\Dennis\Downloads\esetsmartinstaller_deu.exe
2014-09-14 16:27 - 2014-09-14 16:27 - 00854417 _____ () C:\Users\Dennis\Desktop\SecurityCheck.exe
2014-09-14 14:08 - 2014-09-14 14:08 - 00062058 _____ () C:\Users\Dennis\Desktop\FRST_neu.txt
2014-09-14 14:04 - 2014-09-14 14:04 - 00000615 _____ () C:\Users\Dennis\Desktop\JRT.txt
2014-09-14 14:00 - 2014-09-14 14:00 - 00000000 ____D () C:\Windows\ERUNT
2014-09-14 13:58 - 2014-09-14 13:58 - 00001275 _____ () C:\Users\Dennis\Desktop\AdwCleaner[S1].txt
2014-09-14 13:55 - 2014-09-14 13:55 - 00006815 _____ () C:\Users\Dennis\Desktop\MBAM.txt
2014-09-14 13:52 - 2014-09-14 13:52 - 00002054 _____ () C:\Users\Dennis\Desktop\Anleitung.txt
2014-09-14 13:45 - 2014-09-14 13:53 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-14 13:45 - 2014-09-14 13:45 - 00001125 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-14 13:45 - 2014-09-14 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-14 13:45 - 2014-09-14 13:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-14 13:45 - 2014-09-14 13:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-14 13:45 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-14 13:45 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-14 13:45 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-14 13:44 - 2014-09-14 13:44 - 01016261 _____ (Thisisu) C:\Users\Dennis\Downloads\JRT.exe
2014-09-14 13:43 - 2014-09-14 13:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Dennis\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-14 13:43 - 2014-09-14 13:44 - 01373475 _____ () C:\Users\Dennis\Downloads\AdwCleaner_3.310(1).exe
2014-09-14 13:40 - 2014-09-14 13:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 13:40 - 2014-08-29 13:01 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-14 13:40 - 2014-01-04 22:50 - 01462216 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-09-14 13:40 - 2014-01-04 21:22 - 01202888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-09-14 13:40 - 2014-01-04 16:30 - 13209088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-09-14 13:40 - 2014-01-04 16:23 - 11702272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-09-14 13:40 - 2014-01-04 16:03 - 00919040 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-09-14 13:40 - 2014-01-04 15:47 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-09-14 13:40 - 2014-01-04 15:42 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-14 13:40 - 2014-01-04 15:40 - 07416832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-14 13:40 - 2014-01-04 15:36 - 00830976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-09-14 13:40 - 2014-01-04 15:28 - 04961792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-14 13:40 - 2013-12-21 04:10 - 00009701 _____ () C:\Windows\SysWOW64\connectedsearch-results.searchconnector-ms
2014-09-14 13:40 - 2013-12-21 04:10 - 00009701 _____ () C:\Windows\system32\connectedsearch-results.searchconnector-ms
2014-09-14 13:39 - 2014-04-19 13:15 - 21186352 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-14 13:39 - 2014-04-19 08:49 - 18644072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-14 13:36 - 2014-02-22 14:16 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-09-14 13:36 - 2014-02-22 13:24 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-09-14 13:36 - 2014-02-11 05:04 - 04189184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-14 13:36 - 2014-02-11 04:43 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-14 13:36 - 2014-02-11 04:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-14 13:36 - 2014-01-07 09:03 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.exe
2014-09-14 13:36 - 2014-01-07 07:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.exe
2014-09-14 13:36 - 2013-12-09 04:57 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-14 13:36 - 2013-12-09 03:51 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-14 13:35 - 2013-12-09 02:15 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-09-14 13:35 - 2013-11-09 08:34 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-09-14 13:35 - 2013-11-09 08:34 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2014-09-14 13:35 - 2013-11-09 07:52 - 00240128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2014-09-14 13:35 - 2013-10-16 17:58 - 01943536 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-09-14 13:35 - 2013-10-16 15:54 - 01581968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-09-14 13:35 - 2013-10-15 10:54 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-09-14 13:35 - 2013-10-15 10:03 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-09-14 13:32 - 2014-09-14 13:32 - 00055843 _____ () C:\Users\Dennis\Desktop\FRST.txt
2014-09-14 13:32 - 2014-09-14 13:32 - 00037237 _____ () C:\Users\Dennis\Desktop\Addition.txt
2014-09-14 11:45 - 2014-09-14 11:45 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-14 11:45 - 2014-09-14 11:45 - 00002046 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-09-14 11:45 - 2014-09-14 11:45 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-14 11:44 - 2014-09-14 11:44 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Macromedia
2014-09-14 11:35 - 2014-09-14 11:35 - 00709564 _____ () C:\Users\Dennis\Downloads\delfix_10.8.exe
2014-09-14 11:24 - 2014-09-14 11:47 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Adobe
2014-09-14 11:09 - 2014-09-14 11:09 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-14 11:09 - 2014-09-14 11:09 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Mozilla
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-14 10:54 - 2014-09-14 10:55 - 13114824 _____ (ASUS Cloud Corporation) C:\Users\Dennis\Downloads\WebStorageSyncAgent 2.1.10.398.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-13 15:52 - 2014-09-13 15:52 - 00001319 _____ () C:\Users\Dennis\Desktop\Calculator.lnk
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HoldemResources
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Program Files\Java
2014-09-13 15:50 - 2014-09-13 15:50 - 00000000 ____D () C:\Users\Dennis\AppData\Local\HoldemResources
2014-09-13 15:41 - 2014-09-13 15:44 - 74773785 _____ (HoldemResources) C:\Users\Dennis\Downloads\holdemresources_release_x86_64_win-setup.exe
2014-09-13 13:35 - 2014-09-14 16:40 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-13 13:35 - 2014-09-14 13:58 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-13 13:35 - 2014-09-13 13:35 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-13 13:35 - 2014-09-13 13:35 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-13 11:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-13 11:54 - 2014-09-14 13:57 - 00000000 ____D () C:\AdwCleaner
2014-09-13 11:54 - 2014-09-13 11:54 - 01373475 _____ () C:\Users\Dennis\Downloads\AdwCleaner_3.310.exe
2014-09-13 11:49 - 2014-09-13 11:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-09-13 02:04 - 2014-09-13 01:34 - 117931107 _____ () C:\Users\Dennis\Desktop\Back_up_12.09.zip
2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 __SHD () C:\aws
2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 ____D () C:\Asus WebStorage
2014-09-13 00:26 - 2014-09-13 00:26 - 00001097 _____ () C:\Users\Dennis\Desktop\PokerTracker 4.lnk
2014-09-13 00:26 - 2014-09-13 00:26 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-09-13 00:24 - 2014-09-13 00:24 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\postgresql
2014-09-13 00:16 - 2014-09-13 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.3
2014-09-13 00:15 - 2014-09-13 00:15 - 00000000 ____D () C:\Program Files\PostgreSQL
2014-09-13 00:07 - 2014-09-13 00:09 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64 (1).exe
2014-09-12 23:50 - 2014-09-12 23:51 - 51895176 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.0.18-1-windows-x64.exe
2014-09-12 23:38 - 2014-09-13 11:48 - 00002357 _____ () C:\Users\Dennis\Desktop\Sicherer Zahlungsverkehr.lnk
2014-09-12 23:38 - 2014-09-12 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-09-12 23:38 - 2014-09-12 23:37 - 00001219 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-09-12 23:37 - 2014-09-14 16:46 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-12 23:37 - 2014-09-12 23:49 - 00769600 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-12 23:37 - 2014-09-12 23:49 - 00141376 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-12 23:37 - 2014-09-12 23:37 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-12 23:37 - 2014-04-10 18:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-09-12 23:37 - 2013-05-06 10:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-09-12 23:31 - 2014-09-12 23:31 - 06501278 _____ () C:\Users\Dennis\Downloads\Nicht bestätigt 314320.crdownload
2014-09-12 23:28 - 2014-09-12 23:33 - 176561792 _____ () C:\Users\Dennis\Downloads\kis15.0.0.463de-de.exe
2014-09-12 23:14 - 2014-09-12 23:14 - 00247722 _____ () C:\Users\Dennis\Downloads\notes.o_S7ven_o.xml
2014-09-12 23:10 - 2014-09-12 23:11 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\postgresql_93.exe
2014-09-12 23:04 - 2014-09-12 23:05 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64.exe
2014-09-12 22:52 - 2014-09-12 22:52 - 00000092 _____ () C:\Users\Dennis\Desktop\test.txt
2014-09-12 22:48 - 2014-09-12 22:48 - 00001291 _____ () C:\Users\Dennis\Desktop\Revo Uninstaller.lnk
2014-09-12 22:48 - 2014-09-12 22:48 - 00000068 _____ () C:\Users\Dennis\AppData\Roaming\WB.CFG
2014-09-12 22:48 - 2014-09-12 22:48 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-12 22:47 - 2014-09-12 22:48 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dennis\Downloads\revosetup95.exe
2014-09-12 22:45 - 2014-09-14 13:32 - 00037237 _____ () C:\Users\Dennis\Downloads\Addition.txt
2014-09-12 22:44 - 2014-09-14 16:58 - 00025561 _____ () C:\Users\Dennis\Downloads\FRST.txt
2014-09-12 22:44 - 2014-09-14 16:58 - 00000000 ____D () C:\FRST
2014-09-12 22:43 - 2014-09-12 22:43 - 02105856 _____ (Farbar) C:\Users\Dennis\Downloads\FRST64.exe
2014-09-12 22:36 - 2014-09-12 22:42 - 63697776 _____ () C:\Users\Dennis\Downloads\PT-Install-v4.11.11.exe
2014-09-12 22:35 - 2014-09-12 22:35 - 00002392 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICMIZER.lnk
2014-09-12 22:35 - 2014-09-12 22:35 - 00002362 _____ () C:\Users\Dennis\Desktop\ICMIZER.lnk
2014-09-12 22:14 - 2014-09-13 13:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-12 22:14 - 2014-09-12 22:18 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Google
2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Deployment
2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Apps\2.0
2014-09-12 22:12 - 2014-09-13 01:27 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerTracker 4
2014-09-12 22:12 - 2014-09-12 22:12 - 00005044 _____ () C:\ProgramData\flwjycbm.bab
2014-09-12 22:12 - 2014-09-12 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-09-12 22:11 - 2014-09-14 14:40 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 4
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-12 22:01 - 2014-09-14 14:40 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerStars.EU
2014-09-12 22:01 - 2014-09-12 22:01 - 00002023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2014-09-12 22:01 - 2014-09-12 22:01 - 00001999 _____ () C:\Users\Dennis\Desktop\PokerStars.eu.lnk
2014-09-12 22:01 - 2014-09-12 22:01 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
2014-09-12 22:00 - 2014-09-13 12:13 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2014-09-12 21:56 - 2014-09-14 14:40 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\TableNinja.v2
2014-09-12 21:56 - 2014-09-13 21:59 - 00003063 _____ () C:\Users\Dennis\Desktop\TableNinja v2.lnk
2014-09-12 21:56 - 2014-09-13 21:59 - 00003023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TableNinja v2.lnk
2014-09-12 21:56 - 2014-09-12 21:57 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\HoldemManager
2014-09-12 21:56 - 2014-09-12 21:56 - 00000000 ____D () C:\Program Files (x86)\PASG
2014-09-12 21:51 - 2014-09-12 21:51 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Mozilla
2014-09-12 21:50 - 2014-09-12 21:50 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-12 21:48 - 2014-09-12 21:48 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-12 21:36 - 2014-09-12 21:36 - 00002071 _____ () C:\Users\Public\Desktop\AI Suite II.lnk
2014-09-12 21:30 - 2014-09-12 21:30 - 00000000 ___HD () C:\kleaner.tmp
2014-09-12 21:29 - 2014-09-12 21:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-12 21:18 - 2014-09-12 21:18 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Macromedia
2014-09-12 21:14 - 2014-09-14 14:06 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3656314769-1064978787-4233295665-1001
2014-09-12 21:13 - 2014-09-14 11:15 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0AD65E03-0F0B-4F68-8FB0-C71DE2348261}
2014-09-12 21:12 - 2014-09-14 14:01 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\WebStorage
2014-09-12 21:12 - 2014-09-12 21:12 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-09-12 21:11 - 2014-09-14 14:01 - 00000000 ___RD () C:\Users\Dennis\SkyDrive
2014-09-12 21:11 - 2012-04-16 06:00 - 00389120 _____ (CANON INC.) C:\Windows\system32\CNMLMBB.DLL
2014-09-12 21:10 - 2014-09-12 21:10 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Intel Corporation
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\ATI
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ATI
2014-09-12 21:08 - 2014-09-14 14:01 - 00031180 _____ () C:\Users\Dennis\AppData\Local\BTServer.log
2014-09-12 21:08 - 2014-09-14 11:24 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Adobe
2014-09-12 21:08 - 2014-09-12 23:02 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ASUS
2014-09-12 21:08 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Packages
2014-09-12 21:08 - 2014-09-12 21:08 - 00001453 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\Documents\My Bluetooth
2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\VirtualStore
2014-09-12 21:07 - 2014-09-13 02:14 - 00000000 ____D () C:\Users\Dennis
2014-09-12 21:07 - 2014-09-12 21:07 - 00000020 ___SH () C:\Users\Dennis\ntuser.ini
2014-09-12 21:07 - 2014-01-13 12:44 - 00002114 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-14 16:58 - 2014-09-12 22:44 - 00025561 _____ () C:\Users\Dennis\Downloads\FRST.txt
2014-09-14 16:58 - 2014-09-12 22:44 - 00000000 ____D () C:\FRST
2014-09-14 16:57 - 2014-09-14 16:57 - 00010240 ___SH () C:\Users\Dennis\Desktop\Thumbs.db
2014-09-14 16:46 - 2014-09-12 23:37 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-14 16:40 - 2014-09-13 13:35 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-14 16:27 - 2014-09-14 16:27 - 02347384 _____ (ESET) C:\Users\Dennis\Downloads\esetsmartinstaller_deu.exe
2014-09-14 16:27 - 2014-09-14 16:27 - 00854417 _____ () C:\Users\Dennis\Desktop\SecurityCheck.exe
2014-09-14 16:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-14 15:14 - 2014-04-10 20:27 - 01435485 _____ () C:\Windows\WindowsUpdate.log
2014-09-14 14:40 - 2014-09-12 22:11 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 4
2014-09-14 14:40 - 2014-09-12 22:01 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerStars.EU
2014-09-14 14:40 - 2014-09-12 21:56 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\TableNinja.v2
2014-09-14 14:08 - 2014-09-14 14:08 - 00062058 _____ () C:\Users\Dennis\Desktop\FRST_neu.txt
2014-09-14 14:08 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-14 14:06 - 2014-09-12 21:14 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3656314769-1064978787-4233295665-1001
2014-09-14 14:04 - 2014-09-14 14:04 - 00000615 _____ () C:\Users\Dennis\Desktop\JRT.txt
2014-09-14 14:04 - 2014-01-13 12:03 - 08365588 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-14 14:04 - 2013-09-13 23:24 - 00450712 _____ () C:\Windows\system32\prfh0404.dat
2014-09-14 14:04 - 2013-09-13 23:24 - 00135868 _____ () C:\Windows\system32\prfc0404.dat
2014-09-14 14:04 - 2013-09-13 23:15 - 00436346 _____ () C:\Windows\system32\prfh0804.dat
2014-09-14 14:04 - 2013-09-13 23:15 - 00135868 _____ () C:\Windows\system32\prfc0804.dat
2014-09-14 14:04 - 2013-09-13 23:07 - 00789596 _____ () C:\Windows\system32\prfh0816.dat
2014-09-14 14:04 - 2013-09-13 23:07 - 00164166 _____ () C:\Windows\system32\prfc0816.dat
2014-09-14 14:04 - 2013-09-13 22:59 - 00798252 _____ () C:\Windows\system32\perfh013.dat
2014-09-14 14:04 - 2013-09-13 22:59 - 00162330 _____ () C:\Windows\system32\perfc013.dat
2014-09-14 14:04 - 2013-09-13 22:52 - 00794000 _____ () C:\Windows\system32\perfh010.dat
2014-09-14 14:04 - 2013-09-13 22:52 - 00156420 _____ () C:\Windows\system32\perfc010.dat
2014-09-14 14:04 - 2013-09-13 22:45 - 00802234 _____ () C:\Windows\system32\perfh00C.dat
2014-09-14 14:04 - 2013-09-13 22:45 - 00159184 _____ () C:\Windows\system32\perfc00C.dat
2014-09-14 14:04 - 2013-09-13 22:38 - 00800660 _____ () C:\Windows\system32\perfh00A.dat
2014-09-14 14:04 - 2013-09-13 22:38 - 00166550 _____ () C:\Windows\system32\perfc00A.dat
2014-09-14 14:04 - 2013-09-13 22:28 - 00542632 _____ () C:\Windows\system32\perfh008.dat
2014-09-14 14:04 - 2013-09-13 22:28 - 00089196 _____ () C:\Windows\system32\perfc008.dat
2014-09-14 14:04 - 2013-09-13 22:22 - 00763218 _____ () C:\Windows\system32\perfh007.dat
2014-09-14 14:04 - 2013-09-13 22:22 - 00159364 _____ () C:\Windows\system32\perfc007.dat
2014-09-14 14:01 - 2014-09-12 21:12 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\WebStorage
2014-09-14 14:01 - 2014-09-12 21:11 - 00000000 ___RD () C:\Users\Dennis\SkyDrive
2014-09-14 14:01 - 2014-09-12 21:08 - 00031180 _____ () C:\Users\Dennis\AppData\Local\BTServer.log
2014-09-14 14:00 - 2014-09-14 14:00 - 00000000 ____D () C:\Windows\ERUNT
2014-09-14 13:58 - 2014-09-14 13:58 - 00001275 _____ () C:\Users\Dennis\Desktop\AdwCleaner[S1].txt
2014-09-14 13:58 - 2014-09-13 13:35 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-14 13:58 - 2014-04-10 20:39 - 00000025 ___SH () C:\Windows\SysWOW64\ReadTag.ini
2014-09-14 13:58 - 2014-01-13 11:53 - 00029514 _____ () C:\Windows\PFRO.log
2014-09-14 13:58 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-14 13:57 - 2014-09-13 11:54 - 00000000 ____D () C:\AdwCleaner
2014-09-14 13:55 - 2014-09-14 13:55 - 00006815 _____ () C:\Users\Dennis\Desktop\MBAM.txt
2014-09-14 13:53 - 2014-09-14 13:45 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-14 13:53 - 2013-09-13 22:32 - 00000000 ____D () C:\Windows\en-GB
2014-09-14 13:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-14 13:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2014-09-14 13:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\en-GB
2014-09-14 13:53 - 2013-08-22 16:44 - 00424056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-14 13:53 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-14 13:52 - 2014-09-14 13:52 - 00002054 _____ () C:\Users\Dennis\Desktop\Anleitung.txt
2014-09-14 13:45 - 2014-09-14 13:45 - 00001125 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-14 13:45 - 2014-09-14 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-14 13:45 - 2014-09-14 13:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-14 13:45 - 2014-09-14 13:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-14 13:44 - 2014-09-14 13:44 - 01016261 _____ (Thisisu) C:\Users\Dennis\Downloads\JRT.exe
2014-09-14 13:44 - 2014-09-14 13:43 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Dennis\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-14 13:44 - 2014-09-14 13:43 - 01373475 _____ () C:\Users\Dennis\Downloads\AdwCleaner_3.310(1).exe
2014-09-14 13:41 - 2014-09-14 13:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 13:41 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-09-14 13:41 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-14 13:40 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-14 13:32 - 2014-09-14 13:32 - 00055843 _____ () C:\Users\Dennis\Desktop\FRST.txt
2014-09-14 13:32 - 2014-09-14 13:32 - 00037237 _____ () C:\Users\Dennis\Desktop\Addition.txt
2014-09-14 13:32 - 2014-09-12 22:45 - 00037237 _____ () C:\Users\Dennis\Downloads\Addition.txt
2014-09-14 11:47 - 2014-09-14 11:24 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Adobe
2014-09-14 11:45 - 2014-09-14 11:45 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-14 11:45 - 2014-09-14 11:45 - 00002046 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-09-14 11:45 - 2014-09-14 11:45 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-14 11:45 - 2014-01-13 12:22 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-14 11:44 - 2014-09-14 11:44 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Macromedia
2014-09-14 11:35 - 2014-09-14 11:35 - 00709564 _____ () C:\Users\Dennis\Downloads\delfix_10.8.exe
2014-09-14 11:24 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Adobe
2014-09-14 11:15 - 2014-09-12 21:13 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0AD65E03-0F0B-4F68-8FB0-C71DE2348261}
2014-09-14 11:09 - 2014-09-14 11:09 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-14 11:09 - 2014-09-14 11:09 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Mozilla
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-14 10:55 - 2014-09-14 10:54 - 13114824 _____ (ASUS Cloud Corporation) C:\Users\Dennis\Downloads\WebStorageSyncAgent 2.1.10.398.exe
2014-09-13 21:59 - 2014-09-12 21:56 - 00003063 _____ () C:\Users\Dennis\Desktop\TableNinja v2.lnk
2014-09-13 21:59 - 2014-09-12 21:56 - 00003023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TableNinja v2.lnk
2014-09-13 18:38 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-13 15:52 - 2014-09-13 15:52 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-13 15:52 - 2014-09-13 15:52 - 00001319 _____ () C:\Users\Dennis\Desktop\Calculator.lnk
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HoldemResources
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Program Files\Java
2014-09-13 15:50 - 2014-09-13 15:50 - 00000000 ____D () C:\Users\Dennis\AppData\Local\HoldemResources
2014-09-13 15:44 - 2014-09-13 15:41 - 74773785 _____ (HoldemResources) C:\Users\Dennis\Downloads\holdemresources_release_x86_64_win-setup.exe
2014-09-13 13:36 - 2014-09-12 22:14 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-13 13:35 - 2014-09-13 13:35 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-13 13:35 - 2014-09-13 13:35 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-13 12:13 - 2014-09-12 22:00 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2014-09-13 11:54 - 2014-09-13 11:54 - 01373475 _____ () C:\Users\Dennis\Downloads\AdwCleaner_3.310.exe
2014-09-13 11:49 - 2014-09-13 11:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-09-13 11:49 - 2013-08-22 16:46 - 00014700 _____ () C:\Windows\setupact.log
2014-09-13 11:48 - 2014-09-12 23:38 - 00002357 _____ () C:\Users\Dennis\Desktop\Sicherer Zahlungsverkehr.lnk
2014-09-13 05:49 - 2014-01-13 11:53 - 00000000 ____D () C:\Windows\Panther
2014-09-13 02:14 - 2014-09-12 21:07 - 00000000 ____D () C:\Users\Dennis
2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 __SHD () C:\aws
2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 ____D () C:\Asus WebStorage
2014-09-13 01:34 - 2014-09-13 02:04 - 117931107 _____ () C:\Users\Dennis\Desktop\Back_up_12.09.zip
2014-09-13 01:27 - 2014-09-12 22:12 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerTracker 4
2014-09-13 00:26 - 2014-09-13 00:26 - 00001097 _____ () C:\Users\Dennis\Desktop\PokerTracker 4.lnk
2014-09-13 00:26 - 2014-09-13 00:26 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-09-13 00:24 - 2014-09-13 00:24 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\postgresql
2014-09-13 00:16 - 2014-09-13 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.3
2014-09-13 00:15 - 2014-09-13 00:15 - 00000000 ____D () C:\Program Files\PostgreSQL
2014-09-13 00:09 - 2014-09-13 00:07 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64 (1).exe
2014-09-12 23:51 - 2014-09-12 23:50 - 51895176 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.0.18-1-windows-x64.exe
2014-09-12 23:49 - 2014-09-12 23:37 - 00769600 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-12 23:49 - 2014-09-12 23:37 - 00141376 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-12 23:42 - 2014-01-13 12:25 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-12 23:42 - 2014-01-13 12:25 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-09-12 23:42 - 2014-01-13 12:25 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-09-12 23:38 - 2014-09-12 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-09-12 23:37 - 2014-09-12 23:38 - 00001219 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-09-12 23:37 - 2014-09-12 23:37 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-12 23:37 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-09-12 23:33 - 2014-09-12 23:28 - 176561792 _____ () C:\Users\Dennis\Downloads\kis15.0.0.463de-de.exe
2014-09-12 23:31 - 2014-09-12 23:31 - 06501278 _____ () C:\Users\Dennis\Downloads\Nicht bestätigt 314320.crdownload
2014-09-12 23:14 - 2014-09-12 23:14 - 00247722 _____ () C:\Users\Dennis\Downloads\notes.o_S7ven_o.xml
2014-09-12 23:11 - 2014-09-12 23:10 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\postgresql_93.exe
2014-09-12 23:05 - 2014-09-12 23:04 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64.exe
2014-09-12 23:02 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ASUS
2014-09-12 22:52 - 2014-09-12 22:52 - 00000092 _____ () C:\Users\Dennis\Desktop\test.txt
2014-09-12 22:48 - 2014-09-12 22:48 - 00001291 _____ () C:\Users\Dennis\Desktop\Revo Uninstaller.lnk
2014-09-12 22:48 - 2014-09-12 22:48 - 00000068 _____ () C:\Users\Dennis\AppData\Roaming\WB.CFG
2014-09-12 22:48 - 2014-09-12 22:48 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-12 22:48 - 2014-09-12 22:47 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dennis\Downloads\revosetup95.exe
2014-09-12 22:43 - 2014-09-12 22:43 - 02105856 _____ (Farbar) C:\Users\Dennis\Downloads\FRST64.exe
2014-09-12 22:42 - 2014-09-12 22:36 - 63697776 _____ () C:\Users\Dennis\Downloads\PT-Install-v4.11.11.exe
2014-09-12 22:35 - 2014-09-12 22:35 - 00002392 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICMIZER.lnk
2014-09-12 22:35 - 2014-09-12 22:35 - 00002362 _____ () C:\Users\Dennis\Desktop\ICMIZER.lnk
2014-09-12 22:18 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Google
2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Deployment
2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Apps\2.0
2014-09-12 22:12 - 2014-09-12 22:12 - 00005044 _____ () C:\ProgramData\flwjycbm.bab
2014-09-12 22:12 - 2014-09-12 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-12 22:06 - 2014-04-10 20:32 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2014-09-12 22:01 - 2014-09-12 22:01 - 00002023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2014-09-12 22:01 - 2014-09-12 22:01 - 00001999 _____ () C:\Users\Dennis\Desktop\PokerStars.eu.lnk
2014-09-12 22:01 - 2014-09-12 22:01 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
2014-09-12 21:57 - 2014-09-12 21:56 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\HoldemManager
2014-09-12 21:56 - 2014-09-12 21:56 - 00000000 ____D () C:\Program Files (x86)\PASG
2014-09-12 21:51 - 2014-09-12 21:51 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Mozilla
2014-09-12 21:50 - 2014-09-12 21:50 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-12 21:48 - 2014-09-12 21:48 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-12 21:36 - 2014-09-12 21:36 - 00002071 _____ () C:\Users\Public\Desktop\AI Suite II.lnk
2014-09-12 21:36 - 2014-01-13 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-09-12 21:36 - 2014-01-13 11:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-12 21:35 - 2014-04-10 20:32 - 00000000 ____D () C:\ProgramData\ASUS
2014-09-12 21:35 - 2014-01-13 12:19 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-09-12 21:30 - 2014-09-12 21:30 - 00000000 ___HD () C:\kleaner.tmp
2014-09-12 21:29 - 2014-09-12 21:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-12 21:18 - 2014-09-12 21:18 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Macromedia
2014-09-12 21:12 - 2014-09-12 21:12 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-09-12 21:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-09-12 21:10 - 2014-09-12 21:10 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Intel Corporation
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\ATI
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ATI
2014-09-12 21:09 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Packages
2014-09-12 21:08 - 2014-09-12 21:08 - 00001453 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\Documents\My Bluetooth
2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\VirtualStore
2014-09-12 21:07 - 2014-09-12 21:07 - 00000020 ___SH () C:\Users\Dennis\ntuser.ini
2014-09-02 22:06 - 2013-08-22 17:38 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 22:06 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-29 13:01 - 2014-09-14 13:40 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Files to move or delete:
====================
C:\Users\Dennis\postgresql_93.exe
Some content of TEMP:
====================
C:\Users\Dennis\AppData\Local\Temp\optprosetup.exe
C:\Users\Dennis\AppData\Local\Temp\Quarantine.exe
C:\Users\Dennis\AppData\Local\Temp\shutdown1410556665.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-01-13 11:53
==================== End Of Log ============================
--- --- --- komisch, nach einem neustart ging das auch mit dem Security Check Code:
ATTFilter Results of screen317's Security Check version 0.99.87
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Kaspersky Internet Security
Windows Defender
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 15.0.0.152
Adobe Reader XI
Mozilla Firefox (32.0.1)
````````Process Check: objlist.exe by Laurent````````
Kaspersky Lab Kaspersky Internet Security 15.0.0 avp.exe
Kaspersky Lab Kaspersky Internet Security 15.0.0 avpui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
|
|
14.09.2014, 18:34
| #6 |
| /// the machine /// TB-Ausbilder | Unterschiedliche Pop-ups hi, Downloade dir bitte  Farbar Service Scanner
Poste bitte den Inhalt hier.
__________________ --> Unterschiedliche Pop-ups |
|
14.09.2014, 18:38
| #7 |
| | Unterschiedliche Pop-upsCode:
ATTFilter Farbar Service Scanner Version: 21-07-2014
Ran by Dennis (administrator) on 14-09-2014 at 19:38:16
Running from "C:\Users\Dennis\Downloads"
Microsoft Windows 8.1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
|
|
14.09.2014, 19:01
| #8 |
| /// the machine /// TB-Ausbilder | Unterschiedliche Pop-ups
 Frisches FRST Log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.09.2014, 20:08
| #9 |
| | Unterschiedliche Pop-ups wird gemacht, aber sag mal, der Rechner ist Neu, wie kann denn da schon so viel "komisch" sein? und erledigt FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Dennis (administrator) on DENNIS on 14-09-2014 21:06:48
Running from C:\Users\Dennis\Downloads
Platform: Windows 8.1 (X64) OS Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
() C:\Windows\SysWOW64\AsHookDevice.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\wmi64.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DT_NFCExpressDesktops.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DTNFCServer.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe
(Microsoft) C:\Program Files (x86)\ASUS\ASUS Launcher\Launcher.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\Built-in UPS\Built-in UPS.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Lighting\ASUS_Manager_Lighting.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\APRP\aprp.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
() C:\Program Files (x86)\ASUS\WebStorage\2.1.10.398\ASUSWSLoader.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-26] (Realtek Semiconductor Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2014-01-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.10.398\ASUSWSLoader.exe [63296 2014-08-19] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [181208 2013-06-24] (cyberlink)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3656314769-1064978787-4233295665-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-08-19] (AMD)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: !AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.10.398\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.10.398\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.10.398\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: StorageProviderError -> {0CA2640D-5B9C-4c59-A5FB-2DA61A7437CF} => C:\Windows\System32\shell32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: StorageProviderSyncing -> {0A30F902-8398-4ee8-86F7-4CFB589F04D1} => C:\Windows\System32\shell32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: StorageProviderError -> {0CA2640D-5B9C-4c59-A5FB-2DA61A7437CF} => C:\Windows\SysWOW64\shell32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: StorageProviderSyncing -> {0A30F902-8398-4ee8-86F7-4CFB589F04D1} => C:\Windows\SysWOW64\shell32.dll (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\wla6vwqs.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\wla6vwqs.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Modul zum Sperren von gefährlichen Webseiten - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtuelle Tastatur - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址過濾 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-09-12]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Sicherer Zahlungsverkehr - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-09-12]
Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSearchKeyword: Default -> 2B68679307CD89AF5750DACE6795E086445A6566B3C48BF136781D3D4224E58B
CHR DefaultSearchProvider: Default -> F2811A452EEF687EB632B2F1CD69B5C6698073D99770A61B9B76F45E88097E7A
CHR DefaultSearchURL: Default -> 3A67F7884DAE179AC498699CE549676F9F99B74C93592DEF698E465D05E1A425
CHR Profile: C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-12]
CHR Extension: (Google Docs) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-12]
CHR Extension: (Google Drive) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-12]
CHR Extension: (YouTube) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-12]
CHR Extension: (Google-Suche) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-12]
CHR Extension: (Kaspersky Protection) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-09-12]
CHR Extension: (Google Wallet) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-12]
CHR Extension: (Google Mail) - C:\Users\Dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-12]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho []
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-08-28] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-05-15] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [File not signed]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [59392 2013-09-26] () [File not signed]
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [244696 2013-06-25] (CyberLink)
R2 Device Handle Service; C:\Windows\SysWOW64\AsHookDevice.exe [207160 2013-08-08] ()
S2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-01-13] (Microsoft Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2013-08-22] (Microsoft Corporation)
R2 postgresql-x64-9.3; C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe [89088 2014-07-22] (PostgreSQL Global Development Group) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiChargerDT; C:\Windows\SysWow64\drivers\AiChargerDT.sys [14880 2012-10-18] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
S3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [469264 2013-06-26] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [141376 2014-09-12] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [769600 2014-09-12] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [67680 2014-03-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-19] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation )
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-14 20:21 - 2014-09-14 20:21 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-DENNIS-Microsoft-Windows-8.1-(64-bit).dat
2014-09-14 20:21 - 2014-09-14 20:21 - 00000000 ____D () C:\RegBackup
2014-09-14 20:05 - 2014-09-14 20:05 - 00002186 _____ () C:\Users\Dennis\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-09-14 20:04 - 2014-09-14 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-09-14 20:04 - 2014-09-14 20:04 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-09-14 20:02 - 2014-09-14 20:03 - 09526552 _____ () C:\Users\Dennis\Downloads\tweaking.com_windows_repair_aio_setup.exe
2014-09-14 19:38 - 2014-09-14 19:38 - 00002921 _____ () C:\Users\Dennis\Downloads\FSS.txt
2014-09-14 19:37 - 2014-09-14 19:37 - 00415232 _____ (Farbar) C:\Users\Dennis\Downloads\FSS.exe
2014-09-14 17:25 - 2014-09-14 17:25 - 13114824 _____ (ASUS Cloud Corporation) C:\Users\Dennis\Downloads\WebStorageSyncAgent 2.1.10.398(1).exe
2014-09-14 17:25 - 2014-09-14 17:25 - 00001313 _____ () C:\Users\Public\Desktop\WebStorage.lnk
2014-09-14 17:10 - 2014-09-14 17:11 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-09-14 16:57 - 2014-09-14 16:57 - 00010240 ___SH () C:\Users\Dennis\Desktop\Thumbs.db
2014-09-14 16:27 - 2014-09-14 16:27 - 02347384 _____ (ESET) C:\Users\Dennis\Downloads\esetsmartinstaller_deu.exe
2014-09-14 16:27 - 2014-09-14 16:27 - 00854417 _____ () C:\Users\Dennis\Desktop\SecurityCheck.exe
2014-09-14 14:24 - 2013-12-11 09:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-09-14 14:24 - 2013-11-11 04:48 - 00039768 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2014-09-14 14:24 - 2013-11-09 08:37 - 01756160 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2014-09-14 14:24 - 2013-11-09 07:56 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2014-09-14 14:24 - 2013-11-08 12:26 - 00358896 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2014-09-14 14:24 - 2013-11-08 06:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2014-09-14 14:24 - 2013-11-08 06:16 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2014-09-14 14:24 - 2013-11-08 06:15 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2014-09-14 14:24 - 2013-11-08 05:41 - 01302528 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2014-09-14 14:24 - 2013-11-08 05:14 - 00922624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2014-09-14 14:24 - 2013-11-05 16:19 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2014-09-14 14:24 - 2013-11-05 15:17 - 00565248 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-09-14 14:24 - 2013-11-04 15:07 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-09-14 14:24 - 2013-11-04 12:32 - 02570240 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-09-14 14:24 - 2013-11-04 04:28 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-09-14 14:24 - 2013-11-01 13:39 - 00086872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2014-09-14 14:24 - 2013-11-01 08:08 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2014-09-14 14:24 - 2013-11-01 07:57 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2014-09-14 14:24 - 2013-10-31 02:58 - 00372568 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-09-14 14:24 - 2013-10-31 02:42 - 07399256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-14 14:24 - 2013-10-31 02:33 - 01476184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-09-14 14:24 - 2013-10-31 02:33 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-09-14 14:24 - 2013-10-26 03:54 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SerCx2.sys
2014-09-14 14:24 - 2013-10-24 11:31 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2014-09-14 14:24 - 2013-10-24 11:12 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2014-09-14 14:24 - 2013-10-17 13:21 - 02896896 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-09-14 14:24 - 2013-10-17 12:36 - 02266624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-09-14 14:24 - 2013-10-10 13:53 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2014-09-14 14:24 - 2013-10-10 13:21 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2014-09-14 14:22 - 2013-12-09 02:34 - 01227264 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-09-14 14:22 - 2013-12-09 02:04 - 00980480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-09-14 14:22 - 2013-11-27 17:34 - 03210528 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-14 14:22 - 2013-11-27 17:27 - 00809872 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-09-14 14:22 - 2013-11-27 16:00 - 00663680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-09-14 14:22 - 2013-11-27 15:47 - 02804528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-14 14:22 - 2013-11-27 14:02 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys
2014-09-14 14:22 - 2013-11-27 12:24 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-09-14 14:22 - 2013-11-27 11:46 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-09-14 14:22 - 2013-11-27 11:41 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2014-09-14 14:22 - 2013-11-27 11:17 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-09-14 14:22 - 2013-11-27 11:10 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll
2014-09-14 14:22 - 2013-11-27 10:58 - 01503232 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-09-14 14:22 - 2013-11-27 10:56 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll
2014-09-14 14:22 - 2013-11-27 10:20 - 04106240 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-09-14 14:22 - 2013-11-26 15:20 - 01399176 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-09-14 14:22 - 2013-11-26 15:20 - 01374384 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-09-14 14:22 - 2013-11-26 13:44 - 01204968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-09-14 14:22 - 2013-11-25 03:45 - 00142680 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-09-14 14:22 - 2013-11-25 03:32 - 01119064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-09-14 14:22 - 2013-11-25 01:30 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-09-14 14:22 - 2013-11-25 01:28 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-09-14 14:22 - 2013-11-23 14:47 - 00032088 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-09-14 14:22 - 2013-11-23 09:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\bi.dll
2014-09-14 14:22 - 2013-11-23 09:13 - 00019456 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
2014-09-14 14:22 - 2013-11-23 09:08 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-09-14 14:22 - 2013-11-23 06:50 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-09-14 14:22 - 2013-11-23 05:19 - 02617344 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-14 14:22 - 2013-11-23 05:15 - 02295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-14 14:22 - 2013-11-21 08:58 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\deviceregistration.dll
2014-09-14 14:22 - 2013-11-21 08:26 - 01415680 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-14 14:22 - 2013-11-15 16:59 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2014-09-14 14:22 - 2013-11-15 16:25 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2014-09-14 14:22 - 2013-11-15 16:08 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-09-14 14:22 - 2013-11-15 15:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-09-14 14:22 - 2013-10-31 02:29 - 00745336 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-09-14 14:22 - 2013-10-31 01:41 - 00552624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-09-14 14:17 - 2013-10-23 13:29 - 00044936 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2014-09-14 14:17 - 2013-10-23 13:21 - 00155480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-09-14 14:17 - 2013-10-23 13:13 - 00171864 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_8086.dll
2014-09-14 14:17 - 2013-10-22 09:55 - 02328872 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-09-14 14:17 - 2013-10-22 08:03 - 02065448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-09-14 14:17 - 2013-10-22 07:15 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-09-14 14:17 - 2013-10-22 06:04 - 00618496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2014-09-14 14:17 - 2013-10-22 05:56 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-09-14 14:17 - 2013-10-22 05:44 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-09-14 14:17 - 2013-10-22 04:38 - 01362944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-09-14 14:17 - 2013-10-22 04:22 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-14 14:17 - 2013-10-22 04:13 - 01704448 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-14 14:17 - 2013-10-22 03:53 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-09-14 14:17 - 2013-10-19 06:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-09-14 14:17 - 2013-10-19 06:03 - 00531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-09-14 14:17 - 2013-10-19 05:26 - 01231360 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-09-14 14:17 - 2013-10-19 05:14 - 00888832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-09-14 14:17 - 2013-10-16 11:34 - 00518656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2014-09-14 14:17 - 2013-10-16 11:33 - 00631296 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2014-09-14 14:17 - 2013-10-13 05:06 - 00258904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2014-09-14 14:17 - 2013-10-13 04:43 - 00708616 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2014-09-14 14:17 - 2013-10-10 18:26 - 00317616 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-09-14 14:17 - 2013-10-10 18:26 - 00104320 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-09-14 14:17 - 2013-10-10 16:53 - 00235960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-09-14 14:17 - 2013-10-10 16:53 - 00088272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-09-14 14:17 - 2013-10-10 13:38 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-09-14 14:17 - 2013-10-10 13:26 - 02801664 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-09-14 14:17 - 2013-10-10 13:05 - 01019392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-09-14 14:17 - 2013-10-10 12:34 - 01085952 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-09-14 14:17 - 2013-10-10 12:27 - 00869888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-09-14 14:17 - 2013-10-08 12:28 - 00523096 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2014-09-14 14:17 - 2013-10-08 08:46 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2014-09-14 14:17 - 2013-10-08 07:58 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2014-09-14 14:17 - 2013-10-08 07:50 - 00656384 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-09-14 14:17 - 2013-10-08 07:48 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-09-14 14:17 - 2013-10-08 07:15 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-09-14 14:17 - 2013-10-08 07:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2014-09-14 14:17 - 2013-10-08 06:50 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-09-14 14:17 - 2013-10-08 06:50 - 00762368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2014-09-14 14:17 - 2013-10-07 09:21 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-14 14:17 - 2013-10-07 04:13 - 03532288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-14 14:17 - 2013-10-05 17:25 - 00057176 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2014-09-14 14:17 - 2013-10-05 16:21 - 00699840 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-09-14 14:17 - 2013-10-05 14:05 - 00578952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-09-14 14:17 - 2013-10-05 13:01 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-09-14 14:17 - 2013-10-05 13:01 - 00081920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2014-09-14 14:17 - 2013-10-05 13:00 - 01200640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-09-14 14:17 - 2013-10-05 11:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-09-14 14:17 - 2013-10-05 11:18 - 01011712 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-14 14:17 - 2013-10-05 11:07 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2014-09-14 14:17 - 2013-10-05 10:56 - 01147904 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2014-09-14 14:17 - 2013-10-05 10:55 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\miutils.dll
2014-09-14 14:17 - 2013-10-05 10:40 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-14 14:17 - 2013-10-05 10:24 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\miutils.dll
2014-09-14 14:17 - 2013-10-05 10:21 - 00920064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2014-09-14 14:17 - 2013-10-05 10:15 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-09-14 14:17 - 2013-10-05 09:43 - 00578560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2014-09-14 14:17 - 2013-10-05 09:35 - 00411648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-09-14 14:17 - 2013-10-04 10:10 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2014-09-14 14:17 - 2013-09-17 11:06 - 01067080 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2014-09-14 14:17 - 2013-09-17 11:06 - 00465960 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-09-14 14:17 - 2013-09-17 09:01 - 00270848 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-09-14 14:17 - 2013-09-17 08:31 - 00883184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2014-09-14 14:17 - 2013-09-17 08:31 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-09-14 14:17 - 2013-09-17 06:37 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2014-09-14 14:17 - 2013-09-14 16:07 - 02134120 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-09-14 14:17 - 2013-09-14 16:00 - 00391512 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2014-09-14 14:17 - 2013-09-14 14:39 - 01799944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-09-14 14:17 - 2013-09-14 14:33 - 00345552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2014-09-14 14:17 - 2013-09-14 12:05 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2014-09-14 14:17 - 2013-09-14 11:11 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2014-09-14 14:17 - 2013-09-13 10:22 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2014-09-14 14:17 - 2013-09-13 09:47 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
2014-09-14 14:17 - 2013-09-12 10:45 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2014-09-14 14:17 - 2013-09-12 10:08 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2014-09-14 14:17 - 2013-09-12 10:08 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-09-14 14:17 - 2013-09-12 10:02 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2014-09-14 14:17 - 2013-09-12 09:44 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2014-09-14 14:17 - 2013-09-12 09:37 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2014-09-14 14:17 - 2013-09-12 09:37 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
2014-09-14 14:17 - 2013-09-12 09:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2014-09-14 14:17 - 2013-09-12 09:16 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2014-09-14 14:17 - 2013-09-12 09:01 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2014-09-14 14:17 - 2013-09-10 06:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\msched.dll
2014-09-14 14:12 - 2014-01-08 03:46 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2014-09-14 14:12 - 2014-01-08 03:41 - 01530712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-14 14:12 - 2014-01-08 03:41 - 00382808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-09-14 14:12 - 2014-01-04 17:54 - 00138240 _____ () C:\Windows\system32\OEMLicense.dll
2014-09-14 14:12 - 2014-01-04 17:08 - 00103936 _____ () C:\Windows\SysWOW64\OEMLicense.dll
2014-09-14 14:12 - 2014-01-04 16:08 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2014-09-14 14:12 - 2014-01-04 15:53 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2014-09-14 14:12 - 2014-01-03 01:54 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-09-14 14:12 - 2014-01-03 01:48 - 00336896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-09-14 14:12 - 2014-01-01 03:55 - 01720560 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-09-14 14:12 - 2014-01-01 03:52 - 00481944 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-09-14 14:12 - 2014-01-01 02:56 - 01472048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-09-14 14:12 - 2014-01-01 02:55 - 00381168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-09-14 14:12 - 2014-01-01 01:59 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-09-14 14:12 - 2014-01-01 01:57 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-14 14:12 - 2014-01-01 01:56 - 00960512 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-09-14 14:12 - 2013-12-31 01:34 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2014-09-14 14:12 - 2013-12-31 01:33 - 00770560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-09-14 14:12 - 2013-12-31 01:32 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2014-09-14 14:12 - 2013-12-31 01:31 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-09-14 14:12 - 2013-12-31 01:31 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2014-09-14 14:12 - 2013-12-27 17:09 - 00419160 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-09-14 14:12 - 2013-12-27 10:57 - 00842752 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2014-09-14 14:12 - 2013-12-27 10:57 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2014-09-14 14:12 - 2013-12-27 10:23 - 00749056 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2014-09-14 14:12 - 2013-12-27 09:03 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2014-09-14 14:12 - 2013-12-27 09:03 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2014-09-14 14:12 - 2013-12-27 08:37 - 00588800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2014-09-14 14:12 - 2013-12-21 09:21 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2014-09-14 14:12 - 2013-12-17 09:21 - 00408576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2014-09-14 14:12 - 2013-12-14 08:31 - 13949440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-09-14 14:12 - 2013-12-14 08:19 - 18576384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-09-14 14:12 - 2013-12-13 12:54 - 00131160 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe
2014-09-14 14:12 - 2013-12-13 08:36 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2014-09-14 14:12 - 2013-12-13 07:32 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
2014-09-14 14:12 - 2013-11-04 13:50 - 02143744 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-09-14 14:12 - 2013-11-04 03:30 - 01765376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2014-09-14 14:12 - 2013-10-05 16:21 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-09-14 14:12 - 2013-10-05 16:21 - 00516496 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-09-14 14:12 - 2013-10-05 14:05 - 01765384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-09-14 14:12 - 2013-10-05 14:05 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-09-14 14:08 - 2014-09-14 14:08 - 00062058 _____ () C:\Users\Dennis\Desktop\FRST_neu.txt
2014-09-14 14:06 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-14 14:06 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-14 14:06 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-14 14:06 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-14 14:06 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-14 14:06 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-14 14:06 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-14 14:06 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-14 14:06 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-14 14:06 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-14 14:06 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-14 14:06 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-14 14:06 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-14 14:06 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-14 14:06 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-14 14:06 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-14 14:06 - 2014-02-06 13:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-14 14:06 - 2014-02-06 13:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-14 14:06 - 2014-02-06 12:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-14 14:06 - 2014-02-06 12:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-14 14:06 - 2014-02-06 12:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-14 14:06 - 2014-02-06 12:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-14 14:06 - 2014-02-06 12:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-14 14:06 - 2014-02-06 12:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-14 14:06 - 2014-02-06 12:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-14 14:06 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-14 14:06 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-14 14:06 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-14 14:06 - 2014-02-06 11:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-14 14:06 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-14 14:06 - 2014-02-06 11:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-14 14:06 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-14 14:06 - 2014-02-06 11:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-14 14:05 - 2014-05-08 09:14 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-14 14:05 - 2014-05-08 07:52 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-14 14:05 - 2014-05-08 06:57 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-14 14:05 - 2014-05-08 06:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-14 14:04 - 2014-09-14 14:04 - 00000615 _____ () C:\Users\Dennis\Desktop\JRT.txt
2014-09-14 14:00 - 2014-09-14 14:00 - 00000000 ____D () C:\Windows\ERUNT
2014-09-14 13:58 - 2014-09-14 13:58 - 00001275 _____ () C:\Users\Dennis\Desktop\AdwCleaner[S1].txt
2014-09-14 13:55 - 2014-09-14 13:55 - 00006815 _____ () C:\Users\Dennis\Desktop\MBAM.txt
2014-09-14 13:52 - 2014-09-14 13:52 - 00002054 _____ () C:\Users\Dennis\Desktop\Anleitung.txt
2014-09-14 13:45 - 2014-09-14 13:53 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-14 13:45 - 2014-09-14 13:45 - 00001125 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-14 13:45 - 2014-09-14 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-14 13:45 - 2014-09-14 13:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-14 13:45 - 2014-09-14 13:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-14 13:45 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-14 13:45 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-14 13:45 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-14 13:44 - 2014-09-14 13:44 - 01016261 _____ (Thisisu) C:\Users\Dennis\Downloads\JRT.exe
2014-09-14 13:43 - 2014-09-14 13:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Dennis\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-14 13:43 - 2014-09-14 13:44 - 01373475 _____ () C:\Users\Dennis\Downloads\AdwCleaner_3.310(1).exe
2014-09-14 13:43 - 2013-12-20 12:18 - 01643584 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-09-14 13:43 - 2013-12-20 12:18 - 01507704 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-09-14 13:43 - 2013-12-09 02:27 - 02152448 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-14 13:43 - 2013-12-09 02:19 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-09-14 13:43 - 2013-12-09 01:55 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-09-14 13:43 - 2013-12-09 01:54 - 01317376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-09-14 13:43 - 2013-10-19 10:53 - 00075360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-09-14 13:43 - 2013-10-19 09:14 - 00070680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-09-14 13:41 - 2014-03-06 11:19 - 01287576 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-09-14 13:41 - 2014-03-06 11:02 - 01109424 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-14 13:41 - 2014-03-06 08:17 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-09-14 13:41 - 2014-03-06 08:10 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-09-14 13:41 - 2014-01-31 18:15 - 00311640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-09-14 13:41 - 2014-01-31 18:07 - 00233920 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-09-14 13:41 - 2014-01-31 18:06 - 02133208 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-09-14 13:41 - 2014-01-31 15:47 - 02143960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-09-14 13:41 - 2014-01-31 11:06 - 00716288 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-09-14 13:41 - 2014-01-29 10:53 - 00458616 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2014-09-14 13:41 - 2014-01-29 10:53 - 00407024 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2014-09-14 13:41 - 2014-01-29 10:49 - 01928144 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2014-09-14 13:41 - 2014-01-29 10:47 - 02543960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-14 13:41 - 2014-01-29 09:44 - 01371824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2014-09-14 13:41 - 2014-01-29 09:44 - 00408480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2014-09-14 13:41 - 2014-01-29 09:44 - 00369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2014-09-14 13:41 - 2014-01-29 08:41 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-09-14 13:41 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-09-14 13:41 - 2014-01-27 21:07 - 04175360 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2014-09-14 13:41 - 2014-01-27 21:06 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-09-14 13:41 - 2014-01-27 21:04 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2014-09-14 13:41 - 2014-01-27 20:23 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2014-09-14 13:41 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-09-14 13:41 - 2014-01-27 20:20 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2014-09-14 13:41 - 2014-01-27 20:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-09-14 13:41 - 2014-01-27 19:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-09-14 13:41 - 2014-01-27 19:18 - 01486848 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2014-09-14 13:41 - 2014-01-27 19:00 - 01238016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2014-09-14 13:41 - 2014-01-27 17:58 - 05770752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-14 13:41 - 2014-01-27 17:50 - 06640640 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-14 13:41 - 2014-01-27 13:45 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-09-14 13:41 - 2014-01-18 01:04 - 00764864 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-09-14 13:41 - 2014-01-17 23:54 - 00669352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-09-14 13:41 - 2014-01-07 07:00 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-14 13:41 - 2014-01-07 06:30 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-14 13:41 - 2013-12-21 16:51 - 06353960 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2014-09-14 13:41 - 2013-12-21 10:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2014-09-14 13:41 - 2013-11-23 06:34 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-09-14 13:41 - 2013-11-23 06:13 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-09-14 13:41 - 2013-11-21 08:42 - 04604416 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-09-14 13:41 - 2013-11-21 07:44 - 03936256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-09-14 13:41 - 2013-10-23 13:01 - 00872840 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-09-14 13:41 - 2013-10-23 10:59 - 00698232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-09-14 13:41 - 2013-10-13 04:48 - 00136536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2014-09-14 13:41 - 2013-10-12 23:48 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-09-14 13:41 - 2013-10-12 23:34 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-09-14 13:41 - 2013-10-05 16:21 - 01341288 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-14 13:41 - 2013-10-05 10:39 - 01067008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-14 13:40 - 2014-09-14 13:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 13:40 - 2014-08-29 13:01 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-14 13:40 - 2014-03-10 12:35 - 02008408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-09-14 13:40 - 2014-03-10 12:35 - 00377176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2014-09-14 13:40 - 2014-01-04 22:50 - 01462216 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-09-14 13:40 - 2014-01-04 21:22 - 01202888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-09-14 13:40 - 2014-01-04 16:30 - 13209088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-09-14 13:40 - 2014-01-04 16:23 - 11702272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-09-14 13:40 - 2014-01-04 16:03 - 00919040 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-09-14 13:40 - 2014-01-04 15:47 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-09-14 13:40 - 2014-01-04 15:42 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-09-14 13:40 - 2014-01-04 15:40 - 07416832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-09-14 13:40 - 2014-01-04 15:36 - 00830976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-09-14 13:40 - 2014-01-04 15:28 - 04961792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-09-14 13:40 - 2013-12-21 04:10 - 00009701 _____ () C:\Windows\SysWOW64\connectedsearch-results.searchconnector-ms
2014-09-14 13:40 - 2013-12-21 04:10 - 00009701 _____ () C:\Windows\system32\connectedsearch-results.searchconnector-ms
2014-09-14 13:40 - 2013-11-27 17:36 - 03395920 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2014-09-14 13:40 - 2013-11-27 13:41 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2014-09-14 13:40 - 2013-11-27 10:48 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 13:40 - 2013-11-27 10:40 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 13:40 - 2013-11-27 10:17 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-09-14 13:40 - 2013-11-27 10:12 - 00848384 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-09-14 13:40 - 2013-10-31 02:29 - 00236888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-09-14 13:40 - 2013-10-31 02:29 - 00124760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-09-14 13:40 - 2013-10-31 02:28 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-09-14 13:39 - 2014-04-19 13:15 - 21186352 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-14 13:39 - 2014-04-19 08:49 - 18644072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-14 13:36 - 2014-02-22 14:16 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-09-14 13:36 - 2014-02-22 13:24 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-09-14 13:36 - 2014-02-11 05:04 - 04189184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-14 13:36 - 2014-02-11 04:43 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-14 13:36 - 2014-02-11 04:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-14 13:36 - 2014-01-07 09:03 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.exe
2014-09-14 13:36 - 2014-01-07 07:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.exe
2014-09-14 13:36 - 2013-12-09 04:57 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-14 13:36 - 2013-12-09 03:51 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-14 13:35 - 2013-12-09 02:15 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-09-14 13:35 - 2013-11-09 08:34 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-09-14 13:35 - 2013-11-09 08:34 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2014-09-14 13:35 - 2013-11-09 07:52 - 00240128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2014-09-14 13:35 - 2013-10-16 17:58 - 01943536 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-09-14 13:35 - 2013-10-16 15:54 - 01581968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-09-14 13:35 - 2013-10-15 10:54 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-09-14 13:35 - 2013-10-15 10:03 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-09-14 13:32 - 2014-09-14 13:32 - 00055843 _____ () C:\Users\Dennis\Desktop\FRST.txt
2014-09-14 13:32 - 2014-09-14 13:32 - 00037237 _____ () C:\Users\Dennis\Desktop\Addition.txt
2014-09-14 11:45 - 2014-09-14 11:45 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-14 11:45 - 2014-09-14 11:45 - 00002046 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-09-14 11:45 - 2014-09-14 11:45 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-14 11:44 - 2014-09-14 11:44 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Macromedia
2014-09-14 11:35 - 2014-09-14 11:35 - 00709564 _____ () C:\Users\Dennis\Downloads\delfix_10.8.exe
2014-09-14 11:24 - 2014-09-14 11:47 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Adobe
2014-09-14 11:09 - 2014-09-14 11:09 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-14 11:09 - 2014-09-14 11:09 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Mozilla
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-14 10:54 - 2014-09-14 10:55 - 13114824 _____ (ASUS Cloud Corporation) C:\Users\Dennis\Downloads\WebStorageSyncAgent 2.1.10.398.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-13 15:52 - 2014-09-13 15:52 - 00001319 _____ () C:\Users\Dennis\Desktop\Calculator.lnk
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HoldemResources
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Program Files\Java
2014-09-13 15:50 - 2014-09-13 15:50 - 00000000 ____D () C:\Users\Dennis\AppData\Local\HoldemResources
2014-09-13 15:41 - 2014-09-13 15:44 - 74773785 _____ (HoldemResources) C:\Users\Dennis\Downloads\holdemresources_release_x86_64_win-setup.exe
2014-09-13 13:35 - 2014-09-14 21:06 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-13 13:35 - 2014-09-14 20:41 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-13 13:35 - 2014-09-13 13:35 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-13 13:35 - 2014-09-13 13:35 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-13 11:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-13 11:54 - 2014-09-14 13:57 - 00000000 ____D () C:\AdwCleaner
2014-09-13 11:54 - 2014-09-13 11:54 - 01373475 _____ () C:\Users\Dennis\Downloads\AdwCleaner_3.310.exe
2014-09-13 11:49 - 2014-09-13 11:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-09-13 02:04 - 2014-09-13 01:34 - 117931107 _____ () C:\Users\Dennis\Desktop\Back_up_12.09.zip
2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 __SHD () C:\aws
2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 ____D () C:\Asus WebStorage
2014-09-13 00:26 - 2014-09-13 00:26 - 00001097 _____ () C:\Users\Dennis\Desktop\PokerTracker 4.lnk
2014-09-13 00:26 - 2014-09-13 00:26 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-09-13 00:24 - 2014-09-13 00:24 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\postgresql
2014-09-13 00:16 - 2014-09-13 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.3
2014-09-13 00:15 - 2014-09-13 00:15 - 00000000 ____D () C:\Program Files\PostgreSQL
2014-09-13 00:07 - 2014-09-13 00:09 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64 (1).exe
2014-09-12 23:50 - 2014-09-12 23:51 - 51895176 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.0.18-1-windows-x64.exe
2014-09-12 23:38 - 2014-09-13 11:48 - 00002357 _____ () C:\Users\Dennis\Desktop\Sicherer Zahlungsverkehr.lnk
2014-09-12 23:38 - 2014-09-12 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-09-12 23:38 - 2014-09-12 23:37 - 00001219 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-09-12 23:37 - 2014-09-14 21:06 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-12 23:37 - 2014-09-12 23:49 - 00769600 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-12 23:37 - 2014-09-12 23:49 - 00141376 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-12 23:37 - 2014-09-12 23:37 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-12 23:37 - 2014-04-10 18:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-09-12 23:37 - 2013-05-06 10:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-09-12 23:31 - 2014-09-12 23:31 - 06501278 _____ () C:\Users\Dennis\Downloads\Nicht bestätigt 314320.crdownload
2014-09-12 23:28 - 2014-09-12 23:33 - 176561792 _____ () C:\Users\Dennis\Downloads\kis15.0.0.463de-de.exe
2014-09-12 23:14 - 2014-09-12 23:14 - 00247722 _____ () C:\Users\Dennis\Downloads\notes.o_S7ven_o.xml
2014-09-12 23:10 - 2014-09-12 23:11 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\postgresql_93.exe
2014-09-12 23:04 - 2014-09-12 23:05 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64.exe
2014-09-12 22:52 - 2014-09-12 22:52 - 00000092 _____ () C:\Users\Dennis\Desktop\test.txt
2014-09-12 22:48 - 2014-09-12 22:48 - 00001291 _____ () C:\Users\Dennis\Desktop\Revo Uninstaller.lnk
2014-09-12 22:48 - 2014-09-12 22:48 - 00000068 _____ () C:\Users\Dennis\AppData\Roaming\WB.CFG
2014-09-12 22:48 - 2014-09-12 22:48 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-12 22:47 - 2014-09-12 22:48 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dennis\Downloads\revosetup95.exe
2014-09-12 22:45 - 2014-09-14 13:32 - 00037237 _____ () C:\Users\Dennis\Downloads\Addition.txt
2014-09-12 22:44 - 2014-09-14 21:06 - 00023936 _____ () C:\Users\Dennis\Downloads\FRST.txt
2014-09-12 22:44 - 2014-09-14 21:06 - 00000000 ____D () C:\FRST
2014-09-12 22:43 - 2014-09-12 22:43 - 02105856 _____ (Farbar) C:\Users\Dennis\Downloads\FRST64.exe
2014-09-12 22:36 - 2014-09-12 22:42 - 63697776 _____ () C:\Users\Dennis\Downloads\PT-Install-v4.11.11.exe
2014-09-12 22:35 - 2014-09-12 22:35 - 00002392 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICMIZER.lnk
2014-09-12 22:35 - 2014-09-12 22:35 - 00002362 _____ () C:\Users\Dennis\Desktop\ICMIZER.lnk
2014-09-12 22:14 - 2014-09-13 13:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-12 22:14 - 2014-09-12 22:18 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Google
2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Deployment
2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Apps\2.0
2014-09-12 22:12 - 2014-09-13 01:27 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerTracker 4
2014-09-12 22:12 - 2014-09-12 22:12 - 00005044 _____ () C:\ProgramData\flwjycbm.bab
2014-09-12 22:12 - 2014-09-12 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-09-12 22:11 - 2014-09-14 17:42 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 4
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-12 22:01 - 2014-09-14 19:44 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerStars.EU
2014-09-12 22:01 - 2014-09-12 22:01 - 00002023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2014-09-12 22:01 - 2014-09-12 22:01 - 00001999 _____ () C:\Users\Dennis\Desktop\PokerStars.eu.lnk
2014-09-12 22:01 - 2014-09-12 22:01 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
2014-09-12 22:00 - 2014-09-13 12:13 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2014-09-12 21:56 - 2014-09-14 17:42 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\TableNinja.v2
2014-09-12 21:56 - 2014-09-13 21:59 - 00003063 _____ () C:\Users\Dennis\Desktop\TableNinja v2.lnk
2014-09-12 21:56 - 2014-09-13 21:59 - 00003023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TableNinja v2.lnk
2014-09-12 21:56 - 2014-09-12 21:57 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\HoldemManager
2014-09-12 21:56 - 2014-09-12 21:56 - 00000000 ____D () C:\Program Files (x86)\PASG
2014-09-12 21:51 - 2014-09-12 21:51 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Mozilla
2014-09-12 21:50 - 2014-09-12 21:50 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-12 21:48 - 2014-09-12 21:48 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-12 21:36 - 2014-09-12 21:36 - 00002071 _____ () C:\Users\Public\Desktop\AI Suite II.lnk
2014-09-12 21:30 - 2014-09-12 21:30 - 00000000 ___HD () C:\kleaner.tmp
2014-09-12 21:29 - 2014-09-12 21:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-12 21:18 - 2014-09-12 21:18 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Macromedia
2014-09-12 21:14 - 2014-09-14 20:19 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3656314769-1064978787-4233295665-1001
2014-09-12 21:13 - 2014-09-14 20:04 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0AD65E03-0F0B-4F68-8FB0-C71DE2348261}
2014-09-12 21:12 - 2014-09-14 17:26 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\WebStorage
2014-09-12 21:12 - 2014-09-12 21:12 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-09-12 21:11 - 2014-09-14 21:06 - 00000000 __RDO () C:\Users\Dennis\SkyDrive
2014-09-12 21:11 - 2012-04-16 06:00 - 00389120 _____ (CANON INC.) C:\Windows\system32\CNMLMBB.DLL
2014-09-12 21:10 - 2014-09-12 21:10 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Intel Corporation
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\ATI
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ATI
2014-09-12 21:08 - 2014-09-14 21:06 - 00037087 _____ () C:\Users\Dennis\AppData\Local\BTServer.log
2014-09-12 21:08 - 2014-09-14 17:11 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Packages
2014-09-12 21:08 - 2014-09-14 11:24 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Adobe
2014-09-12 21:08 - 2014-09-12 23:02 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ASUS
2014-09-12 21:08 - 2014-09-12 21:08 - 00001453 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\Documents\My Bluetooth
2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\VirtualStore
2014-09-12 21:07 - 2014-09-13 02:14 - 00000000 ____D () C:\Users\Dennis
2014-09-12 21:07 - 2014-09-12 21:07 - 00000020 ___SH () C:\Users\Dennis\ntuser.ini
2014-09-12 21:07 - 2014-01-13 12:44 - 00002114 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-12 21:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-14 21:07 - 2014-09-12 22:44 - 00023936 _____ () C:\Users\Dennis\Downloads\FRST.txt
2014-09-14 21:06 - 2014-09-13 13:35 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-14 21:06 - 2014-09-12 23:37 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-14 21:06 - 2014-09-12 22:44 - 00000000 ____D () C:\FRST
2014-09-14 21:06 - 2014-09-12 21:11 - 00000000 __RDO () C:\Users\Dennis\SkyDrive
2014-09-14 21:06 - 2014-09-12 21:08 - 00037087 _____ () C:\Users\Dennis\AppData\Local\BTServer.log
2014-09-14 21:06 - 2014-04-10 20:39 - 00000025 ___SH () C:\Windows\SysWOW64\ReadTag.ini
2014-09-14 21:06 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-14 21:06 - 2013-08-22 16:44 - 00424056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-14 21:05 - 2014-04-10 20:27 - 01551460 _____ () C:\Windows\WindowsUpdate.log
2014-09-14 21:05 - 2014-01-13 11:53 - 00030698 _____ () C:\Windows\PFRO.log
2014-09-14 21:05 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-14 21:02 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-14 21:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-14 20:41 - 2014-09-13 13:35 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-14 20:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-14 20:30 - 2014-01-13 12:03 - 08365588 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-14 20:30 - 2013-09-13 23:24 - 00447072 _____ () C:\Windows\system32\prfh0404.dat
2014-09-14 20:30 - 2013-09-13 23:24 - 00132228 _____ () C:\Windows\system32\prfc0404.dat
2014-09-14 20:30 - 2013-09-13 23:15 - 00432706 _____ () C:\Windows\system32\prfh0804.dat
2014-09-14 20:30 - 2013-09-13 23:15 - 00132228 _____ () C:\Windows\system32\prfc0804.dat
2014-09-14 20:30 - 2013-09-13 23:07 - 00785956 _____ () C:\Windows\system32\prfh0816.dat
2014-09-14 20:30 - 2013-09-13 23:07 - 00160526 _____ () C:\Windows\system32\prfc0816.dat
2014-09-14 20:30 - 2013-09-13 22:59 - 00794612 _____ () C:\Windows\system32\perfh013.dat
2014-09-14 20:30 - 2013-09-13 22:59 - 00158690 _____ () C:\Windows\system32\perfc013.dat
2014-09-14 20:30 - 2013-09-13 22:52 - 00790360 _____ () C:\Windows\system32\perfh010.dat
2014-09-14 20:30 - 2013-09-13 22:52 - 00152780 _____ () C:\Windows\system32\perfc010.dat
2014-09-14 20:30 - 2013-09-13 22:45 - 00798594 _____ () C:\Windows\system32\perfh00C.dat
2014-09-14 20:30 - 2013-09-13 22:45 - 00155544 _____ () C:\Windows\system32\perfc00C.dat
2014-09-14 20:30 - 2013-09-13 22:38 - 00797020 _____ () C:\Windows\system32\perfh00A.dat
2014-09-14 20:30 - 2013-09-13 22:38 - 00162910 _____ () C:\Windows\system32\perfc00A.dat
2014-09-14 20:30 - 2013-09-13 22:28 - 00538992 _____ () C:\Windows\system32\perfh008.dat
2014-09-14 20:30 - 2013-09-13 22:28 - 00085556 _____ () C:\Windows\system32\perfc008.dat
2014-09-14 20:30 - 2013-09-13 22:22 - 00751630 _____ () C:\Windows\system32\perfh007.dat
2014-09-14 20:30 - 2013-09-13 22:22 - 00155676 _____ () C:\Windows\system32\perfc007.dat
2014-09-14 20:29 - 2013-08-22 15:25 - 00000160 _____ () C:\Windows\win.ini
2014-09-14 20:21 - 2014-09-14 20:21 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-DENNIS-Microsoft-Windows-8.1-(64-bit).dat
2014-09-14 20:21 - 2014-09-14 20:21 - 00000000 ____D () C:\RegBackup
2014-09-14 20:19 - 2014-09-12 21:14 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3656314769-1064978787-4233295665-1001
2014-09-14 20:05 - 2014-09-14 20:05 - 00002186 _____ () C:\Users\Dennis\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-09-14 20:04 - 2014-09-14 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-09-14 20:04 - 2014-09-14 20:04 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-09-14 20:04 - 2014-09-12 21:13 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0AD65E03-0F0B-4F68-8FB0-C71DE2348261}
2014-09-14 20:03 - 2014-09-14 20:02 - 09526552 _____ () C:\Users\Dennis\Downloads\tweaking.com_windows_repair_aio_setup.exe
2014-09-14 19:44 - 2014-09-12 22:01 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerStars.EU
2014-09-14 19:38 - 2014-09-14 19:38 - 00002921 _____ () C:\Users\Dennis\Downloads\FSS.txt
2014-09-14 19:37 - 2014-09-14 19:37 - 00415232 _____ (Farbar) C:\Users\Dennis\Downloads\FSS.exe
2014-09-14 17:42 - 2014-09-12 22:11 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 4
2014-09-14 17:42 - 2014-09-12 21:56 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\TableNinja.v2
2014-09-14 17:26 - 2014-09-12 21:12 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\WebStorage
2014-09-14 17:25 - 2014-09-14 17:25 - 13114824 _____ (ASUS Cloud Corporation) C:\Users\Dennis\Downloads\WebStorageSyncAgent 2.1.10.398(1).exe
2014-09-14 17:25 - 2014-09-14 17:25 - 00001313 _____ () C:\Users\Public\Desktop\WebStorage.lnk
2014-09-14 17:11 - 2014-09-14 17:10 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-09-14 17:11 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Packages
2014-09-14 17:10 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-14 17:10 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-09-14 17:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-09-14 17:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2014-09-14 17:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\migwiz
2014-09-14 17:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\en-GB
2014-09-14 17:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-14 17:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-09-14 17:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2014-09-14 17:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2014-09-14 17:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-09-14 17:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-09-14 17:10 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-09-14 17:10 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Dism
2014-09-14 16:57 - 2014-09-14 16:57 - 00010240 ___SH () C:\Users\Dennis\Desktop\Thumbs.db
2014-09-14 16:27 - 2014-09-14 16:27 - 02347384 _____ (ESET) C:\Users\Dennis\Downloads\esetsmartinstaller_deu.exe
2014-09-14 16:27 - 2014-09-14 16:27 - 00854417 _____ () C:\Users\Dennis\Desktop\SecurityCheck.exe
2014-09-14 14:08 - 2014-09-14 14:08 - 00062058 _____ () C:\Users\Dennis\Desktop\FRST_neu.txt
2014-09-14 14:04 - 2014-09-14 14:04 - 00000615 _____ () C:\Users\Dennis\Desktop\JRT.txt
2014-09-14 14:00 - 2014-09-14 14:00 - 00000000 ____D () C:\Windows\ERUNT
2014-09-14 13:58 - 2014-09-14 13:58 - 00001275 _____ () C:\Users\Dennis\Desktop\AdwCleaner[S1].txt
2014-09-14 13:57 - 2014-09-13 11:54 - 00000000 ____D () C:\AdwCleaner
2014-09-14 13:55 - 2014-09-14 13:55 - 00006815 _____ () C:\Users\Dennis\Desktop\MBAM.txt
2014-09-14 13:53 - 2014-09-14 13:45 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-14 13:53 - 2013-09-13 22:32 - 00000000 ____D () C:\Windows\en-GB
2014-09-14 13:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-09-14 13:52 - 2014-09-14 13:52 - 00002054 _____ () C:\Users\Dennis\Desktop\Anleitung.txt
2014-09-14 13:45 - 2014-09-14 13:45 - 00001125 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-14 13:45 - 2014-09-14 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-14 13:45 - 2014-09-14 13:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-14 13:45 - 2014-09-14 13:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-14 13:44 - 2014-09-14 13:44 - 01016261 _____ (Thisisu) C:\Users\Dennis\Downloads\JRT.exe
2014-09-14 13:44 - 2014-09-14 13:43 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Dennis\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-14 13:44 - 2014-09-14 13:43 - 01373475 _____ () C:\Users\Dennis\Downloads\AdwCleaner_3.310(1).exe
2014-09-14 13:41 - 2014-09-14 13:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 13:41 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-09-14 13:41 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-14 13:40 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-14 13:32 - 2014-09-14 13:32 - 00055843 _____ () C:\Users\Dennis\Desktop\FRST.txt
2014-09-14 13:32 - 2014-09-14 13:32 - 00037237 _____ () C:\Users\Dennis\Desktop\Addition.txt
2014-09-14 13:32 - 2014-09-12 22:45 - 00037237 _____ () C:\Users\Dennis\Downloads\Addition.txt
2014-09-14 11:47 - 2014-09-14 11:24 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Adobe
2014-09-14 11:45 - 2014-09-14 11:45 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-14 11:45 - 2014-09-14 11:45 - 00002046 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-09-14 11:45 - 2014-09-14 11:45 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-14 11:45 - 2014-01-13 12:22 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-14 11:44 - 2014-09-14 11:44 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Macromedia
2014-09-14 11:35 - 2014-09-14 11:35 - 00709564 _____ () C:\Users\Dennis\Downloads\delfix_10.8.exe
2014-09-14 11:24 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Adobe
2014-09-14 11:09 - 2014-09-14 11:09 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-14 11:09 - 2014-09-14 11:09 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Mozilla
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-14 11:09 - 2014-09-14 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-14 10:55 - 2014-09-14 10:54 - 13114824 _____ (ASUS Cloud Corporation) C:\Users\Dennis\Downloads\WebStorageSyncAgent 2.1.10.398.exe
2014-09-13 21:59 - 2014-09-12 21:56 - 00003063 _____ () C:\Users\Dennis\Desktop\TableNinja v2.lnk
2014-09-13 21:59 - 2014-09-12 21:56 - 00003023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TableNinja v2.lnk
2014-09-13 15:52 - 2014-09-13 15:52 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-13 15:52 - 2014-09-13 15:52 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-13 15:52 - 2014-09-13 15:52 - 00001319 _____ () C:\Users\Dennis\Desktop\Calculator.lnk
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HoldemResources
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-13 15:52 - 2014-09-13 15:52 - 00000000 ____D () C:\Program Files\Java
2014-09-13 15:50 - 2014-09-13 15:50 - 00000000 ____D () C:\Users\Dennis\AppData\Local\HoldemResources
2014-09-13 15:44 - 2014-09-13 15:41 - 74773785 _____ (HoldemResources) C:\Users\Dennis\Downloads\holdemresources_release_x86_64_win-setup.exe
2014-09-13 13:36 - 2014-09-12 22:14 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-13 13:35 - 2014-09-13 13:35 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-13 13:35 - 2014-09-13 13:35 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-13 12:13 - 2014-09-12 22:00 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2014-09-13 11:54 - 2014-09-13 11:54 - 01373475 _____ () C:\Users\Dennis\Downloads\AdwCleaner_3.310.exe
2014-09-13 11:49 - 2014-09-13 11:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-09-13 11:49 - 2013-08-22 16:46 - 00014700 _____ () C:\Windows\setupact.log
2014-09-13 11:48 - 2014-09-12 23:38 - 00002357 _____ () C:\Users\Dennis\Desktop\Sicherer Zahlungsverkehr.lnk
2014-09-13 05:49 - 2014-01-13 11:53 - 00000000 ____D () C:\Windows\Panther
2014-09-13 02:14 - 2014-09-12 21:07 - 00000000 ____D () C:\Users\Dennis
2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 __SHD () C:\aws
2014-09-13 01:41 - 2014-09-13 01:41 - 00000000 ____D () C:\Asus WebStorage
2014-09-13 01:34 - 2014-09-13 02:04 - 117931107 _____ () C:\Users\Dennis\Desktop\Back_up_12.09.zip
2014-09-13 01:27 - 2014-09-12 22:12 - 00000000 ____D () C:\Users\Dennis\AppData\Local\PokerTracker 4
2014-09-13 00:26 - 2014-09-13 00:26 - 00001097 _____ () C:\Users\Dennis\Desktop\PokerTracker 4.lnk
2014-09-13 00:26 - 2014-09-13 00:26 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-09-13 00:24 - 2014-09-13 00:24 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\postgresql
2014-09-13 00:16 - 2014-09-13 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.3
2014-09-13 00:15 - 2014-09-13 00:15 - 00000000 ____D () C:\Program Files\PostgreSQL
2014-09-13 00:09 - 2014-09-13 00:07 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64 (1).exe
2014-09-12 23:51 - 2014-09-12 23:50 - 51895176 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.0.18-1-windows-x64.exe
2014-09-12 23:49 - 2014-09-12 23:37 - 00769600 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-12 23:49 - 2014-09-12 23:37 - 00141376 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-12 23:42 - 2014-01-13 12:25 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-12 23:42 - 2014-01-13 12:25 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-09-12 23:42 - 2014-01-13 12:25 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-09-12 23:38 - 2014-09-12 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-09-12 23:37 - 2014-09-12 23:38 - 00001219 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-09-12 23:37 - 2014-09-12 23:37 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-12 23:37 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-09-12 23:33 - 2014-09-12 23:28 - 176561792 _____ () C:\Users\Dennis\Downloads\kis15.0.0.463de-de.exe
2014-09-12 23:31 - 2014-09-12 23:31 - 06501278 _____ () C:\Users\Dennis\Downloads\Nicht bestätigt 314320.crdownload
2014-09-12 23:14 - 2014-09-12 23:14 - 00247722 _____ () C:\Users\Dennis\Downloads\notes.o_S7ven_o.xml
2014-09-12 23:11 - 2014-09-12 23:10 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\postgresql_93.exe
2014-09-12 23:05 - 2014-09-12 23:04 - 56552816 _____ (PostgreSQL Global Development Group) C:\Users\Dennis\Downloads\postgresql-9.3.5-1-windows-x64.exe
2014-09-12 23:02 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ASUS
2014-09-12 22:52 - 2014-09-12 22:52 - 00000092 _____ () C:\Users\Dennis\Desktop\test.txt
2014-09-12 22:48 - 2014-09-12 22:48 - 00001291 _____ () C:\Users\Dennis\Desktop\Revo Uninstaller.lnk
2014-09-12 22:48 - 2014-09-12 22:48 - 00000068 _____ () C:\Users\Dennis\AppData\Roaming\WB.CFG
2014-09-12 22:48 - 2014-09-12 22:48 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-12 22:48 - 2014-09-12 22:47 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dennis\Downloads\revosetup95.exe
2014-09-12 22:43 - 2014-09-12 22:43 - 02105856 _____ (Farbar) C:\Users\Dennis\Downloads\FRST64.exe
2014-09-12 22:42 - 2014-09-12 22:36 - 63697776 _____ () C:\Users\Dennis\Downloads\PT-Install-v4.11.11.exe
2014-09-12 22:35 - 2014-09-12 22:35 - 00002392 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICMIZER.lnk
2014-09-12 22:35 - 2014-09-12 22:35 - 00002362 _____ () C:\Users\Dennis\Desktop\ICMIZER.lnk
2014-09-12 22:18 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Google
2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Deployment
2014-09-12 22:14 - 2014-09-12 22:14 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Apps\2.0
2014-09-12 22:12 - 2014-09-12 22:12 - 00005044 _____ () C:\ProgramData\flwjycbm.bab
2014-09-12 22:12 - 2014-09-12 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-12 22:08 - 2014-09-12 22:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-12 22:06 - 2014-04-10 20:32 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2014-09-12 22:01 - 2014-09-12 22:01 - 00002023 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2014-09-12 22:01 - 2014-09-12 22:01 - 00001999 _____ () C:\Users\Dennis\Desktop\PokerStars.eu.lnk
2014-09-12 22:01 - 2014-09-12 22:01 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
2014-09-12 21:57 - 2014-09-12 21:56 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\HoldemManager
2014-09-12 21:56 - 2014-09-12 21:56 - 00000000 ____D () C:\Program Files (x86)\PASG
2014-09-12 21:51 - 2014-09-12 21:51 - 00000000 ____D () C:\Users\Dennis\AppData\Local\Mozilla
2014-09-12 21:50 - 2014-09-12 21:50 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-12 21:48 - 2014-09-12 21:48 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-12 21:36 - 2014-09-12 21:36 - 00002071 _____ () C:\Users\Public\Desktop\AI Suite II.lnk
2014-09-12 21:36 - 2014-01-13 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-09-12 21:36 - 2014-01-13 11:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-12 21:35 - 2014-04-10 20:32 - 00000000 ____D () C:\ProgramData\ASUS
2014-09-12 21:35 - 2014-01-13 12:19 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-09-12 21:30 - 2014-09-12 21:30 - 00000000 ___HD () C:\kleaner.tmp
2014-09-12 21:29 - 2014-09-12 21:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-09-12 21:18 - 2014-09-12 21:18 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Macromedia
2014-09-12 21:12 - 2014-09-12 21:12 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-09-12 21:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-09-12 21:10 - 2014-09-12 21:10 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\Intel Corporation
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Roaming\ATI
2014-09-12 21:09 - 2014-09-12 21:09 - 00000000 ____D () C:\Users\Dennis\AppData\Local\ATI
2014-09-12 21:08 - 2014-09-12 21:08 - 00001453 _____ () C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\Documents\My Bluetooth
2014-09-12 21:08 - 2014-09-12 21:08 - 00000000 ____D () C:\Users\Dennis\AppData\Local\VirtualStore
2014-09-12 21:07 - 2014-09-12 21:07 - 00000020 ___SH () C:\Users\Dennis\ntuser.ini
2014-09-02 22:06 - 2013-08-22 17:38 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 22:06 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-29 13:01 - 2014-09-14 13:40 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Files to move or delete:
====================
C:\Users\Dennis\postgresql_93.exe
Some content of TEMP:
====================
C:\Users\Dennis\AppData\Local\Temp\optprosetup.exe
C:\Users\Dennis\AppData\Local\Temp\Quarantine.exe
C:\Users\Dennis\AppData\Local\Temp\shutdown1410556665.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-01-13 11:53
==================== End Of Log ============================
--- --- --- |
|
15.09.2014, 14:35
| #10 |
| /// the machine /// TB-Ausbilder | Unterschiedliche Pop-ups Wenn man sich Adware installiert passiert sowas eben Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.09.2014, 15:53
| #11 |
| | Unterschiedliche Pop-ups herzlichen Dank (y) |
|
16.09.2014, 10:54
| #12 |
| /// the machine /// TB-Ausbilder | Unterschiedliche Pop-ups Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
Hybrid-Darstellung
